+1 (208) 254-6996 [email protected]

Your discussion posting assignment for this week is to examine how adversaries can exploit trusted vendor-to-consumer relationships and describe how they violate the CIA triad by providing an example of this happening (who, what, where, why, when, etc.). For instance, the NotPetya attack compromised an Ukranian tax accounting software called M.E. Doc then used it to spread malware onto every company that used this software. In another example, Target was hacked through a trusted contractor’s system who was responsible for managing its HVAC system. If possible, provide examples where your APT actors has abused a trusted relationship to gain access to systems or stolen information from the  managed security service providers (MSSPs)  (sometimes just MSP) to enhance its evasion techniques. Alternative, a software supply chain attack would also count as a “trusted relationship”. Note: a data breach does not count as a trusted relationship and will result in a score of 0 for the posting if you elect to use this as an example.For the purpose of this discussion, I’ll bound the scope to software solutions (antivirus, finance/hr/account software, etc.),  MSSPs, or other 3rd party relationships between organizations. Any article/example re-use will be penalized at a rate of 10% of the grade per use i.e. 3 other students used the same example before you, which means the maximum grade you can receive on the posting is a 70%.  Also, please provide citations as applicable.Write a discussion board for it.