INFO5301 Analysing Security Incidents
Answer: Each attack has its own characteristics and different kind of impacts to the or-
ganization. For example, in the attack 1, the IT firm, SolarWinds, faced huge loss in their
reputation while in the attack 2, Target USA, faced significant amount of financial loss. In
that sense, generally, it is difficult to compare different attacks because they have different
impacts on different aspects of organizations.
The main links (provided above) and some additional links for the above incidents. Main
links are highlighted.
• SolarWinds
– https://www.businessinsider.com.au/solarwinds-hack-explained-government-agencies-
cyber-security-2020-12?r=USIR=T
–https://www.techtarget.com/whatis/feature/SolarWinds-hack-explained-Everything-
you-need-to-know
• Dyn Inc.
– https://www.theguardian.com/technology/2016/oct/26/ddos-attack-dyn-mirai-botnet
–https://mse238blog.stanford.edu/2018/07/clairemw/the-2016-dyn-attack-and-its-
lessons-for-iot-security/
• Target Corporation
– https://www.zdnet.com/article/anatomy-of-the-target-data-breach-missed-opportunities-
and-lessons-learned/
–The paper: Why you should care about the Target data breach from Elsevier Business
Horizons (https://www.sciencedirect.com/science/article/pii/S0007681316000033)
Information Security Management Page 5of 5