Question 1

Confidentiality:
In the case study, the cyberattacks targeting of email addresses, both unattended and staff email
addresses that were publicly accessible serves as a concrete illustration of the confidentiality issue.
These email accounts were exposed to hackers, who used them to send ransom letters. Due to the lack
of confidentiality, the hackers were able to start their campaign by contacting the email addresses,
which may have endangered the privacy and safety of the people linked to those email addresses as well
as the confidentiality of sensitive email communications (News24, 2019).
Integrity:
The correctness and dependability of data and information are referred to as integrity. One actual
illustration of an integrity problem in the case study is when the City of Johannesburg discovered a
network compromise. Unauthorized access to their information systems was caused by this breach.
Because of illegal access, the security of the data and information held in these systems was
jeopardized. The integrity and accuracy of the data inside the systems may have been compromised due
to this incident, which may have resulted in data manipulation, change, or tampering (News24, 2019).
Availability:
In the case study, the effect of the Distributed Denial of Service assaults on the availability of services
serves as a concrete illustration of the availability problem. The attackers disrupted service by flooding
the banking and City of Johannesburg's web systems with fictitious traffic. Critical services including
online banking, e-services, and the city website were negatively impacted as a result. Customers,
companies, and residents who depend on these services may have been inconvenienced by the
availability disruption, underscoring the need of maintaining service availability to guarantee ongoing
operations and client pleasure (News24, 2019).
A.Threat source or sponsor:
In the case study, the infamous "Shadow Kill Hackers" gang that launched a Distributed Denial of Servic
attack against the City of Johannesburg may serve as an actual example of a threat source or sponsor. As
the group that started the attack and sought a bitcoin ransom in return for halting it, they might be seen
as a danger source or sponsor (News24, 2019).
B. Threat actors or agents:
In this case study, the threat actors or agents are the people or organizations that started the DDoS
assaults motivated by ransom demands. These actors started the assault and sought a payment by
sending email ransom notes to both staff and unsupervised email addresses. The case study does not
specifically identify the threat actors, but they are the ones responsible for the cyberattacks (News24,
2019).
C. Threat vectors or attack vectors:
In this case study, the transmission of ransom notes via email and the influx of fictitious users intended
to overrun the targeted websites and services are the threat vectors or attack vectors. The distribution
of emails acts as a point of entry for the assault, and the Distributed Denial of Service attack was carried
out by flooding real networks with fictitious traffic. These vectors detail the delivery of the threat and
the execution of the assault (News24, 2019).
D. Threatening behavior:
In this case study, the threats include writing ransom notes, starting a Distributed Denial of Service
assault, and requesting a bitcoin ransom payment. These steps include expressing threats, carrying out
the Distributed Denial of Service attack, and requesting payment in return for the attack's termination.
These are the main measures that the threat actors use to accomplish their goals (News24, 2019
Reference List

News24. 2019. SA banks hit by ransom attacks, 25 October 2019. [Online]. Available at:
https://www.news24.com/fin24/companies/financialservices/sa-banks-hit-by-ransom-attacks-minor-
disruptions-expected-20191025 [Accessed 18 October 2023].