CSEC 670 Section 9020: Cybersecurity Capstone

Hytema Sector Brief
CSEC 670 Section 9020: Cybersecurity Capstone
University of Maryland University College
Professor: Kenneth Hasledalen
June 25, 2015
Table of Contents
Introduction………………………………………………………………………………………………………………………………………………..3
1. Defense Contractor Sector Structure………………………………………………………………………………………………………….4
1.1 Defense Contracting History………………………………………………………………………………………………………………..4
1.2. Major Contracting Players…………………………………………………………………………………………………………………..6
1.3 Major Contracting Players: BAE Systems……………………………………………………………………………………………..6
1.4 Major Players: Lockheed Martin…………………………………………………………………………………………………………..7
2. Cyber Space Dependence………………………………………………………………………………………………………………………….7
2.1 Cyber Space Dependence: National Defense Authorization Act……………………………………………………………….8
3. How the sector benefits from cyberspace…………………………………………………………………………………………………..8
3.1 Cybersecurity Threats………………………………………………………………………………………………………………………….9
3.2 Cybersecurity Vulnerabilities……………………………………………………………………………………………………………….9
4. Cybersecurity Technologies: Bae Systems…………………………………………………………………………………………………10
4.1 Cybersecurity Technologies: Raytheon………………………………………………………………………………………………..10
5. Critical Data Classifications……………………………………………………………………………………………………………………..11
6. Cyber Defense Technologies……………………………………………………………………………………………………………………12
6.1 Priorities for Cyber Defense Technologies……………………………………………………………………………………………15
7. Regulatory Oversight and Laws……………………………………………………………………………………………………………….16
8. Social Importance…………………………………………………………………………………………………………………………………..18
8.1 Effects on society of the sector……………………………………………………………………………………………………………18
9. Cybersecurity Breach……………………………………………………………………………………………………………………………..19
9.1 The Federal Government……………………………………………………………………………………………………………………20
9.2 Mistral Bank…………………………………………………………………………………………………………………………………….21
9.3 Avisitel…………………………………………………………………………………………………………………………………………….22
9.4 DTL Power………………………………………………………………………………………………………………………………………22
10. Cybersecurity Technologies…………………………………………………………………………………………………………………..23
10.1 Hackback……………………………………………………………………………………………………………………………………….23
10.2 Virtual Private Networks………………………………………………………………………………………………………………….24
10.3 Cloud Computing……………………………………………………………………………………………………………………………24
11. Conclusion…………………………………………………………………………………………………………………………………………..25
References………………………………………………………………………………………………………………………………………………..27
Introduction
Hytema is a global aerospace, defense, and security corporation specializing in
Department of Defense (DoD) systems that provide aeronautics, electronic systems, information
systems and space systems solutions. We will provide a brief overview of the current state of the
defense contracting sector and the cyber security threats and policies that govern it. We will also
examine the classes of data that the defense contractor must protect and the potential cyber
defense technologies that could be implemented in a prioritized strategy to secure that
information. This briefing will also provide the priorities for legal and policy compliance
amongst Defense contractors. Because Hytema is a Defense contractor the organization must
work closely with the Federal Government causing them to adopt many of their policies and
regulations. The most strategic and informative policy is the Federal Information Security
Management Act (FISMA). All departments and agencies are required to coordinate and
2
cooperate with the Department of Homeland Security as it carries out its cybersecurity
responsibility actives as noted in the Office of Management Budget (OMB) (Dhs.gov, 2015).
As one of the primary prominent defensive contractors in the nation, Hytema will
continue to provide cybersecurity services to various clients ranging from the commercial and
defense industries within the nation and abroad. In addition, Hytema will provide cybersecurity
services to local provincial governments and federal government agencies such as the
Department of Defense. Hytema is comprised of 110,000 highly skilled subject matter experts in
cybersecurity bringing together the full range of the company’s information competencies in
information technology solutions and advanced technology expertise. In 2014, Hytema
accumulated $55.4 billion in its total net sales; 68 percent of the amount came from government
contracts, 3 percent was from government contracts and 29 percent came from commercial
contracts. The goal for Hytema is to be the top contractor in the federal service and information
technology. The cyber defense strategies for Hytema is to develop a good working relationship
with federal agencies, especially when it comes to sharing information on cyber incidents.
Another portion of the cyber defense strategy is to create new innovative effective technologies
to secure computer systems, networks and sensitive information.
1. Defense Contractor Sector Structure
Defense contractors work in the defense industry to provide their services or products to
the military or intelligence department of a government. Contractors are a vital component of the
U.S. force structure (Cancian, 2008). Contractors offer numerous types of services, from
construction, transportation and base support, as well as private security and intelligence analysis
(Church & Schwartz, 2013). These specialized cybersecurity organizations are mostly known for
3
their work with the Department of Defense’s military operations. Additionally, defense
contractors make up the total workforce in Afghanistan, Iraq and the Balkans (Church &
Schwartz, 2013).
1.1 Defense Contracting History
Throughout its history, DoD has depended on contractors to support its operations in
military. Over thirty years, contractors have played a huge part in supporting the troops of the
United States. In addition, over the last decade contractors have accounted for at least 50% of the
military force (Church & Schwartz, 2013). In the period of the Revolutionary War, contractors
were relied on by the Continental Army to produce goods and services such as engineering and
transportations services, weapons and clothes (Schwartz, 2013). Since that point in time, there
were advances in military combat and technology that have expanded the roles and duties of
contractors. For guidance purposes for defense contractors, the Department of Defense has
developed and expanded its policies, rules, regulations and doctrines pertaining to operational
contract support. The following information below is a timeline of important events with the
Department of Defense and contracting (Church & Schwartz, 2013).
ï‚· In 2006, the Department of Defense developed joint policies for contingency
contracting.
ï‚· In 2008, the Department of Defense developed regulations regarding the
assemblage, preparation, supplying and performance of private security
contractors.
 In 2010, DoD’s policy and procedures for the workforce was updated to address
that contractor staff as part of the total force.
ï‚· In 2011, across the entire government, contingency contracting corps was sent to
assist domestic and overseas operations.
4
ï‚· In 2012, The Department of Defense was required to amend DFARS (Defense
Federal Acquisition Regulation Supplement) to forbid contracting with the
adversary in the U.S. Central Command.
ï‚· In 2012, DoD amended DFARS to permit access to contractors and subcontractors records in U.S. Central Command.
ï‚· In 2013, DoD developed standards for the usage of private security contractors.
Today, other federal government agencies have brought aboard contractors for their skill
sets and expertise in cybersecurity. These federal agencies are the pillars of our national security
establishment, which consist of the State, Defense and Homeland Security Departments, along
with NSA (National Security Agency), CIA (Central Intelligence Agency), the agency for
International Development and the CDC (Centers for Disease Control and Prevention)
(Hagedorn, 2014).
1.2. Major Contracting Players
There are numerous contracting players that support federal government agencies
missions. Each defense contractor company is special in their own unique way how they carry
their mission to meet the requirements in the contract agreement. Additionally, each contracting
organization in the defense industry are in competition with one another to given the opportunity
to work with the federal government. Other than the Department of Defense, the Department of
Homeland Security is another notable federal agency that hires defense contractors.
5
1.3 Major Contracting Players: BAE Systems
In the defense industry, BAE Systems has an Intelligence and Security division that
contributes comprehensive and strategic assistance to any mission, anytime, anyplace (BAE,
n.d.). BAE Systems serve various clients including the Department of Defense; the intelligence
community; federal government agencies such as the Department of Homeland Security, and the
Department of Justice (BAE, n.d.). BAE Systems cybersecurity unit hires personnel with cyber
security skills to work on many types of projects in consulting and application development.
Defense contractors can give expert advice regarding risk management and information
assurance.
1.4 Major Players: Lockheed Martin
At this time, Lockheed Martin has established a partnership with the Department of
Defense Cyber Crime Center (DC3) to fight against cyber criminals in cyberspace. This defense
contracting company has been chosen to supply a wide range of managerial, functional and,
technical assistance to the DC3. The Defense Cyber Crime Center provides critical help in the
investigation of counterintelligence, counterterrorism and criminal matters (Lockheed Martin,
2012). With the help and guidance of the Department of Defense, Lockheed Martin will have a
huge role in safeguarding sensitive information networks world-wide.
Lockheed Martin is one of largest, notable defense contractors today. This organization
has established itself to be the leading IT provider for the federal government for seventeen
consecutive years. This defensive contracting company is large enough to acquire other
cybersecurity firms. Forbes reported that Lockheed Martin has purchased Industrial Defender
which is a cybersecurity firm. Industrial Defender is a leading player in securing electrical grids,
6
chemical plants, and oil pipelines against cyber threats (Thompson, 2014). To be a dominant
force in the cybersecurity area, Lockheed Martin has cyber security alliance partners with Cisco,
Dell, Symantec and other cybersecurity firms. Since the year of 2010, Lockheed Martin and it
alliance partners in cyber security have done extensive research to measure security awareness.
2. Cyber Space Dependence
We live in a time today where the federal government has become dependent on
contractors for security and defensive purposes (Hagedorn, 2014). Defense contractors are free to
perform the job duties as long as they’re not in any violation of any policies, rules or regulations.
Defensive contractors are hired to do a job that is agreed within the contract of the client. To
ensure that the contractor is meeting the requirements in the contract, the federal agency that
awarded the contract to the contractor will assign a Contracting Officer Representative to
monitor and evaluate the performance of the defense contractor. The Contracting Officer
Representative will also brief the Contracting Officer on the contractor’s performance. Initially,
the Contracting Officer is responsible for awarding the contract to the defensive contractor
(Hytema). Lastly, the hiring government agency will provide sufficient support and guidance to
the defensive contractor to safeguard sensitive data and avoid cyber incidents.
2.1 Cyber Space Dependence: National Defense Authorization Act
In addition, a rule was created in the National Defense Authorization Act for fiscal year
2013 located in section 941 that contractors must conform to. The law requires that contractors
report to the Department of Defense when information systems and networks have been
penetrated (GPO, 2013). In this case, Hytema will be responsible to report as much information
as possible in great detail of the cybersecurity incident. The cybersecurity incident report will
7
include the location of the incident, the name of the contractor (Hytema), the date of the incident,
the clearance level of the contract, the names of the platforms, systems and programs involved,
the type of compromise and detailed information of the compromised technical information
(Haas & Hill, 2014). Lastly, Hytema will be required to participate in damage assessments that
will be directed by the Department of Defense.
3. How the sector benefits from cyberspace
With the evolution of technology constantly changing, computer security is now an
eminent need to face off against cybersecurity threats. Defensive contractors are now being hired
more than ever to secure a company’s computer software, network and information. Defense
contractors are classified as the subject matter experts relating to cybersecurity. There services
are needed from numerous companies and federal agencies to thwart cybercriminals and secure
computer systems and networks. If the job is performed well by the contractor, they may receive
another contract from the client or a different client. In addition, the defensive contractor
organization will build on its name recognition and revenue by working with high-profile
companies and federal agencies.
3.1 Cybersecurity Threats
While working alongside the federal government, defense contractors are still worried about
technology issues, vulnerabilities and cyber threats. Defense contractors working the federal
government are appealing targets for a cyber-attack since the federal government entrusts
confidential information to these private companies (Sugarman, 2014). One of the main threats
that this sector faces is malware. Malware is malicious software specifically designed to disrupt
or damage a system. Malware consists of Trojans, worms and viruses. Another type of threat that
8
can pose as a danger to Hytema, is the insider threat. This type of threat resembles the Edward
Snowden case. Mr. Snowden was also a government contractor who disclosed sensitive
information from the National Security Agency.
3.2 Cybersecurity Vulnerabilities
Vulnerabilities can cause an issue for federal contractors. One type of vulnerability that is a
high concern is the foreign travel vulnerability. Often times government personnel will have to
travel overseas to conduct their mission plans. The person and information traveling overseas is
vulnerable to foreign intelligence agency’s intercepting and exploiting information being
transmitted over airwaves. Numerous countries possess advanced eavesdropping technology to
target telephone, fax transmissions, video signals and cellular information (Defense Security
Service, n.d).
4. Cybersecurity Technologies: Bae Systems
Within the past 25 years, BAE Systems has improved its cybersecurity products portfolio for
the Department of Defense, intelligence community and critical infrastructure. These special
products permit for the sharing and security of sensitive information and secure the trust of
information assurance. For instance, BAE System has created the XTS Guard for the DoD to
utilize for network security. BAE Systems, XTS Guard 5 is a cross-domain solution that allows
secure sharing with networks of diverse security classifications and enclaves (BAE Systems,
n.d.).
9
4.1 Cybersecurity Technologies: Raytheon
Raytheon is another notable company in the defense industry. To manage cyber-attacks
effectively, Raytheon designs innovative technologies to address software and system
vulnerabilities, repel social engineering attacks and combat malware. To secure voice, data and
other forms of communication transmitted electronically, Raytheon is labeled as the leading
developer and manufacturer of NSA-certified data encryption (Raytheon, n.d.). Raytheon
communications security tools consist of advanced cryptographic equipment such as the KG345, KG-340 and KIV-7 network link encryption. The data encryptions systems owned by
Raytheon have achieved certification to the ISO 9001 international standard and the CMMI level
5 standard (Raytheon, n.d.).
5. Critical Data Classifications
As a major defense contractor, Hytema must ensure that it protects data that is critical to
national defense as it serves organizations within the Department of Defense (DoD). The many
organizations that encompass the DoD include the military services, the Department of Veterans
Affairs, the Defense Information Systems Agency (DISA), the National Security Agency (NSA)
just to name a few. These agencies transmit, manage and store differing levels of critical data.
That data varies in levels of sensitivity and must be protected in accordance with DoD and other
federal policies.
The DoD categorizes its data by four impact levels, which identify how sensitive the data
is and thus how it should be protected. The four impact levels are level 1 through 6 with level 1
being the least sensitive and level 6 data representing classified information. DoD data is hosted
10
based on risk and how critical the use of the data is to mission. Level 1 and 2 data includes such
information as unclassified data and data that is publicly available on websites [Kon15]. As a
DoD contracting organization Hytema must stay abreast of decisions that DoD renders in regards
to data. In November 2014 DoD allowed 23 cloud solutions to compete for DoD impact level 2
data. DISA then authorized level 2 data to be provisioned in the cloud and is looking to move
more data to the cloud in the future.
Level 3 through 5 is categorized as data that is unclassified but controlled information.
Levels 3 and 4 are similar in that they have been merged to include any data that requires
protection from unauthorized disclosure as established by Executive Order 13556 (November
2010). It also includes mission critical data such as privacy information and protected health
information (PHI)[Lea15]. If accessed by unintended persons this data could compromise the
mission of DoD or invade the privacy rights of citizens.
Level 5 data is information that is unclassified but must also be controlled. The
information owner, public law or government regulations establish the requirements for higher
levels of protection on level 5 data. Level 5 data also includes specific requirements for
unclassified National Security Systems (NSS) and requires additional Federal Risk and
Authorization Management Program FedRAMP+) controls. Classified information up to and
include SECRET data is considered level 6 data and requires additional security and protection
controls. Level 6 data carries addition requirements for NSS and more stringent controls. As a
defense contractor Hytema provides those controls when handling these levels of data[Lea15].
Additional data that is handled by those with the proper security clearances must be
controlled due to its effect on national security, if it were misused or accessed by unintended
11
recipients. This data is classified as TOP SECRET, SECRET, or CONFIDENTIAL “based on the
degree of damage to national security that reasonably could be expected if the information were
disclosed without authorization”[NSA14]. Top Secret data is classified as data that if not
protected properly and is disclosed to an unauthorized recipient could cause “exceptionally grave
damage to national security”. Secret data is classified as data that could “cause serious damage to
national security” and confidential data is classified as such because it can “be expected to cause
damage to national security if disclosed to unauthorized persons[NSA14]. As a defense
contractor Hytema encounters this level of data classification in everyone of its business sectors
where employees with special security clearances utilize and protect this data based on the
regulations provided.
6. Cyber Defense Technologies
While the technology environment continues to become increasingly hi-tech and
sophisticated, the technology to defend and protect them needs to keep pace. Governments and
corporations are subject to millions of cyber attacks launched against them daily, which requires
aerospace and defense contractors to develop defenses to prevent them. Many aerospace and
defense contractors are shifting their business units to include cyber capabilities. Lockheed
Martin created a cyber defense business unit; in 2007 Raytheon spent $250 million on its cyber
capability; L3 Communications has included cyber in its business development strategy and
Boeing demonstrated its capabilities in cyber in an event at the Pentagon[Ans10]. Cyber defense
technologies must include protections for an all-inclusive approach to protect networked
systems, computer networks and those systems that support the network. Defense technologies
that protect wireless and mobile devices are also included in comprehensive cyber defense
technologies.
12
The first line of cyber defense is the firewall to help block intruders from accessing data
and authorized users’ devices on the network. Firewalls can be implemented as software or
hardware devices that protect the network. When implemented correctly, firewalls isolate the
network at different trust levels to provide security at the network level. Firewalls improve
network security by strengthening the entire network from outside access and provide a single
focus of cyber defense technology. The firewall provides the central point for logging events by
examining everything before allowing it access to the network. Firewalls are difficult to
configure and if not implemented correctly could cause security issues and network traffic
bottlenecks [Net02].
A comprehensive cyber defense also includes mechanism to grant or deny users access.
Protocols for authentication and authorization are used to verify identity prior to granting access
to users based on rules through the use of a public key infrastructure and digital certificates.
Authentication technology is used to provide access controls and for accountability to track users
actions by auditing events as they access the system or network. The basic premise behind
authentication is identifying a user based on something they know, something they possess or
something they are. Passwords, personal identification numbers (PINs) are something you know,
tokens devices, private keys or digital certificates are something you possess and biometrics
could be used to help identify a user based on the something you are premise[Net02].
To prevent the spread of malicious code and recurrent attacks from viruses to enter the
network the cyber defense technology of anti-malware should be implemented. Anti-malware
software is installed on vulnerable networks that are continuously being updated to minimize the
potential for malicious code infecting vulnerable network nodes. Anti-malware software detect
malicious objects such as viruses, Trojan horses, worms and Advance Persistent Threats (APTs)
13
by a list of malware signature definitions implemented in the software. To be effective malware
definitions must be updated regularly so that the software can protect the network from the most
recent malware attacks[Mis141].
Intrusion Detection Systems (IDS) and Intrusion Protection Systems (IPS) provide
indicators from signs of attempted breaches on the network by performing automated
monitoring. IDS provide a cyber defense that identifies and tracks attempts to gain unauthorized
access to the network and the data that resides on it. IDS and IPS are used to detect potential
intruder’s actions by providing advance warnings of attempts to intrude on the network and
uncover configurations that may indicate malicious activity[Int].
IDS methods include anomaly detection and signature based detection, which can be
implemented to protect the network from insider and outsider threats. Anomaly detection
methods are used to alert when it detects traffic on the network that falls outside of normal traffic
behavior. A detailed security policy is used to define what constitutes normal traffic behavior for
the network so that the IDS and IPS will alert and prevent all traffic that doesn’t meet the criteria.
When detailed security policies aren’t available a protocol analyzer can be connected to the
network to determine normal traffic patterns for the network to develop the filters needed to
detect anomalies and ignore normal traffic[Net02].
Signature based detection doesn’t use normal traffic patterns to detect abnormal behavior;
instead it uses a database of characteristic signatures or known attack patterns. Signature based
detection monitors data packets on the network and uses signatures of known bad behavior to
alert and prevent them from entering the network when it detects a match. To continue to be
effective the database of known attack signatures that is used to detect intrusions must be kept
14
up-to-date so that packets can be tested against the most recent signatures. Signature based
detection can’t detect new attacks and only works against signatures that are in the database that
are already known[Net02]. IDS and IPS provide a level of network and host based cyber defense
that protects from internal and external threats. They are used to detect threat activity and other
network policy violations.
6.1 Priorities for Cyber Defense Technologies
As a major defense contractor Hytema depends on a technology enriched environment to
provide the DoD with the services needed to protection the nation. Key cyber defense
technologies should be prioritized to leverage existing protection technologies and implement
emerging technologies as they become available. A comprehensive, defense in-depth cyber
defense strategy must be implemented to achieve this outcome. That comprehensive cyber
defense approach must begin with a priority of securing the network and its resources from
unwanted attempts of intrusion. An important factor in prioritizing cyber defense technology is a
clear understanding and adherence to national and federal policies that govern the protection of
data and the networks that they traverse.
Hytema’s priorities for key cyber defense technologies include ensuring that its network
is configured with the latest technologies to prevent the advancement of unwanted malicious
code. Considering that the greatest threat to a network is the insider threat, Hytema must initially
implement internal access controls, auditing and logging defenses to alert cyber specialists when
internal policies are being eluded. Hytema will use near real time commercial threat intelligence
to create an intelligence driven prioritized cyber defense that will allow the company to respond
to offensive attacks while continuing to maintain a defensive posture. This approach will serve to
15
protect Hytema’s high value intellectual property that resides on its network from internal and
external attacks such as phishing attempts, APTs and social engineering[Pon15].
Hytema will use an integrated package of cyber defense technologies to include
commercial threat warning intelligence to gain situational awareness about cyber criminals.
Configuration control of those defense technologies and regulatory compliance must be included
in the integrated package to allow comprehensive protection of critical organizational
assets[Tho14].
7. Regulatory Oversight and Laws
As a major defense contractor, Hytema must comply with several federal regulations and
laws that govern cyber security activities. A key regulation for defense contractors is the
Homeland Security Act (HSA) of 2002. The HSA established the creation of the U. S.
Department of Homeland Security (DHS) and the Federal Information Security Act (FISMA).
The HSA authorized the Secretary of Homeland Security to use expertise of contractor or federal
laboratories and maintain headquarters in those laboratories and includes provisions that regulate
federal agency information security protections[Leg15]. The Department of Justice (DoJ) and the
DoD continues to collaborate with DHS to enable the drafting of comprehensive policies that
provide governance for protecting information systems.
FISMA is the legislation that established a comprehensive framework for protecting
government information systems and operations against natural and man-made threats to include
systems managed by defense contractors. FISMA assigns responsibility to the National Institute
of Standards and Technology (NIST) to develop standards and guidelines for information
security to protect all agencies information and information systems. The NIST prescribes
16
policies for compliance of information system under FISMA. Those procedures under the NIST
establish a set of security controls used to categorize information systems based on risk
levels[Rou15].
Hytema must also be in compliance with regulations that govern the acquisitions of cyber
technology when contracting with DoD. The Office of Federal Procurement Policy in the Office
of Management and Budget (OMB) establishes key policies and practices for federal agencies
interactions with defense contractors. Guides that effect the procurement with defense
contractors are the Contracting Guidance to Support Modular Development (June, 2012), the
Emergency Acquisitions Guide (January, 2011), Update to FAC Manager’s Guide to Competitive
Sourcing (February, 2004) and Performance-Based Service Acquisitions, Contracting for the
Future (July, 2003)[Off15].
8. Social Importance
8.1 Effects on society of the sector
Defense contractors contribute to a very large part of what is deemed as societal
importance in today’s society, however they are often overshadowed. Defense contractors that
work for the Department of Defense within the cyber technology sector take up almost eighty
percent of the DoD staff (Defense.gov, 2015). The Department of Defense states that its main
objective is not tanks, planes or ships but its people. Quality is divided into four unique sections;
policy, finance, force readiness and purchasing.
A policy coordinator who creates plans and policies to achieve security objectives
formulates defense and national policies. The CFO, Chief financial officer, oversees and
mandates budgets, qualitative and quantitative analysis to improve programs and systems for
17
DoD. Purchasing Director is in control of testing, researching, and advising on the usage of all
new technologies and protections. Force readiness director is the person that is very in tune with
the general public and keeps their ear to the ground. The Director not only ensures the wellbeing
of the staff but also their interaction and involvement with the general public. Understanding that
equal opportunities provide a quality of life. All of these sections contribute to the importance of
societal of the defense sector.
The Department of Defense is a large staff within the defense sectors, which allows
economic stability for many individuals. As the need for cyber careers increase, educational
institutes are also gearing up to provide these personnel with specific skills to properly acquire
these positions. Many educational facilities work very closely with defense sectors such as,
Boeing, Northrop Grumman, Lockheed Martin and Deloitte. These Defense contractors provide
schools with professors that are still working within the sector to help create the most up to date
programs as well as job security for their students once they graduate. This also helps contribute
to their marketing strategies because more individuals that have evolved from within the social
media era have an advantage to provide the most current and up to date marketing strategies.
These skills help the contractors save money because they will not have the need to spend
money for on site training. As Defense contractors begin to provide more marketing for their
companies than they have before publishing valuable marketing content becomes key. In today’s
era, “Content is fire and social media is gasoline,” (Baer, 2014). Companies that use twitter,
LinkedIn, Facebook, Instagram and etc. will acquire more business, employment, education and
recognition. Content that drives media helps to educate and entertain existing and potential
clients (Scott, 2013).
18
9. Cybersecurity Breach
A cyber security breach is the release of private and/or protected intelligence from an
unspecified source. The information that is obtained from a data breach can be transferred,
viewed, copied or sold to another individual for illegal usage. Personal information such as
financial records, addresses, and health records and beyond can be obtained from a major data
breach. As technology started to become easily accessible and banking institutions, health
facilities and beyond started to utilize the Internet for data transmission, data breaches have
skyrocketed. In the United States from January 2005 and May 2008 a rapid total of 227 million
people were victims of data breaches where personal information was acquired (Privacy Rights
Clearinghouse, 2009). Companies are now required to inform their consumers when a data
breach has occurred and also what their remedies are to ensure data security.
The impact of a data breach is very crucial no matter what information was shared.
Depending on the establishment the impact and response can be extremely different. Many
customers fear the data breach of a financial institution or energy sector because of the impact of
their daily everyday living situations, whereas governments fear the data breach of sensitive
documentation getting leaked or distributed into the wrong hands. Data breaches can potentially
be a downfall for any business if the reactive response is not handled correctly and efficiently.
9.1 The Federal Government
The Department of Homeland Security created the Cyber Security Command (CSC),
which is a subdivision that was created in 2011 to combine all cybersecurity issues in one central
location. With creating a central location the CSC’s main objective is to prepare, prevent and
respond to cyber crimes against DHS at record time. Because of the nature of its importance the
CSC was granted a budget of $38.8 billion and spent $27.4 billion within the 2011 fiscal year
19
(UMUC, 2015). The CSC’s main obligations are to inform all other government and private
sector agencies about cyber security research, data breaches, potential vulnerabilities and threats.
In 2015 the Office of Personnel Management experienced a major cyber breach that
affected more than over four million employees. The Office of Personnel Management holds
federal employees personal and financial information, which put millions of individuals at risk
for credit card fraud, identity theft and other financial or personal issues. Since this data breach
has occurred OPM has offered the employees that were affected free credit monitoring for 18
months, with hopes that these individuals can monitor their credit report, new accounts or any
other strange activity showing up after the breach occurred (OPM.gov, 2015). Unfortunately for
many federal employees OPM held medical records, military records as well as financial
documentation. The OPM data breach is definitely a reminder that the federal government is not
untouchable when it comes to cyber attacks and the CSC must work harder to sustain breaches
and attacks against all U.S. infrastructure.
9.2 Mistral Bank
Mistral Bank is an American global financial services company, that is the third largest
bank holding in the United States by assets held on deposits, and the fourth largest by market
capitalization, (UMUC, 2015). Mistral Bank has the business of individuals within over 40
countries and serves over 41 million consumers and small business relationships. A data breach
for a banking institution of this caliber would be massive. Because Mistral Bank is also
associated with fortune 500 companies, their business expands beyond the actual banking
institution allowing a data breach to affect many other businesses. In 2012 TD Bank experienced
a data breach, which affected over 260 thousand customers and has since settled to paying over
$620 thousand dollars (Wilhelm, 2014). TD Bank was fined for not following the legal
20
compliance of disclosing the data breach to its customers once it occurred and they also stored
unencrypted data that held personal documentation.
Because Mistral Bank is the third largest bank in the United States a data breach of this
stature could definitely affect more than fifty million people. JP Morgan Chase, which is the
nations largest, has already been affected by a data breach affecting over 76 million individuals
and 7 businesses (Forbes.com, 2015). Cyber criminals obtained all personal information such a
financial documents, names, addresses, email addresses, phone numbers and etc. Fortunately JP
Morgan Chase had no customers affected by this breach and also sensitive data such as bank
account information, passwords, social security numbers and birth dates were not associated with
the breach. Customers mainly affected were those that used the web applications such as the
online banking website and the mobile application. Cyber criminals are more likely to cause data
breaches to financial institutes for the financial gain, which causes banks such as Mistral Bank a
financial strain to properly secure their data. If a data breach occurred within this bank they can
run the risk of losing customers, their integrity and the fine of paying their customers for their
loss.
9.3 Avisitel
Avisitel is a multinational telecommunications corporation with over 74 million
customers in New York and is the third largest mobile and landline telecommunication service in
the US. Avisitel also offers broadband and television services (UMUC, 2015). Because of
Avisitel’s major telecommunications network a data breach against this company could impact
many customers. Avisitel not only has to worry about their consumers being affected by personal
information being obtained but also the data through their broadband service that they offer.
Because Avisitel operates two wireless technologies CDMA and iDEN customers run the
21
risk of an Advanced persistent treat, which is an unauthorized attack on a network. An APT
attack can go undetected for an extremely long amount of time and customers may not notice any
threat right away, which allows the attacker to have ongoing access. APT attacks can damage not
only the telecommunications reputation and business but also the United States because having
an ongoing attack fishing through a company such as Avisitel is lethal to over 74 million
customers and businesses that are also associated with the company.
9.4 DTL Power
DTL Power Corporation is an electric utility distributing and generating company located
in New Mexico. The power corporation has over five million customers and five hundred
thousand natural gas customers (UMUC, 2015). Cyber breaches of power corporations have been
the bigger scare for cyber analysts because of its major effects of the power grid. The Federal
Government regulates the nuclear industry, which is one of the many few industries regulated.
“Nuclear power plants continue to be among the best-protected private sector facilities in the
nation,” According to the independent U.S. Nuclear Regulatory Commission, which holds
nuclear power plants to the highest security standards of any American industry. The exceptional
detail about nuclear energy systems is that cyber attacks cannot prevent the facility from
executing their safety roles. Nuclear plants are exempt from the Internet, therefore when or if a
cyber breach occurred the reactors are made to shut down securely and within a timely manner if
required.
10. Cybersecurity Technologies
Cybersecurity technologies and policies are being developed at a rapid rate due to all of
the new laws that must be put in place as well as the defense technologies. Hytema is a billion
dollar Defense Corporation with over one hundred thousand employees. Making sure that the
22
company is secure and fully operational has become an everyday task due to cyber criminals.
With the advancement to new technologies and policies, corporations such as Hytema can fully
flourish and continue to sustain cyber attacks and warfare.
10.1 Hackback
Hackback is a great effective technology that should be implemented more so in the
future. Although still illegal under U.S law, the theory of hackback has been accepted and
implemented in many other countries (Fisher, 2013). A hackback occurs when a company such
as Hytema has been hacked they use vulnerabilities or the stolen data to attack the cyber
criminal. By using a Honeypot, which is a computer and/or server that is deliberately set up to
assume to be an easy target and obtain an attack, the honeypot can obtain the IP and any code to
potentially disrupt, shut down or lock up a computer to obtain access or install an advance
persistent threat (APT) in the hackers system. Hackbacks give companies a way to properly
research which systems and vulnerabilities cyber criminals are luring themselves into hacking. It
also gives the corporation a means to shut down the attacks systems to further prevent them from
attacking their business or someone else’s. This would give businesses, Military, Government,
Financial institutions a step ahead of hackers if they were allowed to install an APT, however
because of the nature of hackbacks the current U.S. Law does prohibit the action. The
Commission on the Theft of American Intellectual Property is currently in petition to hopefully
change the law.
10.2 Virtual Private Networks
Virtual Private Networks have come into play because most government agencies and
businesses hire employees that travel or that work from remote locations. As these employees
work from remote locations they need the ability to connect to their work server, without
23
physically being in the office. Virtual Private Networks were then created to allow such
employees the opportunity to work away from the actual office but still have the luxury of
working from a private server. All VPN’s are heavily encrypted and normally have many
different access codes to bypass before being connected. In the past many users were using the
standard windows systems log in and unique password to access their VPN. Currently most if not
all defense contractors are now using Personal Identity Verification (PIV) cards to access their
servers from remote locations. These PIV cards can easily identify an employee’s verification to
eliminate identify fraud and secure all data.
10.3 Cloud Computing
Cloud computing was developed for similar reasons as Virtual Private Networks, to
accommodate remote employees and the usage of mobile devices as well as saving money.
Cloud computing is centralized server that allows employees to access data without the constant
hassle of clogging up the local servers. Cloud computing stores data in a central server until
needed, this relives the corporation the financial disadvantage of purchasing hardware with more
space to house all the data requirements. Cloud computing can be set up for different parameters
and that would depend on what the client desires. E-mail inboxes tend to be amongst the many
things that slow servers down because of the file sizes and the amount of archives an employer
has. Cloud computing allows the settings to be set to permanently archive within the cloud every
e-mail beyond ten days. These e-mails are still accessible to the employer and visible, but the
space is removed from the hardware, which causes a faster operation of the equipment.
Security has always been a major downfall with cloud computing, however since many
defense contractors work closely with the Federal Government they must adopt their security
measures, which allows cloud computing to be very secure to sustain cyber theft. Private clouds
24
provide more security to the industry because the organization has a choice to own and operate
the cloud causing less outside access from a third party (NIST, 2011).
11. Conclusion
In 2014 the everyday user was more than likely introduced to cyber attacks more than
they ever were before. Consumer large companies such as Target, Home Depot, Staples,
Michael’s, and Sony Pictures hit close to home for many people. This brought a new
understanding to the importance of cybersecurity not only for the end users but also major
companies. Cyber criminals were continuously attacking these very profitable businesses and
affecting the consumers during the process. Customers would potentially feel at ease after one
attack and then a month later find themselves under attack again from another store. Many of
these major retailers offered customers credit monitoring and issues new credit and/or debit
cards, however the damage had already been done. In March of 2015 Anthem, which is one of
the nations biggest health care insurance provided faced a major cyber attack. Anthem
announced that over ten million of their customers, employees and their very own Chief
Executive were affected by this sophisticated hack. Although only ten million customers and
employees were affected the database that was hacked held over eighty million medical records
including social security numbers, birthdays, addresses, employment data and income.
Cyber crime has gotten to an all time high and the more we advance into the technical
framework, the more advanced cyber criminals will become. Cybercrime has now become one of
the world’s largest crimes causing agencies such as the Federal Bureau of Investigations to
increase their enforcement laws and protection. Cyber analysts will have to work very closely
with policy analysts to provide businesses, Federal Government and Military defenses against
warfare and everyday attacks.
25
Defense contractors such as Hytema will continue to face new and difficult challenges
every single day. Because these defense contractors work very closely with the Federal
Government the demand is extremely high to keep their data secure while upholding the
organizations integrity. The structure of the company, its cybersecurity technology and policies
will determine the strength it can withstand against cyber criminals. Every major organization
will come face to face with some form of cyber vulnerabilities, threats and/or attacks, however
Defense contractors must properly equip themselves as they are holding the Nation’s data. A data
breach caused by Hytema’s failed cybersecurity technologies could cause a financial, social, and
business decline for the sector as a whole. Centralizing cybersecurity requirements, laws and
regulations prevents the sector from being unprepared and faced with a major data breach that
isn’t sustainable or rectifiable. The Federal Government works very closely with the Defense
Contractors to ensure that all policies and technologies are being followed and executed as best
they can, because having a National data breach is unacceptable and if it can be avoided, it
should be at all time.
26
References
Anselmo, J. C. (2010). Much Hope; More Hype. Aviation Week & Space Technology , 172 (13), 53-53.
BAE Systems. (n.d.). XTS Guard 5. Retrieved from
http://www.baesystems.com/
Bear, Jay (2015) Jay Bear, retrieved from
http://jaybaer.com
Brady, J. W. (2011). Securing health care: Assessing factors that affect HIPAA security compliance in
academic medical centers . Proceedings of the 44th Hawaii International Conference on System
Sciences (pp. 1-10). Kauai: IEEE.
Cancian, M. (2008). Contractors: The new element of military force structure. Retrieved from
http://strategicstudiesinstitute.army.mil/pubs/parameters/Articles/08autumn/cancian.pdf
Chong, W. (2014). Political connections of the boards of Directors and Department of Defense
Contractors’ excessive profits. Journal Of Public Procurement, 14(1), 96-122.
Church, J., & Schwartz, M (2013). Department of Defense’s use of contractors to support military
operations: Background, analysis, and issues for congress. Retrieved from
https://www.fas.org/sgp/crs/natsec/R43074.pdf
Defense Security Service. (n.d). Foreign travel vulnerability. Retrieved from
http://www.dss.mil/documents/ci/Foreign-Travel-Vulnerability.pdf
Doherty, N., & Fulford, H. (2006). Aligning the information security policy with the strategic
information systems plan. Computers & Security , 25, 55-63.
Ferraiolo, D., Kuhn, D., & Chandramouli, R. (2003). Role-based Access Controls. Boston: Artech
House.
27
Fisher, M. (2013). Should the U.S. allow companies to “hackback” against foreign cyber spies? The
Washington Post. Retrieved from
http://www.washingtonpost.com/blogs/worldviews/wp/2013/05/23/should-the-u-s-allowcompanies-to-hack-back-against-foreign-cyber-spies/
Global Knowledge Network, Inc. (2002). Network Security 1: Policy, Administration, and Firewalls.
Cary, North Carolina: Network Knowledge, Inc.
GPO (2013) National Defense Authorization Act for fiscal year 2013. Retrieved from
http://www.gpo.gov/fdsys/pkg/BILLS-112hr4310enr/pdf/BILLS-112hr4310enr.pdf
Haas, A.K., & Hill, E.J. (2014). New rule forces contractors to report cybersecurity incidents. Retrieved
from
http://www.nationaldefensemagazine.org/archive/2014/march/pages/newruleforcescontractorstor
eportcybersecurityincidents.aspx
Hagedorn, A. (2014). A perilous dependence on contractors. Retrieved from
http://www.nytimes.com/2014/10/03/opinion/a-perilous-dependence-on-contractors.html?_r=0
Hardekopf, Bill (2015) The Big Data Breaches of 2014; retrieved from
http://www.forbes.com/sites/moneybuilder/2015/01/13/the-big-data-breaches-of-2014/
HITRUST Alliance. (n.d.). The HITRUST Common Security Framework: A revolutionary way to protect
electronic health information. Retrieved from HITRUST:
http://hitrustalliance.net/content/uploads/2014/09/HiTrustCSFBrochure.pdf
(nd). Intrusion Detection Systems. In Buyer’s Guide. ICA Labs.
Johnson, M. E., & Goetz, E. (2007). Embedding information security into the organization. IEEE
Security & Privacy , 16-24.
Konkel, F. (2015). DOD OKs 23 Cloud Solutions for Least Sensitive Data . Atlantic Media, Inc.
Leach, J. (2015, January). DISA releases updated DoD Cloud Requirements: What are the impacts?
Retrieved from Veris Group: http://www.verisgroup.com/wp-content/uploads/2015/01/DISAreleases-updated-DoD-Cloud-Requirements-%E2%80%93-What-are-the-impacts-article.pdf
Legislative Updates: Homeland Security Act of 2002. (2015, June 26). Retrieved from Office of
Legislative Policy and Analysis:
http://olpa.od.nih.gov/legislation/107/publiclaws/hmlndsecrty.asp
Lockheed Martin. (2012). Lockheed Martin to assist Department of Defense in fight against growing
threat: Cyber crime. Retrieved from http://www.lockheedmartin.com/us/news/pressreleases/2012/may/isgs-DC3-EITS-0503.html
28
Misra, A. K., Verma, M., & Sharma, A. (2014). Capturing the Interplay Between Malware and Antimalware in a Computer Network. Applied Mathematics and Computation , 229, 340-349.
NSA/CSS Classification Guide. (2014, May 23). Retrieved from Nsa.gov:
https://www.nsa.gov/public_info/_files/nsacss_policies/Policy_Manual_1-52.pdf
Nuclear Energy Institution, (2015) retrieved from
http://www.nei.org
Office of Federal Procurement and Policy. (2015). Retrieved from The Whitehouse:
https://www.whitehouse.gov/omb/procurement_index_guides/
Ponemon, Inc. (2015, February). Intelligence Driven Cyber Defense. Retrieved from Lockheed Martin
Cyber: http://cyber.lockheedmartin.com/hs-fs/hub/444799/file-2508671409-
pdf/Documents/Reports/ponemon-intelligence-driven-cyber-defense-survey-report-2015.pdf
Raytheon, (n.d.). High-speed network and link encryption. Retrieved from
http://www.raytheon.com/capabilities/products/high_speed_network/index.html
Rebolledo, C., & Nollet, J. (2011). Learning from suppliers in the aerospace industry. International
Journal Of Production Economics, 129(2), 328-337. doi:10.1016/j.ijpe.2010.11.008
Rouse, M. (n.d.). Advanced Persistent Threat. Retrieved from:
http://searchsecurity.techtarget.com/definition/advanced-persistent-threat-APT
Schwartz, M. (2013). Department of defense contractors in Iraq and Afghanistan: Background and
analysis. Retrieved from https://www.fas.org/sgp/crs/natsec/R43074.pdf
Sugarman, E (2014) Cybersecurity is a severe and growing challenge for government contractors.
Retrieved from http://www.forbes.com/sites/elisugarman/2014/08/26/cybersecurity-is-a-severeand-growing-challenge-for-government-contractors/
The Department of Homeland Security, (2015) Retrieved from:
http://www.dhs.gov/federal-information-security-management-act-fisma
The Office of Personnel Management, (2015) retrieved from
http://www.opm.gov/news/latest-news/announcements/
The Privacy Rights Clearinghouse, (2015) retrieved from
http://www.privacyrights.org/data-breach/new
Thompson, L. (2014, March 14). Lockheed Martin Moves To Dominate Cyber Defense Of Electric Grid
& Energy Complex. Retrieved from Forbes.com:
http://www.forbes.com/sites/lorenthompson/2014/03/14/lockheed-martin-moves-to-dominatecyber-defense-of-electric-grid-energy-complex/
29
United States Department of Defense (2015) retrieved from
http://www.defense.gov/about/dod101.aspx
UMUC (2015) Cybersecurity partners, Retrieved from
http://www.umuc.edu/cybersecurity/partners/
UMUC (2015) Cybersecurity Simulation, Retrieved from
https://cybercapstone.umuc.edu/capstone/Student/Login.aspx
Van Deursen, N., Buchanan, W. J., & Duff, A. (2013). Monitoring information security risks within
health care. Computers & Security , 37, 31-45.
Walker, R. (2012). Boeing ramps up focus on big data, cybersecurity. Washington Technology, (3). 18.
Wang, C., & San Miguel, J. (2012). The excessive profits of defense contractors: Evidence and
Determinants. Journal Of Public Procurement, 12(3), 386-406.
Wilhelm, Collin (2014) TD Bank pays in settlement; retrieved from
http://www.americanbanker.com/news/bank-technology/td-bank-pays-625000-in-mass-databreach-settlement-1071592-1.html
30


Get Professional Assignment Help Cheaply

Buy Custom Essay

Don't use plagiarized sources. Get Your Custom Essay on
CSEC 670 Section 9020: Cybersecurity Capstone
Just from $10/Page
Order Essay

Are you busy and do not have time to handle your assignment? Are you scared that your paper will not make the grade? Do you have responsibilities that may hinder you from turning in your assignment on time? Are you tired and can barely handle your assignment? Are your grades inconsistent?

Whichever your reason is, it is valid! You can get professional academic help from our service at affordable rates. We have a team of professional academic writers who can handle all your assignments.

Why Choose Our Academic Writing Service?

  • Plagiarism free papers
  • Timely delivery
  • Any deadline
  • Skilled, Experienced Native English Writers
  • Subject-relevant academic writer
  • Adherence to paper instructions
  • Ability to tackle bulk assignments
  • Reasonable prices
  • 24/7 Customer Support
  • Get superb grades consistently

Online Academic Help With Different Subjects

Literature

Students barely have time to read. We got you! Have your literature essay or book review written without having the hassle of reading the book. You can get your literature paper custom-written for you by our literature specialists.

Finance

Do you struggle with finance? No need to torture yourself if finance is not your cup of tea. You can order your finance paper from our academic writing service and get 100% original work from competent finance experts.

Computer science

Computer science is a tough subject. Fortunately, our computer science experts are up to the match. No need to stress and have sleepless nights. Our academic writers will tackle all your computer science assignments and deliver them on time. Let us handle all your python, java, ruby, JavaScript, php , C+ assignments!

Psychology

While psychology may be an interesting subject, you may lack sufficient time to handle your assignments. Don’t despair; by using our academic writing service, you can be assured of perfect grades. Moreover, your grades will be consistent.

Engineering

Engineering is quite a demanding subject. Students face a lot of pressure and barely have enough time to do what they love to do. Our academic writing service got you covered! Our engineering specialists follow the paper instructions and ensure timely delivery of the paper.

Nursing

In the nursing course, you may have difficulties with literature reviews, annotated bibliographies, critical essays, and other assignments. Our nursing assignment writers will offer you professional nursing paper help at low prices.

Sociology

Truth be told, sociology papers can be quite exhausting. Our academic writing service relieves you of fatigue, pressure, and stress. You can relax and have peace of mind as our academic writers handle your sociology assignment.

Business

We take pride in having some of the best business writers in the industry. Our business writers have a lot of experience in the field. They are reliable, and you can be assured of a high-grade paper. They are able to handle business papers of any subject, length, deadline, and difficulty!

Statistics

We boast of having some of the most experienced statistics experts in the industry. Our statistics experts have diverse skills, expertise, and knowledge to handle any kind of assignment. They have access to all kinds of software to get your assignment done.

Law

Writing a law essay may prove to be an insurmountable obstacle, especially when you need to know the peculiarities of the legislative framework. Take advantage of our top-notch law specialists and get superb grades and 100% satisfaction.

What discipline/subjects do you deal in?

We have highlighted some of the most popular subjects we handle above. Those are just a tip of the iceberg. We deal in all academic disciplines since our writers are as diverse. They have been drawn from across all disciplines, and orders are assigned to those writers believed to be the best in the field. In a nutshell, there is no task we cannot handle; all you need to do is place your order with us. As long as your instructions are clear, just trust we shall deliver irrespective of the discipline.

Are your writers competent enough to handle my paper?

Our essay writers are graduates with bachelor's, masters, Ph.D., and doctorate degrees in various subjects. The minimum requirement to be an essay writer with our essay writing service is to have a college degree. All our academic writers have a minimum of two years of academic writing. We have a stringent recruitment process to ensure that we get only the most competent essay writers in the industry. We also ensure that the writers are handsomely compensated for their value. The majority of our writers are native English speakers. As such, the fluency of language and grammar is impeccable.

What if I don’t like the paper?

There is a very low likelihood that you won’t like the paper.

Reasons being:

  • When assigning your order, we match the paper’s discipline with the writer’s field/specialization. Since all our writers are graduates, we match the paper’s subject with the field the writer studied. For instance, if it’s a nursing paper, only a nursing graduate and writer will handle it. Furthermore, all our writers have academic writing experience and top-notch research skills.
  • We have a quality assurance that reviews the paper before it gets to you. As such, we ensure that you get a paper that meets the required standard and will most definitely make the grade.

In the event that you don’t like your paper:

  • The writer will revise the paper up to your pleasing. You have unlimited revisions. You simply need to highlight what specifically you don’t like about the paper, and the writer will make the amendments. The paper will be revised until you are satisfied. Revisions are free of charge
  • We will have a different writer write the paper from scratch.
  • Last resort, if the above does not work, we will refund your money.

Will the professor find out I didn’t write the paper myself?

Not at all. All papers are written from scratch. There is no way your tutor or instructor will realize that you did not write the paper yourself. In fact, we recommend using our assignment help services for consistent results.

What if the paper is plagiarized?

We check all papers for plagiarism before we submit them. We use powerful plagiarism checking software such as SafeAssign, LopesWrite, and Turnitin. We also upload the plagiarism report so that you can review it. We understand that plagiarism is academic suicide. We would not take the risk of submitting plagiarized work and jeopardize your academic journey. Furthermore, we do not sell or use prewritten papers, and each paper is written from scratch.

When will I get my paper?

You determine when you get the paper by setting the deadline when placing the order. All papers are delivered within the deadline. We are well aware that we operate in a time-sensitive industry. As such, we have laid out strategies to ensure that the client receives the paper on time and they never miss the deadline. We understand that papers that are submitted late have some points deducted. We do not want you to miss any points due to late submission. We work on beating deadlines by huge margins in order to ensure that you have ample time to review the paper before you submit it.

Will anyone find out that I used your services?

We have a privacy and confidentiality policy that guides our work. We NEVER share any customer information with third parties. Noone will ever know that you used our assignment help services. It’s only between you and us. We are bound by our policies to protect the customer’s identity and information. All your information, such as your names, phone number, email, order information, and so on, are protected. We have robust security systems that ensure that your data is protected. Hacking our systems is close to impossible, and it has never happened.

How our Assignment Help Service Works

1. Place an order

You fill all the paper instructions in the order form. Make sure you include all the helpful materials so that our academic writers can deliver the perfect paper. It will also help to eliminate unnecessary revisions.

2. Pay for the order

Proceed to pay for the paper so that it can be assigned to one of our expert academic writers. The paper subject is matched with the writer’s area of specialization.

3. Track the progress

You communicate with the writer and know about the progress of the paper. The client can ask the writer for drafts of the paper. The client can upload extra material and include additional instructions from the lecturer. Receive a paper.

4. Download the paper

The paper is sent to your email and uploaded to your personal account. You also get a plagiarism report attached to your paper.

smile and order essay GET A PERFECT SCORE!!! smile and order essay Buy Custom Essay


Place your order
(550 words)

Approximate price: $22

Calculate the price of your order

550 words
We'll send you the first draft for approval by September 11, 2018 at 10:52 AM
Total price:
$26
The price is based on these factors:
Academic level
Number of pages
Urgency
Basic features
  • Free title page and bibliography
  • Unlimited revisions
  • Plagiarism-free guarantee
  • Money-back guarantee
  • 24/7 support
On-demand options
  • Writer’s samples
  • Part-by-part delivery
  • Overnight delivery
  • Copies of used sources
  • Expert Proofreading
Paper format
  • 275 words per page
  • 12 pt Arial/Times New Roman
  • Double line spacing
  • Any citation style (APA, MLA, Chicago/Turabian, Harvard)

Our guarantees

Delivering a high-quality product at a reasonable price is not enough anymore.
That’s why we have developed 5 beneficial guarantees that will make your experience with our service enjoyable, easy, and safe.

Money-back guarantee

You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.

Read more

Zero-plagiarism guarantee

Each paper is composed from scratch, according to your instructions. It is then checked by our plagiarism-detection software. There is no gap where plagiarism could squeeze in.

Read more

Free-revision policy

Thanks to our free revisions, there is no way for you to be unsatisfied. We will work on your paper until you are completely happy with the result.

Read more

Privacy policy

Your email is safe, as we store it according to international data protection rules. Your bank details are secure, as we use only reliable payment systems.

Read more

Fair-cooperation guarantee

By sending us your money, you buy the service we provide. Check out our terms and conditions if you prefer business talks to be laid out in official language.

Read more
error: Content is protected !!
Open chat
1
Need assignment help? You can contact our live agent via WhatsApp using +1 718 717 2861

Feel free to ask questions, clarifications, or discounts available when placing an order.
  +1 718 717 2861           + 44 161 818 7126           [email protected]
 +1 718 717 2861         [email protected]