HACS208P Extended
Evolution of ARPANET into the 1980s
"Inter networking" became increasingly popular. Several purpose-built networks then exist, with ARPANET being at the heart of them Goal was soon to have networks independently communicate with one another, such as with IP and TCP - birth of the modern internet
Application Layer
- Acts as an interface between your computer and the programs on it and the network you want to communicate on - Translating human domain names into computer friendly IP addresses is done by the DNS protocol - Lots of instructions
World Wide Web Consortium (W3C)
- An international community of organizations and the public work to develop web standards - Develops protocols and guidelines for web development purposes (CSS, HTML, etc)
Factors in evolution of internet
- Evolutionary process - Multiple players and stakeholders - Academic inspiration - Key government support - Private sector ingenuity
Network Layer
- Information that deals with routing is done at the network layer - Locations on the internet are established by internet protocol - Autonomous systems are large networks that manage thousands of internet protocol addresses - Autonomous systems maintain peering relationships
Technical Rule Making Bodies
- Internet Architecture Board - Internet Engineering Task Force - Internet Research Task Force
Physical Layer
- Moves data encoded on different points on the electromagnetic spectrum - Fiber optics help traverse long distances - Microwave used for point to point transmission - Satellites used to move data over radio waves - Internet Exchange Points (IXP) physically connect networks together in accordance to logical peering relationships
Internet of things def
- Networks of objects that communicate with other objects and with computers through the Internet. "Things" may include virtually any object for which remote communication, data collection, or control might be useful, such as vehicles, appliances, etc. - An object is a part of this web of interconnected devices if it has 1. A unique identifier (IPv6) and 2. Internet connectivity
Internet as a global commons Trends (early 2000's)
1. Cloud computing 2. Mobile Computing
Rules of the internetwork
1. Each distinct network stands on its own 2. Communications get transferred on a best effort basis (if they make it they make it, if they don't then they don't) 3. Black boxes would connect internet 4. No global control of the operations Assumed only 256 networks would be enough
History and evolution of the internet (detailed)
1. Ideological origins 2. Govt support and prototyping to build a prototype (ARPANET) 3. Privatizing and scaling the internet 4. Govt research support
Cloud computing: security concerns
1. Privileged User Access: Company data processed outside of the organization brings a degree of risk 2. Regulatory Compliance: Customers are ultimately responsible for the integrity of their data regardless of where it resides. 3. Data Location: When you use cloud services you don't always know where your data is physically located 4. Data Segregation: Organizational data is collocated with other systems 5. Recovery: Cloud providers need to be able to articulate recovery procedures in case of total failure
Describe prototype of the internet
1960s, DARPA (Defense Advanced Research Projects Agency) funds project called ARPANET @ academic institutions. ARPANET started first packet switching protocol. (Internet protocol and Transmission control protocol were developed at this time), both of which still exist today.
OSI Model Layers
7 Application 6 Presentation 5 Session 4 Transport 3 Network 2 Data Link 1 Physical
A firm's stock price that falls 20% after a cyber event is an example of a
A Secondary Effect
Which definition best describes an Autonomous Systems?
A collection of connected Internet Protocol (IP) under the control of one or more network operators.
OceanLotus is a hacking group that is best described as a
A nation state group that was highly focused on acquiring information against economic and political targets
Tallinn Manual
A non-binding document that is the cyber equivalent of the Geneva Convention, specifying the rules of cyberwarfare
The OSI model is
A representation of how information from a user is encapsulated, transmitted, and received across networks, and the global telecommunications infrastructure
The Onion Network is a
A series of servers who route traffic through devices, peeling away encrypted layers of routing information to use in anonymous internet browsing or proxy to another server
APT is an acronym for
Advanced Persistent Threat
Who said they invented the internet?
Al Gore
Supercomputer Network Study Act
Allocated 600 million to study high performance computing
The size and complexity of an organization's publicly facing internet presence is known as the firm's
Attack Surface
What is the key protocol that is leveraged to "provide the map" between networks?
BGP
IP Address
Basically the address on the Internet. it is where you are going. the address of the outside of an envelope
Describe WWW in 90s and 2000s
Boom of people using it in the 90s, but the .com bubble burst in the 2000s. Afterwards, there was boom of blogs, wikis, social networking, etc with "Web 2.0"
Regional Internet Registries are
Both A and C (A = Managed by ICANN, C = A core part of the internet that helps domain names with internet protocol addresses)
The effects of cyber attack against specific industries can be best described as
Both B and D (B = Varying in the types of exploitative and disruptive category types across all sectors, D = Varying in number across all sectors in the economy)
What is encapsulation
Bundling instructions for any communication together and hiding details
Internet
Collection of networks working together to transmit, receive, manipulate, and process information for a variety of purposes
According to the taxonomy what kind of cyber event was the Maersk line attack?
Data Attack
Spearphishing is a tactic in which part of the Lockheed Martin Kill Chain Model?
Delivery
Fancy Bear is a threat actor that is best categorized as what type of threat actor?
Either C or D (C = APT, D = Nation State)
The OSI Data Model utilizes the concept of ______ to move data from one point of the Earth to another
Encapsulation
Internet Engineering Task Force (IETF)
Engineering group which focuses on short term immediate technology needs
Threat Landscape def
Entirety of potential and identified cyberthreats affecting a particular sector, group of users, time period, and so forth. Internet, hackers, tools tactics and processes, effects, and attack surfaces all define threat landscape.
The Target, Home Depot, or Eddie Bauer cyber events are examples of what type of attack in the taxonomy presented in the course
Exploitation of Sensor
According to international law, a country DOES NOT have an obligation to take measures to ensure the establishment of international telecommunications infrastructure that is required for the rapid and uninterrupted international telecommunications
False
IT System Administrators often can easily identify who attackers are and submit their identities to law enforcement for prosecution
False
Public Policy is strictly limited to the laws passed at the federal, state, or local level
False
Russia is considered a medium tier cyber threat
False
The global telecommunication infrastructure is managed by nation states who come to agreement on where to invest and who should have access
False
The government was the only actor in scaling the internet for wide adoption by the 1990s
False
Internet Research Task Force (IRTF)
Focused on long-term research related to Internet and TCP/IP protocols such as Anti-Spam Research Group (ASRG), Crypto Forum Research Group (CFRG), and Peer-to-Peer Research Group (P2PRG).
Birth of the modern internet
Goal: allow networks to independently communicate with one another; previous work on internet protocol (IP) and transmission control protocol (TCP) is adopted universally in 1984
Data governance in industries
Gramm-Leach-Bailey Act - modernizes security in banking industry to safeguard info
A hacker who defaces a government website to protest the arrest of a political prisoner would be considered what type of threat actor?
Hacktivist
Which of the following is NOT considered a cyber threat actor?
Hobbyists who are curious about how technology works and reports vulnerabilities to organizations and authorities
How is Data governed in the US
In US, there is no uniform data protection legislation federally, but there are laws to protect information in some industries
Encapsulation def
Instructions for data to be packaged, routed, and transmitted
What did origins of the internet look like?
Interconnected computers transmitting large amounts of data. (1950s and 1960s)
Which description best describes The Internet Corporation for Assigned Names and Numbers (ICANN)?
Internationally organized non-profit responsible for coordinating the maintenance and procedures of several databases related to the namespace on the internet
What is ITU
Internet Telecommunications Union, forum for governments and the private sector to coordinate technical and policy matters related to global telecommunications networks and services
International weightlifting competition website defacement
Iranian weightlifter couldn't complete final lift, so hacker defaced competition website with motivational message to support the weightlifter.
Autonomous system
Kind of like local roads. Is a grouping of IP addresses which make routing information between independent networks easier. Companies like Verizon, Sprint, AT&T each have AS which they manage to communicate with each other
Internet Architecture Board (IAB)
Long range technical direction for internet development
Mirai botnet
Mirai is a malware that can control certain IOT devices which have hardcoded credentials on them
Describe another trend (Mobile computing)
Mobile web technology began at end of 90s, but by end of 2000s, 3g speeds allowed for better speeds.
First web browser
Mosaic (1993)
in 1993, what was most popular web browser, and what was the most common way to utilize the internet?
Mosaic, and way to utilize internet was with WWW and webpages
Scaling internet
NSFNET (National Science Foundation) builds high speed connections between research groups. Private sector became incentivized to build its own private networks to expand the capacity of the internet
Internet Corporation for Assigned Names and Numbers (ICANN)
Non-profit which coordinates maintenance and procedures of databases
The origin and evolution of the Internet was a product of
None of the above (Professors, Private Sector, and the Government)
OSI Model def
Open systems interconnection model; a way to think about the communications functions independent of the technology or structure
Threat landscape tactics, techniques, and procedures
Phising, ransomware, ddos, c2 infrastructure, virus, trojan, malware-less attacks, ics attacks
What is DNS
Phonebook of the internet, finds out where on the Internet to establish a connection. There are different types of DNS
The specific attack on a Ukraine Power grid in which 27 substations were taken off line was an example of
Physical Attack
autonomous vehicles concerns
Physical threats with potential access, lack of internet security, safety, liability
The use of _____ often makes it difficult for victims of cyber attack to identify the threat actor involved.
Proxies
Investigating the organizational chart of a target is which part of the Lockheed Martin Kill Chain Model?
Reconnaissance
Monde TV 5 Cyber attack 2015
Russian government / ISIS defaced this French news channel
Degradation to a customers logistic supply chains would be an example of a
Second Order Effect
How would you describe the $300M dollar loss by Maersk Line to a Policy Maker utilizing the model in the class?
Secondary Effect
Describe one trend (cloud computing)
Shared resources under the cloud emerged in 2006.
What was standard protocol in 1980s
TCP and IP. Before, it was Arpanet
What is the goal of the policy maker with cybersecurity?
Take advantage of beneficial aspects of technology, while minimizing security risks. However, not all issues are of public concern (Joe's crab shack)
Which of the following is a not a statue (i.e. a law) which deals with cybersecurity issues?
Tallinn Manual Rule 61
One major limitation of terrestrial microwave technology for use in long haul communications is
The curvature of the Earth prevents long distance communications, without the need for a repeater
Cyber def
The electronic world created by interconnected networks of information technology and the information on those networks. It is a global commons where... people are linked together to exchange ideas, service, and friendship
ARPANET
The first packet-switched network, the predecessor to the Internet.
Cybersecurity def
The organization and collection of resources, processes, and structures used to protect cyberspace and cyberspace-enabled systems
Which definition best describes the Internet Exchange Point (IEX)
The physical infrastructure through which Internet service providers (ISPs) and content delivery networks (CDNs) exchange internet traffic between their networks
Attack Surface def
The point at which an attacker can research, scan, exploit, and enter your organization; the publicly identifiable pieces of your network exposed to a potential attacker 1. Website 2. Internet connected sensors (Webcam) 3. File servers
Governance def
The process by which we manage the technical, informational, and organizational problems that arise from the complexity of the Internet; multiple stakeholders are involved
According to Director of National Intelligence, James Clapper, how are the threats of cyberattacks best described?
Threats to US national and economic security are increasing in size, scale, and severity of impact. Increase of targeted attacks
Who developed concept of World Wide Web, and writes first version of HTML and web pages in 1993?
Tim Berners Lee.
The Definition for the Term "cyber" includes the interplay between humans and humans
True
US CLOUD act
US Law enforcement can demand data stored outside of the US An individuals right to information depends on if the cloud provider objects Foreign gov can be granted permission to get info of people in the US if there is minimal effect
The 2018 Nuclear Posture Review introduced which of the following considerations into US nuclear policy?
Use of significant non-nuclear attacks on the country might be ground for the employment of nuclear weapons
Writing an exploit to leverage a vulnerability in the Windows 10 OS would be included in which phase of the Lockheed Martin Cyber Kill Chain?
Weaponization
Peering relationships
When an AS broadcasts a list of other networks it has a relation with, to forward information to an AS that does know where to direct you
Tim Berners Lee founded what?
World Wide Web Consortium in 1994
The Introduction of Senate Bill 2594, the "Super Computer Network Study Act" of 1986, the former president Al Gore helped
bring together industry, academia, and government in a joint effort to accelerate development and deployment of gigabit networking
What is DNS poisoning?
changes the DNS records on a system to point to false servers where the data is recorded Can be used to collect passwords, trick users into installing malware, redirecting searches
Important public policy considerations include
cyber physical systems, crime, activism, privacy
The definition of the Internet as a global information system includes all EXCEPT the following
includes the technology required to store and manipulate content in corporate networks
Internet governance forum
is a multi-stakeholder forum for policy dialogue on issues of Internet governance.
Bringing government policy makers, civil society (i.e. NGO, and the private sector to govern/manage a problem is known as
multi-stakeholder governance
Which browsers emerged to compete with Mosaic?
windows 95 and Internet Explorer, and Netscape