Chapter 17: Information Security
motivations for hacking
-account theft or illegal funds transfer -stealing personal or financial data -compromising computer assets for use in other crimes -extortion -intellectual property theft -espionage -cyberwarfare -terrorism -pranksters -hacktivism (protest hacking) -revenge from disgruntled employees
user and admin threats
-bad apples in house -social engineering -phishing -passwords
the goal of the malware
-botnets or zombie networks -malicious adware -spyware -keylogger -screen capture -card skimmer -RAM scraping or storage scanning software -ransomware -blended threats
action as an organization
-frameworks, standards, and compliance -education, audit, and enforcement -technology's role
examples of social engineering
-impersonating senior management -identifying a key individual as a supposed friend -making claims with confidence and authority -baiting someone to add/deny/clarify information -using harassment, guilt, or intimidation -using flirtation or charm to gain info, favors, or access -setting off a series of false alarms to cause the victim to disable alarm systems -answering bogus surveys
technology threats
-malware -poorly designed software -push button hacking
technology's role
-patch -lock down hardware -lock down the network -lock down partners -lock down systems -have failure and recovery plans
action as a user
-surf smart -stay vigilant -stay updated -stay armed -be settings smart -be password savvy -be disposal smart -back up -check with your administrator
methods of malware infection
-viruses -worms -trojans
Screen capture
A type of keylogger that records pixels that appear on a user's screen to identify proprietary information
Blended threats
Attacks combining multiple malware or hacking exploits
zero-day exploit
Attacks that are so new that they have not been clearly identified and so they haven't made it to the security screening
Card skimmer
Captures data from a card's magnetic strip
Key
Code that unlocks encryption
RAM scraping or storage scanning software
Malicious code that scans computing memory (RAM, hard drives, or other storage) for sensitive data, often looking for patterns such as credit card or Social Security numbers
Malicious adware
Programs installed without full user consent or knowledge that later serve unwanted advertisements
Spoofed
Refers to forging or disguising the origin/identity
Executables
Running program
Spyware
Software that monitors and reports a user's computing habits
Social Engineering
Tricking employees into revealing information or performing other tasks by pretending to be legitimate members of the company in need of information
black hat hackers
a computer criminal
phishing
a con executed using technology, typically targeted at acquiring sensitive information or tricking someone into installing malicious software
hacktivists
a protester seeking to make a political point by leveraging technology tools often through system infiltration, defacement, or damage
honeypots
a seemingly tempting but bogus target meant to draw hacking attempts
firewalls
a system that acts as a control for network traffic, blocking unauthorized traffic while permitting acceptable use
intrusion detection systems
a system that monitors network use for potential hacking attempts; blocks, isolates, or identifies infiltration attempts
certificate authority
a trusted third party that provides authentication services in public key encryption schemes
public key encryption
a two key system used for securing electronic transmissions; a public key locks data and a private key unlocks it
brute-force attacks
an attack that exhausts all possible password combinations in order to break into an account
DDoS
an attack where a firm's computer systems are flooded with thousands of seemingly legitimate requests, the sheer volume of which will slow or shut down the site's use; usually performed via botnets
policies need eyes and teeth. eyes being ___ and teeth being ___
audit; enforcement
dumpster diving
combing through trash to identify valuable assets
CAPTCHAs
completely automated public turing test to tell computers and humans apart; the scrambled character images that users must enter
Heartland case shows what
compliance does NOT = security
cash-out fraudsters
criminals that purchase assets from data harvesters to be used for illegal financial gain (ie. stolen credit cards to buy goods, creating fake accounts via identity fraud, etc)
data harvesters
cybercriminals who infiltrate systems and collect data for illegal resale
turing test
distinguishes if a task is being performed by a computer or a human
Ransomware
encrypts files and demands users to pay to regain control
trojans
exploits that try to sneak in by masquerading as something they're not
shoulder surfing
gaining compromising information through observation
whitelists
highly restrictive programs that permit communication only with approved entities and/or in an approved manner
botnets
hordes of surreptitiously infiltrated computers liked and controlled remotely; zombie networks
Malware
malicious software
hacker
may be applied to either someone who breaks into computer systems or to a particularly clever programmer
hack
may mean breaking into a computer system or a particularly clever solution
Stuxnet
most notorious act of cyberwarfare yet; launched by either US or Israeli intelligence to eliminate Iranian uranium warheads
blacklists
programs that deny the entry or exit of specific IP addresses, products, internet domains, and other communication restrictions
viruses
programs that infect other software or files and require an executable running program; need an executable to run and can spread through OS, USBs, DVDs
worms
programs that take advantage of security vulnerability to automatically spread, but unlike viruses, do not require an executable; scan and install themselves
encryption
scrambling data using a code or formula known as a cipher such that it is hidden from those who do not have the unlocking key
white hat hackers
someone who uncovers computer weaknesses without exploiting them with the goal of improving system security
biometrics
technologies that measure and analyze human body characteristics for identification or authentication
Keylogger
using spyware to record a user's keystrokes; can be hardware or software
multi-factor authentication
when identity is proven by presenting more than one item for proof of credentials
