ISM3004 Exam 4 UF
What impact does Erik Brynjolfsson think AI will have on society?
"A vast and unprecedented boost to mental power should be a great boost to humanity, just as the earlier boost to physical power clearly was"
What does Elon Musk think about AI?
"AI is the biggest risk that we face as a civilization"
Social Engineering: What is it? How is it done? What steps does an attacker take to exploit this vulnerability?
"The clever manipulation of the natural human tendency to trust"; outsider manipulates naive insider for gain; first the attacker researches their victim, asking them for help in order to gain more and more connections illegitimately
What is Gartner's opinion of AI's likely impact over the next 5 years?
"Through 2022, few jobs are fully replacable, but most occupations will have at least some activities augmented by AI"
According to IBM's research, the average cost for each breached record of PII is $_______
$180
According to IBM's research, the average cost of a data breach is $_________.
$4.24 million
What is IP? Why do IP thieves typically steal it? What's a typical methodology?
(Intellectual Property) Creations of the mind, such as inventions, literary and artistic works, designs, symbols, names, and images used in commerce; they steal it to sell it; gain access, access the files, intercept email addresses, and stay hidden
What three factors can be used to quantify IT security risk? How are they used together to estimate risk?
-Asset Value -Threat Likelihood -Threat Severity They all help to be able to understand how important an asset is to protect
How can one avoid phishing scams?
-Be suspicious of urgent requests -Be very suspicious of requests for personal information -Don't use links in an email
What are the 3 legs of the CIA Triad?
-Confidentiality -Integrity -Availability
Human vulnerabilities - what measures are suggested for addressing them?
-Education/Awareness Training -HR Practices
Worms - what are they, and how do they propagate?
-Is a standalone malware or standalone program -Goal is to self-propagate via the network, so once the worm is in one computer on a network, it will look to spread to other computers by exploiting vulnerabilities in their systems -Do carry a payload
Characteristics of modern cybercrime syndicates and Cybercrime-as-a-Service
-Large -Professional -DDoS attacks -Spamming -Pay-Per-Install -Custom programming
How can one defend against web-based malware?
-Minimize use of administrator account -Keep OS, browser, plugins up to date -Minimize the attack surface -Be careful with popups -Use an ad blocker
What are the broad categories of IT vulnerability?
-Physical -Technological -Human
Real-world applications for Artificial Intelligence
-Processing Loan Applications -Advertising -Self-driving Vehicles -Medical Diagnosis -Banking: Fraud Detection
What three key scam techniques are used in a phishing attack?
-Seems legit - Spoofing -Sense of Urgency -Call to Action
Real-world examples of IoT technology in action
-Transportation -Streetlights -Image Recognition -Clothing -Logistics
Why is AI becoming pervasive - what two key needs does it meet?
-Usability -Access to vast amounts of data
Issues with Large Language Model Generative AI systems
1. Hallucinations -AI makes up information 2. The One Answer Problem -The fact that in life, there is not one true answer sometimes 3. Jailbreaking -Making the AI say things it isn't supposed to say, such as how to make a bomb/weapons
3 ways that an organization can respond to IT security risk
1. accept risk 2. refuse risk 3. mitigate (manage) risk
Based on current reports... How frequently do DDoS attacks occur? Roughly what is the cost of a typical DDoS attack to a small business?
20-50 times/month for 70% of companies as of 2021; $120,000
Lost mobile devices: ______% of smartphones lost each year
5%
Lost mobile devices: About ______% had sensitive data... and most of those were NOT protected at all!
60%
According to the PWC report, what is the annual growth rate for security incidents? _____%
66%
Lost Laptops - percentage of laptops lost over their service life: _______%
7%
Flash drives - about _______% of companies surveyed experienced the loss of sensitive/confidential information because of lost USB flash drives
70%
A 2021 survey of companies and insider threats discovered that.... _______% had experienced an insider data breach in the last year. The average cost of insider security breaches was ___________ per company.
94%; $11.5 million
What is a Man-in-the-Middle (MitM) attack?
An attack where the attacker sits between two communicating hosts and transparently captures, monitors, and relays all communication between the hosts
Bot
Attackers that can be controlled by a single person
What is the "vulnerability" being exploited in a Denial of Service (DoS) attack? How does this type of attack harm the victim?
Capacity; making the servers exceed capacity until they crash; causes customers to leave due to slow/non-existent service
Types of systems targeted by malware... and which platform suffered nearly half of malware infections as of mid-2021?
Computers, mobile devices; mobile devices
How does the CIA Triad guide our efforts to protect an organization's data and information systems?
Confidentiality -protects granular data Integrity -protects data from unauthorized changes Availability -makes sure our data is present when we need it
Hacktivists - What characteristics typify hacktivist groups? What strategies do they use to accomplish their goals?
Exist to inflict monetary pain, embarrass and harass their targets while gathering public support behind their cause; they typically use Denial of Service and information exposure to accomplish their goals
What can an attacker do with a bug?
Exploit the bug: -Run undesired program code -Unauthorized data access -Gain full control
'Hazardous Hardware' attacks - How does it work? How does the cybercriminal execute the attack? What can the cybercriminal get from this attack?
Hacks which involve physical hardware; it works by exploiting physical vulnerabilities, such as USB ports and cables; cybercriminals can install keyloggers as well as steal information
In what sense is mobile device contact sync a tech vulnerability?
Having corporate contacts on your phone during the contact sync can expose these private numbers to third-party companies
Why is data classification a necessary step in risk management?
Helps to be able to protect data based on value
Penetration Testing
Professional hacking to access data and computing power without being granted access; professional pen-testers are hired to identify and repair vulnerabilities and only work once, given written permission to obtain ungranted access.
What is a "bug"?
Programming flaw or oversight
What is the goal of "continuous intelligence" systems? How are proactive or "push" systems different from reactive or "pull" systems?
Sense a situation and respond to it in real-time; push systems are running constantly, notifying a human when it notices an irregularity, while pull systems do not run at all times, and only give out information when requested from the user directly
Endpoint Protection
Software that incorporates anti-malware scanners into a larger suite of security controls
What are the three user password vulnerabilities? Why is each a problem?
Sticky Note, Guessable, and Lack of Complexity; easily bypassed through brute force attacks
With Large Language Model AI systems, how is supervised training different from unsupervised? Why is the choice of training dataset important?
Supervised -Data is provided as a set of inputs + correct outputs Unsupervised -Data is unstructured The training dataset is what allows the AI to generate its results
What four "key actions" will we expect from our personal cloud? What does each mean?
Sync Me -My content should be available, when I want it, where I want it See Me -Device actually knows where you are, and adapts based on where you are/what you are doing Know Me -Device is able to interpret your requests based on it's knowledge of you Be Me -Device is able to act on your behalf, based on your typical behavior
Vulnerability Scanning
The act of scanning for weaknesses and susceptibilities in the network and on individual systems.
What does the French phrase "La fin du monde" have to do with AI?
The effects of AI are still not understood now, but will change our way of life dramatically in the future
What is "GeoFencing"?
The use of GPS or RFID technology to create a virtual geographic boundary, enabling software to trigger a response when a mobile device enters or leaves a particular area.
What is the supply situation for trained data scientists right now? How does AI Augmented Analytics help?
They are in short supply; it helps to lower the skillset necessary to perform complex data analysis
How do AI systems learn from prior and ongoing experience?
They participate in natural language dialogues with people
What is meant by the term, "Personal Cloud"? What factors/technologies/megatrends are enabling it?
Your personal collection of data that follows you around from device to device; -Consumerization -Mobility -Appification -Ubiquitous Cloud -Client diversity
Keylogger
a malicious program that records keystrokes.
Zombie
a program that secretly takes over another computer for the purpose of launching attacks on other computers
Why is email a powerful attack vector?
It is ubiquitous
What are digital identities and why protect them?
Log-in credentials such as usernames and passwords; to protect your identity
What is Shoulder Surfing? What is the attacker's goal?
Looking over your shoulder while you are typing personal/sensitive information in order to steal it
What is a default password? Why is this a possible vulnerability?
Password that is used to configure devices by default; if not changed, hackers can easily exploit this
What is PII?
Personally Identifiable Information
What is spoofing? How is it used in phishing?
Phish message that claims to be legit, but isn't; it is used to steal information by pretending to be the real site
Command&Control
an approach to protecting the environment that sets strict legal limits and threatens punishment for violations of those limits
Regarding "consumerization"... Mr. Olsen claims that consumers are very good at _________ technology, but very bad at ________ technology. How does the cloud solve that problem?
choosing, maintaining; cloud provider does it for us
(Reading: Beautiful Social Engineering Attack) What did the chemical engineer do that enabled the hacker to find him? How did the hacker gain the chemical engineer's confidence? What method did the hacker use to gain access to the target company's entire email system?
Posted photos/videos from his victories at Tuesday Night Trivia; by acting attractive and giving the guy free stuff; they used a USB inserted into his PC when he was not looking
Dumpster Diving: What kinds of information might be in there? What kinds of things contain the desired information? How would the cybercriminals use this information?
Pre-attack information: Phone lists, printouts, media; cybercriminals can use this information to prepare before making a larger attack
What is malware?
software that is intended to disable computer systems, disrupt operations, and steal data
Organizations spend most of their IT security dollars protecting _____________. Mobile devices are largely unprotected because they spend much time ___________________.
the "castle walls" (main campus); outside the walls
What is the "Internet of Things" (IoT)? How did Moore's Law help make IoT possible?
the interconnection via the Internet of computing devices embedded in everyday objects, enabling them to send and receive data; caused computers/computer parts to become dramatically cheaper, making it feasible to measure more mundane things
What is an "Advanced Persistent Threat"? What is a backdoor?
A determined human adversary that is not deterred by early failures, launching multiple repeated attacks with a variety of techniques; vulnerability left in by the hacker that can be exploited later for easier entry into the system
Botnet
A logical computer network of zombies under the control of an attacker.
Importance of password complexity
A more complex password makes it harder for hackers to get into your accounts
Intrusion Detection
A process of monitoring the events occurring on a computer or a network, and analyzing them to detect possible incidents, which are violations or imminent threats of violation of computer security policies, and standard security practices.
What is phishing?
A scam by which an e-mail user is duped into revealing personal or confidential information which the scammer can use illicitly
What is a 'passphrase' and why might this be a better approach than a complex password?
A series of words that are used to secure your account; adds more complexity than the latter
What is AI?
A set of related technologies that seems to emulate human thinking and action
What is meant by the term, "Explainable AI"? Why do we need AI to be explainable?
AI models which can explain how they generate results; in order to verify the answers the AI is giving are correct
What is Generative AI? Where is it on the Hype Cycle?
AI which is able to generate information completely on its own; it is nearing the Peak of Inflated Expectations
How does CERT define the term "insider"?
Current or former employee, contractor, or other partner that has or had authorized access and intentionally misused that access against the organization.
What type of attacker is the source of most malicious hacking?
Cyber-crime syndicates
Why secure data and information systems?
Data is one of the most valuable assets for companies
What risk must be considered when disposing of obsolete equipment?
Data remaining on the obsolete equipment
Be able to briefly explain these four main costs of experiencing an IT security breach: Detection, Notification, Lost Business, and Post-Breach Response.
Detection: -Costs associated with detecting a breach Notification: -Legal requirement to notify those that have had their data breached Lost Business: -Costs from customers losing faith in your business Post-Breach Response: -Activities conducted after the breach to try and help the victims
Ransomware
Download a file that locks your data; you either have to do an action or pay to get it back
Drive-by Downloads - What are they? How do they work?
Downloads that do not require any interaction at all, exploiting client vulnerabilities; once the page is loaded, malware is automatically downloaded and installed, fingerprint analyzed, and vulnerabilities compromised.
Defense in depth - how does the castle metaphor apply to information security?
Information security is like the moat/castle walls around the castle, the better your security, the more secure your information will be
Viruses - what are they, and how do they propagate?
Malware that hides within host files, until executed, when it duplicates itself many times to spread as deep in your computer as possible
Trojans - what are they, and how do they compromise systems?
Malware that is "invited" in by the user, typically attached to a file that the user has actually requested; once in the system, they can: -Steal financial information -Spoofing -Man-in-the-middle
Physical vulnerabilities - be able to briefly describe the steps an organization can take to protect mobile devices... and to protect USB flash drives
Mobile Device Management/encryption of files on mobile devices; encryption of USB flash drives
What is MFA? Be able to briefly explain how it works and how it can it improve IT security.
Multi-Factor Authentication, it acts as a passkey that generates passcodes that can be used to log into corporate accounts; adds security
Is it reasonable to expect that large software systems would be truly and totally bug-free? Why?
No, the work that it takes to build such a large system is bound to have errors
Some people think that the attackers are "just kids" showing off their tech skills. True? What are the two real drivers behind modern cyber-attacks?
No; money and power
(Reading: Biggest hack in history) How did the hackers get in? What damage was suffered?
One of the computer technicians on Saudi Aramco's info tech team opened a scam email, leading to 35,000 computers being either partially or totally wiped and gasoline trucks were turned away at pickup
What is a macro? What is a macro virus?
Scripts that exist within Microsoft Office apps; a type of virus that takes advantage of the scripts in Office apps to infect your computer
How is spearphishing different from phishing? Consider the target and methods used
This type focuses more on one single large target rather than multiple smaller targets; methods used are far more intricate and detailed than the latter
What does it mean for something to be "vulnerable"?
To be susceptible to attack or harm
Why do businesses put sensors on "things"?
To take care of our things. To keep track of our things like GPS, something getting too hot.
What is Malvertising?
Use of online advertising to spread malware (involves injecting malware laden advertisement into legitimate online advertisement network)
(Reading: "How to Stop Gullible Employees" article from Cyberheist News) What's the "fastest and cheapest bang for your buck" when it comes to information security?
User Education Training
What are the principle of least privilege and role-based access controls? Be able to explain how these concepts can be used to improve an organization's IT security.
User given no more privilege than is necessary to perform a job; limits the potential for an individual to expose information
How can an attacker execute an MitM attack against open WiFi hotspot users? How can one defend against this threat?
Using a WiFi pineapple, a hacker can reroute internet traffic through his/her own router, being able to see what users are doing on the network; don't use public WiFi and use a VPN
How does a DDoS attack work?
Using lots of different computers to send requests for services, this can use all of the servers resources causing a crash.
What is a VPA? VEA? How are different?
Virtual Private Assistant; Virtual Enterprise Assistant; one is owned by a personal user, while the other is owned or controlled by an enterprise
