CJS-1020 - Chapter 17 & 18 Quiz
As the BSI report notes on the graphic on page 2, the most commonly stolen cargo was: A) Automotive (vehicles and parts) B) Food and beverage C) Alcohol and tobacco D) Construction products E) Electronics
B) Food and beverage
While purely technical hacks of computer systems are common, much of the most serious malware is introduced to computers via deception and manipulation of people rather than a purely technical cyberattack. This social-engineering malware requires the active involvement of employees for it to gain access to company digital assets. The techniques rely upon social engineering principles that target -Greed -Fear and urgency -Curiosity -Habit -Laziness and employ realistic pretexts. Malwarebytes says of social-engineering attacks: Cybercrooks use this dangerous weapon to get at the weakest link: us. They know that the easiest way to penetrate a system is to go after the user, not the computer. "Attacking the human element has always been a favorite," says Jean-Phillip Taggart, Senior Security Researcher at Malwarebytes. "Why use some hard technical flaw to acquire a password when you can simply ask the user for it?" Which three of the following are social-engineering based rather than purely technological based? A) A malicious drive-by download is hidden in an online auction website B) Malware that is hidden on a USB drive and "lost" in a company parking lot. Inserted into a company computer by an unsuspecting employee who finds the "lost" drive, the drive delivers its malicious payload into the system C) An email offers the recipient a share in a large sum of money on the condition you help them to transfer it out of their country D) A program that logs every keystroke made on a computer and sends them to a remote server E) Malware that enlists WIFI enabled devices such as garage door openers, thermostats, baby monitors and refrigerators to launch a denial of service attack on a website. F) An email from a company colleague links to a web page asking for company Twitter log-in credentials.
B) Malware that is hidden on a USB drive and "lost" in a company parking lot. Inserted into a company computer by an unsuspecting employee who finds the "lost" drive, the drive delivers its malicious payload into the system C) An email offers the recipient a share in a large sum of money on the condition you help them to transfer it out of their country F) An email from a company colleague links to a web page asking for company Twitter log-in credentials.
Security Director News reported in the text that the vast majority of companies, 76 percent, considered "propriety information the asset of highest value." 2019 saw massive ransomware ('Petya,' 'WannaCry') attacks that cost companies and individuals millions of dollars and a great deal of business disruption. Cybintsolutions reported in September 2019 that an estimated 54% of companies say they have experienced one or more attacks in the last 12 months. Further information shows that 65 percent of cyber-attacks are aimed at small and medium-sized businesses. Targets include not only money but proprietary and personal information. Corona virus enforced teleworking has resulted in a dramatic and unplanned growth in cyberattacks. Everyone is a potential target and there is no way of predicting the next attack. Company security specialists can make what two conclusions from this information: A) Cyberattacks are predictable and easily preventable B) Never assume that the company's assets are completely safe from cyberattack C) Cyberattacks are random and unpredictable D) Attackers will focus on the largest companies and government leaving the smaller and medium-sized companies relatively trouble-free E) A solid IT security system and hardware firewalls will always keep a company's proprietary assets safe F) Attackers are generally interested only in getting money from the affected systems and individuals
B) Never assume that the company's assets are completely safe from cyberattack C) Cyberattacks are random and unpredictable
Total Carbon Dioxide flooding systems have been long known to be highly effective fire suppressants: Carbon dioxide, as opposed to air, does not contain a sufficient quantity of oxygen to feed combustion; it vaporizes rapidly without residue of any kind, causing a strong drop in temperature, a factor which increases the extinguishing effect of CO2 remarkably. Humans cannot breathe in a setting saturated with CO2 and the due precautions should therefore be taken before entering a room where this gas has been distributed in large quantities. Manufacturers cite the following advantages -No damage to structures, furnishings, goods protected (computers will not be destroyed) -No fire residue -Non-corrosive -No decomposition products -Electrically non-conductive -High extinguishing performance: thanks to the total flooding and cooling of the released gas The text notes that these systems, however, should never be used. The most likely reason for this recommendation is: A) Rapid cooling could freeze computer components B) The danger to employees exposed to carbon dioxide C) Fires will expand when exposed to carbon dioxide D) Danger when contacting electrical equipment E) It will not work with sprinkler systems
B) The danger to employees exposed to carbon dioxide
Phishing, in all its forms continues to plague computer users. Verizon, for instance, has identified phishing to be the top threat in all its 2019 data breaches. The security firm Tripwire identifies six common phishing attacks: 1. Deceptive phishing (classic) where criminals impersonate a legitimate company and entice the person to enter personal information or login credentials or to inject malware such as ransomware. Fake emails and websites, often very realistic, entice the unwary to enter compromising information 2. Spear fishing: a customized phishing attack, most common on social media sites such as LinkedIn. The attackers customize their email with personal details they obtain from multiple sources. 3. CEO Fraud: or "whaling" attack where a traditional phishing attack on a senior company executive (who often skips security training) to enable company-wide exploits, wire transfers, W-2 information on employees and other attacks. 4. Vishing a phishing attack using a phone call to impersonate legitimate entities. And obtain personal information. Vishing attacks often come from people impersonating company officials. 5. Smishing: using phone text messages for deceptive messages. Smishing attacks often come from scammers posing as phone companies or banks. 6. Pharming: redirecting users to a malicious website that has been made to look like the authentic website by the scammer. After rebooting her computer on Monday, Tenya finds a notification email with a link saying that her CSMD password has expired. She may be the target of: A) Pharming B) Vishing C) Whaling D) Deceptive phishing E) Wardriving
D) Deceptive phishing
"In recent years, the organized crime of truck hijackings has seen a worrisome increase. Disturbing evolutions in the modus operandi of truck hijackers have been detected, with syndicates using signal jammers, diversion tactics and even planted employees to get to the cargo." Criminals will hijack the entire tractor-trailer for a number of reasons, -Freight Hijacking - A commercial vehicle is hijacked not only to secure the vehicle but also its cargo, which can be of substantial value. Frequently, the cargo is of more interest to the hijacker than the truck. -Transport Hijacking - The vehicle is taken for the express purpose of using it as transport during other crimes such as drug dealing, burglaries, bank robberies and gun running. The vehicles are probably later cannibalised for spare parts or simply dumped. -Showmanship Hijacking - A gang operates out of egotistical bravado, acting on the "this is a cool thing to be doing" rationale. Drugs and alcohol may also be a motive as theft of the victim's personal belongings is commonplace. -Operational Hijacking - A group formally work together in a more structured way. They usually have experience in car theft and have established contacts within the motorcar underworld that will receive and pay cash for stolen vehicles or spare parts. -Syndicate Hijacking - The most organized of all and often have international connections. A network of hijacking groups is established with the overall coordinator, syndicating out work so that he remains out of view in exactly the same way as the drug boss uses pushers. A number of prevention techniques have been found to be effective: -Increase the use of high quality seals and padlocks -Enforce a "no stop" policy for their drivers when possible, especially within two to three hours of the trip origin -Thoroughly screen prospective employees. Cargo security experts maintain that a high percentage of cargo thefts involve inside information or complicity. -Carefully select transportation partners and intermediaries. Remember that these companies have care, custody and control of goods once they leave your premises until they reach their destination -Establish a security culture within your company. Provide security training for employees, and educate truck drivers in hijack awareness and prevention -Factor in security when determining shipment routing. Cargo thieves often "case" known shipping points (plants, warehouses and distribution centers) and follow trucks as they depart, waiting for the drivers to stop so that they can pounce on the loads. Drivers should not be allowed to stop in the "red zone" (the first 200 miles/4 hours from their starting point) as well as known hot spots -Incorporate counter surveillance into the duties of security guards, and have guards patrol away from perimeters. -Take advantage of technology. Vehicle and shipment tracking, vehicle immobilization and advanced, high-technology security seals are now available at lower cost -Conduct periodic security audits. Operations and personnel change, and criminals are always harvesting fresh ideas and modifying previous techniques -Identify and develop secure and monitored parking facilities The text notes on page 475 that "there is little that private security can do" in relation to truck hijacking. Based on the discussion above, do you agree or disagree with this assessment? A) Agree: auditing and surveillance are the responsibility of company IT departments B) Agree: that is what insurance is for C) Disagree: arming and training drivers is a proven strategy of prevention D) Disagree: private security has a substantial role in preventing hijacking E) Agree: this criminal activity is the sole purview of public law enforcement which has the tools to prevent this crime
D) Disagree: private security has a substantial role in preventing hijacking
A primary role of security professionals is the protection of data, both digital and hard copy. A distinction between these types of data is: A) Digital data, especially employee records, is always more important to protect than hard copy data B) The security protection for hard copy data has moved away from traditional means to purely electronic protection C) With the advent of cloud computer, protection of data is transferred to cloud hosting companies D) Hard copy data may be just as important as digital and demand equal protection E) Hard copy data is always more important than digital data
D) Hard copy data may be just as important as digital and demand equal protection
As the text states on page 436, information security is responsible for protecting the confidentiality, integrity and availability of company information. At CSMD, for example, insuring that transcript data is not changed by unauthorized users is an element of: A) Availability B) Confidentiality C) Sustainability D) Integrity E) Digital information
D) Integrity
"Covering pilferage for cargo operations is a high risk for insurance companies. As a result, some marine insurance policies will list pilferage as an exclusion. Cargo owners are, therefore, left to their own devices and must take measures to prevent this theft from happening. Coverage for pilferage can be added to insurance policies. However, since this presents a higher risk for insurers, it comes with a correspondingly higher premium." In this sense, pilferage is, A) Theft or spoilage that is not reported or recognized by a shipper B) Theft of entire cargos in which the overall value is low C) Transportation of stolen goods within state or regional boundaries D) Theft of small quantities of goods or of low-value goods and often connotes small theft performed repeatedly over a long period of time, such as an employee stealing small amounts of office supplies from their workplace every few days E) Theft of items from soft sided cargo trucks and containers
D) Theft of small quantities of goods or of low-value goods and often connotes small theft performed repeatedly over a long period of time, such as an employee stealing small amounts of office supplies from their workplace every few days
In the U.S. pipeline attacks and breaches have be fortunately rare. Our neighbor to the South, however, is plagued with severe, violent and often cartel-based pipeline attacks. (Seth Harp, RS, 9/1/2018) In his white sweatshirt and hot-pink Nikes, the man sitting on a park bench in front of the cathedral in Orizaba looks like an ordinary 32-year-old, but he's talking about murdering people. He tells me he's done it eight times and explains the sort of thing that, in his line of work, gets a person killed. "Being a wiseguy," he says. "Acting tough. Going around like a bada**. That obligates you to break them." He details his methods: "First, you give them an a**-kicking," he says. "Then, you finish them with a head shot. Or you torture them, so they sing what they know, who they've been talking to. You use knives, an ax, whatever you have at hand. A machete. This business we're in obligates you to do that. That's the life we live." It's not the life of a narco-trafficker he's describing, though this part of Mexico is dominated by organized crime. He does not produce or transport drugs, and he's never smuggled anything across the border. He's the field boss of a gasoline-stealing mafia, one of perhaps half a dozen based here in the lawless Eastern Sierra Madre. His gang of 25 fuel thieves rides around in five pickup trucks with 1,000-liter pallet tanks and a pile of tools, drilling illegal taps in underground pipelines. They sell the stolen product to taxi drivers, bus companies and long-haul truckers at a significant discount to the price at gas stations run by Petroleos Mexicanos, better known as Pemex, the national oil company. On a good day, he says, he can gross more than $10,000. "The way I look at it, this is my town," he says. "The gasoline flowing through here is mine." In February 2020, "The Cybersecurity and Infrastructure Security Agency (CISA) responded to a cyberattack affecting control and communication assets on the operational technology network of a U.S. natural gas compression facility. A cyber threat actor used a Spearphishing Link to obtain initial access to the organization's information technology network before pivoting to its OT network." "The threat actor then deployed commodity ransomware to Encrypt Data for Impact on both networks. Specific assets experiencing a Loss of Availability on the OT network included human machine interfaces, data historians, and polling servers." Based on the above summary, U.S. pipeline security is A) Likely safe for the immediate future B) Adequately patrolled by CCTV and pipeline robots C) Is the sole responsibility of public law enforcement (both national and local) D) Threatened by both domestic and international actors E) An area where liability insurance will prove sufficient
D) Threatened by both domestic and international actors
Piracy is no longer confined to remote areas of the world. As the Yucatan Times reports Five intrusions have been registered in the month of April 2020; and one more in March. Cloaked men have been boarding boats and oil platforms; in the zone of Cantarell III, of the shores of Campeche and Tabasco. Between April 8 and 16, one attack has been recorded every other day. Armed men, wearing masks are boarding boats linked to oil production in the middle of the night. They also climb metal structure bases until they reach personnel areas on oil platforms, to strip workers from their belongings at gun point: These men are modern pirates operating in the Gulf of Mexico in the XXI Century. They steal equipment, supplies, computers. cell phones and cash; they injure and threaten with knives and firearms, then they climb down and flee in small boats. In the first 16 days of April, five boat intrusions were recorded in the maritime zone between Tabasco and Campeche. Global Counter-Piracy Guidance states grimly that: IF ATTACKERS CANNOT BOARD A SHIP THEY CANNOT HIJACK IT! An effective method for preventing piracy is: A) Coordinate with the military and law enforcement B) Conduct thorough, ship-specific pre-voyage threat and risk assessments to identify appropriate Ship Protection Measures C) Use visible (deterrent) and physical (preventative) Ship Protection Measures (razor wire, water cannon) D) Increased Vigilance - lookouts, CCTV and Radar E) All of the above
E) All of the above
Hackers come in varieties, but they are commonly found in four general categories -White hat hackers: employed by software owner or developer to identify and report on security flaws -Grey hat hackers: not employed by owners or developers, but who use various intrusion tools to identify security flaws. They may report them to the owners, post them on the internet or keep silent about it -Black hat hackers: violate computer security for personal gain (such as stealing credit card numbers or harvesting personal data for sale to identity thieves) or for pure maliciousness (such as creating a botnet and using that botnet to perform DDOS attacks against websites they don't like) -Hacktivist: those who use hacking as a form of civil disobedience to promote a political agenda or social change. A complex hacking example occurred in July 21015 when a hacking group, "The Impact Team," announced the attack Ashley Madison. The Impact Team threatened to expose the identities of Ashley Madison's users if its parent company, Avid Life Media, did not shut down Ashley Madison and its sister site. The company did not shut down its sites. In a series of dark web releases, The Impact Team released the names and personal information of tens of thousands of users. Subsequently, groups of internet vigilantes began combing through to find famous individuals, whom they planned to publicly humiliate. France24 reported that 1,200 Saudi Arabian .SA email addresses were in the leaked database, and in Saudi Arabia adultery can be punished with death. Several thousand U.S. .MIL and .GOV email addresses were registered on the site. In the days following the breach, extortionists began targeting people whose details were included in the leak, attempting to scam over $200 in Bitcoins from them. One company started offering a "search engine" where people could type email addresses of colleagues or their spouse into the website, and if the email address was on the database leak, then the company would send them letters threatening that their details were to be exposed unless they paid money to the company. In this scenario, the original hackers, The Impact Team, were likely, A) White hats B) Phishers C) Grey hats D) Spoofers E) Hacktivist
E) Hacktivist
The most common location of cargo thefts from motor carriers, according to the BSI report, was A) Rest areas (including private rest stops) B) Warehouses C) Unsecured roadside parking D) Freight facilities and distribution centers E) In transit
E) In transit
Electronic cargo seals, such as the one displayed above by Cambridge, are most effective at preventing A) Entire container theft B) Slash and grab thefts C) Theft from facility D) Hijacking, theft of vehicle E) Load tampering and pilferage
E) Load tampering and pilferage
The BSI report on page 14 compares cargo theft among North American countries. In 2019, the riskiest country for cargo theft in North America was: A) The United States including the ports of Los Angeles B) Canada including the Maritime Provinces C) Costa Rica D) Venezula E) Mexico
E) Mexico
According to the text on page 464 and the BSI Cargo Theft Report, cargo theft is a problem of "inside jobs." By this, the authors mean that: A) Cargo theft usually occurs with a company's Interior cybersecurity firewalls B) Most cargo theft occurs within company facilities such as warehouses, distribution centers and shipping facilities C) Few incidents of cargo theft occur outdoors, the majority occur with a building D) The majority of cargo theft is unreported by inside company officials which would otherwise significantly raise insurance rates E) The greatest threat comes from criminal organizations that recruit companies' own employees to share data on shipments and routes.
E) The greatest threat comes from criminal organizations that recruit companies' own employees to share data on shipments and routes.
According to the text on page 449, prior comprehensive _________________________________ is the first line of defense against all types of disasters.
planning
Computer systems often employ one or more of three categories of access control. These three are: A) Cards, keys and badges B) Assigned and credentialed security clearances C) Physical traits of the person such as biometrics D) Passwords, ID, secret answers and digital credentials E) Location within a building or company structure F) Level of security training or formal training
A) Cards, keys and badges C) Physical traits of the person such as biometrics D) Passwords, ID, secret answers and digital credentials
The three "C's'" of cargo loss are: A) Confusion B) Conspiracy C) Common denominator (dishonest employee) D) Cargo handling E) Criminals
A) Confusion B) Conspiracy C) Common denominator (dishonest employee)
A "slash-and-grab" theft is one in which A) Thieves slice through the trailer tarpaulin or thin side cover to remove goods B) Thefts which are accompanied by slashing attacks on drivers or guards C) Using hammers or other instruments to break glass display counters D) Thieves steal small amounts of exposed or unguarded items E) The breaking or slashing of cargo seals
A) Thieves slice through the trailer tarpaulin or thin side cover to remove goods
WiGLE, G-MoN and RottenWifi are common, free apps for Windows, IOS and Android that allow the user to identify and analyze WIFI networks. To intercept a WIFI signal, these apps only require that the hacker merely drive in range of the network for analysis. The apps can be hosted on smartphone or laptops. What type of hacking is this? A) Wardriving B) Malware C) Scavenging D) Trojan or worm E) Piggybacking
A) Wardriving
An evolving, and highly popular information technology is cloud computing. According to one of the major suppliers, Microsoft, "cloud computing is the delivery of computing services—including servers, storage, databases, networking, software, analytics, and intelligence—over the Internet to offer faster innovation, flexible resources, and economies of scale. The user typically pays only for cloud services used." Additionally, while the user owns the data, the applications are leased. OS360, for example, is cloud-based. There are a number of business benefits of the cloud -Rapid deployment -Lower upfront costs -Unlimited storage -No need for a local data center One major downside is that of lifetime costs as the costs of leasing storage and applications mounts up over time. From the perspective of security, however, the major liability is it being completely Internet based. As a practical matter, this means A) When the Internet is disrupted, even at some distance, local computing, data and security are compromised B) Local security will continue to have to patrol empty facilities C) Hosting companies may not share the corporate ethics of the parent company D) IT help desk personnel may be located off site E) The cloud provider may not offer the most recent upgrades of applications
A) When the Internet is disrupted, even at some distance, local computing, data and security are compromised
