info Systems chapter 17
Motivation for Information Security Attacks
- Extortion - Espionage - Cyber warfare - Terrorism - Pranksters - Protest hacking - revenge - Intellectual property theft
acceptable use policy (AUP)
Defines acceptable uses of firm's information resources and computing equipment
Security
Degree of Protection against criminal activity, damage or loss.
CAPTCHAs:
Scrambled character images to thwart automated account setup or ticket buying attempts.
encryption
Scrambling data using a code, thereby hiding it from those who do not have the unlocking key
identity theft
Theft of personal information (social security id, driver's license, or credit card numbers) to impersonate someone else (The Aberdeen Group has estimated that $221 billion a year is lost by businesses worldwide due to identity theft)
Five Factors Contributing to Vulnerability
Today's interconnected, interdependent, wirelessly networked business environment Smaller, faster, cheaper computers & storage devices Decreasing skills necessary to be a computer hacker International organized crime taking over cybercrime Lack of management support
false
VPN software should only be used on an organization's internal network. Never use VPN software on a public wireless network, as this could give hackers an entryway from your computer into your organization's secure network
honeypots
a security tool that is deployed by firms as a phony target to lure or distract attackers and gain information about them is known as a
Information Security
all of the processes, policies and technical measures designed to protect an organization's information and information systems (IS) from unauthorized access, use, disclosure, disruption, modification, or destruction.
SQL injection technique
an example of an exploit in which hackers target security vulnerabilities caused by software developers not validating user input
whitelists
are highly restrictive, permitting communication only with pre-approved entities.
tokenization
refers to security schemes that automatically send one-time use representations of a credit card which can be received and processed by banking and transaction firms at the time of payment. They are used in ApplePay and Android Wallet.
compliance
requirements: Legal or professionally binding steps that must be taken.
virtual private network
scrambles data passed across a network
data jarvesters
Cybercriminals who infiltrate systems and collect data for illegal resale
Passwords:
-Biometrics -multi-factor authentication
Anonymous
Anonymous is a loosely associated international network of activist and hacktivist entities. A website nominally associated with the group describes it as "an Internet gathering" with "a very loose and decentralized command structure that operates on ideas rather than directives". The group became known for a series of well-publicized publicity stunts and distributed denial-of-service (DDoS) attacks on government, religious, and corporate websites. [Wikipedia]
Threat
Any danger to which a system may be exposed
blended threats
Attacks combining multiple malware or hacking exploits.
trojans
Attempt to sneak in by masquerading as something they're not.
card skimmer
Captures data from a card's magnetic strip
key
Code that unlocks encryption.
dumpster diving
Combing through trash to identify valuable assets.
black hat hackers
Computer criminals who exploit a system's weakness for personal gain bad guys
Botnets or zombie networks:
Computers controlled by malware; Used in DoS attacks, click fraud, sending spam, to decipher accounts that use CAPTCHAs.
social engineering
Con games that trick employees into revealing information or performing other tasks that compromise a firm.
The CIA triad
Confidentiality -data confidentiality -privacy Integrity -data integrity -system integrity Availability
firewalls
Control network traffic, block unauthorized traffic.
spoofing
Email transmissions and packets that have been altered to forge or disguise their origin or identity.
brute force attacks
Exhausts all possible password combinations to break into an account.
denial-of-service attacks (DoS)
Flooding server with thousands of false requests to crash the network
shoulder surfing
Gaining compromising information through observation
viruses
Infect other software or files
malicious adware
Installed without full user consent or knowledge, later serve unwanted advertisements.
RAM scraping or storage scanning software
Malicious code that scans for sensitive data
signature
Malware _____ are a sort of electronic fingerprint often used to recognize malicious code.
ransomware
Malware that encrypts user's files with demands that a user pay to regain control of their data and/or device.
biometrics
Measure and analyze human body characteristics for identification or authentication.
Intrusion detection systems:
Monitor network use for hacking attempts and take preventive action
spyware
Monitors user actions, network traffic, or scans for files.
zero day exploits
New attacks that haven't been clearly identified and haven't been incorporated into security screening systems.
hacktivists
One challenge for Facebook Mobile is newsfeed ads. Users tend to ignore ads in their newsfeed even more than they do ads that appear on the side of conventional web pages.
Constant vigilance regarding security needs to be
Part of one's individual skill set. A key component in an organization's culture.
Factors that can amplify a firm's vulnerability to a breach
Personnel issues Technology problems Procedural factors Operational issues
cash-out fraudsters
Purchase assets from data harvesters to buy goods using stolen credit cards or create false accounts
security policy
Ranks information risks, identifies acceptable security goals, and identifies mechanisms for achieving these goals
audits
Real-time monitoring of usage: announced and surprise.
screen capture
Records pixels that appear on a user's screen to identify proprietary information.
keylogger
Records user keystrokes. software-based or hardware-based.
pharming
Redirects users to a bogus web page, even when the individual types correct Web page address into his or her browser
INSIDERS (BAD APPLES)
Rogue employees who steal secrets, install malware, or hold a firm hostage.
malicious software
Seeks to compromise a computing system without permission
distributed denial of service (DDoS) attacks
Shutting down Web sites with a crushing load of seemingly legitimate requests. an attack where a firms computer system is flooded with thousands of seemingly legitimate requests, the sheer volume of which will slow or shut down the system
spear Phishing
Spear phishing is an e-mail spoofing fraud attempt that targets a specific organization, seeking unauthorized access to confidential data
Countermeasures
Specific steps or actions taken to reduce probability of a threat becoming a vulnerability and breach
botnets
Surreptitiously infiltrated computers, controlled remotely
worms
Take advantage of security vulnerability to automatically spread
certificate authority
Trusted third party that provides authentication services in public key encryption schemes.
public key encryption
Two key system used for securing electronic transmissions.
white hat hackers
Uncover computer weaknesses without exploiting them. Contribute to improving system security the good guys who probe for weaknesses, but don't exploit them.
Distributed denial-of-service attacks (DDoS)
Use of numerous computers to launch a DoS
authentication
confirms the identity of the person requiring access to use the system
phishing
cons executed through technology and that often try to leverage the reputation of a trusted firm or friend to trick the victim into performing an action or revealing information constitute:
blacklists
denying the entry or exit of specific IP addresses, products, Internet domains, and other communication restrictions. block known bad guys
authorization
determined which actions rights or privileges the person has based on his or her verified identity
iso27000
framework represents a series of standards for best practices in implementing, maintaining and improving organizational security
Exposure
is the harm, loss, or damage that can result if a threat compromises an information resource
Vulnerability
is the possibility that the system will be harmed by a threat
multi-factor authentication
when identity is proven by presenting more than one item for proof of credentials.
difference between virus and worms
worms do not need an executable to spread, unlike viruses