Topic #13, #14, and #15 - CIS 2700 Exam 2 Review
IT Defenses
- Antivirus Software: Designed to detect malicious codes and prevent users from downloading them - Intrusion Detection Systems (IDS): Scans for unusual or suspicious traffic (passive defense). - Intrusion Prevention Systems (IPS): Is designed to take immediate action - such as blocking specific IP addresses - whenever a traffic-flow anomaly is detected (active defense) *Security is an ongoing, unending process*
Intentional Cyberthreats: Hacking
- Hacking is broadly defined as intentionally accessing a computer without authorization or exceeding authorized access. - Hacktivist: is short for hacker-activist, or someone who performs hacking to promote awareness, or otherwise support a social, political, economic, or other cause.
Factors Leading to an Increased Risk of Cyberattack
- Interconnected, interdependent, and wirelessly networked business environment. - Smaller, faster, and cheaper computers and storage devices. - Decreasing skills necessary to be a computer hacker. - International organized crime taking over cybercrime. - Lack of management support.
Intentional Cyberthreats: Physical Theft or Loss
- Miniaturization: Smaller devices such as laptops, tablets, modems, and routers are easily transportable, are prompt to physical theft or loss. - Difficult to determine if data breach has occurred with unencrypted sensitive document on a missing device.
2016 Biggest Data Breaches Worldwide (Supplemental Knowledge)
1. Anthem Insurance: Identity theft - healthcare records; 78.8 million records breached. 2. Turkish General Directorate: Identity theft - Malicious outsider (government agency); 50 million records breached. 3. Korean Pharmaceutical Info. Center: Identity theft - Malicious insider; 43 million records breached. 4. U.S. Office of Personnel Management: Personally identifiable information (PII) (government agency); 22 million records breached. 5. Experian: Identity theft - malicious outsider (credit bureau); 15 million records breached.
Three Objectives of Data & Information Systems Security
1. Confidentiality: No unauthorized data disclosure. 2. Integrity: Data, documents, messages, and other files have not been altered in any unauthorized way. 3. Availability: Data is accessible when needed by those authorized to do so.
Cyberattack Targets Include
1. Critical infrastructure 2. Theft of intellectual property 3. Identity theft 4. BYOD (Bring Your Own Device) 5. Social media. Attacks can be high profile or under the radar. Managers underestimate IT vulnerabilities and threats.
Exploit
A code that takes advantage of a software vulnerability or security flaw.
Vulnerability
A gap in IT security defenses of a network, system, or application that can be exploited by a threat to gain unauthorized access.
Internal Controls (IC)
A process to ensure that sensitive data is protected and accurate; designed to achieve: - Reliability of financial reporting, to protect investors - Operational efficiency - Compliance with laws, regulations, and policies - Safeguarding of assets
Cyberthreat
A threat posed by means of the internet (a.k.a. cyberspace) and the potential source of malicious attempts to damage or disrupt a computer network, system, or application.
Intellectual Property
A work or invention that is the result of creativity that has commercial value. - Can represent more than 80% of a company's value - Losing intellectual property, commonly known as trade secrets, could threaten a company's existence. - losing customer data to hackers can be costly and embarrassing.
Incident (Supplemental Knowledge)
An attempted or successful unauthorized access to a network, system, or application. - Unwanted disruption or denial of service, unauthorized use of a system for processing or storage of data; changes to a system without the owner's knowledge, instruction, or consent.
Biometric Control - Mobile Security Defense
An automated method of verifying the identity of a person, based on physical or behavioral characteristics (e.g. thumbprint or fingerprint, voice print, retinal scan, and signature).
Voice Biometrics - Mobile Security Defense
An effective authentication solution across a wide range of consimer devices including smartphones, tablets, and TVs.
Copyrighted Property
Blueprint, manuscript, or a design protected by law from unauthorized use by others.
Mobile Biometrics - Mobile Security Defense
Can significantly improve the security of physical devices and provide stronger authentication for remove access or cloud services.
White Hat (Hacker)
Computer security specialist who breaks into protected systems and network to test and assess their security.
Business Continuity Plan
Covers business processes, assets, human resources, and business partners. - Keeps the business running after a disaster occurs. - Covers fires, earthquakes, floods, power outages, malicious attacks, and other types of disasters.
Industry Standards: Payment Card Industry Data Security Standard (PCI DSS)
Created by VISA, MasterCard, American Express, and Discover. - Requires merchants and card payment providers to make certain their web applications are secure. - Improves customers' trust in e-commerce. - Increases the web security of online merchants. - Penalties for noncompliance are severe.
Intentional Cyberthreat
Done on purpose. - Hacking - Phishing - Crimeware (Spyware, adware, malware, and ransomeware) - Insider and Privilege Misuse - Physical Theft
Intentional Cyberthreats: Internal Threats
Insider and Privilege Misuse: - Internal threats from employees can be some of the most challenging to defend against. - Data tampering is a common means of internal attack - Data tampering refers to an attack during which someone enters false or fraudulent data into a computer, or changes/deletes existing data. - Data tampering is extremely serious because it may not be detected; the method often used by insiders and fraudsters.
Intentional Cyberthreats: Crimeware
Malware refers to hostile or intrusive software including: - Computer viruses - Worms - Trojan horses - Ransomware Malicious programs used to disrupt computer or mobile operations, gather sensitive information, gain access to private computer systems. Spyware is tracking software that is not designed to intentionally damage or disable a system but to monitor or track activities. Adware is software that embeds advertisement in the application. Ransomware is a type of malware that is designed to block access to a computer system until a sum of money has been paid
Identity Theft
One of the worst and most prevalent cyber threats. - Made worse by electronic sharing and databases - Businesses reluctant to reveal incidents in which their customers' financial information may have been stolen, lost, or compromised.
Black Hat (Hacker)
Person who attempts to find computer security vulnerabilities and exploit them for personal and/or financial gain, or other malicious reasons.
Gray Hat (Hacker)
Person who may violate ethical standards or principles, but without the malicious intent ascribed to black hat hackers.
Intentional Cyberthreats: Phishing
Phishing: Social-engineering attack that can use email sent to the recipient under false pretense to steal confidential information from the target. Spear Phishing: Targets select groups of people who have something in common. - Trick user into opening an infected email that looks like a real one. - Phony website - Confidential information is requested such as passwords, user IDs, PIN's, and account numbers.
Bring Your Own Device (BYOD)
Policy allows employees to use their personal mobile devices and computers to access enterprise data and applications. - Roughly 74% of U.S. organizations are using or planning to use BYOD. - Security Risk: Mobile devices rarely have strong authentication, access controls, and encryption even though they connect to critical data and cloud services. Device could also be lost or stolen.
Business Continuity
Refers to maintaining business functions or restoring them quickly when there is a major disruption.
Social Media Attacks
Social networks and cloud computing increase vulnerabilities by providing a single point of failure and attack for organized criminal networks. - Social media-related events have quadrupled over the past five years. - One in eight enterprises has suffered at least on security breach due to social media-related cyberattack - Facebook scams were the most common form of malware distributed in 2015.
Threat
Someone or something that can cause loss, damage, or destruction.
Asset
Something of value that needs to be protected.
IT Security Defense-in-Depth Model
Step 1: Senior management commitment and support. Step 2: Acceptable use policies and IT security training. Step 3: IT security procedures and enforcement. Step 4: Hardware and software (kept up-to-date).
Critical Infrastructure
Systems and assets so vital to the country that their incapacity or destruction would have a debilitating effect; such as: - Government Facilities - Transportation Systems - Health Care & Public Health - Emergency Services
Cyber Defense Strategies
The major objectives of Defense Strategies are: - Prevention and deterrence - Detection - Contain the damage (damage control) - Recovery - Correction - Awareness and compliance * Auditing can provide an additional layer of safeguards.*
Cyber Risk Management: Risk
The probability of a threat successfully exploiting a vulnerability and the estimated cost of the loss or damage.
Data Breach
The successful retrieval of sensitive information by an individual, group, or software system. Keywords: Malicious, unauthorized, unwanted, consent.
Unintentional Cyberthreat
Unaware of wrong doing. 1. Human error ( a majority of internal security issues) - Poorly designed systems; Faulty programming - Neglecting to change passwords - Unaware users 2. Environmental Hazards - Natural disasters - Faulty Systems 3. Computer Systems Failures - Poor manufacturing/maintenance or systems malfunctions