1. Consider that an individual threat agent, like a hacker, can be a factor in more than one threat category. If a hacker breaks into a network, copies a few files, defaces a Web page, and steals credit card numbers, how many different threat categories does the attack fall into? They fall into theft for stealing card numbers and copying files, and espionage/trespassing due to breaking into the network and defacing a web page.
2. Using the Web, research Mafiaboy’s exploits. When and how did he compromise sites? How was he caught? He launched highly publicized denial-of-service attacks in February 2000 against websites such as Yahoo, FIFA, Amazon, Dell, E*TRADE, eBay, and CNN. He also launched attacks against root name servers. He was caught because he bragged on chatrooms that he was responsible for the attacks and claimed to have brought down Dell’s website.
3. Search the Web for “The Official Phreaker’s Manual.” What information in this manual might help a security administrator to protect a communications system? It is a manual of all kinds of information on all levels of phreaking which is manipulating telecommunication systems.
4. The chapter discussed many threats and vulnerabilities to information security. Using the Web, find at least two other sources of information about threats and vulnerabilities. Begin with www.securityfocus.com and use a keyword search on “threats.” The first source I found was https://www.hq.nasa.gov/security/it_threats_vulnerabilities.htm which explained about the different types of vulnerabilities and technological concerns. The other source I found was from https://arch.simplicable.com/arch/new/the-big-list-of-information-security-vulnerabilities which also had a list of all kinds of different vulnerabilities in many different categories.
5. Using the categories of threats mentioned in this chapter and the various attacks described. Review several current media sources and identify examples of each threat.