1. Consider that an individual treat agent, like a hacker, can be a factor in more than one threat category. If a hacker breaks into a network, copies a few files, defaces a Web page, and steals credit card numbers, how many different threat categories does the attack fall into?
This could fall into these possible categories: theft, vandalism, compromises to intellectual property, espionage or trespass, and software attacks.
2. Using the web, research Mafiaboy’s exploits. When and how did he compromise sites? How was he caught?
Michael Calce initiated a denial-of-service attack in February of 2000 at Yahoo, Amazon, CNN, Dell, E*Trade, and Ebay. The denial-of-service attack bombards servers with various communications or information until the server crashes. He was only fifteen at the time. He was discovered and arrested after computer security experts found a conversation in a chatroom regarding the exploit. Also, when a University of CA Santa Barbara turned in a hard drive containing information indicating the attack was launched from Canada to the F.B.I.
3. Search the Web for “The Official Phreaker’s Manual.” What information in this manual might help a security administrator to protect a communications system?
The manual is an informative guide on how to protect information between communication systems and data processors by explaining the basics of hacks and how they find ways around system security.
4. The chapter discussed many threats and vulnerabilities to information security. Using the Web, find at least two other sources of information about threats and vulnerabilities. Begin with www.securityfocus.com and use a keyword search on “threats.”