Question1. Consider that an individual threat agent, like a hacker, can be a factor in more than one threat category. If a hacker breaks into a network, copies a few files, defaces a Web page, and steals credit card numbers, how many different threat categories does the attack fall into?
Overall, I believe this attack falls into four major threat categories: deliberate acts of trespass, compromises to intellectual property, technical failures, and managerial failure. Furthermore, I believe this attack would be categorized as a deliberate act of theft/trespass which compromises intellectual property due to technical and managerial failures. It seems as this hacker was deliberately causing harm (i.e. copying files, vandalizing the web page, and theft of credit card numbers); due to their method of entry – hacking into a network – it leaves me to believe there were some technical failures, such as software vulnerabilities or a trap door. However, that is just one possibility as to what could have occurred. This could have also been a managerial failure; say the unknown hacker used social engineering to obtain the information to gain access to the network – proper planning and procedure execution could have potentially thwarted this hacker’s attack.
Question2. Using the Web, research Mafiaboy’s exploits. When and how did he compromise sites? How was he caught?
Mafiaboy’s exploits consisted of a series of DDoS attacks on 11 corporate networks. According to investigators, the attacks caused approximately $1.7 billion in losses to the companies, although the accuracy of that figure is disputed. The attacks made some corporate Websites and networks difficult to reach. In other cases, they crashed completely, remaining offline from hours to several days. Because the attacks were so large, authorities were prompted to investigate. They found that someone by the name of Mafiaboy was bragging about the attacks on Websites, message boards, and even his own site. In addition, authorities were able to associate an IP address to the attacks, which in turn was linked to an Internet service provider (ISP). With the ISP’s help, authorities linked the IP address to an account whose phone numbers were linked to Mafiaboy’s father.
Question3. Search the Web for “The Official Phreaker’s Manual.” What information in this manual might help a security administrator to protect a communications system?
Phone phreaking is the act of using mischievous and mostly illegal methods to avoid paying for a telecommunications invoice, order, transfer, or other service. It often involves usage of illegal boxes and machines to defeat security that is set up to avoid such tactics. This security includes “blocking networks”—networks that under certain conditions may be unable to form a transmission path from one end to the other. In general, all networks used within the Bell Systems are of the blocking type.
Security administrators could benefit from studying “The Official Phreaker’s Manual”because it could allow them to better protect their communications systems. From the system administrator’s point of view, this information could reveal many common ways of finding loopholes and alternate methods around communications system security measures. The manual could also help system administrators use different approaches in implementing a more extensive security program.
Question4. The chapter discussed many threats and vulnerabilities to information security. Using the Web, find at least two other sources of information about threats and vulnerabilities. Begin with www.securityfocus.com and use a keyword search on “threats.”
· http://security1.gartner.com/section.php.id.19.s.1.jsp—This site features a variety of articles about information security concerns written by industry experts, especially in the corporate world.
· www.microsoft.com/security/—Microsoft’s listing of important announcements for security and privacy
Question5. Using the categories of threats mentioned in this chapter and the various attacks described, review several current media sources and identify examples of each threat.
Acts of human error or failure:
· Students and staff were told in February that some 350,000 of them could have had their social security numbers and financial information exposed on the internet.
· "It happened during an upgrade of some of our IT systems. We were upgrading a server and through human error there was a misconfiguration in the setting up of that server," said UNCC spokesman, Stephen Ward
Compromises to intellectual property:
· Today we bring news of action against a site that supplied links to films, music and games hosted on file-hosters all around the world. Authorities say they have charged three individuals said to be the administrators of a very large file-sharing site.
· To get an idea of the gravity local police are putting on the case, we can compare some recent stats. According to US authorities Mega upload, one of the world’s largest websites at the time, cost rightsholders $500m.GreekDDL (according to Alexa Greece’s 63rd largest site) allegedly cost rights holders $85.4m.
Deliberate acts of espionage or trespass:
· The individual responsible for one of the most significant leaks in US political history is Edward Snowden, a 29-year-old former technical assistant for the CIA and current employee of the defense contractor Booz Allen Hamilton. Snowden has been working at the National Security Agency for the last four years as an employee of various outside contractors, including Booz Allen and Dell.
· Snowden will go down in history as one of America’s most consequential whistleblowers, alongside Daniel Ellsberg and Bradley Manning. He is responsible for handing over material from one of the world’s most secretive organization: The NASA.
· The government’s forensic investigation is wrestling with Snowden’s apparent ability to defeat safeguards established to monitor and deter people looking at information without proper permission.