1. Consider that an individual threat agent, like a hacker, can be a factor in more than one threat category. If a hacker breaks into a network, copies a few files, defaces a Web page, and steals credit card numbers, how many different threat categories does the attack fall into?
Being this individual penetrated the network without permission, this would be considered a breach of the Espionage or trespass category. Then, they defaced a web page which would fall under the Sabotage or Vandalism category. Lastly, this would also fall under the Theft category being they copied files without permission as well as stole the credit cards.
2. Using the Web, research Mafiaboy’s exploits. When and how did he compromise sites? How was he caught?
On February 7, 2000 Michael Calce (Mafiaboy) initiated a Denial of Service attack (flooding the network of the target to the point that the intended users cannot use the intended resource) against Yahoo! Which resulted in the company to shut down for almost an hour. Once he succeeded, he then did the very same thing to eBay, CNN, and Amazon using a DDoS attack. A DDoS is a very similar attack however instead of flooding the network with requests, it then takes 5 nodes on a network with fake IP addresses to make numerous requests to the point that the requested piece of hardware is taken offline.
Calce was caught by both the FBI and Royal Canadian Mounted Police shortly after they noticed he was bragging on some online chat boards taking credit for the attacks. Once he admitted to the attack on Dell (which had not been publicized) they knew they had the right man.
1. Before this discussion at the start of this chapter, how do Fred, Gladys, and Charlie each perceive the scope and scale of the new information security effort? Did Fred’s perception change after that?
Initially, Fred wasn’t aware that there was truly an issue until he realized how much they lost after the attack. Shortly after, he was onboard for the training and additional security. Charlie and Gladys saw the issue from the beginning and helped illustrate the issue to Fred.
2. How should Fred measure success when he evaluates Gladys’ performance for this project? How should he evaluate Charlie’s performance?
I struggle with answering this question as they are in the situation where any improvement is a success as they are starting from essentially scratch. I would say that if there is less human error and no major attack again, I would consider it a success. No attacks is ideal however there are always people trying to find new access to different networks.
3. Which of the threats discussed in this chapter should receive Charlie’s attention early in his planning process?
Of all of the attacks discussed within the chapter, I would have to say the phishing would be of the greatest concern. All though some of them can be mundane, phishing relies completely on human error and lack of judgement. In other words, someone could innocently believe that an email was sent from their boss and the attachment is a quote they need to review, but instead it was sent from a hacker and the attachment is a virus. Many people fall victim to this type of attack and they can be very costly to a company or organization depending on what the file truly is.
Ethical Decision Making:
1. Is hiring someone with no experience for the job of CISO an ethical decision?
Absolutely not. Recognizing that there is a need for security within a company and then making a half attempt to fulfill that need of the company leaves everyone involved at risk. If there were a major attack, it could expose person secrets, financial information, trade secrets and so on that could put the company out of business. It simply isn’t fair to anyone involved to take this route.
2. Is using a personal USB after being directed not to, an ethical violation?
Yes, this is an ethical violation. I believe so as the rule was put in place to eliminate any source of the virus from gaining access to the network again. Being Davey went against this and introduced the virus once again to the network, his laziness and lack of preparation is the reason the network is infected. Instead, he should have emailed the file to himself and then downloaded it or just rebuilt the file from previously saved documents on his PC in his office.