Information Security- BTE Final

Created by

Juliana Singer

Cards (40)

Types of threats 
Unintentional
Deliberate
Deliberate threats 
Espionage or Trespass
Information Extortion
Sabotage or Vandalism
Theft of Equipment or Information
Identity Theft
Compromises to Intellectual Property
SCADA Attacks
Cyberterrorism and Cyberwarfare
Espionage or Trespass 
Unauthorized individual attempts to gain illegal access to organizational information
Information Extortion 
An attacker either threatens to steal, or actually steals, information from a company AND demands payment for not stealing the information, for returning stolen information, or for agreeing not to disclose the information
Sabotage or Vandalism 
Deliberate acts that involve defacing an organization's Web site, potentially damaging the organization's image and causing its customers to lose faith
Theft of Equipment or Information 
Computing and storage devices (powerful with vastly increased storage) are becoming smaller and as a result easier to be stolen
Identity Theft 
Deliberate assumption of another person's identity, usually to gain access to his or her financial information or to frame him or her for a crime
Compromises to Intellectual Property 
Trade Secret
Patent
Copyright
Trade Secret 
An intellectual work, such as a business plan, that is a company secret and is not based on public information
Patent 
An official document that grants the holder exclusive rights on an invention or a process for a specified period of time
Copyright 
A statutory grant that provides the creators or owners of intellectual property with ownership of the property, also for a designated period
SCADA Attacks 
SCADA systems are used to monitor or to control chemical, physical, and transport processes such as those used in oil refineries, water and sewage treatment plants, electrical generators, and nuclear power plants
Cyberterrorism and Cyberwarfare 
Malicious acts in which attackers use a target's computer systems, particularly via the Internet, to cause physical, real-world harm or severe disruption, often to carry out a political agenda
Software attacks 
Remote attacks that require user action (Virus, worm, phishing attacks)
Remote attacks NOT requiring user action (DoS and DDoS)
Virus 
Segment of computer code that performs malicious actions by attaching to another computer program
Worm 
Segment of computer code that performs malicious actions and will replicate, or spread, by itself (without requiring another computer program)
Phishing Attacks 
Use deception to acquire sensitive personal information by masquerading as official-looking e-mails or instant messages
Denial of Service Attack (DoS) 
An attacker sends so many information requests to a target computer system that the target cannot handle them successfully and typically crashes (ceases to function)
Distributed Denial of Service Attack (DDoS) 
An attacker first takes over many computers, typically by using malicious software. These computers are called zombies or bots. The attacker uses these bots—which form a botnet—to deliver a coordinated stream of information requests to a target computer, causing it to crash
Motivations for threats 
Financial gain
Ideology
Compromise
Ego
JBS Foods paid $11 million ransom to REvil after shut down of all its beef processing operations
Colonial Pipeline: DarkSide attack that disrupted gas supply services from NJ to TX; Colonial pipeline paid ransom of 75 bitcoin ($4.4 mill) and US gov was later able to recover 64 bitcoin ($2.4 mill)
Yahoo 2013 breach affected 3 billion people
"DarkSide" = Eastern European/Russia linked RaaS provider; cyber criminals who make ransomware software for rent
Malware 
Malicious software: any software intentionally designed to cause damage to a computer, server, client, or computer network. It secretly acts against the interest of the computer user
Phishing 
Fraudulent attempt to obtain sensitive information such as usernames, passwords and credit card details by disguising oneself as a trustworthy entity in an electronic communication
Denial of Service (DoS) 
An attacker sends so many information requests to a target computer system that the target cannot handle them successfully and typically crashes (ceases to function)
Trojan Horse 
Software programs that hide in other computer programs and reveal their designed behavior only when they are activated
Back Door 
Typically a password, known only to the attacker, that allows him or her to access a computer system at will, without having to go through any security procedures (also called a trap door)
Logic Bomb 
A segment of computer code that is embedded within an organization's existing computer programs and is designed to activate and perform a destructive action at a certain time or date
Tech Support Scams 
Scammers pretend to be from well-known tech company and convince you something is wrong w your computer
Information Security Controls 
Physical Controls
Access Controls
Communication Controls
Physical Controls 
Prevent unauthorized individuals from gaining access to a company's facilities. Common physical controls include walls, doors, fencing, gates, locks, badges, guards, and alarm systems
Access Controls 
Restrict unauthorized individuals from using information resources and involve two major functions: authentication and authorization
Communication Controls 
Firewalls, anti-malware systems, encryption, etc
Authentication 
Confirms the identity of the person requiring access and restricts unauthorized individuals from using information resources
Authorization 
Determines which actions, rights, or privileges the person has, based on his or her verified identity
Firewalls 
Systems that prevent a specific type of information from moving between untrusted networks, such as the Internet, and private networks, such as your company's network
Anti-malware Systems 
Software packages that attempt to identify and eliminate viruses and worms, and other malicious software
Encryption 
Process of converting an original message into a form that cannot be read by anyone except the intended receiver