Chapter 3: Threat Factors - Computers as Targets Flashcards
What are the 3 Phases of Convergence?
1) Separate the people
2) Leverage technology
3) Replace people
Explain “Separate People” as it r/t Convergence?
- Aka sneakerware because people had to physically take a floppy disk or other external hard drive & walk to a computer to transfer a malware onto the computer
- First Macintosh virus, Elk Cloner, was part of a video game for computers inserted via a floppy disk
Explain “Leverage Technology” as it r/t Convergence?
- Fraudsters developed the first email born viruses, such as the ILOVEYOU & the Melissa virus, which spread via email attachments
- Code Red attacked Microsoft computer systems & spread to other systems by using HTTP requests
Explain “Replace People” as it r/t Convergence?
People do not have to be physically present in one country to spy out information on computers in other country; in stead, they can infiltrate computers & steal information by using computer programs such as Trojan horses
What are the main targets in Information Technology?
1) Software
2) Hardware
3) Network
What are examples of Attacks on Software?
- Infected download links of software or software updates
- Malicious apps
- Drive-by downloads
What are examples of Devices for Software?
o Computers
o Computer networks
o Smart devices
What are examples of Countermeasures for Software?
o Anti-virus software
o Security patches
o Data backup
o Software screening
What are examples of Attacks on Hardware?
- Manufacturing backdoors
- Backdoor creation
- Access to protected memory
- Hardware modification
- Inducing faults
- Counterfeiting products
What are examples of Devices for Hardware?
o Access control systems
o Network appliances
o Industrial control systems
o Surveillance systems
o Components of communication infrastructure
What are examples of Countermeasures for Hardware?
o Tightly control production
o Use detection measures to discover compromised hardware
What are examples of Attacks on Network?
- Denial-of-service attacks
- The Man in the Middle
- Browser
- Brute Force
- SSL
- Scan
- Domain Name Servers
- Backdoor
What are examples of Devices for Networks?
o Computers
o Modem
o Router
What are examples of Countermeasures for Networks?
o Network-based mitigation
o Host-based mitigation
o Proactive measures
What are the 3 main issues Cybersecurity is concerned with?
1) Confidentiality
2) Integrity
3) Availability
What are the 3 Threat Clusters?
1) Technological
2) Socio-political
3) Human-machine
What is the Technological Cluster?
Computers are the target of the cybercrime – mainly malware, such as viruses & worms
What is the Socio-political Cluster?
Includes crimes where computers are used as a tool, such as phishing or identity theft
What is the Human-machine Cluster?
Focuses on computer infrastructure & vulnerabilities created through our dependence on computers & networks
What are the 2 functions that malware fulfills?
1) Spreads itself
2) Causes damage
How does malware spread itself?
Via email attachments embedded in web pages, file sharing, infected CDs or DVDs, or by scanning a computer or network for exploitable vulnerabilities
How does malware cause damage?
- Trivial damage – message that pops up on the screen every time the user starts the computer
- Debilitating – destroying files, taking the computer hostage, stealing data & passwords to facilitate other crimes (identify theft)
- Other damages: computer as a slave to send spam to other documents, to host illegal data, to attack other computers, or to extort others
What are the 5 main reasons for the increase in threats to mobile devices?
1) Increase in smartphones
2) Android devices & open-source technology
3) Users store more information on these devices
4) Hardware has become more sophisticated
5) Programming software more similar to PCs
What are the 3 main forms of malware?
1) Computer viruses
2) Worms
3) Trojan horses
