Cyber and Electronic Security Risks

Question 1

What is Cyber Crime?

Answer 1

Cyber Crime is any offence committed using computer devise, networks, the internet and telecom systems. It is estimated that cyber-crime costs up to $400 billion per year.

• 1981 – felon attempts to break into AT&T computers
• 1988 – attempted cyber theft of £70m from First National Bank of Chicago
• 1995 – first recorded incident of phishing
• 2003 – ‘Titan Rain’ launches APT attack on American computers
• 2010 Stuxnet worm is discovered

Question 2

What types of Cyber Crime Threats are there?

Answer 2

1. Identity Theft – using a stolen identity to derive benefit
2. Computer Fraud – using computers to commit fraudulent activity
3. Denial-of-Service (DoS) attacks – making computer or network unavailable
4. Phishing – persuading people to divulge personal data
5. Pharming – redirecting website traffic to a bogus website
6. Software Piracy – illegally using, copying or distributing software
7. Cyber Espionage – obtaining info without the permission of the info owner
8. Hacking – gaining unauthorised access to systems, networks and databases

Question 3

What are the risks to governments from Cyber Crime?

Answer 3

• Disruption to utilities – water, power and heating utilities are prime targets for cyber-crime due to the disruption that outage can cause
• Infiltration of the financial system – disruption to a national banking system could bring a country to a standstill, as no money could exchange hands
• Theft of government secrets – stealing government data such as social security, tax records and military details
• Cyber War – attacking another country through systematic cyber-attacks on the infrastructure of the enemy

Question 4

What are the risks to companies from Cyber Crime?

Answer 4

1. Loss of intellectual and business confidential information
2. Loss of sensitive business information including possible stock market manipulation
3. Opportunity costs including service and employment disruptions, and reduced online trust
4. Reputational damage
5. Cyber-crime related monetary losses
6. Additional cost of securing networks, insurance and recover from cyber attacks

Question 5

What are the risks to individuals from Cyber Crime?

Answer 5

• Liability and compensation claims – incorrect, misleading or illegal statements can lead to an individual being sued for compensation and reputational damage
• Identity Theft
  
  • Stealing money from bank accounts
  • Opening new lines of credit
  • Gaining access to social security benefits
  • Providing an alias if arrested
  • Gaining employment
• Physical loss of technology – technology is used as part of people’s everyday working life. Disruptions caused by cyber-crime can be costly

Question 6

What Guidance is available against Cyber Crime?

Answer 6

GCHQ Guidance:

1. Home and mobile working policy
2. User education and awareness
3. Incident management
4. Information risk management regime
5. Monitoring
6. Manage user privileges
7. Removable Media Controls
8. Secure configurations
9. Malware protection
10. Network security

CBEST (BoE framework - tests Bank defences) Guidance:

1. Banks should use cyber threat intelligence including that from CBEST
2. Banks should undertake tests that mimic real cyber attacks
3. Banks should undergo a best practise cyber test audit
4. Banks should sign up to a code of conduct

CPNI Guidance:

1. Maintain an inventory of authorised and unauthorised software
2. Ensure secure configurations
3. Continuous vulnerability assessment and remediation
4. Malware and virus defences
5. Data recovery capability
6. Controlled use of administration privileges
7. Incident response and management
8. Secure network engineering

Question 7

List Cyber Attack Methods.

Answer 7

1. Social Engineering – using deception to gain information from people that is then used to gain access to computer systems
2. IP Spoofing – gaining access to a computer by sending the computer messages that are interpreted as coming from a trusted source
3. Spam – unsolicited emails sent to infect a computer with malware or direct the computer to an illegal website
4. Advanced Persistent Threats (APTs) – use the latest malware techniques to systematically attack target computers
5. Botnets and Zombie Computers – automated programs that take unauthorised control of computers

Question 8

How does one help Prevent Cyber Threats?

Answer 8

Prevention:

• Educate all computer users
• Choose strong, secure passwords
• Regularly update computer security
• Encrypt sensitive data
• Use the latest firewall and anti-virus/malware software
• Remember that cyber crime can affect anyone

Policy – NSIT cyber security framework is based around 5 core functions:

1. Identify
2. Protect
3. Detect
4. Respond
5. Recover

Core functions are designed to help management deal with cyber risks.

Governance:

• Consider the privacy implications of cyber security
• Cyber security personnel must be appropriately trained and report to appropriate management
• Processes should be in place to support cyber security compliance and controls

Question 9

What is Cyber Incident Planning?

Answer 9

1. Incident Taxonomy – plan terminology should be standardised
2. Data-classification Frameworks – incident response categories should be based on different types of data held
3. Performance Objectives – clear response objectives should be set for each incident and data type
4. Definition of Response Operating Models – roles, responsibilities and escalation process
5. Identification and Remediation of Failure Models – plan must be enhanced to respond to new failure modes
6. Key Tools for use during Incident Response – provides checklists for individuals