Information Security: Barbarians at the Gateway – Gallaugher J. Flashcards
(Chapter 13: Information Security: Barbarians at the Gateway – Gallaugher J.)
What is it about (Introduction)?
- Security must be top organizational priority.
- Majority of security breaches can be prevented.
- Firms suffering a security breach can experience direct financial loss, exposed proprietary information, fines, legal payouts, court costs, damaged reputations, plummeting stock prices, and more.
- Information security isn’t just a technology problem; a host of personnel and procedural factors can create and amplify a firm’s vulnerability.
(Chapter 13: Information Security: Barbarians at the Gateway – Gallaugher J.)
Why is this Happening?
- Reasons:
o Corporation have a lot data
o Small employees also access to critical data
(Chapter 13: Information Security: Barbarians at the Gateway – Gallaugher J.)
What are Data Harvesters ?
- Data Harvesters: steal data
(Chapter 13: Information Security: Barbarians at the Gateway – Gallaugher J.)
What are Cash-out fraudsters?
buy from harvesters stolen credit cards to buy goods
(Chapter 13: Information Security: Barbarians at the Gateway – Gallaugher J.)
What are botnets?
- Botnets:
o networks of infiltrated and compromised machines controlled centrally (up to 10 million computer)
o sending spam
o launching distributed denial of Services (DDoS):
overloading websites with requests shutdown
(Chapter 13: Information Security: Barbarians at the Gateway – Gallaugher J.)
What is Cyberwarfare?
- Cyberwarfare: attack by terrorist or foreign power with devastating disruptions
(Chapter 13: Information Security: Barbarians at the Gateway – Gallaugher J.)
What is a White hat hacker?
o White hat hacker: good guys, probe for weaknesses
(Chapter 13: Information Security: Barbarians at the Gateway – Gallaugher J.)
What is a Black hat hacker?
o Black hat hacker bad guys
(Chapter 13: Information Security: Barbarians at the Gateway – Gallaugher J.)
What is a Hacktivists?
o Hacktivists hacking as protest measure
(Chapter 13: Information Security: Barbarians at the Gateway – Gallaugher J.)
User and Administrator Threats: What are Bad Apples?
- Bad Apples:
o 70% security incidents involve insiders
o Temporary work contracts and outsourcing increases risk
(Chapter 13: Information Security: Barbarians at the Gateway – Gallaugher J.)
User and Administrator Threats: What is Social Engineering:?
- Social Engineering:
o Tricking employees into revealing information or performing tasks
o With access to personal info (LinkedIn), much easier to trick
(Chapter 13: Information Security: Barbarians at the Gateway – Gallaugher J.)
User and Administrator Threats: What is Phishing?
- Phishing:
o Leverage the reputation of firm or friend to trick victim in downloading malware
o Mails masqueraded as security alert or message from employer
(Chapter 13: Information Security: Barbarians at the Gateway – Gallaugher J.)
User and Administrator Threats: What is the deal with Passwords?
- Passwords:
o Typical webuser has 6,5 passwords
o Security questions (where is your mom born) can be guessed
o Alternatives
Biometrics (fingerprints)
2x authentication
(Chapter 13: Information Security: Barbarians at the Gateway – Gallaugher J.)
Technology Threats: What is Malware?
- Malware
o Malicious software seeks to compromise a computing system without permission
o Common via phishing, infected USB drives
o Adobe and Microsoft primary means by which hackers try to infect
o Methods of infection:
Virus: programs that infect software or files, require executable (running programm)
Worms: Similar, but don’t need executable (scan and install themselves)
Trojans: masqueraded, tricking user to download or install something
(Chapter 13: Information Security: Barbarians at the Gateway – Gallaugher J.)
Technology Threats: What are the goals of Malware?
o Goals of Malware:
Botnets / Zombie Networks
Malicious adware: unwanted advertisement
Spyware: monitoring screens, actions and files
Keylogger: type of spyware recoding user keystrokes
Screen capture: software recording the pixel appearing on a user’s screen
Blended Threats: Attacks combining multiple malware
(Chapter 13: Information Security: Barbarians at the Gateway – Gallaugher J.)
Technology Threats: What are Compromising Web Sites?
- Compromising Web Sites
o Exploits directly target poorly designed and programmed web sites
o Directing customers to other websites, monitoring personal data, deleting data
o SQL Injection
Method used to give commands what the website has to do
Fastest growing security thread
Poorly designed websites can be easily injected
(Chapter 13: Information Security: Barbarians at the Gateway – Gallaugher J.)
Technology Threats: What are Encryptions?
- Encryption
o Scrambling data to make it unreadable
o Key: needed to unscrample
o When implemented correct encryption = rock solid vault
o Sensible data should be encrypted before sending or storing lowers risk dramatically
o VPN Software: Used to minimize risk of public wireless connections by making passed through data unreadable
o Key Management is essential
(Chapter 13: Information Security: Barbarians at the Gateway – Gallaugher J.)
How can user take action?
Taking Action as a User
* Surf smart: don’t use public machine when accessing sensitive data
* Stay vigilant: Don’t fall for con artists on the phone an social engineering techniques
* Stay updated: update software
* Stay armed: like taking your car for oil change, you should regularly check your safety and security measures
* Be settings smart: Use VPN, don’t turn on risky settings
* Be password savvy: change password on any new device you instal
* Be disposal smart: Shred personal documents and wipe hard drives when disposing
(Chapter 13: Information Security: Barbarians at the Gateway – Gallaugher J.)
How can Organisation take action?
Taking Action as an Organization
Frameworks, Standards, Compliance
* ISO Framework: used for standards of an information security management system
* Compliance Requirements
o Legal of professionally binding steps must be taken
o Different for certain industries: “HIPAA” regulating health data
o Compliance does not equal security: just seeing it as necessary evil, but security doesn’t stop there
(Chapter 13: Information Security: Barbarians at the Gateway – Gallaugher J.)
How can Organisation take action: Education, Audit and enfoirment?
Education, Audit and Enforcement
* Antivirus software does not keep a company safe alone education needed
* Employees need to be training on firms policies face penalties in case the fail to meet obligations
* Auditing the real time use of IT is essential to keep an overview
(Chapter 13: Information Security: Barbarians at the Gateway – Gallaugher J.)
How can Organisation take action: What Needs to Be Protected and How much Is Enough?
What Needs to Be Protected and How much Is Enough?
* Most firms don’t know what they need to protect and where valuables are kept
* Inventory style auditing and risk assessment is crucial for information security
* Security must be dealt with as an economic problem
(Chapter 13: Information Security: Barbarians at the Gateway – Gallaugher J.)
How can Organisation take action: What is Technology’s Role?
Technology’s Role
Patches: Pay attention to patches to plug existing holes in software’s
* Lock down hardware methods:
o Issue standard system throughout a company to ensure safety
o Preventing wifi use or requiring VPN use
o All data is stored in the cloud but not on the hardware
* Firewalls: blocking certain type of access to a network
* Intrusion detection systems: look for unauthorized behaviour
* Honeypots: meant to distract attackers and used to identify attackers
* Blacklists: denying entry of specific IP addresses
* Whitelists: only access to certain sites
* Lock down partners: insists partner firms (e.g. within supply chain) to use same security standard
* Lock down systems: security team muss constantly scan exploits for all firm’s partners
* Audit trails: Recording, monitoring and auditing access allows firms to hunt for patterns of abuse
* Failure and recovery plans: what needs to be done when data got stolen
