Lecture 1 Cybersecurity and crime

Question 1

C,I,A

Answer 1

Confidentiallity = only authorized party can access the information

Integrity = info/resource in correct state and complete

Availability = info/resource is available for use

Question 2

Different parts of a system

Answer 2

Operating system
The network
The Application
Enterprise

Question 3

Zawinskis law

Answer 3

“Every program attempts to expand until it can read mail. Those programs which cannot so expand are replaced by ones which can.”

Question 4

second system effect

Answer 4

“When one is designing the successor to a relatively small, elegant, and successful system, there is a tendency to become grandiose in one’s success and design an elephantine feature-laden monstrosity.”

Question 5

building bloat ware

Answer 5

1-we have a problem
2-software built to fix issue
3-requirements change to fix a new problem
4-old code is refused to help fix something else
5- new company takes over and integrates their stuff
6- done

Question 6

how legacy comes to be

Answer 6

1- develop a tool
2- build on top of it
3- do nothing and wait until environment changes (innovation)
4- done

Question 7

incentives classic approach

Answer 7

• most businesses want to optimize time to market
• start ups want to test ideas
• software developers are rewarded for new features, change and as fast as possible
• system administrators are rewarded for a stable system, being conservative and maintaining availability
• this incentive structure entails friction and tension by design

Question 8

project management triangle

Answer 8

quality provided by
scope
cost
time

Question 9

Threats (types of malware)

Answer 9

virus
trojan
spyware
adware
worms
rootkit
remote access trojan
polymorphism

Question 10

social engineering

Answer 10

the impersonation of someone else in order to get someone or to get privileged information

eg; phishing = mass targeted social engineering attack

spear phishing = targeted social eng attack

CEO fraud - soc eng attack trying to get someone to do something by pretending to be CEO

Question 11

Botnet + DDOS

Answer 11

botnet is a network of infected computers which can be controlled by some actor. (used for ddos attacks). distributed denial of service used to exhaust the resources of the target, making it unavailable for service

Question 12

Ransomeware

Answer 12

type of malware infection which denies access to a computer until a ransome is paid

eg cryptoblockers

Question 13

nation state actors

Answer 13

motives = cause chaos, undermine other countries

capability = extended resources and persuation

methods= advanced well planned attacks

Question 14

insider threats

Answer 14

Who- employees (mostly)
Motives- unintentional by mistake, money, revenge, espionage
Capability - substantial damage depending on role in organisation
Methods- give out sensitive corporate data, sabotage systems

Question 15

hacktivists

Answer 15

Who- online groups like anonymous
Motives- reactionary (act when upset)
Capability- alot of time and resources at their disposal
Methods- DDOS, persistent online hate mobs

Question 16

organized crime

Answer 16

WHO- test
Motive- maximise income
capability- Depending on target but can be substantial
Methods- use path of least resistance, ROI is important

Question 17

for fun hackers

Answer 17

who- for fun hackers, script kids
motives- fun and bragging rights
capability - often very limited
methods- DDOS common but anything goes