Lesson 2 Flashcards
It may be conducted by criminals, but also by states for industrial espionage, for economic damage to apply pressure, or to inflict real damage to infrastructure as an act of war.
Cyberattacks
______ also known as Cybersecurity or IT security, is the protection of computer systems from the damage to their hardware, software or information, as well as from disruption or misdirection of the services they provide.
Computer security
Security in general includes both ________ and _________.
cybersecurity; physical security
True or false:
Cybersecurity requires some form of physical security, since physical access to computer systems enables a whole class of attacks. Conversely, physical security may depend on cybersecurity to the extent that it uses computer systems, e.g., to monitor some physical space or maintain a database of authorized persons.
True
Duplicating and exchanging data and code with anyone anywhere in the world is nowadays a trivial, extremely fast process, with almost zero cost. Hence, an attack or malware launched by a single person can spread worldwide, at a large-scale, in less than an hour.
Digital information is immaterial
a single bit flip may introduce a critical failure and turn a perfectly working system into a malfunctioning one, which is then more vulnerable to compromise. This contrasts with the laws of physics, which tend to be continuous at a macroscopic level, and usually let one observe a slow deformation of a structure before it reaches its breaking point. Digital information ignores borders, and may even play with contradictions between the legislations of different countries or their maladaptation to the digital age. This makes cybersecurity much harder to achieve than other forms of security.
Digital information is of discrete nature
It is concerned with the absence of misbehavior, both in normal and exceptional situations, but still in a neutral environment when no one is trying to intentionally attack the system.
Software safety
______ is not just a matter of chasing bugs: it also calls for an analysis of the possible sources of misbehavior and how to handle them in a fail-safe manner. This requires a specification of the software’s expected behavior, including a model of the environment, and some justification as to how or why the software respects its specification.
Software safety
________ aims for the absence of misbehavior in an adversarial environment, where an attacker intentionally tries to misuse a system, putting it in an erroneous state that is not part of its intended specification.
Software security
It refers to accidental threats, due to internal misbehaviors or non-intentional misuse of the system, while security refers to intentional threats.
Safety
_____ deals with fault-tolerance, while security deals with resistance to attacks. For example, a car may crash because of a software specification or an implementation bug (safety issues), or because of an attacker taking remote control of the vehicle (a security issue).
Safety
_________ is an essential cornerstone in a digital world which increasingly pervades every aspect of our daily lives, public and private. Without security, the world collapses.
Security
Attacks such as ______ have deeply impacted unprepared citizens, private companies, and organizations, threatening their activities.
WannaCry
True or False:
All the domains of our digital world are concerned, including the embedded devices omnipresent in our “smart” homes, and in industrial production controllers (including those for critical infrastructures like power and water supplies).
True
The ______ example highlights that all electronic devices need to be secure.
Mirai botnet
____________. The WannaCry attack relied on an operating system exploit that had been fixed in a Windows update two months earlier. This only impacted unprepared end users and system administrators who failed to update their computers in a timely manner, not realizing how important it was.
Education is essential to security.
________ is often regarded as complex, mechanically limiting its usage. Usable security, meant to facilitate use of security by end users, is an important and active research domain that is closely related to security education and awareness.
Security
True or False:
The security of a system is always limited by that of its weakest component. Even if the core security components (e.g., the cryptographic primitives) are rarely attacked, the same cannot be said of the software implementations of the cryptographic protocols and services. In the case of WannaCry, the attack relied on an exploit of the Windows SMB protocol (the first weak link), which was sufficient to take full control of the computer, no matter what other operating system protections were in use.
True
A _____ should be secure even if everything about the system, except the key, is public knowledge. This principle should be applied to other systems as well. An open design and well documented system will actually ease security reviews by experts. Attackers are often able to reverse engineer systems, and “security by obscurity” only gives a false sense of security. For instance, the attack on smart lights exploited an undocumented functionality.
cryptosystem
True or false:
Large, complex systems cannot be totally validated through human inspection. automatic verification tools are needed to find security protocol flaws as well as implementation flaws.
True
True or false:
Security and privacy are closely related.
The WannaCry ransomware did not try to exfiltrate user’s data, but it could have done so. The attacker had full access to data stored on target computers (e.g., the patient database of a medical center) and could have threatened to disclose this sensitive information. It is therefore essential that security and privacy be considered together at the design stage so that, for instance, malicious intrusions do not put data at risk. Security by design, and more recently privacy by design, have become key principles in security design.
True
True or false:
Diversity of attackers’ motivations and the difficulty of attribution.
Although WannaCry has been classified as ransomware, motivated by the desire to make money, the NotPetya malware that quickly followed it in June 2017 might be a state-sponsored malware that attempted to disguise itself as ransomware in order to muddy attribution and potentially to delay investigations.
True
True or false:
Detection and mitigation of attacks.
The previous examples show that security is hard to achieve. Since zero risk cannot exist, the early detection and mitigation of attacks is as important as the attempt to reduce the risk of successful attacks.
True
True or false:
Security comes at a cost. It is easy to understand that security may be expensive, with additional costs to study, implement, configure, manage, and evolve security tools. But security can also have an operational cost, leading to less efficient systems. For example, mitigating the Spectre or Meltdown attacks may require removing some cache techniques or disabling speculative execution. Such mitigation would entail a significant and possibly unacceptable processor-speed slowdown. Hence, in some cases, one may have to accept a difficult compromise between security and efficiency.
True
Cybersecurity consists in ensuring three basic and essential properties of information, services, and IT infrastructures well known as the CIA triad:
Confidentiality
Integrity
Availability
: assurance that information is disclosed only to authorized persons, entities, or processes.
Confidentiality
: assurance that the system (configuration files, executable files, etc.) or information are modified only by a voluntary and legitimate action, i.e., that the system or information have not been accidentally or deliberately changed.
Integrity
: assurance that a system or information is accessible in a timely manner to those who need to use it.
Availability
: assurance that a message is from the source it claims to be from.
Authenticity
: ability for individuals to control their personal data and decide what to reveal to whom and under what conditions. Privacy can thus be generally defined as the right of individuals, groups, or institutions to determine for themselves when, how, and to what extent information about them is communicated to others.
Privacy
: confidentiality of the identity of the user or entity. We note that preventing re-identification through side information is not easy, and that indistinguishability, which ensures that an attacker cannot see the difference among a group of entities, is also an important property linked to privacy. Note also that anonymity aims at hiding who performs some action, whereas full privacy may also require hiding which actions are being performed.
Anonymity
: a set of rules that specify how sensitive and critical resources are protected, i.e., how some or all of the previous properties are guaranteed.
Security policy
: initially defined as the ability of a system to return to its original state after an attack, resilience is nowadays seen as the capacity of a system to deliver its services continuously, even while under attack (i.e., capacity to tolerate attacks).
Resilience
A _________ must offer preventive services to hinder any violation of these properties, detection services to identify any successful attempt to violate these properties, and reaction services to deploy new or enhanced counter- measures in case of any successful violation.
secure computer system
The goal of ______ is to protect a computer system against attacks, one must also assume that some of the attacks will succeed. Therefore, it also deals with intrusion detection and responses to attacks.
cybersecurity
________ first involves precisely defining which entity may access what information and in which way: permissions, prohibitions, or obligations to read or write information are to be defined. This constitutes a so-called security policy.
Prevention
_________ can even take place before the definition of a policy. Indeed, it is good software engineering to detect early source and binary code vulnerabilities that could be exploited to violate the security properties: this is the security by design principle. Even earlier on, we may also prove that a given property is guaranteed by the software: this is formally proved security.
Prevention
__________, being the capacity to tolerate attacks, has of course a lot of similarities with fault tolerance, which deals with hazardous hardware failures or software bugs. Even if the hypothesis of safety and security are quite different, since attackers do not follow the rules but rather continuously search for new breaches, the mechanisms proposed to tolerate faults may be adapted to tolerate attacks.
Cyber-resilience
Some basic principles of cyber-resilience include _______, which have long been well-established in the database community.
replication of data and backups
