P1L1 Flashcards
when do we worry about security
when there’s something of value
what is the threat source?
Cyber-criminals who are in it for the money, to profit from the data that they can steal.
Hacktivists have some sort of an agenda.
Nation-states
If they are able to take control of your account
a compromise of your account
If able to do it more broadly to a system
a security breach
an attack
a successful exploitation of vulnerability by a threat source, resulting in this system that has been compromised
Vulnerabilities
zero day
the threat actor who actually discovers it.
An example of vulnerability
The lock that we put is actually only protecting the wheel. It’s not protecting the entire bike
Target store breach
an HVAC contractor -> phishing attacks -> access to Target’s network. They are after credit card data.
How can that be done?
Make sure that crime doesn’t pay. Making threats go away is a nice idea, but it hasn’t really been all that effective.
Reduce vulnerabilities, but we’re never going to have zero vulnerabilities
Securing or protecting access to information: data sensitive, integrity, and availability.
What should we do?
Prevention: keeping the bad guys out of our systems. we don’t have good systems to detect malicious activities.
Response: we need to recover from whatever that has happened.
Remediation: make sure that the same attack should not happen again.
Economy of mechanism
avoid complexity. Keep it simple keep it small.
Fail-safe defaults
Default should be denied and fail safety fault is that the thing is protected. Access is controlled.
security by obscurity
don’t believe that you can get security by obscurity.
least privilege
You should only have privileges for resources that you absolutely need, and nothing more.
Weak link when it comes to security
people.