Consider that an individual threat agent, like a hacker, can be a factor in more than one threat category. If a hacker breaks into a network, copies a few files, defaces a Web page, and steals credit card numbers, how many different threat categories does the attack fall into?
ANSWER:
The attack falls into four different threat categories:
Unauthorized access: Breaking into the network.
Data breach: Copying files and stealing credit card numbers.
Website defacement: Defacing the web page.
Financial fraud: Stealing credit card numbers.
2. Using the Web, research Mafiaboy’s exploits. When and how did he compromise sites? How was he caught?
ANSWER:
Mafiaboy, also known as Michael Calce, compromised sites through denial-of-service attacks in February 2000, flooding major websites with traffic. He was caught due to investigations by the FBI and RCMP, tracing the attacks back to him, and his own boasting in online chat rooms. He was arrested in April 2000 in Montreal, Canada, and pleaded guilty to 56 charges, receiving eight months of open custody, one year of probation, restricted internet use, and a fine.
3. Search the Web for “The Official Phreaker’s Manual.” What information in this manual might help a security administrator to protect a communications system?
ANSWER:
"The Official Phreaker’s Manual" is a document that provides detailed information on various techniques used by phreakers to manipulate and exploit telecommunication systems. While it contains information that could potentially be misused by malicious actors, it can also offer insights for security administrators to protect communications systems by understanding potential vulnerabilities and how they can be exploited.
Specifically, the manual might help security administrators:
Identify vulnerabilities
Implement countermeasures
Enhance security awareness
4. This module discussed many threats and vulnerabilities to information security. Using the Web, find at least two other sources of information about threats and vulnerabilities. Begin with www.securityfocus.com and use a keyword search on “threats.”
ANSWER:
The SANS Institute (www.sans.org): SANS offers a wealth of resources, including whitepapers, webcasts, and training courses, covering various aspects of cybersecurity threats and vulnerabilities.
The National Institute of Standards and Technology (NIST) (www.nist.gov): NIST provides publications, guidelines, and frameworks that address cybersecurity threats and vulnerabilities, offering valuable insights and best practices for enhancing information security.
5. Using the categories of threats mentioned in this module and the various attacks described, review several current media sources and identify examples of each threat.
ANSWER:
I can't access real-time media sources to provide specific examples, but I can guide you on how to identify examples of each threat by reviewing current news sources:
Malware: Look for reports of computer viruses, ransomware attacks, or data breaches caused by malware. Recent incidents might include widespread ransomware attacks on hospitals, businesses, or government agencies, or malware-infected emails targeting specific organizations.
Phishing: Search for instances where individuals or organizations were tricked into providing sensitive information via email, text messages, or phone calls. Examples could include reports of employees falling victim to phishing emails that lead to data breaches or financial losses.
Denial of Service (DoS) / Distributed Denial of Service (DDoS): Look for news about websites or online services being taken down due to overwhelming traffic or targeted attacks. Recent examples might involve popular online platforms experiencing disruptions due to DDoS attacks.
Insider Threats: Identify cases where individuals within organizations abused their access or privileges to commit cybercrimes. This could involve employees stealing sensitive data, sabotaging systems, or leaking confidential information to external parties.
Social Engineering: Search for incidents where attackers manipulated individuals into divulging sensitive information or performing actions that compromised security. Examples could include reports of scammers impersonating tech support agents to gain remote access to victims' computers.
Advanced Persistent Threats (APTs): Look for news about sophisticated, long-term cyber espionage campaigns targeting specific organizations or industries. Recent examples might involve nation-state actors conducting espionage or cyberattacks against government agencies, critical infrastructure, or corporations.
Data Breaches: Identify reports of unauthorized access to sensitive data resulting in its exposure or theft. Recent examples could include breaches of customer databases, healthcare records, or financial information due to vulnerabilities in security systems or insider actions.