Deck 17: Information Security: Barbarians at the Gateway and Just About Everywhere Else

A vast majority of security breaches are not preventable and happen despite the best security practices.

What are some of the key managerial takeaways from the Target security breach?

Almost all security breaches can be traced back to technology lapses personnel or procedural factors rarely factor in.

Organized crime networks now have their own R&D labs and are engaged in sophisticated development efforts to piece together methods to thwart current security measures.

Hackers might infiltrate computer systems to enlist ware for subsequent illegal acts.

Several surprising findings were revealed in the wake of the Target breach, providing a cautionary tale for all executives and security professionals. Which of the following was thought to have occurred during the Target security breach?
a. Target had security software, but the notification alerts from the software were ignored.
b. Target had properly installed and configured its security software, but hackers got in, anyway.
c. Credit card databases were on entirely separate systems, not connected to other parts of the firm's information system, but wireless networking allowed hackers to access anything reachable from a cell phone connection.
d. Target regularly monitored file names and matched them to file sizes and archival copies to ensure that software was not installed on their systems using the names of legitimate products, but hackers saved files with blank file names so they wouldn't be detected.
e. All of the above

A black hat hacker looks for weaknesses in security mechanisms, with a view to help plug the holes that might be exploited by cyber-criminals.

Describe some of the factors at work that enabled the Target security breach to occur.

One of the reasons one should be careful about clicking on any URL in an e-mail is that hackers can easily embed a redirection in e-mail links, reroutiing a user to an alternate online destination.

_____, probably the most notorious known act of cyberwarfare effort to date (one expert called it "the most sophisticated worm ever created"), is suspected to have been launched by either U.S. or Israeli intelligence (or both), and it infiltrated Iranian nuclear facilities and reprogrammed the industrial control software operating hundreds of uranium-enriching centrifuges.

The topic of U.S. government surveilance continues to be hotly debated, with strong opinions in favor of surveilance programs, as well as vocal protestations of government overreach. Briefly give the argument for and against U.S. government surveilance practices.

Social networking sites such as Facebook and LinkedIn form valuable sources of vital information that can be used to craft a scam by con artists.

What are botnets and how are criminals using this technology?

The information systems of several firms have been compromised by insiders that can include contract employees, cleaning staff, and temporary staffers.

Former CIA employee and NSA contractor, ____________ is seen by many as either a whistle-blowing hero or a traitorous villain. This person gathered sensitive digital documents from U.S., British, and Australian agencies, and leaked them to the press, exposing the extent of government surveillance efforts.

Web sites of reputed companies can also be sources of malware.

It's bad when a firm's e-mail and password file is stolen however the impact is minimized because user passwords set up for one system cannot be used on others.

_____ refers to a term that either means breaking into a computer system or a particularly clever solution.

The virtual shutdown of websites by way of overloading them with seemingly legitimate requests sent simultaneously from thousands of machines is termed as _____ attacks.

Because of Moore's Law, widely-used encryption programs currently employed by banks and ecommerce sites are now easily penetrated by brute-force attacks that can be employed by hackers using just a handful of simple desktop computers.

According to research firm Gartner, the majority of loss-causing security incidents involve the handiwork of international cyber-criminal gangs.

Dumpster diving refers to physically trawling through trash to mine any valuable data or insights that can be stolen or used in a security attack.

Spear phishing attacks specifically target a given organization or group of users.

URL-shortening services such as bit.ly limit the impact of phishing posts since the shortened URL will clearly reveal the destination arrived at when clicked on.

Challenge questions offered by Web sites to automate password distribution and resets are formidable in protecting the privacy of email accounts.

Two-factor authentication is favored for most security situations since it's considered to be fast and conveient for customres.

Worms require an executable (a running program) to spread, attaching to other executables.

In public-key encryption systems, the functions of the public and private keys are interchangeable.

The phrase __________________ refers to security schemes that automatically send one-time use representations of a credit card that can be received and processed by banking and transaction firms at the time of payment. They are in use in ApplePay and Android Wallet.

Briefly explain the steps one should take to ensure that their highest priority accounts are not compromised easily by hackers.

The phrase ______________ refers to security where identity is proven by presenting more than one item for proof of credentials. Multiple factors often include a password and some other identifier such as a unique code sent via e-mail or mobile phone text, a biometric reading (e.g. fingerprint or iris scan), a swipe or tap card, or other form if identification

Describe briefly a few of the physical threats posed by hackers to information security with examples for each.

Fingerprint readers, retina scanners, voice and face recognition technologies are all part of _____.

Public wireless networks are often vulnerable to monitoring and attack. The use of _______ software can limit threats by encrypting network transmissions over a network.

_____ refers to confidence scams executed through technology.

The _____ technique zeros in on a sloppy programming practice where software developers don't validate user input.

The term ISO 27000 refers to a series of standards representing the set of best practices for implementing, maintaining and improving organizational security.

When using a public wireless network, using VPN software is not advisable as it can reveal your communications to any network eavesdroppers.

_____ refers to a trusted third party that provides authentication services in public key encryption schemes.

A team working on organizational security should include representatives from general counsel, audit, public relations, and human resources, in addition to those from specialized security and broader technology and infrastructure functions.

_____________ refers to malware that encrypts a user's files (perhaps threatening to delete them), with demands that a user pay to regain control of their data and/or device.

_____ are scrambled character images used to thwart things like automated account setup or ticket buying.

Multiple administrators jointly controlling key systems are an unnecessary burden that adds to the complexity of managing security in an organization.

ware failure is the least likely of threats to one's data.

Conforming to industry-standard guidelines and frameworks for organizational security ensures continued immunity from attacks on an organization's information.

Regularly updated software lowers a system's vulnerable attack surface.

Con games that trick employees into revealing information or performing other tasks that compromise a firm are known as _____ in security circles.

Online backup services are considered a poor choice for end-users, since this only increases the liklihood that an individual's data will be hacked.