Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Chapter 10, part 2
1. COOKIES
• A message passed from a web server to a web browser that is sent
back to the server each time the browser requests a page from that
server
• Normally used for authentication purposes
• May contain sensitive/private info, thus posing security risk
2. BOTNETS AND CYBERATTACK SUPPLY
CHAIN
• “Destructive software robots working together on a collection of
zombie computers”!!
• Ouch, straight out of a SiFi horror story but the threat is very real.
3. HIGHLY SPECIALIZED
IDENTITY THEFT
•A
phishing attack on the internet can be a professional
multi-step task involving:
• A programmer (writes attack templates)
• A phisher (designs the attack)
• A cracker (provides hosting space for attack)
• A Bot herder (access to botnet zombie computers)
4. INTERNET HOAXES
• A false message circulated online about new viruses
• May cause your inbox to get flooded with junk-mail
• Hoaxbusters warn about know hoaxes
5. CYBERSQUATTING
• The practice of registering a domain name and trying to sell it to
those who are most likely to want their trademark back
• Ex: eminemmobile.com sued by Eminem for use of his name to
make money
• This crime may lead to $100,000 fine and forfeiture of disputed
name for offenders.
6. CYBER HARRASSMENT, STALKING,
AND BULLYING
• Victims endure
• Distress from obscene, vulgar, or threatening content
• Repeated unwanted contact from aggressor
• Posting of personal information on chat rooms and web sites
• Social networks provide ways to report predators as a defense
7. SOFTWARE PRIACY
• Illegal distribution of bootleg copies to others (for free or to sell)
• Software is intellectual property and offenders are subject to patent
and copyright laws
• Solving piracy problem is still a major issue
8. GLOBAL PROBLEM
• Piracy is an international issue
• The unwillingness of governments and individuals to recognize
software copyrights is a huge roadblock to solving the issue
• Billions of dollars lost each year
9. CYBERWAR
• This is one country’s military attempt to destroy the information and
communication systems of another
• Most advanced nations are most vulnerable
• Attacks shut down country’s economic system, transportation and
medical capabilities, etc.
10. FUNCTIONS OF CYBERWAR
• Disabling enemy’s smart weapons and controls systems
• Distributing cyberpropaganda
• Stealing or modifying information (espionage)
11. A NEW COLD WAR
• Nations secretly testing networks to gain advantage or inflict damage
on potential enemy nations ushers in a new type of cold war
12. CYBERTERRORISM
• Individuals or organized groups using technology to intimidate or
harm governments and/or civilians
• Causes virtual physical damage
• Nuclear power plants, dams, power grids, etc., are all affected
13. DISADVANTAGES FOR THE CYBER
ATTACKER
• May not achieve as much destruction as physical weapons
• Requires continuous updating of systems as older methods quickly
become outdated
• Less drama and emotional appeal as traditional attacks
14. GLOBALIZATION OF
TERRORISM
• Cyberwar and Cyberterrorism will only increase as dependence on
technology increases
• Controlling these attacks is a great challenge for the future
15. INFORMATION SYSTEMS
SECURITY
• All systems connected to networks are vulnerable to security
violations
• Taking precaution is necessary and a variety of technologies have
been created for this purpose
16. SAFEGUARDING IS
RESOURCES
• Systems security auditing identifies most vulnerable systems in an
organization
• Followed by designing and implementing security measures
17. RISK ANALYSIS
• Determines if a company should take one of three courses of
action:
1. Risk Reduction (actively invest in protect systems)
2. Risk Acceptance (do nothing, just absorb any damages)
3. Risk Transference (buy insurance or outsource risky
functions)