E-Book, Englisch, 208 Seiten
ISBN: 978-1-5015-0636-9
Verlag: De Gruyter
Format: EPUB
Kopierschutz: Adobe DRM (»Systemvoraussetzungen)
- Specific indicators of threats so that you understand when you might be attacked and what to do if they occur.
- The security mindset and good security practices.
- Assets that need to be protected at work and at home.
- Protecting yourself and your business at work.
- Protecting yourself and your family at home.
- Protecting yourself and your assets on travel.
Autoren/Hrsg.
Weitere Infos & Material
FOREWORD – 1 page ABOUT THE AUTHORS – 1 page ACKNOWLEDGMENTS – 1 page INTRODUCTION – 2 pages - What is this book about?
- Who should read this book?
- Why did the authors write this book?
- Organization of the book
CHAPTERS - Chapter 1—Security Awareness (~15 pages)
This chapter presents why security awareness is essential for everyone. This chapter presents some fundamental concepts and terms used throughout the book. - Chapter 2—Security Process (~15 pages)
This chapter presents the security mind set of identifying assets, threats to those assets, asset vulnerabilities, protections, and risks resulting from protections. - Chapter 3—Security in Your Life (~15 pages)
This chapter presents how you apply the security process to common life scenarios, at work, while traveling, and at home. - Chapter 4—Security Scenarios (~40 pages)
This chapter presents how the Chapter 2 security process is applied to each scenario. Each scenario will walk through a number of common assets, and apply the security process to identify protections that should be applied. - Yourself at Work
- Your Company or Organization
- Yourself on Travel
- Yourself Abroad
- Yourself at Home
- Chapter 5—Looking to the Future (~15 pages)
This chapter presents some of the evolving security threats, trends, and how you can continue to be security aware. APPENDIX – Thinking Like a Security Officer (~15 pages) This appendix presents how security people think about common protections in our work, and as a consequence, home life (e.g., locks, gates, passwords, and firewalls) and how they have to balance tradeoffs between protection and usability. GLOSSARY – 3 pages BIBLIOGRAPHY – 3 pages INDEX – 4 pages
Chapter 1
Security Mindset
In this book we are going to introduce you to the things you need to know to better protect your workplace and your home from technology related security attacks (cybersecurity). The best way to start is to understand our enemies. Later in the book we will examine what they may try to do and how we can protect ourselves. To understand our enemies, we should put ourselves into their minds and understand their motivations, objectives, and techniques. Once we understand the adversary, we should think a little bit about ourselves. Where and when are we vulnerable? How do we make ourselves more vulnerable? What habits do we have that make the attackers’ jobs easier? How can we change some of those habits, and improve our security? This chapter describes these topics by (1) considering the motivations of the hackers who attack us; (2) introducing malware (i.e., malicious software) and techniques that attackers use; (3) defining a “security mindset” that we should use in thinking about how to protect ourselves; and (4) introducing how security professionals think about security. By being security aware, we can understand what it is we do that attackers are looking to exploit. What Do Hackers Want?
At the end of the day hackers are people, too. They are computer-literate people who are using computers to accomplish some goal they may think is “right,” whether that “right” is making money off cybercrime or pursuing an activist cause that is important to them or to do what they know is wrong. Other hackers are security professionals working to support the interests of their country, which may be at odds with the interest of our country. There are lots of motivations out there. The following list characterizes five types of hacker threats that are common on today’s internet: –Commodity threats consist of automated cyberattacks that are placed “out there” by hackers that constantly scan the internet looking for vulnerable computers and devices to compromise. These attacks install malware on insecure computers or through malicious websites or e-mails, but without a specific mission or objective. –Hacktivists take control of computers and install malware to accomplish some activist political goal, or to promote a cause. The group “Anonymous” is a good example, drawing attention to causes or issues the group considers to be important. –Organized crime performs hacking to make money. It might make money by selling stolen information or access to computers to other groups, like nation-states or hacktivists. It might also make money by using stolen credit cards or medical records to perform fraudulent transactions that directly make them a profit. –Espionage involves using hacking to further the interests of a corporate competitor or a foreign adversary. Espionage might include stealing corporate trade secrets and customer information or shutting down online services or manufacturing plants. –Cyberwar involves using hacking to support national interests against a foreign country. Cyberwar might include stealing national security information, disabling foreign computers, or attacking infrastructure like the electric power grid. Of the above techniques, espionage and cyberwar are perhaps the most devastating in their nature, as some nations have no qualms about wiping out hundreds or thousands of computers at their targets. For example, the attacks at Saudi Aramco and Sony Pictures disabled tens of thousands of computers, and were ultimately attributed to nation-state attackers. However, even hacktivism and cybercrime can be devastating, as we have seen through ransomware campaigns that took out entire medical networks or shut down manufacturing plants. What Is at Stake Here?
Over the past several decades, there have been thousands of breaches encompassing billions of records containing personal information of people worldwide. These records have included names, addresses, phone numbers, social security numbers, credit card accounts, banking accounts, and health care information. How often have we gotten sent replacement credit cards in the mail, because our information had been compromised? Figure 1.1 shows some of the most recent large breaches, based on the numbers of compromised records. Figure 1.1: Breaches have exposed millions and millions of records. Some of these breaches involve credit card numbers or banking information and were most likely perpetuated by cybercriminals looking to use that information for fraudulent transactions. Other breaches involved usernames and passwords and may have been performed by hackers looking to use those passwords to access other, more profitable, accounts (since people often reuse passwords for multiple online accounts). Other breaches involved health care information, which tends to be a treasure trove of highly personal data as well as financial details. Finally, some breaches involved potentially embarrassing personal information that could be used to blackmail individuals to get their cooperation. Here are some headlines regarding cyber breaches: –Cable News Network (CNN), May 2016: “… LinkedIn was hacked four years ago … initially seemed to be a theft of 6.5 million passwords … turned out to be 117 million …” –Hindustan Times (Major Indian English News Website), July 2017: “… details of over a million Aadhaar numbers published on Jharkhand govt website … personal details are now freely available.” –Forbes Magazine, March 2018: “Equifax’s Enormous Data Breach Just Got Even Bigger … brings the total to 147.9 million Americans ... driver’s license number revealed … social security number exposed …” –Fortune Magazine, June 2018: “... NameTest left the data of 120 million Facebook users exposed online for years …” –GBHackers on Security (Cybersecurity Blog), August 2018: “Firebase Vulnerability Leaks 100 Million Sensitive Records – 2,300 Firebase Databases & 3,000 iOS and Android Apps Affected” How Has Malware Evolved?
Cyberattackers generally accomplish their goals using malware. Malware is software that is designed to accomplish some nefarious goal, like giving someone remote control of a computer, or extracting usernames, passwords, credit card numbers, or other sensitive information from that computer. Over time, malware has gotten smarter, more sophisticated, and more capable. Figure 1.2 visualizes how malware has evolved over time to gain new capabilities and become more destructive. Figure 1.2: Malware evolves to become more sophisticated and destructive. Some highlights of these different types of malware and their objectives are as follows: –Static viruses embed themselves within computer programs or the computer’s boot (startup) process but they require human intervention to propagate, or replicate themselves and spread like a disease, from computer to computer. –Network viruses use the network to propagate from one computer to another and may be able to spread without human intervention. –Trojans and worms are standalone programs that can propagate and persist on their own without requiring a “carrier” like viruses. –Botnet malware reports back to a controller network and enables the victim computer to be used as part of a larger “botnet” consisting of thousands or millions of computers all working together. –Remote control malware permits the attacker to remotely control the victim computer, generally despite network security capabilities like antivirus or firewalls. –Adware and clickware cause the victim computer to display or “click on” advertisements supporting the attacker, generating revenue from advertising fraud. –Ransomware encrypts the files on the victim computer, demanding the victim pay a ransom (typically several hundred dollars) to get back access to their computer and its files. –Cryptojacking malware uses the victim computer to perform “cryptomining” transactions using cryptocurrency (e.g., bitcoin) on behalf of the attacker, indirectly generating revenue for them. –Automated malware can persist and propagate across a network on its own, potentially infecting more and more computers within a target organization, after the first machine is infected. –Customized malware is customized for each victim, or changes itself as it propagates, so it can not be easily caught by antivirus software or traditional network security mechanisms. –Embedded malware installs itself into the “firmware” of network-connected devices or computers, or is already installed from the factory, making the devices almost impossible...
