IT 520 - Intro and Ch 1.docx - IT 520 INTRODUCTION TERMS ADVANCED PERSISTENT THREAT(APT \u2013 HIGHLY MOTIVATED CAPABLE ATTACKERS USUALLY NATION-STATES OR

IT 520 - Intro and Ch 1.docx - IT 520 INTRODUCTION TERMS...

This preview shows page 1 - 3 out of 6 pages.

IT 520 INTRODUCTION TERMS: ADVANCED PERSISTENT THREAT (APT) – HIGHLY MOTIVATED & CAPABLE ATTACKERS, USUALLY NATION-STATES OR CYBERCRIMINAL GANGS USING CONTINUOUS, CLANDESTINE, AND SOPHISTICATED ATTACK TECHNIQUES TO GAIN ACCESS TO TARGETS APACHE SOFTWARE FOUNDATION – NON-PROFIT AMERICAN CORPORATION THAT SUPPORTS APACHE SOFTWARE PROJECTS, THIS IS THE MOST POPULAR WEB SERVER APACHE STRUTS – WEB DEVELOPMENT FRAMEWORK ENABLING THE CREATION OF PORTALS WITH JAVA SOFTWARE BREACH DISCLOSURE LAWS – REQUIRE PUBLIC NOTIFICATION OF DATA BREACHES WHERE PERSONALLY IDENTIFIABLE INFORMATION IS STOLEN BUG BOUNTY PROGRAM - OFFERS REWARDS TO SECURITY RESEARCHERS WHO IDENTIFY VULNERAVILITIES IN SOFTWARE AND REPORT TO THE COMPANY OFFERING A BOUNTY. INTENDED TO INCENTIVIZE PEOPLE TO REPORT VULNERABILITIES INSTEAD OF SELLING THEM TO THREAT ACTORS FOR MALICIOUS USE CYBER CRIMINAL – TECHNICALLY SAVVY ATTACKER WHO LEVERAGES COMPROMISE OF REMOTE SYSTEMS FOR GAIN GITHUB – SERVICE PROVIDES AN INTERNET REPOSITORY FOR SOFTWARE DEVELOPMENT CODE. PROGRAMMERS USE FOR VERSION CONTROL, ARCHIVES, AND CROSS COLLABORATION INTERNET FACING – SERVERS AND COMPUTERS PROVIDING INFORMATION AND SERVICES OVER THE INTERNET. ALL UNNECESSARY SERVICES SHOULD BE TURNED OFF ON INTERNET FACING MACHINES OPEN SOURCE – FREELY AVAILABLE AND DISTRIBUTABLE SPEAR FISHING – ATTACKS TARGETING A SPECIFIC INDIVIDUAL, USUALLY AN EXEC OR OFFICIAL AT AN ORGANIZATION THREAT ACTOR – GROUP/INDIVIDUAL EMPLOYING CYBER ATTACKS FOR GAIN WEB APPLICATION FRAMEWORK – SOFTWARE DESIGNED FOR WEB PORTAL CREATION AND MAINTENANCE
Image of page 1
LEARNING OBJECTIVES: 1. INVESTIGATE ATTACK SOURCES Internal threats make up one third of attacks but outsiders are the most popular, followed by cyber crime and nation states 2. EVALUATE INDUSTRY ATTACK FREQUENCY Small business make up 43% of victims, followed by public sector, healthcare, and financial industries 60% of small businesses who are attacked close within 6 months You are more likely to be a victim of a cyber crime than a physical one 3. EXAMINE HISTORICAL ATTACKS TO COMPREHEND THE RISKS ASSOCIATED WITH DIGITAL TECHNOLOGY 2015 OPM ATTACK o Breach impacted 22.1 million o OPM normally repels 10 million intrusion attempts PER MONTH o Access1: Breach began in 2013 when hackers accessed manuals and technology design documents o Access2: Hackers stole a KeyPoint account (contractor who conducted background checks) o OPM discovered encrypted network traffic communicating with a site not affiliated with them. It was registered to Steve Rogers, a Marvel character.
Image of page 2
Image of page 3

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture