O'Reilly logo

What Every Engineer Should Know About Cyber Security and Digital Forensics by Joanna F. DeFranco

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

1
1
Security Threats
The United States strongly condemns the illegal disclosure of classied
information. It puts people’s lives in danger, threatens our national secu-
rity, and undermines our efforts to work with other countries to solve
shared problems.
Hillary Clinton
1.1 Introduction
If you use a computer that is connected to the Internet, your information is
at risk. The Bureau of Justice Statistics (BJS) reported from interviewing 7,818
businesses, that 67 percent detected at least one cyber crime (Rantala 2008).
Of the nearly 8,000-company sample, more than a third of them are critical
infrastructure businesses. Nearly 60 percent reported a cyber attack to their
computer system; 11 percent reported cyber theft, which includes embezzle-
ment, fraud, and intellectual property theft; and 24 percent reported other
cyber incidents such as port scanning, spyware,
*
spoong,
or some type of
breach that resulted in damage or a loss.
Even if you are not an engineer working at a business that is considered
critical infrastructure or a company that has a more moderate risk level, you
have an identity and personal information that you need to protect; thus, you
need to be an informed computer user.
The Internet Crime Complaint Center (IC3), a partnership between the
Federal Bureau of Investigation (FBI) and the National White Collar Crime
Center (NW3C), reports an average of 26,000 complaints a month (2011
Internet Crime Report). A few of the crimes reported include identity theft,
crimes that target computer networks or devices, and scams where the
criminal poses as the FBI to defraud victims. This implies that, you need to
prepare yourself and your business for an attack—because it will happen
eventually.
*
Spyware is software that self-installs on one’s computer with the goal of stealing personal
information, usually for the purpose of determining Internet-browsing habits.
Spoong is impersonating an individual by forging an e-mail header.
2 What Every Engineer Should Know About Cyber Security
Why are these attacks so much more prevalent and sophisticated? Because,
as shown in Figure1.1, the technical knowledge required by the hacker is
decreasing. The attacks listed only highlight a few types of vulnerabilities,
but there are enough shown to verify the point that it does not take a PhD or
twenty years of computer experience to hack into a computer. The FBI has
knocked on the doors of many people who are the parents of the “model
teenager. In a particular case, the teenager who was known for just hanging
out at home and using the family computer, but was actually hacking into
NASAs computers.
*
The focus and goal of this chapter are to highlight some of the common
cyber security risks. We will start with the one that is the most difcult to
defend against: social engineering. It is difcult to defend against because
it preys on human nature to want to be helpful and kind. Once the social
engineer nds a victim, he or she just needs to persuade (trick)the victim
into revealing information that will compromise the security of the
system.
*
The rst juvenile hacker to be incarcerated for computer crimes was 15 years old. He pled
guilty and received a six-month sentence in jail. He caused a twenty one-day interruption
of NASA computers, invaded a Pentagon weapons computer system, and intercepted 3,300
e-mails and passwords (Wilson, ABC News).
High
High
Low
Average
Intruder
Knowledge
“Stealth”/
advanced
scanning
techniques
Home users targeted
Massive
botnets
Increase
in
phishing
and vishing
Targeted
attacks on
critical
infrastructure
Increase in
widescale
Trojan horse
distribution
Anti-
forensic
techniques
Executable
code attacks
(against
browsers)
DDoS attacks
E-mail propagation
of malicious code
Widespread
DOS attacks
Packet
spoofing
Internet
social
engineering
attacks
Automated
probes/scans
Techniques to
analyze code
for
vulnerabilities
without
source code
Increase in worms
Persistent
malware
infiltration and
persistent
surveillance
Widespread
attacks on
web
applications
Cyber physical
attacks
1990 2010
Time
Attack Sophistication
FIGURE 1.1
The trends in cyber attacks. (Adapted from Lipson, H., 2002, special report CMU/SEI-
2002-SR-009, and Carnegie Mellon, 2010, http://www.cert.org/tces/pdf/archie%20andrews.pdf)

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required