1. Trang chủ
  2. » Kinh Doanh - Tiếp Thị

Enemy at the Water Cooler doc

285 236 0

Đang tải... (xem toàn văn)

Tài liệu hạn chế xem trước, để xem đầy đủ mời bạn chọn Tải xuống

THÔNG TIN TÀI LIỆU

Thông tin cơ bản

Định dạng
Số trang 285
Dung lượng 6,3 MB

Nội dung

[...]... Association (NaSPA), Association of Certified Fraud Examiners (ACFE), Anti Terrorism Accreditation Board (ATAB), and ASIS International® He is also a Secure Member and Sector Chief for Information Technology at The FBI’s InfraGard® and a Member and Director of Education at the International Information Systems Forensics Association (IISFA) Dave was the technical editor for Chapter 16 of Enemy at the Water. .. have been made to keep the identities of the individuals and organizations anonymous The content is based either on my direct involvement in the incident or on my involvement with the organizations after the fact In some cases I was able to have conversations with the actual insiders Each case discusses the insider, the organization, the attack, and the countermeasures the organization employed I’ve used... Denial-of-service (DoS) attack.These threats haven’t gone away, but new threats and theoretical threats have entered the mix— Blended Threats, Warhol Worms, Flash Threats, and Targeted Attacks.These newer threats do more damage and are more costly to the victims than their predecessors were Blended Threats use multiple paths to propagate; paths such as e-mail, file sharing, and the web Most take days... to date back to the early 1800s when a gentleman by the name of Joseph Jacquard developed an automated means of weaving for the textile industry.This automation solution was, in fact, the forerunner to the computer punch card Several employees at the facility were afraid that they were about to lose their jobs.Therefore they sabotaged the technology Interestingly, we may then say that the first computer... addition, the criminals operate anonymously and can turn their operations on and off rapidly Some simply cash out, which means that they sell the information— over IRC for example In many cases they sell the same information over and over again.They may even scam an organization—such as a money transfer business—into being their intermediary And they may have mules—individuals with fake Ids—pick up the money... enforcement stings operate by paying for the information and when the criminal goes to collect the money, that’s when they arrest them However, as with most crimes, there is no idealistic method that always works for law enforcement or for that matter, always works for the criminals Criminals sometimes use compromised systems belonging to legitimate businesses, but whose owners don’t realize that they are hosting... did the posting and tell him that Yahoo has been served It then tells him that from the date of that notification, there will be fifteen days to file a motion against the subpoena, and if it is not filed within that time, Yahoo will turn over the information the subpoena calls for Hackers It’s important to add a quick disclaimer in regard to the term hacker Without getting into a philosophical debate regarding... ■ Lack empathy ■ May be imitating and modeling those whom they respect Rogers further states that people usually don’t engage in reprehensible conduct unless they have justified it to themselves Making yourself think that what you’re doing is okay puts your conscience at ease Blaming the victim or circumstances may also do this Many of his interviews with convicted hackers demonstrated that the hackers... to spread.That was true until Code Red and Nimda were released, and then the industry saw attacks propagating in just hours.These events were a wakeup call for organizations that didn’t have the appropriate patches or countermeasures in place The vulnerability in Microsoft IIS that Code Red exploited was discovered on June 18th 2001 Within the following forty-eight hours, Microsoft had a patch available... As with Code Red and Nimda, patches to protect from Slammer were available well before the exploit Researchers are hypothesizing that Flash Attacks will be next.These are attacks that haven’t yet occurred, but that will build on Blended Threats and Warhol Worms Since human response time will be insufficient, only automated response can succeed in dealing with them.These attacks will spread globally . defining the threats and knowing how to spot them in the business processes. Enemy at the Water Cooler is a must read for CIOs and security officers everywhere, but it is also part of the literature. organizations, the general public and the media, consequently most security resources are focused to counter them. Enemy at the Water Cooler focuses on the often-overlooked area of information. of the most fascinating organizations I could have ever imagined. Enemy at the Water Cooler and the stories inside are a standing acknowledgment to those people and organizations. Unfortunately,

Ngày đăng: 28/06/2014, 09:20

TÀI LIỆU CÙNG NGƯỜI DÙNG

TÀI LIỆU LIÊN QUAN