Podcast
Questions and Answers
The attack exploited a well-known vulnerability in the Sun Solaris — thus the name Solar Sunrise — computer system, a UNIX-based operating system from Sun Microsystems. The attackers planted a sniffer program to mine and collect ______.
The attack exploited a well-known vulnerability in the Sun Solaris — thus the name Solar Sunrise — computer system, a UNIX-based operating system from Sun Microsystems. The attackers planted a sniffer program to mine and collect ______.
data
In the process, they were able to steal sensitive ______ and other confidential information.
In the process, they were able to steal sensitive ______ and other confidential information.
passwords
Within a few weeks of the attack, the FBI raided the homes of two high school students from California, who were arrested and pled guilty to the ______.
Within a few weeks of the attack, the FBI raided the homes of two high school students from California, who were arrested and pled guilty to the ______.
crime
In March 1998, a third teen, 18-year-old Israeli hacker Ehud Tenenbaum, was arrested by Israeli ______.
In March 1998, a third teen, 18-year-old Israeli hacker Ehud Tenenbaum, was arrested by Israeli ______.
Signup and view all the answers
On November 24, 2014, a hacker group 'Guardians of Peace' leaked a release of confidential data from the film studio Sony Pictures Entertainment (SPE). The data included personal information about Sony Pictures employees and their ______.
On November 24, 2014, a hacker group 'Guardians of Peace' leaked a release of confidential data from the film studio Sony Pictures Entertainment (SPE). The data included personal information about Sony Pictures employees and their ______.
Signup and view all the answers
During the hack, the group demanded that Sony withdraw its then-upcoming film The Interview, a comedy about a plot to assassinate North Korean leader Kim Jong-un, and threatened ______ attacks at cinemas screening the film.
During the hack, the group demanded that Sony withdraw its then-upcoming film The Interview, a comedy about a plot to assassinate North Korean leader Kim Jong-un, and threatened ______ attacks at cinemas screening the film.
Signup and view all the answers
After these threats Sony chose to cancel the film's formal premiere and mainstream ______.
After these threats Sony chose to cancel the film's formal premiere and mainstream ______.
Signup and view all the answers
The attack exploited a well-known vulnerability in the Sun Solaris — thus the name Solar Sunrise — computer system, a UNIX-based operating system from Sun Microsystems. The attackers planted a ______ program to mine and collect data.
The attack exploited a well-known vulnerability in the Sun Solaris — thus the name Solar Sunrise — computer system, a UNIX-based operating system from Sun Microsystems. The attackers planted a ______ program to mine and collect data.
Signup and view all the answers
In the process, they were able to steal ______ passwords and other confidential information.
In the process, they were able to steal ______ passwords and other confidential information.
Signup and view all the answers
Within a few weeks of the attack, the FBI raided the homes of two high school students from California, who were ______ and pled guilty to the crime.
Within a few weeks of the attack, the FBI raided the homes of two high school students from California, who were ______ and pled guilty to the crime.
Signup and view all the answers
Study Notes
Cyber Security Fundamentals
- 3 pillars of cyber security: People, Processes, and Technology
- People: decision-makers (executives, directors, management), staff, and third-party consultants who implement cyber security
- Processes: provide a framework for governance, put in place to support the integrity of a security system, including detective controls like regular audits
- Technology: hardware and software used to achieve reliable cyber security, including behavior analytics, breach detection, and authentication response systems
National Cyber Power Index (NCPI)
- Measures a country's cyber power, comprising multiple components
- 7 national objectives countries pursue using cyber means:
- Surveilling and Monitoring Domestic Groups
- Strengthening and Enhancing National Cyber Defenses
- Controlling and Manipulating the Information Environment
- Foreign Intelligence Collection for National Security
- Commercial Gain or Enhancing Domestic Industry Growth
- Destroying or Disabling an Adversary's Infrastructure and Capabilities
- Defining International Cyber Norms and Technical Standards
- NCPI assesses a country's "comprehensiveness" as a cyber actor
Cyber Programs and Alliances
- PRISM: a US secret program collecting private electronic data from major internet services
- 5 Eyes, 9 Eyes, and 14 Eyes: state intelligence alliances for monitoring and sharing internet user activity to protect national security
- NIST Cybersecurity Framework: a set of guidelines and best practices to help organizations build and improve their cybersecurity posture
Cyber Deterrence
- Theory that practices of threats or limited force can convince another party to refrain from initiating an action
- Types of cyber deterrence:
- Denial: preventing adversaries from achieving objectives
- Punishment: imposing costs on the adversary
- Norms: establishing standards of behavior
- Escalation: raising the probability of imposing costs on the adversary
Cyber Defense Strategies
- Defense in Depth (DiD): a layered approach to cybersecurity, using multiple defensive mechanisms to protect valuable data and information
- Cyber Resilience: the ability of an organization to adapt to known and unknown crises, threats, and challenges
Notorious Cyber Attacks
- Solar Sunrise (1998): a systematic cyberattack launched against the US, exploiting a vulnerability in Sun Solaris, impacting over 500 government and private computer systems
- Sony Pictures Hack (2014): a hacker group leaked confidential data, demanding the withdrawal of a film, and threatening terrorist attacks
Studying That Suits You
Use AI to generate personalized quizzes and flashcards to suit your learning preferences.
Description
Explore the roles of decision-makers, staff, and consultants in cyber security, the importance of processes and policies in governance, and the technologies such as hardware and software that support a secure system.
