Assignment: Malicious Code Pointing

Assignment: Malicious Code Pointing
Assignment: Malicious Code Pointing
ORDER NOW FOR ORIGINAL AN ORIGINAL PAPER ASSIGNMENT: Assignment: Malicious Code Pointing
Assignment: Malicious Code Pointing

Unenforceable policies that don’t fit the IT and the users

SETA (training) Shared: IT and Business Leaders

Business buy-in and technical correctness

Insufficient training; errors

Information Security Investments

Shared: IT and Business Leaders

Evaluation of business goals and technical requirements

Over- or under- investment in security

Date Detected Company What was stolen How

November 2013 Target 40 million credit & debit cards Contractor opened virus-laden email attachment

May 2014 Ebay #1 145 million user names, physical addresses, phones, birthdays, encrypted passwords

Employee’s password obtained

September 2014 Ebay #2 Small but unknown Cross-site scripting

September 2014 Home Depot

56 million credit card numbers 53 million email addresses

Obtaining a vendor’s password/exploiting OS vulnerability

January 2015 Anthem Blue Cross

80 million names, birthdays, emails, Social security numbers, addresses, and employment data

Obtaining passwords from 5 or more high-level employees

• 80% of breaches are caused by stealing a password.

• You can steal a password by: • Phishing attack

• Key logger (hardware or software) • Guessing weak passwords (123456 is most common) • Evil twin wifi

• “We took a hacker to a café and, in 20 minutes, he knew where everyone else was born, what schools they attended, and the last five things they googled.”

• Had WiFi transmitter broadcasting “Starbucks” as ID

• Because they were connected to him, he scanned for unpatched or vulnerable mobile devices or laptops

• He also saw passwords and could lock them out of their own accounts.

• The correspondent: “I will never again be connecting to an insecure public WiFi network without taking security measures.”

• Cross-site scripting (malicious code pointing to a link requiring log-in at an imposter site)

• Third parties • Target’s HVAC system was connected to main

systems • Contractors had access • Hackers gained contractors’ password • Malware captured customer credit card info

before it could be encrypted

• Estimated at $145 to $154 per stolen record

• Revenue lost when sales decline

• Some costs can be recouped by insurance

You must proofread your paper. But do not strictly rely on your computer’s spell-checker and grammar-checker; failure to do so indicates a lack of effort on your part and you can expect your grade to suffer accordingly. Papers with numerous misspelled words and grammatical mistakes will be penalized. Read over your paper – in silence and then aloud – before handing it in and make corrections as necessary. Often it is advantageous to have a friend proofread your paper for obvious errors. Handwritten corrections are preferable to uncorrected mistakes.

Use a standard 10 to 12 point (10 to 12 characters per inch) typeface. Smaller or compressed type and papers with small margins or single-spacing are hard to read. It is better to let your essay run over the recommended number of pages than to try to compress it into fewer pages.

Likewise, large type, large margins, large indentations, triple-spacing, increased leading (space between lines), increased kerning (space between letters), and any other such attempts at “padding” to increase the length of a paper are unacceptable, wasteful of trees, and will not fool your professor.

The paper must be neatly formatted, double-spaced with a one-inch margin on the top, bottom, and sides of each page. When submitting hard copy, be sure to use white paper and print out using dark ink. If it is hard to read your essay, it will also be hard to follow your argument.

Assignment: Malicious Code Pointing

Assignment: Phishing Emails

Assignment: Hematologic Disorders

Assignment: Malicious Code Pointing