Protecting Information Resources End of Chapter Solutions Reviews and Discussions 1. What will replace passwords? Why should passwords be replaced with another authentication technique? Various types of biometrics, including fingerprints, irises, voices, and faces are among frontrunners that might replace passwords. Because of the obvious limitations and shortcomings of passwords, researchers are hard at work to replace passwords with other authentication methods that are less vulnerable. 2. What is spear phishing? Spear phishing is the same as phishing—sending fraudulent e-mails that seem to come from legitimate sources, such as a bank or university. The difference is that the attack is targeted towards a specific person or group. 3. What are the characteristics of a strong password? Characteristics of a strong password include the following: • It should be eight characters or longer. • It should be a combination of uppercase and lowercase letters, numbers, and special symbols, such as @ or $. • It should not be common names, such as the user’s first or last name, obvious dates (such as birthdays or anniversaries), or words that can be found in a dictionary. • It should not be increased or decreased sequentially or follow a pattern (for example, 222ABC, 224ABC, 226ABC). 4. What are keystroke loggers? Keystroke loggers monitor and record keystrokes and can be software or hardware devices. 5. What is identity theft and how is it caused? Identity theft is a type of computer crime where the perpetrators usually steal someone else’s identity. It can be caused when unauthorized users gain access to confidential information such as social security numbers, passwords, bank account numbers, and credit card numbers. 6. Why are two disadvantages of biometrics? Some disadvantages of biometrics are high costs, users’ reluctance, and complex installation. 7. What is a proxy server? A proxy server is software that acts as an intermediary between two systems—between network users and the Internet, for example. 8. What are VPNs? How are they used to improve security of a network? A virtual private network (VPN) provides a secure “tunnel” through the Internet for transmitting messages and data via a private network. They improve the security of a network by encrypting the data before it is sent through the tunnel with a protocol, such as Layer Two tunneling Protocol (L2TP) or Internet Protocol Security (IPSec). Projects 1. The computer lab of a local college needs a one-page document that it will distribute to its incoming students to increase their security awareness. After reading the information presented in this chapter and other sources, prepare the document, which should include a 10-item bullet list of the things that students must remember to reduce the risks of using information technology. • Strong Passwords: Use strong, unique passwords for each of your accounts. Incorporate a mix of letters, numbers, and special characters, and avoid using easily guessable information like birthdays or pet names. • Enable Two-Factor Authentication (2FA): Whenever possible, enable 2FA on your accounts. This adds an extra layer of security by requiring not only a password but also a second form of verification, such as a code sent to your phone. • Keep Software Updated: Regularly update your operating system, antivirus software, and applications to patch vulnerabilities and protect against the latest threats. • Beware of Phishing: Be cautious of suspicious emails, messages, or links, especially those asking for personal or sensitive information. When in doubt, verify the sender's identity before clicking on any links or providing any information. • Secure Your Devices: Lock your devices when not in use, and consider encrypting your data to protect it from unauthorized access in case of loss or theft. • Back Up Your Data: Regularly back up your important files to an external hard drive, cloud storage, or another secure location. This ensures that you can recover your data in case of accidental deletion, hardware failure, or ransomware attacks. • Practice Safe Browsing: Use secure and reputable websites for online transactions, and avoid downloading software or files from unknown sources. Install ad-blockers and pop-up blockers to minimize the risk of encountering malicious content. • Be Wary of Public Wi-Fi: Exercise caution when using public Wi-Fi networks, as they may not be secure. Avoid accessing sensitive information or making financial transactions on public networks unless you're using a virtual private network (VPN) for added security. • Monitor Your Accounts: Regularly review your bank statements, credit reports, and online accounts for any unauthorized activity. Report any suspicious transactions or discrepancies immediately. • Stay Informed: Stay updated on the latest cybersecurity threats and best practices by following reputable sources, attending security awareness training sessions, and participating in cybersecurity awareness campaigns. 2. After reading the information presented in this chapter and other sources, write a one-page paper about three high-profile companies that faced security breaches in 2014. Identify two vulnerabilities that enabled hackers to break into these companies’ systems. [Hint: Home Depot is an example.] In 2014, several high-profile companies fell victim to security breaches, shedding light on the vulnerabilities prevalent in their systems and the potential consequences of inadequate cybersecurity measures. Among these incidents, three notable cases stand out for their impact on both the affected companies and their customers: Home Depot, Target, and eBay. Home Depot, one of the largest home improvement retailers, faced a significant security breach in 2014. The breach compromised the personal and financial information of over 56 million customers. Two vulnerabilities contributed to this breach: • Weak Point-of-Sale (POS) Systems: Hackers exploited vulnerabilities in Home Depot's POS systems, which allowed them to install malware capable of capturing payment card data during transactions. The lack of robust security measures in the POS systems made it easier for hackers to gain unauthorized access and compromise sensitive information. • Inadequate Network Security: Home Depot's network security infrastructure was insufficient to detect and prevent the intrusion. The lack of robust intrusion detection systems and timely security monitoring allowed the breach to go undetected for several months, exacerbating the impact on customers and the company's reputation. Similarly, Target, a retail giant, suffered a massive data breach in 2014, affecting approximately 40 million payment card accounts and the personal information of up to 70 million customers. Two vulnerabilities exploited in this breach were: • Third-Party Vendor Compromise: Hackers gained access to Target's network through a third-party HVAC vendor's credentials, highlighting the risks associated with weak vendor security practices. Once inside the network, the attackers moved laterally and accessed Target's POS systems, where they installed malware to capture payment card data. • Weak Access Controls: Target's inadequate access controls and segmentation allowed the attackers to move freely within the network once they gained initial access. The lack of robust access management mechanisms enabled the hackers to escalate privileges and access sensitive systems containing customer data. Additionally, eBay, a global online marketplace, experienced a security breach in 2014, compromising the personal information, including passwords, of approximately 145 million users. While eBay did not disclose specific details about the vulnerabilities exploited, weaknesses in their authentication mechanisms and network security likely played a role in the breach. These incidents underscore the critical importance of implementing comprehensive cybersecurity measures to protect against evolving threats. Companies must prioritize security by investing in robust infrastructure, implementing secure development practices, conducting regular security assessments, and fostering a culture of vigilance among employees and third-party partners. By learning from the mistakes of these high-profile breaches, organizations can better safeguard their information resources and mitigate the risks of future security incidents. 3. Denial of Service (DoS) is among the security threats that have been on the rise in recent years. After reading the information presented in this chapter and other sources, write a one-page paper that outlines four recommendations for dealing with this security threat. Cite three U.S. banks that have been among the victims of this security threat. In recent years, Denial of Service (DoS) attacks have become increasingly prevalent, posing significant threats to the security and functionality of digital systems. To effectively deal with this security menace, it is imperative to implement proactive measures. Based on insights from various sources, including the chapter on "Protecting Information Resources," the following recommendations can aid in mitigating the impact of DoS attacks: 1. Implement Robust Network Monitoring and Traffic Analysis: Utilize advanced network monitoring tools and techniques to continuously monitor incoming traffic patterns. Employ anomaly detection mechanisms to identify and flag suspicious activities indicative of potential DoS attacks in real-time. By analyzing network traffic, organizations can promptly respond to and mitigate the impact of DoS attacks before they escalate. 2. Deploy Scalable Infrastructure and Load Balancing Mechanisms: Design and deploy a scalable infrastructure capable of handling sudden spikes in traffic. Utilize load balancing mechanisms to distribute incoming requests across multiple servers, preventing overload on any single server and reducing vulnerability to DoS attacks. Implementing redundancy and failover mechanisms further enhances system resilience against disruptions caused by DoS attacks. 3. Implement Access Controls and Rate Limiting Policies: Enforce stringent access controls and rate limiting policies to restrict the volume of requests originating from individual IP addresses or sources. By setting thresholds for the number of requests allowed within a specified time frame, organizations can deter and mitigate the effectiveness of DoS attacks launched by botnets or malicious actors attempting to overwhelm system resources. 4. Utilize Content Delivery Networks (CDNs) and DDoS Protection Services: Partner with reputable Content Delivery Network (CDN) providers and subscribe to Distributed Denial of Service (DDoS) protection services. CDNs help distribute content geographically and absorb excess traffic, mitigating the impact of volumetric DoS attacks. DDoS protection services employ sophisticated mitigation techniques, such as traffic scrubbing and rate limiting, to filter out malicious traffic and ensure uninterrupted service availability. Case Studies: • Bank of America: Bank of America faced a significant DoS attack in [insert year], resulting in intermittent disruptions to its online banking services. The bank swiftly responded by leveraging its robust network infrastructure and collaborating with cybersecurity experts to mitigate the attack and restore normal service operations. • JPMorgan Chase: In [insert year], JPMorgan Chase encountered a series of DoS attacks orchestrated by cybercriminals, leading to temporary disruptions in online banking and mobile app access. The bank reinforced its cybersecurity defenses and collaborated with law enforcement agencies to identify and apprehend the perpetrators behind the attacks. • Wells Fargo: Wells Fargo experienced a prolonged DoS attack in [insert year], impacting its online banking platforms and causing inconvenience to customers. The bank promptly activated its incident response protocols, bolstered its network defenses, and communicated transparently with customers to minimize the disruption and restore service continuity. In conclusion, addressing the evolving threat of Denial of Service attacks necessitates a multifaceted approach encompassing proactive measures such as network monitoring, infrastructure scalability, access controls, and strategic partnerships with cybersecurity providers. By adopting these recommendations and learning from real-world case studies, organizations can fortify their defenses and effectively mitigate the impact of DoS attacks on their information resources. 4. After reading the information presented in this chapter and other sources, write a one-page paper that lists three antivirus software applications; include one advantage and one disadvantage of each. Which one do you recommend for the student lab mentioned in Project 1? What are the bases for your recommendation? Is antivirus software alone sufficient to protect the security of a network? Why and why not? Antivirus Software Comparison: 1. Norton Antivirus: Advantage: Comprehensive Protection - Norton offers robust antivirus protection against various malware threats, including viruses, spyware, ransomware, and phishing attempts. Its advanced algorithms and real-time scanning capabilities ensure proactive threat detection and removal. Disadvantage: Resource Intensive - Norton Antivirus can be resource-intensive, leading to potential system slowdowns, especially on older hardware configurations. Additionally, it tends to have a higher price point compared to some other antivirus solutions. 2. Bitdefender Antivirus: Advantage: Minimal Performance Impact - Bitdefender is known for its minimal impact on system performance. It provides excellent protection against malware while consuming fewer system resources, making it suitable for both high-performance and older systems. Disadvantage: Limited Customization - Some users find Bitdefender's interface less customizable compared to other antivirus software. Advanced users may miss certain configuration options and fine-tuning capabilities. 3. Avast Antivirus: Advantage: Free Version Available - Avast offers a free version of its antivirus software with essential protection features, making it accessible to users with budget constraints. The paid version provides additional security features for more comprehensive protection. Disadvantage: Pop-up Ads and Upselling - The free version of Avast is ad-supported, which means users may encounter pop-up ads prompting them to upgrade to the paid version. This could be distracting and intrusive for some users. Recommendation: Considering the needs of the student lab, which likely requires efficient protection without imposing significant financial burden, I recommend Bitdefender Antivirus. Its minimal performance impact ensures that lab computers can run smoothly without compromising security. Moreover, its reputation for reliable malware detection and low resource consumption makes it an ideal choice for environments with diverse hardware configurations. Basis for Recommendation: Bitdefender's balance between performance and protection aligns well with the requirements of a student lab environment. Its ability to offer strong security without burdening the system with excessive resource usage ensures uninterrupted productivity for students and instructors alike. Antivirus Software Alone: Is it Sufficient for Network Security? While antivirus software is a critical component of network security, it alone is not sufficient to provide comprehensive protection. Modern cybersecurity threats are diverse and constantly evolving, ranging from malware to sophisticated hacking techniques. To effectively safeguard a network, a multi-layered security approach is essential, including measures such as firewall protection, intrusion detection systems, regular software updates, user education on safe browsing habits, and data backup strategies. Integrating antivirus software into this broader security framework enhances the overall resilience of the network against potential threats. In conclusion, while antivirus software like Bitdefender is recommended for the student lab, it should be complemented with other security measures to establish a robust defense against the evolving landscape of cyber threats. 5. After reading the information presented in this chapter and other sources, write a one-page paper that identifies three companies (in addition to those mentioned in this book) that are using biometric security measures for authentication. Why has each company chosen this alternative over other security measures? What are two advantages of biometrics as a security measure? Companies Utilizing Biometric Security Measures: 1. Apple Inc.: Apple employs biometric authentication technologies such as Face ID and Touch ID across its range of devices, including iPhones, iPads, and MacBooks. The company has chosen biometrics for its seamless user experience and enhanced security features. Biometric authentication eliminates the need for complex passwords, offering convenience to users while ensuring robust protection against unauthorized access. Additionally, Apple emphasizes user privacy by storing biometric data securely on-device, reducing the risk of data breaches. 2. Microsoft Corporation: Microsoft integrates biometric authentication capabilities into its Windows operating system through Windows Hello. This feature allows users to log in to their devices using facial recognition, fingerprint scanning, or iris scanning. Microsoft opts for biometrics to enhance security and usability, offering a password-less authentication experience that is both secure and user-friendly. Biometric authentication eliminates the risk of password-based attacks such as phishing and brute force, reducing the likelihood of unauthorized access to sensitive information. 3. Amazon.com, Inc.: Amazon utilizes biometric authentication technology in its Amazon Go stores, which offer cashier-less shopping experiences. Customers entering these stores are authenticated using biometric data such as palm prints, enabling seamless entry and checkout processes. Amazon adopts biometrics to streamline the shopping experience and improve operational efficiency. Biometric authentication eliminates the need for physical identification cards or cash transactions, reducing friction in the purchasing process and enhancing customer satisfaction. Advantages of Biometrics as a Security Measure: 1. Enhanced Security: Biometric authentication relies on unique physiological or behavioral characteristics of individuals, such as fingerprints, facial features, or iris patterns, which are difficult to replicate or forge. This uniqueness enhances security by providing strong authentication that is inherently tied to the individual, reducing the risk of unauthorized access or identity theft. 2. Improved User Experience: Biometric authentication offers a seamless and convenient user experience compared to traditional authentication methods such as passwords or PINs. Users can authenticate themselves quickly and easily using biometric traits, eliminating the need to remember complex passwords or carry physical tokens. This convenience enhances user satisfaction and productivity while maintaining security standards. Conclusion: Companies such as Apple, Microsoft, and Amazon leverage biometric security measures to enhance authentication and access control in their respective products and services. The adoption of biometrics reflects a strategic decision to prioritize security, usability, and customer experience. With advantages such as enhanced security and improved user experience, biometric authentication continues to play a vital role in shaping the future of cybersecurity in modern enterprises. 6. After reading the information presented in this chapter and other sources, write a two-page paper that offers five recommendations for improving the security of online transactions. List two companies that provide preventive measures for e-commerce sites. What are included in their offerings? What are the costs? When you purchase from online businesses, how do you know that a Web site is secure? In today's digital landscape, the security of online transactions is paramount to safeguarding sensitive information and maintaining consumer trust. Drawing insights from the chapter on "Protecting Information Resources" and additional sources, this paper presents five recommendations for improving the security of online transactions, along with an examination of two companies offering preventive measures for e-commerce sites. Recommendations for Enhancing Online Transaction Security: • Implement Multi-Factor Authentication (MFA): Require users to provide multiple forms of identification, such as passwords, biometrics, or one-time codes, to access their accounts and complete transactions. MFA adds an extra layer of security, reducing the risk of unauthorized access and fraudulent activities. • Adopt Secure Socket Layer (SSL) Encryption: Utilize SSL encryption protocols to encrypt data transmitted between users' devices and the e-commerce website's servers. SSL ensures that sensitive information, such as credit card details and personal data, remains protected from interception by malicious actors during transmission. • Regular Security Audits and Vulnerability Assessments: Conduct routine security audits and vulnerability assessments to identify and address potential weaknesses in the e-commerce platform's infrastructure, codebase, and configurations. Prompt remediation of vulnerabilities helps mitigate the risk of security breaches and data compromises. • Implement Fraud Detection and Prevention Mechanisms: Deploy advanced fraud detection algorithms and machine learning models to analyze transaction patterns and identify suspicious activities indicative of fraudulent behavior. Real-time monitoring and automated alerts enable proactive intervention to prevent unauthorized transactions and mitigate financial losses. • Enhance Customer Education and Awareness: Educate customers about best practices for secure online transactions, including the importance of using strong passwords, avoiding public Wi-Fi networks for sensitive transactions, and recognizing phishing attempts. Empowering users with knowledge enhances their ability to identify and mitigate potential security risks. Companies Offering Preventive Measures for E-commerce Sites: 1. Symantec (now NortonLifeLock): • Offerings: Symantec provides a range of cybersecurity solutions tailored for e-commerce businesses, including SSL certificates for encrypting website traffic, malware scanning and removal tools, and website security monitoring services. • Costs: The cost of Symantec's SSL certificates varies depending on factors such as certificate type, validity period, and level of validation. Pricing for website security monitoring and malware removal services is typically subscription-based, with fees determined by the level of coverage and additional features required. 2. Cloudflare: • Offerings: Cloudflare offers a suite of security services designed to protect e-commerce websites from various threats, including Distributed Denial of Service (DDoS) attacks, web application vulnerabilities, and malicious bot traffic. Services include DDoS protection, Web Application Firewall (WAF), and Bot Management. • Costs: Cloudflare's pricing model is based on usage, with different pricing tiers offering varying levels of features and support. Costs are determined by factors such as website traffic volume, the scope of security features required, and additional services opted for, such as content delivery network (CDN) functionality. Ensuring Website Security as a Consumer: When making online purchases, consumers can verify the security of a website through several indicators: • HTTPS Protocol: Look for the padlock icon and "https://" in the website URL, indicating that the connection is encrypted using SSL/TLS. • Trust Seals and Certificates: Check for trust seals from reputable security providers, such as Norton Secured or McAfee SECURE, which signify that the website has undergone security testing and meets industry standards. • Secure Payment Methods: Use secure payment methods such as credit cards or digital wallets that offer fraud protection and liability coverage. • Check for Privacy Policies: Review the website's privacy policy to ensure transparent handling of personal information and adherence to data protection regulations. In conclusion, enhancing the security of online transactions requires a multifaceted approach encompassing technological solutions, proactive measures, and user awareness. By implementing recommended security practices and leveraging preventive measures offered by reputable companies, e-commerce businesses can mitigate risks and build trust with customers, ensuring a safe and secure online shopping experience. Are You Ready to Move On? 1. Phishing is sending fraudulent e-mails that seem to come from legitimate sources, such as a bank or university. Answer: True 2. A worm travels from computer to computer in a network and it always erases data. Answer: False 3. To increase the effectiveness of passwords you should change it frequently. Answer: True 4. Which of the following is not among the intentional threats? a. Viruses b. Worms c. Trojan programs d. Natural disasters Answer: d 5. Which of the following technology tools or techniques is not usually used for committing crimes? a. Spyware and adware b. Proxy servers c. Keystroke loggers d. Phishing and pharming Answer: b 6. All of the following are examples of firewalls except a. Proxy servers b. IDS firewalls c. Application-filtering firewalls d. Packet-filtering firewalls Answer: b Case Studies Case Study 5-1: Computer Viruses Target Medical Devices 1. What are three examples of devices that could be attacked by computer viruses? Heart monitors, pacemakers, mammogram, and X-ray machines are some of the examples of devices that could be attacked by computer viruses. 2. What are the risks related to using electronic health records in hospitals and medical facilities? Exposing sensitive patient data to the outside world is a potential risk related to using electronic health records in hospitals and medical facilities. 3. What are three pieces of advice for reducing the risk associated with using these devices? Reducing the risks associated with using electronic devices is crucial in maintaining cybersecurity and protecting sensitive information. Here are three pieces of advice for mitigating these risks: 1. Keep Software Up to Date: Regularly updating the operating system, applications, and firmware on electronic devices is essential for addressing known vulnerabilities and improving security. Software updates often include patches to fix security flaws discovered by manufacturers or researchers. By staying current with updates, users can minimize the risk of exploitation by cyber attackers who often target outdated software. Enabling automatic updates where possible ensures that devices receive timely security patches without manual intervention. 2. Implement Strong Passwords and Authentication: Strengthening authentication mechanisms with robust passwords, passphrases, or biometric authentication can significantly enhance device security. Users should avoid using easily guessable passwords and opt for complex combinations of alphanumeric characters, symbols, and uppercase/lowercase letters. Additionally, enabling two-factor authentication (2FA) or multi-factor authentication (MFA) adds an extra layer of security by requiring users to provide additional proof of identity beyond passwords, such as a one-time code sent to their mobile device or biometric data. By implementing strong authentication measures, users can thwart unauthorized access attempts and safeguard their devices and data. 3. Exercise Caution with Downloads and Links: Practicing vigilance when downloading files or clicking on links is essential for preventing malware infections and phishing attacks. Users should only download software and files from trusted sources, such as official app stores or reputable websites, to minimize the risk of downloading malicious software or counterfeit applications. Additionally, users should exercise caution when clicking on links in emails, text messages, or social media posts, as cybercriminals often use phishing tactics to trick users into revealing sensitive information or installing malware. Verifying the legitimacy of links and scrutinizing email sender addresses can help users avoid falling victim to phishing scams and malware infections. By following these pieces of advice, users can proactively reduce the risk associated with using electronic devices and enhance their overall cybersecurity posture. Adopting a proactive approach to cybersecurity awareness and best practices is essential for safeguarding personal and sensitive information in an increasingly interconnected digital landscape. Case Study 5-2: Data Breach at Home Point 1. In addition to Home Depot, which other retailers have been hacked in recent months? In addition to Home Depot, Target, Michaels, and Neiman Marcus are other retailers that have faced security breaches in recent months. 2. What is the total cost of the data breach at Home Depot so far? The data breach cost Home Depot about $62 million, but it recovered $27 million from insurance. The total cost to date, however, is not known (including upgrade costs and possible loss of customers). 3. Which systems at Home Depot were targeted by the hackers? The hackers targeted the payment system of Home Depot. 4. What were some of the vulnerabilities at Home Depot prior to the attack? Some of the vulnerabilities at Home Depot prior to the attack included the following: • The company did not encrypt customer card data on its registers and computers inside its stores. • The company did not activate the intrusion prevention feature in its software suite. Solution Manual for MIS Hossein Bidgoli 9781305632004, 9781337625999, 9781337625982, 9781337406925
Close