{"title":"Botnets: To what extent are they a threat to information security?","authors":"Claire Elliott","doi":"10.1016/j.istr.2010.11.003","DOIUrl":"10.1016/j.istr.2010.11.003","url":null,"abstract":"<div><p><span><figure><span><img><ol><li><span>Download : <span>Download high-res image (158KB)</span></span></li><li><span>Download : <span>Download full-size image</span></span></li></ol></span><span><span><p>Russian advertisement offering botnet services</p></span></span></figure></span>The purpose of this article is to examine to what extent botnets pose a threat to information security. In Chapter 1 the terms in the title are defined, and a comprehensive overview of botnets is provided in order to equip the reader with an understanding of the context for the remaining chapters. The motives for using botnets and the methods in which they are used are outlined. The methods of botnet attack are then analysed in terms of their potential impact on information security and a conclusion is drawn that botnets are indeed a threat to information security in general terms.</p><p>Chapter 2 then goes on to examine the extent of the threat from the three different perspectives of governments, corporate and the general public. The threats from each perspective and their impacts are identified, and each threat type for each perspective is then categorised in terms of probability and potential impact. The extent of the threat of each botnet-related attack from each perspective is then assessed using a model recommended by ISO/IEC 27005:2008, and the conclusion is drawn that the extent of the threat that botnets pose to governments, corporates and the general public is High.</p><p>In Chapter 3, we look at how law enforcement agencies investigate botnets and the criminals behind them, and establish the challenges they face in doing so. It is clear that law enforcement face an uphill struggle due to technical tricks employed by the botherders to remain untraceable, lack of resources with the necessary skillset, the legal complexity of working with multiple jurisdictions, and procedural delays working with foreign law enforcement agencies. The conclusion is drawn that botnets are here to stay and that for the time being the botherders will have the upper hand.</p></div>","PeriodicalId":100669,"journal":{"name":"Information Security Technical Report","volume":"15 3","pages":"Pages 79-103"},"PeriodicalIF":0.0,"publicationDate":"2010-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.1016/j.istr.2010.11.003","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116629971","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"High tech criminal threats to the national information infrastructure","authors":"Kim-Kwang Raymond Choo","doi":"10.1016/j.istr.2009.09.001","DOIUrl":"10.1016/j.istr.2009.09.001","url":null,"abstract":"<div><p>National information infrastructure (NII), vital to the nation's security and economic stability, comprises both physical and electronic infrastructures. Information and communications technologies (ICT) form the backbone of many aspects of the NII and reliance on ICT has created many new risks. Cyberthreats are becoming more sophisticated with the blending of once distinct types of attack into more damaging forms. This paper examines the technology-related risks associated with the NII and provides examples of existing incidents and areas in which new threats might emerge. To be able to mitigate these risks, it remains crucial to understand infrastructure interdependencies and to establish public-private partnerships to ensure that weaknesses in systems are not able to be exploited.</p></div>","PeriodicalId":100669,"journal":{"name":"Information Security Technical Report","volume":"15 3","pages":"Pages 104-111"},"PeriodicalIF":0.0,"publicationDate":"2010-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.1016/j.istr.2009.09.001","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125892915","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Assessing insider threats to information security using technical, behavioural and organisational measures","authors":"Kuheli Roy Sarkar","doi":"10.1016/j.istr.2010.11.002","DOIUrl":"10.1016/j.istr.2010.11.002","url":null,"abstract":"<div><p>The UK government took a bruising in the headlines <em>(Sep 2008) after a Home Office contractor</em> lost a USB stick containing unencrypted data on all 84,000 prisoners in England and Wales. As a result, <em>the Home Office terminated the £1.5 million contract with the management consultancy firm</em>.</p><p>The world woke up to the largest attempted bank fraud ever when the UK’s National Hi-Tech Crime Unit foiled the world’s largest potential bank robbery in March 2005. With the help of the security supervisor, thieves masquerading as cleaning staff installed hardware keystroke loggers on computers within <em>the London branch of a Japanese bank, to steal £220m</em>.</p><p>It is indeed sobering to imagine that any organisation could fall victim to such events and the damage an insider can do. The consulting firm lost the contract worth £1.5 million due to a small mistake by an employee. The London branch of the Japanese Bank would have lost £220 million had not the crime been foiled.</p><p>Insider threat is a reality. Insiders commit fraud or steal sensitive information when motivated by money or revenge. Well-meaning employees can compromise the security of an organisation with their overzealousness in getting their job done. Every organisation has a varied mix of employees, consultants, management, partners and complex infrastructure and that makes handling insider threats a daunting challenge. With insider attacks, organisations face potential damage through loss of revenue, loss of reputation, loss of intellectual property or even loss of human life.</p><p>The insider threat problem is more elusive and perplexing than any other threat. Assessing the insider threat is the first step to determine the likelihood of any insider attack. Technical solutions do not suffice since insider threats are fundamentally a people issue. Therefore, a three-pronged approach - technological, behavioural and organisational assessment is essential in facilitating the prediction of insider threats and pre-empt any insider attack thus improving the organization’s security, survivability, and resiliency in light of insider threats.</p></div>","PeriodicalId":100669,"journal":{"name":"Information Security Technical Report","volume":"15 3","pages":"Pages 112-133"},"PeriodicalIF":0.0,"publicationDate":"2010-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.1016/j.istr.2010.11.002","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132150474","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Digital forensics and the issues of identity","authors":"Andy Jones , T. Martin","doi":"10.1016/j.istr.2010.10.008","DOIUrl":"10.1016/j.istr.2010.10.008","url":null,"abstract":"<div><p>The issue of what we consider to be the identity of a person has become increasingly complex as we have made ever greater use of the facilities and services that have been made available by developing technologies and the Internet. In the past people normally had one identity, while in the current environment it is acceptable to maintain separate ‘identities’ for different aspects of our on-line interactions.</p><p>Proving beyond a reasonable doubt that an individual that is suspected of a crime that is based on the technologies that we increasingly rely on was the actual perpetrator has always been problematic. It is relatively easy to determine the device that was used, but proving that the suspect was the person that used it has always been more difficult.</p><p>This paper looks at a range of issues that have affected what we consider to be reasonable proof of identity and a number of the problems that this causes in identifying the perpetrator of a crime.</p></div>","PeriodicalId":100669,"journal":{"name":"Information Security Technical Report","volume":"15 2","pages":"Pages 67-71"},"PeriodicalIF":0.0,"publicationDate":"2010-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.1016/j.istr.2010.10.008","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130352516","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"The art of alchemy","authors":"Karen Lawrence Öqvist","doi":"10.1016/j.istr.2010.09.003","DOIUrl":"10.1016/j.istr.2010.09.003","url":null,"abstract":"<div><p>Normally the focus of any organisation is on the protection of ‘hard’ information, e.g. intellectual property, within the implementation of their information security program. This article discusses how the potential risks associated with the leakage of ‘soft’ information (that in itself may hold no value) into the public domain is higher today than it has ever been before. The article also offers some measures that can be taken to mitigate these risks.</p></div>","PeriodicalId":100669,"journal":{"name":"Information Security Technical Report","volume":"15 2","pages":"Pages 47-50"},"PeriodicalIF":0.0,"publicationDate":"2010-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.1016/j.istr.2010.09.003","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132194273","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Online identity: Giving it all away?","authors":"S.M. Furnell","doi":"10.1016/j.istr.2010.09.002","DOIUrl":"10.1016/j.istr.2010.09.002","url":null,"abstract":"<div><p>With a wealth of personal data now residing across various locations online, individuals can find themselves at increasing risk of too much information being exposed. This in turn may increase the potential for threats such as cyber-snooping, social engineering, and identity theft based upon the gathered details. In many cases the exposure occurs as a result of what individuals directly post about themselves on social networks and blog sites, whereas in some cases it happens thanks to other people posting things beyond their control. This paper examines the potential risks and some of the routes by which information might be harvested. It then proceeds to consider some of the potential consequences, presenting examples of how people can be duped using freely available information and how willingly they appear to expose it to others. Recognising the ease of online search, and the difficulty of reigning back information once it is exposed, the requirement is clearly to improve user awareness and control over their data in the first instance.</p></div>","PeriodicalId":100669,"journal":{"name":"Information Security Technical Report","volume":"15 2","pages":"Pages 42-46"},"PeriodicalIF":0.0,"publicationDate":"2010-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.1016/j.istr.2010.09.002","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117185284","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Privacy threats in a mobile enterprise social network","authors":"Allan Tomlinson, Po-Wah Yau, John A. MacDonald","doi":"10.1016/j.istr.2010.10.004","DOIUrl":"10.1016/j.istr.2010.10.004","url":null,"abstract":"<div><p>The ‘Instant Knowledge’ system is an enterprise based social network that aims to introduce employees of the enterprise to contacts within the organization who may have skills relevant to particular tasks. The skills database is maintained through context-aware devices, and mobile devices in particular. The aim is to populate the database automatically based on user context data and to provide automatic introductions, again based on context data. This paper examines the security and privacy implications of this system and shows that while threat modelling on its own provides a solid base from which to secure the system, this is not enough to ensure that all privacy issues are considered. This is demonstrated by applying a mis-use case analysis that shows how personal identifying information can be inadvertantly leaked to malicious parties.</p></div>","PeriodicalId":100669,"journal":{"name":"Information Security Technical Report","volume":"15 2","pages":"Pages 57-66"},"PeriodicalIF":0.0,"publicationDate":"2010-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.1016/j.istr.2010.10.004","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126901323","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
