PHI 314 Cyber Security Practice

How can installation of a firewall give an organization a false sense of security?

A business-class firewall from a major company like Cisco can cost a lot of money and make a lot of honest boasts. Someone who may not know a lot about setting up a firewall may think that it’ll handle most things. In a way they are correct. However, there is not a one-size fits all for firewalls. Cisco can’t fine-tune them to meet each user’s needs because they don’t know what those needs will be. So, there could be gaping network security holes because Cisco leaves that part up to the user to figure out.

Additionally, for computers/servers/software used in conjunction with internet access (the firewall is involved), an ignorant user may think that the firewall will simply protect that hardware and software from attacks. It could be able to, but it may not automatically do that because to do so would be restrictive and Cisco guess the correct default settings for everyone.

 

What is the difference between a cyberterrorist and an industrial spy?

Cyberterrorism looks to have multiple definitions. I think I agree most with the definition that says they are the same as regular terrorists but that use information technology tools to accomplish their goals. Applying that term to anyone else that is not literally a terrorist is confusing.

Industrial spies try to obtain trade secrets/training/equipment and to share it illegally. Sometimes it’s also obtained illegally too. For example, my grandfather used to make diamonds and one of his fellow employees was getting offers from the Japanese to provide schematics and training information ‘under the table.’ Another time, they were training some employees from (I think) Germany and then next thing you know Germany has plants popping up that look surprisingly similar to what his company was doing.

Also, an industrial spy could engage in espionage. They could do damage similar to what a terrorist would do, but the motivations and intentions are different.

 

How is a virus different from a worm? How is a worm different from a Trojan horse?

A trojan is a piece of software that looks legitimate and generally provides a way for remote access or to send data from your computer to a criminal.

A worm replicates itself and tries to spread. Typically, they will spread over the network. They don’t require access to certain files on the computer to spread.

Viruses do typically require access to certain files to be able to spread and generally require human interaction to spread.

 

Define spam and spim and explain the difference?

Spam is junk and solicitations sent over email. Spim is the same but over instant messaging like chat programs or cell phone texts. Someday spam will nearly stop. There will be much rejoicing. Don’t have much hope for it in my lifetime though.

 

Define phishing and spoofing. Briefly explain what they do.

Spoofing and phishing go hand in hand. Spoofing involves pretending to be someone else or some other program for the sake of legitimacy. Phishing involves trying to get a user to compromise themselves by providing desired information or performing a certain action that allows the person performing the phishing attack to achieve a desired outcome (typically malicious).