chapter_8_case_study_information_securit.docx
TRANSCRIPT
-
8/18/2019 CHAPTER_8_CASE_STUDY_Information_securit.docx
1/3
CHAPTER 8
CASE STUDY : Information security threats and poicies in Europe
!" #hat is a $otnet%
In the term "botnet" as used here, the "bot" is short for robot. A single bot is a software
program that can, when surreptitiously installed on a person's computer, execute certain
specified commands. Botnet is a network of autonomous malicious software agent there are
under the control of a bot commander. The network is created by installing malware that
exploits the ulnerabilities of !eb serers, operating systems, or application to take control
of the infected computers. A botnet also refer to the collection of internet connected programs in
order to perform task. This can be as mundane as keeping control of an internet relay chat #I$%&
channel, or it could be used to send spam email or participate in distributed denialofserice attacks.The world botnet is a portmanteau of robot and network.
&" Descri$e some of the main points of the Di'ita A'enda of Europe(
The main point of the (igital Agenda of )urope is to define the key role that information and
communication technologies will play in *+*+.The initiatie calls of a single, open )urope
digital market. Another goal is that broadband speed of +-bps be aailable to all )uropeancitien by *+*+ in term of security, the initiatie is considering the implementation of
measure to protect priacy and the establishment of a wellfunctioning network of %)$T to
preent cybercrime and respond effectiely to cyberattacks. The )uropean %ommission has
proposed a (igital Agenda. Its main ob/ectie is to deelop a digital single market in order to
generate smart, sustainable and inclusie growth in )urope.
The obstacles hindering the (igital Agenda are the0
1fragmented digital markets2
1lack of interoperability2
1rising cybercrime and risk of low trust in networks2
1lack of inestment in networks2
1insufficient research and innoation efforts2
1lack of digital literacy and skills2
1missed opportunities in addressing societal challenges
-
8/18/2019 CHAPTER_8_CASE_STUDY_Information_securit.docx
2/3
)" E*pain ho+ a cy$er,attac- can $e carried out(
3rom a simple indiidual ping commands and message flooding to more sophisticated
distributed denial of serice #((o4& attacks. 5acking is coordinated by using a large number
of compromised serers organied in a botnet distributed around the world.
There are basic parts to a cyberattack0
i. Access0 a method to get inside or gain access to a network or system
ii. 6ulnerability0 some part of the system that the attacker can take adantage of or
manipulate
iii. 7ayload0 the purpose of the attack, namely, what exactly is the target and how
significant will the damage
There are many other forms cyberattacks may take.
(enial 8f 4erice attack occurs when 9an attacker attempts to preent legitimate users from
accessing information or serices.: This is typically accomplished when the attacker
oerloads a system with re;uests to iew information. This would be an example of a remote
attack.
4pear phishing is another simple method by which an attack may gain access to a computer
system or network. 8nce some information about a target is ac;uired, an email is sent
purporting to be from a legitimate company asking for information such as usernames and passwords to banking websites or network logins.
Backdoors, or hooks, are placed inside a computer or network in order to create a
ulnerability that can be exploited later on.
And tampering with basic electronics is a simple type of cyberattack. It is also possible that
such software or een hardware could be installed into electronics by the original
manufacturer
-
8/18/2019 CHAPTER_8_CASE_STUDY_Information_securit.docx
3/3
." Descri$e some of the +ea-nesses e*poited $y ma+are(
-alware, known as 4tuxnet is a shorthand term that encompasses all types of malicious
software. This includes iruses, worms, Tro/an horses, spyware, and all other types of software that get put onto your computer without you knowing it. -alware may exploit
weakness to initially infiltrate a system or to gain additional priileges on an already
compromised machine. The weaknesses may be exploiting automatically by malware authors
creations or manually by attempt will be generically called attackers. !eaknesses fall into
two broad categories, based on where the weakness lies. Technical weakness inoles
tricking people. The malware, hidden in shortcuts to executable programs #files with
extension .ink& was executed automatically when the content of an infected