Advanced Persistent Threat (APT).
- The “advanced” aspect of this term pertains to the expansive knowledge, capabilities, and skill base of the APT.
- The “persistent” component has to do with the fact that the attacker is not in a hurry to launch and attack quickly, but will wait for the most beneficial moment and attack vector to ensure that its activities go unnoticed.
Safe Harbor requirements
- outlines how any entity that is going to move privacy data to and from Europe must go about protecting it.
- Notice: Individuals must be informed that their data is being collected and about how it will be used.
- Choice: Individuals must have the ability to opt out of the collection and forward transfer of the data to third parties.
- Onward Transfer: Transfers of data to third parties may only occur to other organizations that follow adequate data protection principles.
-Security: Reasonable efforts must be made to prevent loss of collected information.
- Data Integrity: Data must be relevant and reliable for the purpose it was
collected for.
- Access: Individuals must be able to access information held about them, and
correct or delete it if it is inaccurate.
- Enforcement: There must be effective means of enforcing these rules.
- Choice: Individuals must have the ability to opt out of the collection and forward transfer of the data to third parties.
- Onward Transfer: Transfers of data to third parties may only occur to other organizations that follow adequate data protection principles.
-Security: Reasonable efforts must be made to prevent loss of collected information.
- Data Integrity: Data must be relevant and reliable for the purpose it was
collected for.
- Access: Individuals must be able to access information held about them, and
correct or delete it if it is inaccurate.
- Enforcement: There must be effective means of enforcing these rules.
Wassenaar Arrangement
Implements export controls for “Conventional Arms and Dual-Use Goods and Technologies.
Intellectual Property Laws
1. Trade Secret: A trade secret is something that is proprietary to a company and important for its
survival and profitability. An example of a trade secret is the formula used for a soft
drink, such as Coke or Pepsi.
2. Copyright: protects the right of an author to control the public distribution, reproduction, display, and adaptation of his original work. It protects the expression of the idea of the resource instead of the resource itself. People are provided copyright protection for life plus 50 years.
3. Trademark: A trademark is slightly different from a copyright in that it is used to protect a word,
name, symbol, sound, shape, color, or combination of these.Companies cannot trademark a number or common word. This is why companies create new names—for example, Intel’s Pentium and Standard Oil’s Exxon.
4. Patent: Patents are given to individuals or companies to grant them legal ownership of, and
enable them to exclude others from using or copying, the invention covered by the patent. The invention must be novel, useful, and not obvious.Usually 20 years from the date of approval
Personally Identifiable Information (PII)
Data that can be used to uniquely identify, contact, or locate a single person or can be used with other sources to uniquely identify a single individual.
Laws,Directions, and Regulation
1. Sarbanes-Oxley Act (SOX): SOX provides requirements for how companies must track, manage, and report on financial information. This includes safeguarding the data and guaranteeing its integrity
and authenticity.
2. Health Insurance Portability and Accountability Act (HIPAA): provide national standards and procedures for the storage,use, and transmission of personal medical information and healthcare data.
3. Gramm-Leach-Bliley Act of 1999 (GLBA): Requires financial institutions to develop privacy notices and give their customers the option to prohibit financial institutions from sharing their information with nonaffiliated third parties.
4. Computer Fraud and Abuse Act: It is the primary U.S. federal antihacking statute.This is the most widely used law pertaining to computer crimeand hacking.
5. Payment Card Industry Data Security Standard (PCI DSS): The PCI DSS applies to any entity that processes, transmits, stores, or accepts creditcard data.PCI DSS is a private-sector industry initiative. It is not a law. Noncompliance or violations of the PCI DSS may result in financial penalties or possible revocation of merchantstatus within the credit card industry, but not jail time.
6. Federal Information Security Management Act (FISMA):is a U.S. law that requires every federal agency to create, document, and implement an agency-wide security program to provide protection for the information and information systems.NIST 800-53 document, which outlines all of the necessary security controls that need to be in place to protect federal systems. This NIST document is used to help ensure compliance with FISMA.
7. USA Patriot Act (愛國者法案): Reduced restrictions on law enforcement agencies’ ability to search telephone, e-mail communications, medical, financial, and other records.
5. Payment Card Industry Data Security Standard (PCI DSS): The PCI DSS applies to any entity that processes, transmits, stores, or accepts creditcard data.PCI DSS is a private-sector industry initiative. It is not a law. Noncompliance or violations of the PCI DSS may result in financial penalties or possible revocation of merchantstatus within the credit card industry, but not jail time.
6. Federal Information Security Management Act (FISMA):is a U.S. law that requires every federal agency to create, document, and implement an agency-wide security program to provide protection for the information and information systems.NIST 800-53 document, which outlines all of the necessary security controls that need to be in place to protect federal systems. This NIST document is used to help ensure compliance with FISMA.
7. USA Patriot Act (愛國者法案): Reduced restrictions on law enforcement agencies’ ability to search telephone, e-mail communications, medical, financial, and other records.
Incident Response Procedures
1. Triage
2. Investigation
3. Containment
4. Analysis
5. Tracking
6. Recovery
A history that shows how evidence was collected, analyzed, transported, and preserved in order to be presented in court.chain of custody
Evidence
1. Best Evidence:primary evidence used in a trial because it provides the most reliability.
An example of something that would be categorized as best evidence is an original signed contract.
2. Direct Evidence:can prove a fact all by itself and does not need backup information to
refer to.Direct evidence often is based on information gathered from a witness’s five senses.
3. Secondary Evidence: Oral evidence, such as a witness’s testimony, and copies of original documents are placed in the secondary evidence category. Computer-generated logs and documents might also constitute secondary rather than best evidence.
4. Circumstantial Evidence(旁證): can prove an intermediate fact that can then be used to deduce
or assume the existence of another fact. This type of evidence offers indirect proof and cannot be used as the sole evidence,
5. Corroborative Evidence (佐證): Supporting evidence used to help prove an idea or point. It
cannot stand on its own but is used as a supplementary tool to help prove a primary piece of evidence.
6. Hearsay Evidence: pertains to oral or written evidence presented in court that is secondhand
and has no firsthand proof of accuracy or reliability.
Entrapment and Enticement
1. Entrapment: Persuade someone to commit a crime when the person otherwise had no intention to commit the crime. Entrapment is neither legal nor ethical. Entrapment does not prove that the suspect had the intent to commit a crime; it only proves she was successfully tricked.
2. Enticement: the person is determined to have broken a low or is intent on doing so. Honeypot is one type of enticement.Enticement is legal and ethical.
A Few Different Attack Types
1. Salami:attacker commits several small crimes with the hope that the overall larger crime will go unnoticed.
2. Data Diddling: alteration of existing data. Many times, this modification happens before the data is entered into an application or as soon as it completes processing and is outputted from an application.
3. Password Sniffing:sniffing network traffic with the hope of capturing passwords being sent between computers.
4. IP Spoofing: change the IP address within a packet to show a different address or, more commonly, use a tool that is programmed to provide this functionality for them.
5. Dumpster Diving: rummaging through a company or individual’s garbage for discarded documents, information, and other precious items that could then be used in an attack against that company or person.
6. Wiretapping: Most communications signals are vulnerable to some type of wiretapping or eavesdropping. It can usually be done undetected and is referred to as a passive attack.
7. Cybersquatting: someone purchases a domain name with the goal of hurting a company with a similar domain name or to carry out extortion.The United States has a law that deals with this issue (Anti-cybersquatting Consumer Protection Act (ACPA) laws U.S.C. § 1125 and U.S.C. § 1129) but many countries do not.
Code of Ethics (道德規範)
1. Protect society, the common good, necessary public trust and confidence, and the infrastructure.
2. Act honorably, honestly, justly, responsibly, and legally.
3. Provide diligent and competent service to principals.
4. Advance and protect the profession.
沒有留言:
張貼留言