{"id":369,"date":"2017-09-27T18:29:35","date_gmt":"2017-09-27T18:29:35","guid":{"rendered":"http:\/\/bocchinfuso.net\/?p=369"},"modified":"2017-10-06T19:22:51","modified_gmt":"2017-10-06T19:22:51","slug":"fit-mgt-5115-wk-5-discussion-post","status":"publish","type":"post","link":"https:\/\/bocchinfuso.net\/index.php\/2017\/09\/27\/fit-mgt-5115-wk-5-discussion-post\/","title":{"rendered":"FIT \u2013 MGT 5115 \u2013 Wk 5 Discussion Post"},"content":{"rendered":"

Why is cybercrime expanding rapidly? Discuss some possible solutions, including acceptable-use policies, security procedures, and policies.<\/strong><\/em><\/p>\n

One of my favorite websites is the\u00a0Norse Attack Map<\/a>.
\nThe Norse Attack Map does a good job graphically depicting the amount of suspicious activity occurring on the Internet. I am also an avid reader of\u00a0Kerbs on Security<\/a>\u00a0and it’s clear that hackers are motivated by differing agendas and that attack surface and entry points are increasing at an exponential rate. IOT is creating an unprecedented attack surface and with the number of Internet-connected devices growing exponentially I think it’s fair to expect that cyber attacks will remain on the rise. \u00a0Companies like Cisco are introducing what they call\u00a0“The Network Intuitive”<\/a>\u00a0(if this is the only link you click, I suggest watching this video)which will leverage machine learning and AI to protect the network and its connected devices.<\/p>\n

Our connected evolution<\/a>\u00a0from the\u00a0ARPANET<\/a>\u00a0to the Internet we are all so familiar with and have come to rely on, to the\u00a0Internet of Everything (IoE)<\/a>\u00a0is what provides the basis for the rapid expansion of cybercrime. A quick look at the growth of the Internet and the connected devices provides insight to an attack surface that is growing bigger and bigger with each passing day.<\/p>\n

The\u00a0Target breach<\/a>\u00a0was highlighted in the text (Turban, 2015, p. 149) and this was a violation that was a probably avoidable with simple layer one isolation. Why Fazio Mechanical Servies, Target’s HVAC contractor would have credentials on a network that had access to Target’s POS systems is a bit astounding. Hindsight is 20\/20 and hackers have proven capable of penetrating facilities which are off the grid; this was the case with\u00a0Stuxnet<\/a>. In the case of Stuxnet, a worm purportedly developed under an unacknowledged government operation called\u00a0Olympic Games<\/a>\u00a0which was a campaign to use cyberwarfare to disrupt Iran’s nuclear program. I highly recommend the movie\u00a0Zero Days<\/a>.<\/p>\n

The Internet is the modern-day battlefield, the keyboard is the weapon of choice, the ideal soldier is adept at sleep deprivation and enjoys\u00a0jolt cola<\/a>\u00a0and cold pizza. Whether you hack for the challenge (e.g. –\u00a0Kevin Mitnick<\/a>), hack for\u00a0hacktivism<\/a>\u00a0(e.g. –\u00a0Barrett Brown<\/a>), hack for money (e.g. –\u00a0black, white and gray hat hackers<\/a>\u00a0for hire) or you\u00a0hack for a nation-state<\/a>, you likely live inside a sub-culture which is which is experiencing exponential growth.<\/p>\n

I think it’s important to note that amount of\u00a0Open Source<\/a>\u00a0software being deployed has exploded; this is important because the source code is easily accessible, this makes it easier for hackers to find and exploit vulnerabilities. This software is everything from operating systems like\u00a0Linux<\/a>\u00a0which powers the Internet in the form of servers, mobile devices, IoT devices, routers, switches, etc… to platforms like\u00a0WordPress<\/a>\u00a0which is said to power 28% of the websites on the Internet. \u00a0Linux and platforms like WordPress are\u00a0honeypots<\/a>\u00a0because a vulnerability found in the\u00a0Linux kernel<\/a>, a\u00a0GNU binary<\/a>\u00a0or in the WordPress code can be exploited and impact maximum damage. \u00a0It’s also important to recognize how important simple things like password length and complexity are, tools like\u00a0hashcat<\/a>, cloud computing, and the accessibility to\u00a0GPU computing<\/a>\u00a0have made cracking reasonably complex passwords a speedy task, what used to take years now takes minutes.<\/p>\n

Cloud computing and rapid adoption have not made these problems any easier to deal with. \u00a0As developers race to the cloud to become the next\u00a0Unicorn<\/a>security practices are weakening. \u00a0One of my favorite stories is about a company called\u00a0Code Spaces<\/a>\u00a0who was put out of business by a hacker who gained root access to their AWS account and essentially deleted all their instances, data, and backups. \u00a0There are stories every day about developers placing keys on\u00a0Github<\/a>\u00a0inadvertently and there are\u00a0bots which are actively crawling code repositories<\/a>\u00a0looking for keys. \u00a0In this connected world access to information awesome and so is the ability to expose information that should not be exposed, good policies, procedures, automation, etc… are required to mitigate risk.<\/p>\n

Acceptable use policies and training can be an effective means of influencing how users interact with systems that can either pose a direct or tangential cybersecurity threat.<\/p>\n

Security policies and procedures define how to prevent and respond to security incidents. These policies and procedures focus on enforcement, designated and empowered incident response personnel, notification procedures, communication plans and monitoring external sources of information.<\/p>\n

Examples of computer security related incidents and items that might be addressed in an acceptable use policy might include items such as:<\/strong><\/p>\n