基本HTML大乐透走势图500期图
Page 85 - 网络防御Emagazine - 2017年11月
P. 85

2.  Hacking  for  political  purposes.    This  includes  both  state-sponsored  and  terrorist
                          exploits,  for  both  access  to  sensitive  information  and  the  distribution  of
                          disinformation, as well as unauthorized modifications and denial of service attacks on
                          web sites.

                       3.  Thrill-seekers.  No longer limited to the skateboard set living in Mom’s basement, but
                          other  sophisticated  criminals  who  apparently  experience  enjoyment  and  peer
                          adulation by stealing sensitive information and causing general online havoc.



               To some extent, it is tempting to “fight fire with fire,” and respond to cyber threats exclusively
               with cyber defenses.  In a perfect world, this would seem to make sense.  In some cases, that
               works even in the real world, and an application or software fix or patch can often overcome a
               specific cyber security exploit or technical vulnerability.


               However, beyond cyber-based data breaches, schemes to gain access through non-technical
               individuals  have  proliferated,  resulting  in  growth  in  both  the  number  and  costliness  of  cyber-
               attacks.  In  the midst  of  all this  threat  spectrum,  human  vulnerability  is still  the  leading  entry
               point of identity theft and data breaches.  Numerous recent surveys report that the vast majority
               of data breaches are rooted in phishing exploits and are successful due to human failure.

               Schemes such as social engineering and other manipulations designed to inveigle individuals
               into launching malware or executable files, and accessing bogus web sites, are often the means
               used  by  cyber  criminals.    Think  of  a  seemingly  innocuous  e-mail  request  to  update  account
               information for an active account, but with a link to a similar-sounding web site controlled by the
               cyber criminals, in actuality the means to capture the username and password of the victim.

               Regardless of the illicit objectives, the necessary defenses must include both IT responses and
               education of the broader population of organizations and consumers.  Without getting all non-IT
               users  to  practice  good  “cyber  hygiene,”  it  is  unlikely  that  the  cyber  defense  system  will  be
               successful.  As long as there is a human being with a keyboard and a mouse, and access to the
               system, cyber defenses alone will leave vulnerabilities.
               This state of affairs has been referred to as “asymmetrical warfare,” in which the opposing sides
               play  by  different  rules  and  have  different  standards  of  success.  The  defenders  must  prevail
               100% of the time, while the attackers need only enjoy the occasional success to win.

               In practice, the most successful cyber defense is a thoughtful combination of IT methods and
               education of employees and other users who may have access to sensitive systems and data.
               One  example  is  the  human  factor  in  failing  to  keep  all  software  programs  up  to  date  with
               important  patches  to  combat  perceived  and  discovered  vulnerabilities.    Another  is  the
               importance of keeping all users up to date on the latest methods used by cyber criminals and
               identity  thieves.    The  established  methods  of  managing  the  risks  of  identity  theft,  especially
               through education, are the most likely to be used successfully in conjunction with cybersecurity
               applications.



                   85    Cyber Defense eMagazine – November 2017 Edition
                         Copyright © 2017, Cyber Defense Magazine,  All rights reserved worldwide.
   80   81   82   83   84   85   86   87   88   89   90