• understand that good security involves more than just prevention
• identify what a company can do beyond prevention
• detection
• reaction
• countermeasures
• identify the risks of insecure systems faced by business partners
• appreciate that business partners can pass on vulnerabilities to your clients
• differentiate between the relative risk benefits of intranets, extranets and the Internet
• understand the risk management paradigm and methodology
• differentiate between control weakness and control risk

A. Answer - magnitude

• more damage can be done 
• on a very large scale 
• in a short period of time

In Bruce Schneier's book "Secrets & Lies: Digital Security in a Networked World" he explains that 

"Threat modeling is the first step in any security solution. It's a way to start making sense of the vulnerability landscape. What are the real threats against the system? If you don't know that, how do you know what kid of countermeasures to employ?"

In Schneier's books he often uses silly examples to explain scenarios and processes and several years ago he described a situation of how to steal pancakes -which was silly, but provided an excellent way of explaining how vulnerability can exist in many ways - additionally, it serves to explain that sometimes you can steal something of value without having anything to do with the transcation part of taking the money.

Here is the pancake story repeated below.

"Threat modeling is a lot like this, and the only way to learn it is to do it. So let’s start by stealing some pancakes."

"Our goal is to eat, without paying, at the local restaurant. And we’ve got a lot of options. We can eat and run. We can pay with a fake credit card, a fake check, or counterfeit cash. We can convince another patron to leave the restaurant without eating and eat his food. We can impersonate a cook, a waiter, a manager, or the restaurant owner (who might be someone that few workers have ever met). We could snatch a plate off someone’s table before he eats it, or from under the heat lamps before the waiters can get to it. We can wait at the dumpster for the busboy to throw away the leftovers. We can pull the fire alarm and sneak in after everyone evacuates."

" We can even try to convince the manager that we’re some kind of celebrity who deserves a free breakfast, or maybe we can find a gullible patron and convince him to pay for our food. We could mug someone, nowhere near the restaurant, and buy the pancakes. We can forge a coupon for free pancakes, and there’s the time-honored tradition of pulling a gun and saying “give me all your pancakes.”

"There are probably even more possibilities, but you get the idea. Looking at this list, most of the attacks have nothing to do with the point where money changes hands. This is interesting, because it means that securing the payment system does not prevent illicit pancake stealing."

permission to quote Bruce Schneier and to quote from his book dealt with in emails June 9th, 2006. Copies of emails kept in the permissions binder.

One of the purposes of recounting Schneier's pancake stealing story is to illustrate that one of the best ways to approach security is to use the powers of an overactive imagination to conceive of as many different weird possibilities that could happen. 

So one of the things I'm trying to do in this unit is give students a very long list of all the possible risk and threat situations that can possibly happen, and discuss these, so that by being aware of such circumstances, you may be better prepared to address them if the threat develops into an immediate risk.

If you can develop countermeasures and contingencies to protect against most of these possible threats then it is unlikely you can be "surprised" by something that happens in the real world.

"A disaster is a disruption of normal business functions where the expected time for returning to normalcy would seriously impact the organization' s ability to maintain operations, including customer commitments and regulatory compliance"
Green Security Policies and Procedures Chpt 11, p. 352

- definitions

Chpt 7
2nd Edition

the powerpoints for Chpt 5 (1st Ed) can be obtained from
http://homepages.cambrianc.on.ca/timrichardson/ecommerce/ECP1220/greensteinchap5.ppt

Page 133 Greenstein Text - 1st Edition
Page 215 Greenstein Text - 2nd Edition

Before you begin reading Chapter 5 (7) in the Greenstein book, it would be a good idea to go to the website for the book and scan through the online list of "Key Terms"

- definitions

from www.unisdr.org/eng/library/ lib-terminology-eng%20home.htm the United Nations International Strategy for Disaster Reduction

"The potential danger that threatens to harm or destroy an object, event, or person."
the Legal Encyclopedia

Chpt 7
2nd Edition

 
 
 
 
 
 
 
 
 

• Internet Associated Risks
• Risks to Customers
• False or Malicious Websites (p. 218 2nd Edition)
• Stealing Visitor's ID's and Passwords
• Stealing Visitors's Credit Card information
• "man-in-the-middle" attacks to monitor a Visitor's activity
• Spying on a Visitor's hard drive
• Uploading from the Visitor's hard drive
• Theft of Customer Data
• from Selling Agents
• from ISPs
• Cookies (see special section) p. 220-222   2nd ed.
• Web Bugs
• embedded within the HTML code on a page
• used to track visitor's online movements
• unlike cookies, cannot be turned off
• Risks to Selling Agents and Vendors, p. 223   2nd ed.
• customer impersonation
• used to obtain product and service without paying
• used also to create negative publicity situations
• Denial of service (DNS) Attacks,  p. 224   2nd ed
• explanation of PINGING a DNS
• SYN flooding
• Intranet Associated Risks
• Sabotage by Employees
• former employees
• threats from current employees
• social engineering
• B2B Risks

risks associated with transactions between business partners
• Data Interception
• Archives

risks associated with confidentially-maintained archival, master file and reference data
• Viruses

risks associated with viruses and malicious code overflows
- see our unit  www.witiger.com/ecommerce/viruses.htm
• trojan horses
• hoaxes

buffer overflows

Five groups of "real and present" danger

• Inadvertent acts (malicious intent is absent)
• Human error or failure of the product/system to operate
• Deviations in quality of service by service providers
• Deliberate acts
• Competitive Intelligence
• Industrial Espionage
• Trespass
• hacking
• Information extortion
• Sabotage ad vandalism
• Theft
• Software attacks
• DNS attacks
• Virus attacks
• Trojan Horse
• Worms
• Compromises to Intellectual Property
• Acts of God
• Forces of Nature
• Fire
• Flood
• Earthquake
• Lightning
• Tornado / Hurricane
• Technical failures
• Hardware Failures
• Softare Failures
• Management failures
• Technological Obsolescence
• Ignoring SOPs (Standard Operating Procedures)
• Errors in judegement

Types of
Attacks

- Frauds

Practices for Protecting Information Resources Assets
originally from www.stac.state.tx.us/IRAPC/practices/

"guidelines are intended to assist agencies and institutions of higher education to achieve the goal of acceptable information resources risk management"

    Chapter 1. Establishing an Information Security Policy 
    Chapter 2. Identifying Critical Information Assets and Risks 
    Chapter 3. Tools and Practices for Critical Information Asset Protection 
    Chapter 4. Security Incident Planning 

   Part 2 – Appendices – 144 pages, 22 MS Word files

    Appendix A-1. Bibliography 
  Appendix A-2. Glossary – 66 pages, - recommended
    Appendix B-1. Additional References and Sources 
    Appendix C-1. Example of Virus Handling Procedures 
    Appendix C-2. Perspective: Malicious Code and Other Security Threats 
    Appendix D-1. Checklist for Outsourcing Contracts 
    Appendix E-1. What to Do if You Think Your Installation Has Been Hacked 
    Appendix E-2. DoS Defense 
    Appendix E-3. Recipe for Developing a Successful Incident Handling Plan 
    Appendix E-4. Example of Agency Incident Response Plan 
    Appendix E-5. Emergency Steps for Incident Response 
    Appendix E-6. IDS Product Evaluation Criteria 
    Appendix E-7. Disruption Defense; Mitigation Checklist 
    Appendix F-1. LAN Security Checklist 
    Appendix G-1. Considering an Extranet?
    Appendix H-1. Protecting Your Password 
    Appendix I-1. Low-Cost/No-Cost Computer Security Measures 
    Appendix J-1. A Snapshot in Time: Where are the Vulnerabilities Now? 
    Appendix J-2. Risk Analysis and Assessment 
    Appendix J-3. Automation Controls Self-Assessment Guide 
    Appendix K-1. Implementation of Transaction Safeguards 
    Appendix K-2. Questions to Consider When Assessing Transaction Security Risks