|
277
Index
first-party, 223–224
ICO notification, 226–227
loss/damage of data, 228
market capacity, 228–229
professional indemnity, 222
risk, 224–225
third-party, 224
Cyber-pornography, 155
Cyber security
ICT innovation cycle
Apple II, 22
computer access, 21
energy and drinking water sectors, 26–27
financial sector, 25
health sector, 25, 27–28
innovation areas, 24
Internet of Things (IOT), 28
modern living, 24–25
one-way encryption process, 21–22
organizational aspects, 23–24
PCs, 22
PLC boards, 23
SCADA protocols, 23
smart appliances, 27
smart meters, 26–27
transport sector, 25–26
unauthorized system, 24
user-friendly functionality, 21
wireless encryption protocol (WEP), 22
UK Cyber Security Strategy, 1
user requirements
BPS, 48
challenges, 44
cyber-ripples, 44
cyber-trust, 50, 51
t
elicitation, 51–53
elicit tacit information, 54
focus groups, 53
identity theft tactics, 47
interactive methods, 53
macro-ergonomic conceptual framework,
48–49, 48
f
, 49
f
observational and ethnographic methods,
53–54
on-line policing, 44
privacy and confidentiality, 48
questionnaires/surveys, 53
scenario-based modeling, 54–55
sensitive domains, 55
user-centered approaches, 46
f
, 47
Cyberspace
Budapest Convention, 8–9
challenges
bill of digital rights, 2
cyber breaches, 5–6
cyber-enabled offending, 4
cyber fraud, 5–6
cyber standards, 6
extra-territorial challenges, 4
International Covenant on Civil and Political
Rights, 3
litigants, 4–5
nationality/active personality theory, 3
passive personality theory, 3–4
population, 5–6
protective theory, 4
resilience and security, 2
risk assessments and impact analysis, 6
territoriality theory, 3
unauthorized access, 5
universality theory, 4
Computer Misuse Act 1990, 1, 2
cyber constables, 9
cyber incidents, 8
digital criminality, 9
government policy, 8
SPR, 7–8
stretching and reworking, 7
UK Cyber Security Strategy, 1
Cyber terrorism
cyber weapons, 165, 166
definitions, 15
Collin, Barry C., 11
cyberspace, 14
Denning, Dorothy E., 12
Dutch government, 15
elements, 13
FBI, 12
UK’s Terrorism Act, 14
US Center for Strategic and International
Studies, 13
Domain Name System (DNS) servers, 168–169
Internet sites, 168
Izz ad-Din al-Qassam Cyber Fighters, 168
Nagorno-Karabakh conflict, 16
organization’s core operational systems, 168,
169–170
organization’s information systems, 169
technical disruption, 16
terrorist organization
cyber-attack, 172
intelligence-guided capability, 170–171
Internet Black Tigers, 166–167
Izz ad-Din al-Qassam attack, 168
operational capability, 171–172
OpIsrael, 167
278
Index
Cyber terrorism
(Continued)
pro-Palestinian hackers, 166–167
SEA, 167
Tamil Tigers guerilla fighters, 166–167
technological capabilities, 170
Cyber-trespass, 155
D
Darknet networks, 130
Data carving, 80
Data Protection Act 1998, 91
Deep Web, 134
Defamation Act 1952 & 1996, 91
Denial-of-service (DoS), 107
Department of Defense Strategy for Operating in
Cybercrime, 115
Digital evidence
anti-forensics/counter forensics, 79
categories, 79, 79
t
computer forensics, 92
cybercrime categories, 72
doxing, 74–75
forensic analysis, 78–79
forensic evidence, 71–72
guidelines, 75
image acquisition, 78
IP address identification, 72–73
anonymizing proxy relay services,
73–74
Firewall and system logs, 74
IDS, network traffic, 74
spoofing, 73
media storage forensics
deleted files and folders, recovery, 84
deleted partition, 84
file systems, 82
file tables, 82–83
free/open source licenses, 83
hard disk structure and format,
80–81
hiberfil.sys, 86
HKEY functions, 84–85, 86
t
keyword and phrases search, 83
LastWrite time, 86
MBR signature, 82
MRU lists, 85–86
pagefil.sys, 86–87
primary and logical partition, 81
proprietary tools, 83
registry files, 84–85, 85
t
system volume information folders,
87–88
VBR and BIOS parameter block, 82
RAM
acquisition, 77–78
data carving and magic values, 80
volatility tool, 79–80
reported by third party, 72
seizing equipment, 75–76
suspects, interviews, 74
written passwords, search for, 76–77
Digital Video Broadcasting-Terrestrial (DVB-T),
271–272
Distributed denial of service (DDoS) attack, 225
Church of Scientology, 113, 114
HSBC, attack, 112, 113
Mafiaboy, 114–115
Syrian Electronic army, 107
UK-based banks, attack, 112
Domain Generation Algorithm (DGA), 243
Domain Name System (DNS) servers, 168–169
Doxing, 74–75
E
Echelon Interception System, 179
E-crimes, 2–3
ACPO guidelines, 92
Fraud Act 2006, 91, 92
global cost, 91
manifestations, 91
Metropolitan Police Service, 7
El Al Airlines website, 166–167
Electronic control units (ECU), 25–26
Electronic Disturbance Theater (EDT), 20
Eurograbber attack
attack infrastructure, 245, 246
f
infection, 245–246
money theft, 246–247, 247
f
TAN, 244–245
two-factor authentication mechanism, 244–245
ZITMO, 244–245
European Telecommunications Standards Institute
(ETSI), 260
Europol’s European Cybercrime Centre
(EC3), 249
Extended business interruption (EBI), 222
F
Foreign Intelligence Surveillance Act (FISA),
179–180
Forensic science, 59–60
Formal Concept Analysis (FCA) software, 209
Fraud Act 2006, 91, 92
Freedom of Information Act 2000, 92
F-Secure 2012 Threat Report, 238
Do'stlaringiz bilan baham: |
