This is the old version of the H2O platform and is now read-only. This means you can view content but cannot create content. You can access the new platform at https://opencasebook.org. Thank you.
Purpose: This unit provides an overview of points of vulnerability, exploring how different aspects of the cyber environment are particularly exposed to attack, and how vulnerability may be defined.
EDIT PLAYLIST INFORMATIONDELETE PLAYLIST
Edit playlist item notes below to have a mix of public & private notes, or:
This chapter outlines three layers of cyberspace: physical, syntactic, and semantic, through which to consider vulnerabilities in cyberspace. It briefly addresses external and internal threats, paying particular attention to the problem of insiders and supply chain concerns.
The reliance on critical infrastructure, such as the power grid, electronic information systems, and the increased interoperability of these systems makes them more susceptible to cyber threats.
This chapter addresses the issue of cyber attacks to electric infrastructure and any form of attack to cyber infrastructure. It provides a brief historical review of infrastructure attacks as well as an outline of threats and possible responses.
The DNS translates domain names into IP addresses. There is a whole family of vulnerabilities in which the DNS on one’s computer can be fooled in accepting different IP addresses for a given domain, allowing adversaries to extract information under the pretence of a trusted site. Such vulnerabilities including cache poisoning, packet sniffing, and session hijacking. In a similar fashion, Man-in-the-Middle attacks can cause users to disclose sensitive information without being aware of a third-party’s involvement in the transfer of data.
This article discusses a DNS bug discovered in 2008 and argues that designing systems with a security mindset would account for vulnerabilities before they surface, rather than the retroactive engineering of patches.
The man-in-the-middle attack exploits the fact that the HTTPS server (a protocol which guarantees privacy and security in transactions) sends a certificate with its public key to the Web browser. If this certificate isn’t trustworthy, the entire communication path is vulnerable. This article demonstrates how attackers can successfully intercept the data transfer and corrupt the safety of the communication.
Firesheep, a software taking advantage of packet sniffing and cookie stealing to hijack sessions on websites such as Facebook and Paypal while using the same network as the victim’s, has caused much discussion regarding the need to implement HTTPS universally across session-based platforms.
In recent years, many computer and Internet functions have moved from users’ computers to remote servers that make up a “cloud” of data and processing power. The increasing prevalence of cloud-based services, including a federal policy to transition to the cloud, raises several concerns regarding data.
Cloud solutions come in three main taxonomies: infrastructure as service, platform as service, and software as service. This article reviews the strengths and weaknesses of each taxonomy, demonstrating the trade-off between control, agility, and cost-efficiency.
This report presents a definition of cloud computing, examining both its benefits and drawbacks. Second, it examines legal challenges posed by cloud computing, with particular attention to implications of cloud computing for U.S. law enforcement and national security agencies. Third, it outlines several recommendations for legislative responses to this new technology.
Phishing is the process of enticing people into visiting fraudulent websites and persuading them to enter identity information such as usernames, passwords, addresses, social security numbers, personal identification numbers and anything else that can be made to appear to be plausible.
This article examines take-down times of phishing websites and estimates the cost of a phishing scam in face of the defenders’ efforts to eliminate the attack. It outlines a model of the mechanics of a phishing attack, concluding that by the time phishing sites are removed, damage has already been done: many responses have been received and the attackers are moving on to new sites.
A rogue employee presents risks similar to those of a feckless user in the periphery of an open system, as computer systems are now designed in a distributed way that would not allow an individual to cause much damage without being traced.
This report examines the threat posed by insiders, that is, individuals who were, or previously had been, authorized to use the information systems they eventually employed to perpetrate harm, with a primary focus on the banking and finance sector. This piece explores the risk from a behavioral and technological perspective.
This policy analysis argues for a public-private partnership in establishing industry best practices for the protection of undersea cables. It provides a light technical overview of how cables work and their significance as part of the ICT infrastructure.
This is the old version of the H2O platform and is now read-only. This means you can view content but cannot create content. If you would like access to the new version of the H2O platform and have not already been contacted by a member of our team, please contact us at h2o@cyber.law.harvard.edu. Thank you.