This is the old version of the H2O platform and is now read-only. This means you can view content but cannot create content. You can access the new platform at https://opencasebook.org. Thank you.

Some vulnerabilities do not rely on specific technical hacks, but simply on the susceptibility of individual users. EDIT PLAYLIST INFORMATION DELETE PLAYLIST

Edit playlist item notes below to have a mix of public & private notes, or:

MAKE ALL NOTES PUBLIC (2/2 playlist item notes are public) MAKE ALL NOTES PRIVATE (0/2 playlist item notes are private)
  1. 1 Show/Hide More 1.3.5.a Phishing
    Original Creator: Jack Goldsmith and a Berkman Center Cybersecurity Team
    Phishing is the process of enticing people into visiting fraudulent websites and persuading them to enter identity information such as usernames, passwords, addresses, social security numbers, personal identification numbers and anything else that can be made to appear to be plausible.
    1. 1.1 Show/Hide More David Goldman, Massive Gmail Phishing Attack Hits Top U.S. Officials, CNN Money, Jun 1, 2011
      In the summer of 2011, a major phishing scam originating from China targeted hundreds of personal Gmail accounts, including government officials.
    2. 1.2 Show/Hide More Tyler Moore and Richard Clayton, Examining the Impact of Website Take-down on Phishing, APWG eCrime Researchers Summit, 2007
      This article examines take-down times of phishing websites and estimates the cost of a phishing scam in face of the defenders’ efforts to eliminate the attack. It outlines a model of the mechanics of a phishing attack, concluding that by the time phishing sites are removed, damage has already been done: many responses have been received and the attackers are moving on to new sites.
  2. 2 Show/Hide More 1.3.5.b Insiders
    Original Creator: Jack Goldsmith and a Berkman Center Cybersecurity Team
    A rogue employee presents risks similar to those of a feckless user in the periphery of an open system, as computer systems are now designed in a distributed way that would not allow an individual to cause much damage without being traced.
    1. 2.1 Show/Hide More US Secret Service, Insider Threat Study: Illicit Cyber Activity in the Banking and Finance Sector, CERT, 2004
      This report examines the threat posed by insiders, that is, individuals who were, or previously had been, authorized to use the information systems they eventually employed to perpetrate harm, with a primary focus on the banking and finance sector. This piece explores the risk from a behavioral and technological perspective.

Playlist Information

May 21, 2013

Author Stats

Jack Goldsmith and a Berkman Center Cybersecurity Team

Other Playlists by Jack Goldsmith and a Berkman Center Cybersecurity Team

Find Items

Search below to find items, then drag and drop items onto playlists you own. To add items to nested playlists, you must first expand those playlists.

Leitura Garamond Futura Verdana Proxima Nova Dagny Web
small medium large extra-large