CHAPTER 7 CASE STUDY : Information security threats and policies in Europe

1.) What is a botnet?

In the term "botnet" as used here, the "bot" is short for robot. A single bot is a software program that can, when surreptitiously installed on a person's computer, execute certain specified commands. Botnet is a network of autonomous malicious software agent there are under the control of a bot commander. The network is created by installing malware that exploits the vulnerabilities of Web servers, operating systems, or application to take control of the infected computers.

2.) Describe some of the main points of the Digital Agenda of Europe.

The main point of the Digital Agenda of Europe is to define the key role that information and communication technologies will play in 2020.The initiative calls of a single, open Europe digital market. Another goal is that broadband speed of 30Mbps be available to all European citizen by 2020 in term of security, the initiative is considering the implementation of measure to protect privacy and the establishment of a well-functioning network of CERT to prevent cybercrime and respond effectively to cyber attacks. The European Commission has proposed a Digital Agenda. Its main objective is to develop a digital single market in order to generate smart, sustainable and inclusive growth in Europe.

What are the obstacles hindering the Digital Agenda?

• fragmented digital markets;
• lack of interoperability;
• rising cybercrime and risk of low trust in networks;
• lack of investment in networks;
• insufficient research and innovation efforts;
• lack of digital literacy and skills;
• missed opportunities in addressing societal challenges

3.) Explain how a cyber-attack can be carried out.

There are 3 basic parts to a cyber-attack:

1. Access: a method to get inside or gain access to a network or system
2. Vulnerability: some part of the system that the attacker can take advantage of or manipulate
3. Payload: the purpose of the attack, namely, what exactly is the target and how significant will the damage

There are many other forms cyber-attacks may take.

Denial Of Service attack occurs when “an attacker attempts to prevent legitimate users from accessing information or services.” This is typically accomplished when the attacker overloads a system with requests to view information. This would be an example of a remote attack.

Spear phishing is another simple method by which an attack may gain access to a computer system or network. Once some information about a target is acquired, an email is sent purporting to be from a legitimate company asking for information such as usernames and passwords to banking websites or network logins.

Backdoors, or hooks, are placed inside a computer or network in order to create a vulnerability that can be exploited later on.

And tampering with basic electronics is a simple type of cyber-attack. It is also possible that such software or even hardware could be installed into electronics by the original manufacturer

4.) Describe some of the weaknesses exploited by malware.

Malware, known as Stuxnet is a shorthand term that encompasses all types of malicious software. This includes viruses, worms, Trojan horses, spyware, and all other types of software that get put onto your computer without you knowing it. Some of weaknesses of malware is it hidden in shortcuts to executable programs (files with extension. Ink) was executed automatically when the content of an infected USB drive was displayed as the malware is propagated via USB.