Organizations and individuals have many information assets, which are subject to an increasing number of threats. The purpose of this article is to provide (1) an overview of the factors that are increasing the threats to information security and (2) an overview of the threats to information security.
The Threat Environment
Whitman and Mattord (2003) classified threats into five general categories to enable us to better understand the complexity of the threat problem. Their categories are natural disasters, technical failures, management failures, unintentional acts, and deliberate acts.
Key Terms in this Chapter
Worm: Computer code that performs malicious actions and will replicate, or spread, by itself (without requiring another computer program).
Trojan Horse: Software programs that hide in other computer programs and reveal their designed behavior only when they are activated.
Zero-Day Attack: An attack that takes advantage of a newly discovered, previously unknown vulnerability in a software product. Perpetrators attack the vulnerability before the software vendor can prepare a patch for the vulnerability.
Distributed Denial of Service Attack: An attacker takes over many computers (called zombies or bots ), typically by using malicious software. The attacker uses these bots (which form a botnet ) to deliver a coordinated stream of information requests to a target computer, causing it to crash.
Social engineering: An attack where the perpetrator uses social skills to trick or manipulate a legitimate employee into providing confidential company information.
Tailgating: The perpetrator follows closely behind a legitimate employee and, when the employee gains entry, asks them to “hold the door” so the perpetrator can enter restricted areas that are controlled with locks or card entry.
Downstream Liability: A potential liability incurred by a company whose computer systems are compromised by an attacker and used to attack another company’s systems.
Phishing Attack: Attacks that use deception to acquire sensitive personal information by masquerading as official-looking e-mails or instant messages.
Rootkit: Software that enables an attacker to have administrator-level access (meaning complete control) to a computer or computer network.
Virus: Computer code that performs malicious actions by attaching to another computer program.