An attack in which successful breach and payload deployment is not followed by activating deployed payload. Rather, payload is activated by a trigger event, at specific time or by external stimuli sent by the original attacker or anyone who was granted usage of the payload by the original attacker.
Published in Chapter:
Information Security as a Part of Curricula in Every Professional Domain, Not Just ICT's
Predrag Pale (Faculty of Electrical Engineering and Computing, University of Zagreb, Croatia)
Copyright: © 2016
|Pages: 15
DOI: 10.4018/978-1-4666-8793-6.ch010
Abstract
Information security is gaining attention of managers, leaders and public as attacks extend from “pure” IT systems into critical infrastructure which is being expanded to food production and supply, health systems, news media, educational resources etc. All parts of social, commercial and private life are under attack. In addition, new methods of attacks are appearing: slow san attacks and hibernated attacks. Thus, dedicated cyber defense forces are necessary. In addition, ICT specialists who design, deploy and maintain systems need appropriate education in information security in order for systems to be as secure as possible, in the first place. Also, white collar social engineers, domain specialists, are now able to perform highly sophisticated attacks. ICT specialists lack the domain knowledge to predict, detect and counter fight such attacks. This chapter shows why domain professionals need security awareness, education, readiness training and exercises, continuously.