Behavioral Cybersecurity
eBook - ePub

Behavioral Cybersecurity

Fundamental Principles and Applications of Personality Psychology

  1. 172 pages
  2. English
  3. ePUB (mobile friendly)
  4. Available on iOS & Android
eBook - ePub

Behavioral Cybersecurity

Fundamental Principles and Applications of Personality Psychology

About this book

This book discusses the role of human personality in the study of behavioral cybersecurity for non-specialists.

Since the introduction and proliferation of the Internet, cybersecurity maintenance issues have grown exponentially. The importance of behavioral cybersecurity has recently been amplified by current events, such as misinformation and cyber-attacks related to election interference in the United States and internationally. More recently, similar issues have occurred in the context of the COVID-19 pandemic.

The book presents profiling approaches, offers case studies of major cybersecurity events and provides analysis of password attacks and defenses. Discussing psychological methods used to assess behavioral cybersecurity, alongside risk management, the book also describes game theory and its applications, explores the role of cryptology and steganography in attack and defense scenarios and brings the reader up to date with current research into motivation and attacker/defender personality traits.

Written for practitioners in the field, alongside nonspecialists with little prior knowledge of cybersecurity, computer science, or psychology, the book will be of interest to all who need to protect their computing environment from cyber-attacks. The book also provides source materials for courses in this growing area of behavioral cybersecurity.

Frequently asked questions

Yes, you can cancel anytime from the Subscription tab in your account settings on the Perlego website. Your subscription will stay active until the end of your current billing period. Learn how to cancel your subscription.
No, books cannot be downloaded as external files, such as PDFs, for use outside of Perlego. However, you can download books within the Perlego app for offline reading on mobile or tablet. Learn more here.
Perlego offers two plans: Essential and Complete
  • Essential is ideal for learners and professionals who enjoy exploring a wide range of subjects. Access the Essential Library with 800,000+ trusted titles and best-sellers across business, personal growth, and the humanities. Includes unlimited reading time and Standard Read Aloud voice.
  • Complete: Perfect for advanced learners and researchers needing full, unrestricted access. Unlock 1.4M+ books across hundreds of subjects, including academic and specialized titles. The Complete Plan also includes advanced features like Premium Read Aloud and Research Assistant.
Both plans are available with monthly, semester, or annual billing cycles.
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, we’ve got you covered! Learn more here.
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.
Yes! You can use the Perlego app on both iOS or Android devices to read anytime, anywhere — even offline. Perfect for commutes or when you’re on the go.
Please note we cannot support devices running on iOS 13 and Android 7 or earlier. Learn more about using the app.
Yes, you can access Behavioral Cybersecurity by Wayne Patterson,Cynthia E. Winston-Proctor in PDF and/or ePUB format, as well as other popular books in Informatik & Informatik Allgemein. We have over one million books available in our catalogue for you to explore.

Information

Publisher
CRC Press
Year
2020
Print ISBN
9780367509798
eBook ISBN
9781000258332
Topic
Informatik
Subtopic
Informatik Allgemein

1

Recent Events

The history of research in cybersecurity dates back to the 1970s and even before, but for most people, what was known at the time affected only a very small number of people in the world of computing. As has been described earlier, the first general awareness of external attacks occurred only in the 1980s with, for example, the Morris Internet worm of 1988.
On November 2 of that year, Robert Morris, then a graduate student in computer science at Cornell, created the worm in question and launched it on the Internet. In UNIX systems of the time, applications sendmail and finger had weaknesses that allowed the worm to enter and then generate copies of itself. This resulted in the major damage caused by this work, as it would make copies of itself until memory was exhausted, causing the system to shut down. Furthermore, with UNIX vulnerabilities, the worm could move from one machine to the other, and it was estimated that it infected eventually about 2000 computers within 15 hours. The US Government Accountability Office estimated the cost of the damage in the range of $100,000–$10 million—obviously not a very accurate assessment.
Robert Morris was tried and convicted under the Computer Fraud and Abuse Act and was sentenced to 3 years’ probation and 400 hours of community service and fined $10,050.
He was subsequently hired as a professor of computer science at the Massachusetts Institute of Technology, where he continues to teach and research to this day.
The proliferation of access to computers to the general public, in both North America and worldwide, only began in the 1990s. Consequently, to most of us, hearing of cyberattacks only began in that period.
But now the percentage of the global population with access to the Internet has increased exponentially, and consequently, not only the number of targets for cyberattackers and undoubtedly the number of attackers have increased, but also the potential for exploitation of many different types of target has increased. Therefore, we now have many examples of exploits that result in widespread theft of critical user information such as Social Security numbers, addresses, telephone numbers, and even credit card information.
The Office of Personnel Management (OPM) is a little-known, but important component of the US government. It is responsible for “recruiting, retaining and honoring the world-class force to serve the American people” (Office of Personnel Management, 2018).
Two major data breaches at the OPM occurred in 2014 and 2015 that obtained the records of approximately 4 million US government employees, with the estimate of the number of stolen records as approximately 21.5 million. Information obtained included Social Security numbers, names, dates and places of birth, and addresses. Also stolen in this attack were 5.6 million sets of fingerprints. As a consequence of these two attacks, both the director and the chief information officer of OPM resigned.
Attacks on many organizations through techniques such as distributed denial of service (DDoS) designed primarily to cripple an organization’s website, thus preventing the organization from doing business, even if only for a relatively short period of time.
Perhaps the first time there was a widespread public awareness of DDoS attacks occurred around November 28, 2010. The website wikileaks.org published several thousand classified US government documents and announced they had 250,000 more. This caused an immediate “cyberwar,” with opponents of WikiLeaks attempting to crash the WikiLeaks website, whereas WikiLeaks supporters, particularly a loosely affiliated group called Anonymous, were able to crash numerous sites, including MasterCard and PayPal.
In 2007, WikiLeaks was founded as an organization (WikiLeaks, 2018) and a website whose mission was to:
bring important news and information to the public
provide an innovative, secure and anonymous way for sources to leak information to journalists, and
publish original source material alongside our news stories so readers and historians alike can see evidence of the truth.
Alas, WikiLeaks released several thousand classified US government documents and announced they had 250,000 more. (It was later determined that the documents had been provided by US Army Private Bradley/Chelsea Manning.)
The immediate response from the cyber community was that two of the main sources of receipt of donations to WikiLeaks, MasterCard and PayPal, announced that they would no longer accept donations destined as contributions to WikiLeaks, its primary source of revenue.
Subsequently, organizations supportive of the objectives of WikiLeaks, notably an online group called Anonymous, decided to launch DDoS attacks on both MasterCard and PayPal and were successful in bringing them down for several days, undoubtedly costing both those organizations significant loss of revenue. In retaliation, in effect perhaps the first example of cyber warfare, other groups sympathetic to MasterCard and PayPal and in opposition to WikiLeaks release of the classified documents made a similar attempt to take down the WikiLeaks website (see Figure 1.1).
Image
Figure 1.1 Two measures of spikes in Internet traffic, suggesting a possible DDoS attack, or just heightened public interest. (a) WikiLeaks website showing attack level after Manning documents leaked. (Data from Alexa.com.); (b) Internet Traffic Report on June 25, 2009 (Michael Jackson’s death). (Data source: Wired.com.)

Addressing DDoS Attacks

DDoS attacks are coordinated efforts by human or machine to overwhelm websites and, at a minimum, to cause them to shut down. The use of this type of malicious software has grown exponentially in the past decade, and despite considerable research, it has proven very difficult to identify, detect, or prevent such attacks. On the other hand, increases in traffic at websites may not be the result of a DDoS attack but a legitimate increase in demand for the Web service.
In the 2011 publication of the World Infrastructure Security Report (WISC, 2011), it was noted that the reported increase in DDoS attacks had been multiplied by a factor of 10 since the first year of the study in 2004 and that ideologically motivated “hacktivism” and vandalism have become the most readily identified DDoS attack motivations, and since 2014, the number and intensity of DDoS attacks has been increased exponentially.
In its simplest form, a DDoS attack is a coordinated set of requests for services, such as a Web page access. These requests may come from many nodes on the Internet, by either human or electronic action, and the requests require resource utilization by the site under attack. The Low Orbit Ion Cannon (LOIC) is easily accessible on the Internet, and use of this software to initiate or participate in a DDoS attack only requires typing in the website name.
A DDoS attack might be indistinguishable from a sudden influx of requests because of a specific event. For example, news sites might have an extraordinary increase in legitimate requests when a significant event occurs—the death of a celebrity, for example, or a ticket brokerage service may be flooded when popular tickets go on sale.
There may be numerous reasons for unusual Web traffic: There may be a cycle in the business of the host site, for example, stock prices at the moment of the opening bell in the stock market, at university home pages on the last day of course registration, or with the “Michael Jackson phenomenon”—when Michael Jackson died, most news sites reported a heavy spike in their Web traffic because of the widespread curiosity in users attempting to discover what had occurred, or there may be an actual DDoS attack underway.
The original reporting on these data came as a result of a joint research team consisting of students and faculty from Howard University in Washington, DC, and the Universidad Santo TomĂĄs in Santiago, Chile, working together to develop this research (Banks et al., 2012).

Ransomware

Ransomware surfaced in 2013 with CryptoLocker, which used Bitcoin to collect ransom money. In December of that year, ZDNet estimated based on Bitcoin transaction information that the operators of Crypto Locker had procured about $27 million from infected users.
Phishing attacks are a form of illicit software designed primarily to obtain information to benefit “Phisher” from an unsuspecting person or account.
These attacks might arise from any source the user contacts for information, and many might occur from opening an email supposedly from some trusted source.
The purpose for the attack might be to urge a recipient to open an attachment. Many users might not realize that opening a Word, Excel, and PowerPoint document may contain within it code (called a macro) that may then infect the system.
Another approach in the phishing attack might be to encourage the recipient to follow a link which purports to require the user to enter an account name, password, or other personal information, which then is being transmitted to the creator of the phishing attack. In such a case, the personal information transmitted may be used by the phishing perpetrator in order to gain other resour...

Table of contents

  1. Cover
  2. Half Title
  3. Title Page
  4. Copyright Page
  5. Table of Contents
  6. Authors
  7. Introduction
  8. 1 Recent Events
  9. 2 Behavioral Cybersecurity
  10. 3 Personality Theory and Methods of Assessment
  11. 4 Hacker Case Studies: Personality Analysis and Ethical Hacking
  12. 5 Profiling
  13. 6 Access Control
  14. 7 The First Step: Authorization
  15. 8 Origins of Cryptography
  16. 9 Game Theory
  17. 10 The Psychology of Gender
  18. 11 Turing Tests
  19. 12 Modular Arithmetic and Other Computational Methods
  20. 13 Modern Cryptography
  21. 14 Steganography and Relation to Crypto
  22. 15 A Metric to Assess Cyberattacks
  23. 16 Behavioral Economics
  24. 17 Fake News
  25. 18 Exercises: Hack Labs
  26. 19 Conclusions
  27. Index