Spybot rootkit scan no admin in acl

Jones & Bartlett Learning books and products are available through most bookstores and online booksellers. To contact Jones & Bartlett Learning directly, call 800-832-0034, fax 978-443-8000, or visit our website, www.jblearning.com.

Substantial discounts on bulk quantities of Jones & Bartlett Learning publications are available to corporations, professional associations, and other qualified organizations. For details and specific discount information, contact the special sales department at Jones & Bartlett Learning via the above contact information or send an email to specialsales@jblearning.com.

Copyright © 2014 by Jones & Bartlett Learning, LLC, an Ascend Learning Company

All rights reserved. No part of the material protected by this copyright may be reproduced or utilized in any form, electronic or mechanical, including photocopying, recording, or by any information storage and retrieval system, without written permission from the copyright owner.

The content, statements, views, and opinions herein are the sole expression of the respective authors and not that of Jones & Bartlett Learning, LLC. Reference herein to any specific commercial product, process, or service by trade name, trademark, manufacturer, or otherwise does not constitute or imply its endorsement or recommendation by Jones & Bartlett Learning, LLC and such reference shall not be used for advertising or product endorsement purposes. All trademarks displayed are the trademarks of the parties noted herein. Security Strategies in Windows Platforms and Applications, Second Edition is an independent publication and has not been authorized, sponsored, or otherwise approved by the owners of the trademarks or service marks referenced in this product.

There may be images in this book that feature models; these models do not necessarily endorse, represent, or participate in the activities represented in the images. Any screenshots in this product are for educational and instructive purposes only. Any individuals and scenarios featured in the case studies throughout this product may be real or fictitious, but are used for instructional purposes only.

This publication is designed to provide accurate and authoritative information in regard to the subject matter covered. It is sold with the understanding that the publisher is not engaged in rendering legal

mailto:info@jblearning.com
http://www.jblearning.com/
http://www.jblearning.com/
mailto:specialsales@jblearning.com
or other professional service. If legal advice or other expert assistance is required, the service of a competent professional person should be sought.

Production Credits Chief Executive Officer: Ty Field President: James Homer Chief Product Officer: Eduardo Moura SVP, Curriculum Solutions: Christopher Will Director of Sales, Curriculum Solutions: Randi Roger Senior Marketing Manager: Andrea DeFronzo Associate Marketing Manager: Kelly Thompson VP, Design and Production: Anne Spencer VP, Manufacturing and Inventory Control: Therese Connell Manufacturing and Inventory Control Supervisor: Amy Bacus Editorial Management: High Stakes Writing, LLC, President: Lawrence J. Goodrich Senior Editor, HSW: Ruth Walker Associate Program Manager: Rainna Erikson Production Manager: Susan Schultz Composition: Gamut+Hue, LLC Cover Design: Kristin E. Parker Director of Photo Research and Permissions: Amy Wrynn Photo Research Coordinator: Joseph Veiga Cover Image: © HunThomas/ShutterStock, Inc. Chapter Opener Image: © Rodolfo Clix/Dreamstime.com Printing and Binding: Edwards Brothers Malloy Cover Printing: Edwards Brothers Malloy

ISBN: 978-1-284-03165-2

Library of Congress Cataloging-in-Publication Data Not available at time of printing.

6048

Printed in the United States of America 17 16 15 14 13 10 9 8 7 6 5 4 3 2 1

http://dreamstime.com/
Contents

Preface Acknowledgments

PART ONE The Microsoft Windows Security Situation

CHAPTER 1

Microsoft Windows and the Threat Landscape

Information Systems Security

Tenets of Information Security: The C-I-A Triad

Confidentiality Integrity Availability

Mapping Microsoft Windows and Applications into a Typical IT Infrastructure

Windows Clients Windows Servers

Microsoft’s End-User License Agreement (EULA)

Windows Threats and Vulnerabilities

Anatomy of Microsoft Windows Vulnerabilities

Code Red SQL Slammer Conficker

Discovery-Analysis-Remediation Cycle

Discovery Analysis Remediation

Common Forms of Attack

CHAPTER SUMMARY

KEY CONCEPTS AND TERMS

CHAPTER 1 ASSESSMENT

CHAPTER 2

Security in the Microsoft Windows Operating System

Operating System Components and Architecture

The Kernel Operating System Components

Basic Windows Operating System Architecture

Windows Run Modes Kernel Mode User Mode

Access Controls and Authentication

Authentication Methods Access Control Methods

Security Access Tokens, Rights, and Permissions

Security Identifier Access Rules, Rights, and Permissions

Users, Groups, and Active Directory

Workgroups Active Directory

Windows Attack Surfaces and Mitigation

Multilayered Defense Mitigation

Fundamentals of Microsoft Windows Security Monitoring and Maintenance

Security Monitoring Identify Vulnerabilities

CHAPTER SUMMARY

KEY CONCEPTS AND TERMS

CHAPTER 2 ASSESSMENT

PART TWO

Managing and Maintaining Microsoft Windows Security

CHAPTER 3

Access Controls in Microsoft Windows

The Principle of Least Privilege

The Orange Book Least Privilege and LUAs

Rights and Permissions

Access Models: Identification, Authentication, Authorization, ACLs, and More

Windows Server 2012 Dynamic Access Control (DAC) User Account Control (UAC) Sharing SIDs and SATs Managed Service Accounts Kerberos NT LAN Manager

Windows Objects and Access Controls

Windows DACLs DACL Advanced Permissions

SIDs, GUIDs, and CLSIDs

Calculating Microsoft Windows Access Permissions

Auditing and Tracking Windows Access

Microsoft Windows Access Management Tools

Cacls.exe Icacls.exe Robocopy

Best Practices for Microsoft Windows Access Control

CHAPTER SUMMARY

KEY CONCEPTS AND TERMS

CHAPTER 3 ASSESSMENT

CHAPTER 4

Microsoft Windows Encryption Tools and Technologies

Encryption Methods Microsoft Windows Supports

Encrypting File System, BitLocker, and BitLocker To Go

Encrypting File System BitLocker BitLocker To Go

Enabling File-, Folder-, and Volume-Level Encryption

Enabling EFS Enabling BitLocker Enabling BitLocker To Go

Encryption in Communications

Encryption Protocols in Microsoft Windows

SSL/TLS Virtual Private Network Wireless Security

Microsoft Windows and Security Certificates

Public Key Infrastructure

Best Practices for Windows Encryption Techniques

CHAPTER SUMMARY

KEY CONCEPTS AND TERMS

CHAPTER 4 ASSESSMENT

CHAPTER 5

Protecting Microsoft Windows Against Malware

The Purpose of Malware

Types of Malware

Virus Worm Trojan Horse Rootkit Spyware Ransomware Malware Type Summary

Antivirus and Anti-Spyware Software

Antivirus Software Anti-Spyware Software

Importance of Updating Your Software

Maintaining a Malware-Free Environment

Scanning and Auditing Malware

Tools and Techniques for Removing Malware

Malware Prevention Best Practices

CHAPTER SUMMARY

KEY CONCEPTS AND TERMS

CHAPTER 5 ASSESSMENT

CHAPTER Group Policy Control in Microsoft

6 Windows

Group Policy and Group Policy Objects

Group Policy Settings GPO Linking

Making Group Policy Conform to Security Policy

Security Responsibility Security Policy and Group Policy Group Policy Targets

Types of GPOs in the Registry

Local Group Policy Editor GPOs in the Registry Editor

Types of GPOs in Active Directory

Group Policy Management Console GPOs on the Domain Controller

Designing, Deploying, and Tracking Group Policy Controls

GPO Application Order Security Filters GPO Windows Management Instrumentation (WMI) Filters Deploying Group Policy

Auditing and Managing Group Policy

Group Policy Inventory Analyzing the Effect of GPOs

Best Practices for Microsoft Windows Group Policy and Processes

Group Policy Design Guidelines

CHAPTER SUMMARY

KEY CONCEPTS AND TERMS

CHAPTER 6 ASSESSMENT

CHAPTER 7

Microsoft Windows Security Profile and Audit Tools

Profiling Microsoft Windows Security

Profiling Profiling Windows Computers

Microsoft Baseline Security Analyzer (MBSA)

MBSA GUI MBSA Command Line Interface

Shavlik Security Analyzers

NetChk Protect Limited NetChk Protect

Secunia Personal and Corporate Security Analyzers

Secunia Personal Scanners Secunia Corporate Products

Microsoft Windows Security Audit

Microsoft Windows Security Audit Tools

Best Practices for Microsoft Windows Security Audits

CHAPTER SUMMARY

KEY CONCEPTS AND TERMS

CHAPTER 7 ASSESSMENT

CHAPTER 8

Microsoft Windows Backup and Recovery Tools

Microsoft Windows Operating System (OS) and Application Backup and Recovery

The Need for Backups The Backup Process The Restore Process

Workstation, Server, Network, and Internet Backup Techniques

Workstation Backups Server Backups Network Backups Internet Backups

Microsoft Windows and Application Backup and Recovery in a Business Continuity Setting

Disaster Recovery Plan Business Continuity Plan Where a Restore Fits In

Microsoft Windows Backup and Restore Utility

Restoring with the Windows Backup and Restore Utility Restoring with the Windows Server 2008 Server Recovery Utility

Rebuilding Systems from Bare Metal

Managing Backups with Virtual Machines

Best Practices for Microsoft Windows Backup and Recovery

CHAPTER SUMMARY

KEY CONCEPTS AND TERMS

CHAPTER 8 ASSESSMENT

CHAPTER 9

Microsoft Windows Network Security

Network Security

Network Security Controls

Principles of Microsoft Windows Network Security

Common Network Components Connection Media Networking Devices Server Computers and Services Devices

Microsoft Windows Security Protocols and Services

Securing Microsoft Windows Environment Network Services

Service Updates Service Accounts Necessary Services

Securing Microsoft Windows Wireless Networking

Microsoft Windows Desktop Network Security

User Authorization and Authentication Malicious Software Protection

Outbound Traffic Filtering

Microsoft Windows Server Network Security

Authentication and Authorization Malicious Software Protection Network Traffic Filtering

Best Practices for Microsoft Windows Network Security

CHAPTER SUMMARY

KEY CONCEPTS AND TERMS

CHAPTER 9 ASSESSMENT

CHAPTER 10

Microsoft Windows Security Administration

Security Administration Overview

The Security Administration Cycle Security Administration Tasks

Maintaining the C-I-A Triad in the Microsoft Windows OS World

Maintaining Confidentiality Maintaining Integrity Maintaining Availability

Microsoft Windows OS Security Administration

Firewall Administration Performance Monitor Backup Administration

Operating System Service Pack Administration Group Policy Administration DACL Administration Encryption Administration Anti-Malware Software Administration

Ensuring Due Diligence and Regulatory Compliance

Due Diligence

The Need for Security Policies, Standards, Procedures, and Guidelines

Best Practices for Microsoft Windows OS Security Administration

CHAPTER SUMMARY

KEY CONCEPTS AND TERMS

CHAPTER 10 ASSESSMENT

PART THREE

Microsoft Windows OS and Application Security Trends and Directions

CHAPTER 11

Hardening the Microsoft Windows Operating System

Understanding the Hardening Process and Mindset

Strategies to Secure Windows Computers Install Only What You Need Security Configuration Wizard Manually Disabling and Removing Programs and

Services

Hardening Microsoft Windows Operating System Authentication

Hardening the Network Infrastructure

Securing Directory Information and Operations

Hardening Microsoft Windows OS Administration

Hardening Microsoft Servers and Client Computers

Hardening Server Computers Hardening Workstation Computers

Hardening Data Access and Controls

Hardening Communications and Remote Access

Authentication Servers VPNs and Encryption

Hardening PKI

User Security Training and Awareness

Best Practices for Hardening Microsoft Windows OS and Applications

CHAPTER SUMMARY

KEY CONCEPTS AND TERMS

CHAPTER 11 ASSESSMENT

CHAPTER 12

Microsoft Application Security

Principles of Microsoft Application Security

Common Application Software Attacks Hardening Applications

Securing Key Microsoft Client Applications

Web Browser E-mail Client Productivity Software File Transfer Software AppLocker

Securing Key Microsoft Server Applications

Web Server E-mail Server Database Server ERP Software Line of Business Software

Case Studies in Microsoft Application Security

Sporton International Monroe College Dow Corning

Best Practices for Securing Microsoft Windows Applications

CHAPTER SUMMARY

KEY CONCEPTS AND TERMS

CHAPTER 12 ASSESSMENT

CHAPTER 13

Microsoft Windows Incident Handling and Management

Understanding and Handling Security Incidents Involving Microsoft Windows OS and Applications

Formulating an Incident Response Plan

Plan Like a Pilot Plan for Anything That Could Cause Loss or Damage Build the SIRT Plan for Communication Plan Security Revision Procedures Plan Testing

Handling Incident Response

Preparation Identification Containment Eradication Recovery Lessons Learned

Incident Handling and Management Tools for Microsoft Windows and Applications

Investigating Microsoft Windows and Applications Incidents

Acquiring and Managing Incident Evidence

Types of Evidence Chain of Custody Evidence Collection Rules

Best Practices for Handling Microsoft Windows OS and

Applications Incidents and Investigations

CHAPTER SUMMARY

KEY CONCEPTS AND TERMS

CHAPTER 13 ASSESSMENT

CHAPTER 14

Microsoft Windows and the Security Life Cycle

Understanding System Life Cycle Phases

Agile Software Development

Managing Microsoft Windows OS and Application Software Security

Developing Secure Microsoft Windows OS and Application Software

Implementing, Evaluating, and Testing Microsoft Windows OS and Application Software Security

Maintaining the Security of Microsoft Windows OS and Application Software

Microsoft Windows OS and Application Software Revision, Change Management, and End-of-Life Phaseout

Software Development Areas of Difficulty Software Control Software Configuration Management (SCM)

Best Practices for Microsoft Windows and Application Software Development Security Investigations

CHAPTER SUMMARY

KEY CONCEPTS AND TERMS

CHAPTER 14 ASSESSMENT

CHAPTER 15

Best Practices for Microsoft Windows and Application Security

Basic Rules of Microsoft Windows OS and Application Security

Audit and Remediation Cycles

Security Policy Conformance Checks

Security Baseline Analysis

OS and Application Checks and Upkeep

Network Management Tools and Policies

Software Testing, Staging, and Deployment

Compliance/Currency Tests on Network Entry

Trends in Microsoft Windows OS and Application Security Management

CHAPTER SUMMARY

KEY CONCEPTS AND TERMS

CHAPTER 15 ASSESSMENT

APPENDIX A

Answer Key

APPENDIX B

Standard Acronyms

Glossary of Key Terms

References

Index

Preface

Purpose of This Book This book is part of the Information Systems Security & Assurance Series from Jones & Bartlett Learning (www.jblearning.com). Designed for courses and curriculums in IT Security, Cybersecurity, Information Assurance, and Information Systems Security, this series features a comprehensive, consistent treatment of the most current thinking and trends in this critical subject area. These titles deliver fundamental information- security principles packed with real-world applications and examples. Authored by Certified Information Systems Security Professionals (CISSPs), they deliver comprehensive information on all aspects of information security. Reviewed word for word by leading technical experts in the field, these books are not just current, but forward-thinking—putting you in the position to solve the cybersecurity challenges not just of today, but of tomorrow, as well.

Part 1 of this book focuses on new risks, threats, and vulnerabilities associated with the Microsoft Windows operating system. Particular emphasis is placed on Windows XP, Vista, 7, and 8 on the desktop, and Windows Server 2003, 2008, and 2012 versions. More than 90 percent of individuals, students, educators, businesses, organizations, and governments use Microsoft Windows, which has experienced frequent attacks against its well-publicized vulnerabilities. Part 2 emphasizes how to use tools and techniques to decrease risks arising from vulnerabilities in Microsoft Windows operating systems and applications. Part 3 provides a resource for readers and students desiring more information on Microsoft Windows OS hardening, application security, and incident management, among other issues.

http://www.jblearning.com/
Learning Features The writing style of this book is practical and conversational. Step-by-step examples of information security concepts and procedures are presented throughout the text. Each chapter begins with a statement of learning objectives. Illustrations are used both to clarify the material and to vary the presentation. The text is sprinkled with Notes, Tips, FYIs, Warnings, and sidebars to alert the reader to additional and helpful information related to the subject under discussion. Chapter Assessments appear at the end of each chapter, with solutions provided in the back of the book.

Chapter summaries are included in the text to provide a rapid review or preview of the material and to help students understand the relative importance of the concepts presented.

Audience The material is suitable for undergraduate or graduate computer science majors or information science majors, students at a two-year technical college or community college who have a basic technical background, or readers who have a basic understanding of IT security and want to expand their knowledge.

Acknowledgments

I would like to thank Jones & Bartlett Learning for the opportunity to write this book and be a part of the Information Systems Security & Assurance Series. I would also like to thank K Rudolph, the book’s technical reviewer and liaison between me and Jones & Bartlett Learning. Your input really made this a better book. And thanks so much to Ed Tittel for getting me involved in the first place and Carole Jelen with Waterside Productions for working so hard to make this happen.

To God, who has richly blessed me in so many ways

About the Author MICHAEL G. SOLOMON (CISSP, PMP, CISM) is a full-time security speaker, consultant, and author, and a former university instructor who specializes in development and assessment security topics. As an IT professional and consultant since 1987, he has worked on projects for more than 100 major companies and organizations. From 1998 until 2001, he was an instructor in the Kennesaw State University Computer Science and Information Sciences (CSIS) department, where he taught courses on software project management, C++ programming, computer organization and architecture, and data communications. Solomon holds an MS in mathematics and computer science from Emory University (1998), and a BS in computer science from Kennesaw State University (1987). He is currently pursuing a PhD in computer science and informatics at Emory University with a research focus on confidentiality assurance in untrusted cloud environments. He has also authored and contributed to various security books, including Security Strategies in Windows Platforms and Applications (Jones & Bartlett Learning, 2011), Auditing IT Infrastructures for Compliance (Jones & Bartlett Learning, 2011), and Computer Forensics JumpStart, 2nd Edition (Sybex, 2011). Solomon coauthored Information Security Illuminated (Jones and Bartlett, 2005), Security1 Lab Guide (Sybex, 2005), PMP ExamCram2 (Que, 2005), and authored and provided the on-camera delivery of LearnKey’s CISSP Prep and PMP Prep e- Learning courses.

PART ONE

The Microsoft Windows Security Situation

CHAPTER 1 Microsoft Windows and the Threat Landscape

CHAPTER 2 Security in the Microsoft Windows Operating System

CHAPTER 1

Microsoft Windows and the Threat Landscape

MICROSOFT WINDOWS is the most common operating system used today. More than 90 percent of computers use a Windows operating system. Microsoft provides operating system software for a wide variety of solutions, including both client and server computers. The latest Windows releases for server environments provide the most advanced features of the Windows product line.

Those releases contain new and updated security features. Each year brings new and unique threats to violate a system’s security. Whether the goal is to crash a system, access information without authorization, or disrupt normal system operation, attackers are finding much vulnerability to exploit.

It is important to understand the threats to Windows system security and the steps to protect it from attackers. The first step to creating and maintaining a secure environment is learning how to find and mitigate vulnerabilities and how to protect your systems.

Chapter 1 Topics

This chapter covers the following topics and concepts: • What information systems security is • What the tenets of information security are: the Confidentiality-

Integrity-Availability (C-I-A) triad

• What mapping Microsoft Windows and applications into a typical IT infrastructure is

• What Microsoft’s End-User License Agreement (EULA) and limitations of liability are

• What common Windows threats and vulnerabilities are • What Microsoft Windows vulnerabilities are, including Code Red,

Conficker, and SQL Slammer • What the discovery-analysis-remediation cycle is • What common forms of attack on Windows environments are

Chapter 1 Goals

When you complete this chapter, you will be able to: • Review key concepts and terms associated with information

systems security • Discuss the tenets of information security: C-I-A triad • Explain how Microsoft Windows and applications map to a typical

IT infrastructure • List the main objectives of the Microsoft EULA • Describe the limitations of liability in the Microsoft EULA • Categorize Windows threats and vulnerabilities • Recognize the anatomy of common Microsoft Windows

vulnerabilities • Summarize the discovery-analysis-remediation cycle • Analyze common methods of attack • Discuss emerging methods of attack

Information Systems Security As computers become more complex, attackers become more sophisticated. Attackers are continually crafting new methods to defeat the most secure environments. The job of the security professional is becoming more

difficult because of the complexity of systems and attacks. No single action, rule, or device can protect an information system from all attacks. It takes a collection of strategies to make a computer environment safe. This approach to using a collection of strategies is often called defense in depth. To maintain secure systems, it is important to understand how environments are attacked and how computer systems and networks can be protected. The focus here is specifically on securing the family of Microsoft Windows operating systems and applications.

The main goal in information security is to prevent loss. Today’s information is most commonly stored in electronic form on computers, also referred to as information systems. Although printed information, or hard copy, needs to be protected, this text addresses only issues related to protecting electronic information stored on information systems.

The two goals of protecting information from unauthorized use and making the information available for authorized use are completely separate and often require different strategies. Ensuring information is readily available and accessible for authorized use makes restricting the data from unauthorized use more difficult. Most information security decisions require careful thought to ensure balance between security and usability. Information that is secure is simply serving the purpose for which it is intended. It is not being used for unintended purposes.

Mechanisms used to protect information are called security controls. Security controls can be part of the operating system or application software setup, part of a written policy, or a physical device that limits access to a resource. There are two methods of categorizing controls. These aren’t the only methods used to classify controls and a single control may fit into more than one category. The first method looks at what the control is. Security controls belong to at least one of the following types:

• Administrative controls are written policies, procedures, guidelines, regulations, laws, and rules of any kind.

• Technical controls are devices or processes that limit access to resources. Examples include user authentication, antivirus software, and firewalls. Technical controls are also called logical controls.

• Physical controls are devices that limit access or otherwise protect a resource, such as fences, doors, locks, and fire extinguishers.

Security controls can also be categorized by the type of function they perform—also referred to as what they do. Here are the most common types of security control function types:

• Preventive controls prevent an action. Preventive controls include locked doors, firewall rules, and user passwords.

• Detective controls detect that an action has occurred. Detective controls include smoke detectors, log monitors, and system audits.

• Corrective controls repair the effects of damage from an attack. Corrective controls include virus removal procedures, firewall table updates, and user authorization database updates.

Tenets of Information Security: The C-I-A Triad The practice of securing information involves ensuring three main attributes of information. These three attributes are often called the tenets of information security, or the C-I-A triad. Some security professionals may refer to it as the A-I-C triad, but the concept is the same. The three tenets of information security are:

FIGURE 1-1 The C-I-A triad.

• Confidentiality—The assurance that the information cannot be accessed or viewed by unauthorized users is confidentiality.

• Integrity—The assurance that the information cannot be changed by unauthorized users is integrity.

• Availability—The assurance that the information is available to authorized users in an acceptable time frame when the information is requested is availability.

Each of the tenets interacts with the other two, and in some cases, may cause conflict with other tenets (Figure 1-1). In this section, you will look at each tenet in more detail and how each one may cause conflicts with the others.

Confidentiality In some cases, it is not enough to ensure information is protected from changes. Some information is private, privileged, business confidential, or classified and must be protected from unauthorized access of any type. Part of the value of confidential information is that it is available only to a limited number of authorized users. Some examples of confidential information include financial information, either personal or corporate; personal medical information; and secret military plans.

Confidentiality also introduces a need for an additional layer of protection. Sometimes, it is necessary to limit users with access to many resources by only allowing them to access specific resources on a need-to- know (NTK) basis. For example, a manager may have access to project documents that contain sensitive information. To limit the damage that could occur from accidents or errors, it is common to limit access to documents that directly relate to the manager’s projects only. Documents that do not directly relate to the manager’s projects are not accessible. That means that although a user possesses sufficient access for a resource, if the user does not have a specific need to know what a resource stores, the user still cannot access it.

A successful attack against confidential information enables the attacker to use the information to gain an inappropriate advantage or to extort compensation through threats to divulge the information.

Confidentiality has long been the subject of many types of legislation. Legislative bodies in many countries have enacted laws and regulations to protect the confidentiality of personal medical and financial information.

Attorneys and physicians have long enjoyed the privilege of confidentiality when conversing with clients and patients. This assurance of confidentiality is crucial to the free flow of necessary information.

Integrity Information is valid only when it is correct and can be trusted. The second tenet of information security ensures that information can be modified only by authorized users. Ensuring integrity means applying controls that prohibit unauthorized changes to information. Controls that ensure information integrity can be based on the user’s role. Other examples of integrity controls are security classification and user clearance.

Since information may change as a result of application software instructions, it is important that controls ensuring integrity extend to the application software development process. Regardless of the specific controls in use, the goal of integrity is to protect information from unauthorized changes.

Availability Secure information is serving the purpose for which it was created. This means that secure information must be available when the information is requested.

Many attacks focus on denying the availability of information. One common type of attack that denies the availability of information is the denial of service (DoS) attack. This type of attack does not need to actually access or modify information. It prevents authorized users from accessing it. For example, an attack that denies access to Amazon.com’s Web-based information would have a negative impact on sales. Amazon can’t afford to allow its information to be inaccessible for any length of time. Since so many businesses rely on available information to function properly, unavailable information poses a risk to the primary business functions.

Over a period of several months, from September 2012 to February 2013, a group of activists with hacking abilities, called hactivists, launched a series of attacks against several major U.S. bank computer systems. Hacktivists are behind more and more large-scale attacks, the intent of which is generally to bring attention to some political or social issue. The

http://amazon.com/