3DES (3 Data Encryption Standard), 240
5G (Fifth Generation Wireless Systems), 454
6LoWPAN wireless protocol, 41
802.11a wireless connections, 39
802.11a Wireless Gigabyte Alliance wireless connections, 39
802.11ac wireless connections, 39
802.11af wireless connections, 39
802.11ah wireless connections, 39
802.11aj wireless connections, 39
802.11ax wireless connections, 39
802.11b wireless connections, 39
802.11be wireless connections, 39
802.11g wireless connections, 39
802.11n wireless connections, 39
802.11n-2009 wireless connections, 39
2014 Data Breach Investigation Report (Verizon), 18
abelian (commutative) groups, 242
acceptance, risk assessments, 7
ACK, SYN.ACK communications, 50
active code scanning, 271
active IDS (Intrusion Detection Systems), 280
active scanning techniques, 169
active state, cell phones, 452
activities, security
administration policies, 316
advertised relay nodes, The Dark Web, 193
age of passwords, 344
AI (Artificial Intelligence) and information warfare, 395–396
ALE (Annualized Loss Expectancy), 6
algorithms
alphabet substitution
analysis
AND operations, 235
ANT+ wireless protocol, 41
anti-malware, 157
Apple viruses 1, 2, and 3, 140
application gateways, 274
Application layer (OSI network model), 60
Application layer (TCP/IP network model), 61
application-layer firewalls, 276
applications, patches, 338
approaches, security
armored viruses, 133
ASCLD (American Society of Crime Laboratory Directors), 437
assessing
system security
Assessing and Managing Security Risk in IT Systems: A Structured Methodology, 21–22
assets
Atlanta ransomware attack, 136
attachments
attacks. See threats
audits, 21
authentication, 21
autostart locations, cyber forensics, 450
avoidance, risk assessments, 7
AWS (Amazon Web Services), DoS attacks, 120
backups
bandwidth
BCP (Business Continuity Plans), 325
Beard, Andrew, harassment, 85
BIA (Business Impact Analysis), 325
bids, auction fraud
binary number conversions, 44
binary operations, ciphers, 235
Black Basta virus, 134
BlackEnergy, 383
blackholing, 122
Black’s Law Dictionary, 84
block ciphers, 237
Blowfish, 243
Blue jacking, 181
blue teams, 167
Bluebugging, 181
Bluesnarfing, 181
bombs, logic, 9
boot sector viruses, 132
Boston Globe, 121
botnets, 119
breaches
bridge nodes, The Dark Web, 193
browsers
Brutus password cracking tool, 183
bugs/phone taps, industrial espionage, 211
Burkett, Alyssa, harassment, 85
BYOD (Bring Your Own Device), 314
cabling
CAPTCHA, login attacks, 119
cars, hacking, 17
Castillo, Andy, harassment, 85
CBC (Cipher Block Chaining) mode, 244
CC (Challenge Collapsar) attacks, 120
cell phones
Cellebrite forensics tool, 440
certifications, 6
Certified Ethical Hackers, 367
CFB (Cipher Feedback) mode, 244
chain of custody, 433
Chandler, James, identity theft, 81
CHAP (Challenge Handshake Authentication Protocol), 289
chat rooms, 49
Chavarri, Johao, cyber stalking, 83
checklists, security, 344
China, cyber terrorism, 381
chosen plain text attacks, 258
Chrome (Google), security settings, 96
CIDR (Classless Interdomain Routing), 47
cipher text encryption, 237
cipher text only attacks, 259
ciphers
circuit-level gateways, 276
CISSP (Certified Information Systems Security Professionals), 367
classification policies, data, 323
CLD 6.3.1, 63
CLD 8.1.5, 63
CLD 9.5.1, 63
CLD 9.5.2, 63
CLD 12.1.5, 63
CLD 12.4.5, 63
CLD 13.1.4, 63
client errors, 48
Clop virus, 136
COBO (Company-Owned/Business Only), 314
command injection attacks, 181
commercial antivirus software, 272
commutative (abelian) groups, 242
company searches, 413
company versus company, industrial espionage, 206
compromising system security
Computer Security Act of 1987, 24
concepts, security
configuring
connect scans, 170
connectivity
802.11a wireless connections, 39
802.11a Wireless Gigabyte Alliance wireless connections, 39
802.11ac wireless connections, 39
802.11af wireless connections, 39
802.11ah wireless connections, 39
802.11aj wireless connections, 39
802.11ax wireless connections, 39
802.11b wireless connections, 39
802.11be wireless connections, 39
802.11g wireless connections, 39
802.11n wireless connections, 39
802.11n-2009 wireless connections, 39
DSo connections, 38
Internet connection types, 38
ISDN connections, 38
local networks
OC3 connections, 38
OC12 connections, 38
OC48 connections, 38
T1 connections, 38
T3 connections, 38
converting binary numbers, 44
cookies
COPE (Company-Owned/Personally-Enabled), 314
COVID-19, Internet fraud, 75
Crack Station password cracking tool, 184
crackers, 167
cracking attacks, 9
password cracking, 182
WebCracker password cracking tool, 183
credibility, evaluating cyber stalking threats, 87
Creeper virus, 140
criminal checks, cyber detectives, 413
crossover cabling, 37
cross-site request forgeries, 180
3DES, 240
algorithms, 237
asymmetric encryption, 227
binary operations, 235
block ciphers, 237
Blowfish, 243
cipher text, 237
decryption, 227
Diffie-Hellman key exchange, 250
digital signatures, 252
elliptic curve cryptography, 250
Feistel ciphers, 237
frequency analysis, 258
hashing, 253
key schedules, 238
keys, 237
mono-alphabet substitution, 230
“old” encryption, 251
plain text, 237
Polybius cipher, 233
public-key (asymmetric) encryption, 245
rail fence cipher, 232
Rijndael block cipher. See AES
Scytale cipher, 233
Serpent, 243
Skipjack, 243
stream ciphers, 237
substitution alphabets, 230
symmetric encryption, 227
transposition ciphers, 232
Vigenere cipher, 231
CryptoLocker virus, 135
CryptoWall virus, 135
custody, chain of, 433
ASCLD, 437
cell phones, finding on
Cellebrite, 440
chain of custody, 433
Daubert standard, 459
defined, 427
document trails, 432
EnCase, 439
falsifiability, 437
Federal Rule 702, 459
goal of, 427
industry standards, 437
ISO/IEC 27037:2012, 437
ISO/IEC 27041, 437
ISO/IEC 27042, 437
ISO/IEC 27043, 437
ISO/IEC 27050, 437
live machines, 432
Locard’s Principle of Transference, 436
Magnet Forensics, 439
network forensics, 460
OSForensics, 439
Oxygen, 439
PC, finding evidence on
reports, 438
RFC 3227, 437
scientific method, 437
Sleuth Kits, 439
virtual forensics, 460
cyber terrorism, 378–379. See also information warfare
Cybercrime Magazine, 3
Cyberterrorism Preparedness Act of 2002, 396
cyclic groups, 242
CYOD (Choose Your Own Device), 314
Dallas, TX police department, insider threats, 14
DAM (Database Activity Monitoring), 287
Dark Web, The
DASH7 wireless protocol, 41
data breaches
data classification policies, 323
Data Link layer (OSI network model), 60
data packets
data transmission, 41
databases
Daubert standard, 459
deauthentication attacks, 181
decryption, 227
degradation of service attacks, 120
detecting
DHCP starvation, 118
dictionary attacks, 182
DID (Data Interface Diagrams), 488
differential backups, 326
Diffie-Hellman key exchange, 250
digital signatures, 252
directory traversals, 180
disaster recovery, 324
disinformation, 391
DiskCryptor, 214
distributed reflection DoS attacks, 109
DNS (Domain Name System) protocol, 42
documentation
DOJ (Department of Justice)
DoS (Denial of Service) attacks, 5, 10–11, 106–107
AWS attack, 120
blackholing, 122
blocking ICMP packets, 122
Boston Globe, 121
CC attacks, 120
defined, 8
degradation of service attacks, 120
DHCP starvation, 118
distributed reflection DoS attacks, 109
EDoS attacks, 120
FastMail DDoS blackmail attack, 121
Fraggles, 116
Google attack, 120
HTTP POST DoS attacks, 118
ICMP flood attacks, 117
login attacks, 119
login DoS attacks, 118
memcache attack, 121
PDoS attacks, 118
phlashing, 118
PoD, 117
registration DoS attacks, 118
security policies, 320
sinkholing, 122
teardrop attacks, 118
TFN, 111
TFN2K, 111
weaknesses, 112
XOIC, 110
Yo-Yo attacks, 119
downloads, virus scanners, 270
DREAD threat modeling, 490
drives
DRP (Disaster Recovery Plans), 324
DSo connections, 38
dual-homed host firewalls, 275
EAP (Extensible Authentication Protocol), 289
EAP-TLS (Extensible Authentication Protocol-Transport Layer Security), 289
ECB (Electronic Codebook) mode, 244
EDGE (Enhanced Data Rates for GSM Evolution), 454
EDoS (Economic Denial of Sustainability) attacks, 120
Eisenberger, Keith, harassment, 85
eliminating viruses/spyware
elliptic curve cryptography, 250
employee policies
EnCase forensics tool, 439
3DES, 240
algorithms, 237
asymmetric (public-key) encryption, 227
binary operations, 235
block ciphers, 237
Blowfish, 243
cipher text, 237
decryption, 227
Diffie-Hellman key exchange, 250
digital signatures, 252
elliptic curve cryptography, 250
Feistel ciphers, 237
frequency analysis, 258
hashing, 253
key schedules, 238
keys, 237
mono-alphabet substitution, 230
“old” encryption, 251
plain text, 237
Polybius cipher, 233
public-key (asymmetric) encryption, 245
rail fence cipher, 232
Rijndael block cipher. See AES
Scytale cipher, 233
Serpent, 243
stream ciphers, 237
substitution alphabets, 230
symmetric (single-key) encryption, 227
transposition ciphers, 232
Vigenere cipher, 231
entry node, The Dark Web, 192
errors
Ethernet headers, 50
Euler’s Totient, 246
evidence
evil twin attacks, 181
exit node, The Dark Web, 192
expulsion/termination policies, 315
factory default state/nascent state, cell phones, 452
FakeAV virus, 137
false negatives/positives, virus scanners, 271
falsifiability, 437
faster connection speeds, local networks, 38
FastMail DDoS blackmail attack, 121
Federal Rule 702, 459
FedRAMP (Federal Risk and Authorization Management Protocol), 63
Feistel ciphers, 237
“Felony Lane Gang, The,” 81
fields, 242
files
FIN probes, 173
FIN scans, 171
finding
FinFisher, 383
application gateways, 274
application-layer firewalls, 276
benefits of, 273
circuit-level gateways, 276
dual-homed host firewalls, 275
finding, 342
limitations of, 273
logs, 278
network host-based firewalls, 275
NGFW, 276
router-based firewalls, 275
screened hosts, 275
SPI, 274
SPI firewalls, 115
WAF, 276
ZoneAlarm, 277
footprinting, 385
foreign governments, economic espionage, 206
ASCLD, 437
cell phones, finding on
Cellebrite, 440
chain of custody, 433
Daubert standard, 459
defined, 427
document trails, 432
EnCase, 439
falsifiability, 437
Federal Rule 702, 459
goal of, 427
industry standards, 437
ISO/IEC 27037:2012, 437
ISO/IEC 27041, 437
ISO/IEC 27042, 437
ISO/IEC 27043, 437
ISO/IEC 27050, 437
live machines, 432
Locard’s Principle of Transference, 436
Magnet Forensics, 439
network forensics, 460
OSForensics, 439
Oxygen, 439
PC, finding evidence on
reports, 438
RFC 3227, 437
scientific method, 437
Sleuth Kits, 439
virtual forensics, 460
Fraggles, 116
frequency analysis, 258
frequency, evaluating cyber stalking threats, 87
F-Secure, 26
FTP (File Transfer Protocol), 42
FTP bounce scans, 173
full backups, 326
Galois group, 242
Gameover ZeuS virus, 135
GCM (Galois Counter Mode), 245
general searches, 410
Georgia Medical Center, South, insider threats, 14–15
Georgia (Republic of), StopGeorgia.ru malware, 383
GIAC, system security, 368
Goldberg, Barry, cyber stalking, 83
Golden Eye, 134
good passwords, 343
GSM (Global System for Mobile Communication), 453
guidelines, security, 323
hacking, 19
active scanning techniques, 169
Blue jacking, 181
blue teams, 167
Bluebugging, 181
Bluesnarfing, 181
cars, 17
cell phone attacks, 181
Certified Ethical Hackers, 367
command injection attacks, 181
cookie poisoning, 180
crackers, 167
cross-site request forgeries, 180
Dark Web, The
deauthentication attacks, 181
defined, 18
dictionary attacks, 182
directory traversals, 180
evil twin attacks, 181
hybrid attacks, 182
industrial espionage, 206
IoT, 17
Jeep vehicles, 17
malware
medical devices, 17
net user script attacks, 186
New Hackers Dictionary, 20
pass the hash attacks, 185
password cracking attacks, 182
Pod slurping, 181
reconnaissance phase, 167
red teams, 167
Russian hackers, 381
URL hijacking, 180
Windows computers, 185
wireless attacks, 181
WPS attacks, 181
hard drives
Hardy, Matthew, cyber stalking, 84
Hern, U.S. Representative Kevin, harassment, 85
Herring, Mark, swatting, 86
heuristic scanning, 271
hijacking
HIPAA (Health Insurance Portability and Accountability Act of 1996), 25, 328–329
HMAC (Hashing Message Authentication Code), 254
HOIC (High Orbit Ion Cannons), 110
honey pots, 286
HTTP (Hypertext Transfer Protocol), 42
HTTP POST DoS attacks, 118
HTTPS (HTTP Secure), 42
hubs, 37
hybrid attacks, 182
hybrid clouds, 62
hypervisors, 462
ICCID (Integrated Circuit Card Identification), 453
ICMP flood attacks, 117
ICMP packets, blocking, 122
iDEN (Integrated Digital Enhanced Networks), 454
identifying
identity
IEEE (Institute of Electrical and Electronics Engineers)
802.11a wireless connections, 39
802.11a Wireless Gigabyte Alliance wireless connections, 39
802.11ac wireless connections, 39
802.11af wireless connections, 39
802.11ah wireless connections, 39
802.11aj wireless connections, 39
802.11ax wireless connections, 39
802.11b wireless connections, 39
802.11be wireless connections, 39
802.11g wireless connections, 39
802.11n wireless connections, 39
802.11n-2009 wireless connections, 39
15288, 472
IM (Instant Messaging), security policies, 313
image searches, 411
IMAP (Internet Message Access Protocol), 42
IMAPS (IMAP Secure), 42
IMEI (International Mobile Equipment Identity), 453
impact analysis, 325
IMSI (International Mobile Subscriber Identity), 453
incremental backups, 326
India, cyber terrorism, 381
information warfare, 388. See also cyber terrorism
insider threats, 14
installing software, security policies, 312
intensity, evaluating cyber stalking threats, 88
Internet
Internet layer (TCP/IP network model), 61
intrusions
iOS, cyber forensics, 454
IoT (Internet of Things)
IP (Internet Protocol) addresses, 43
IP headers, 49
IPsec (Internet Protocol Security), 297
IRC (Internet Relay Chat) protocol, 42
ISDN connections, 38
ISO 27002, 307
ISO 27004, 478
ISO 27017, 63
ISO 27018, 63
ISO 27035, 325
ISO/IEC 27037:2012, 437
ISO/IEC 27041, 437
ISO/IEC 27042, 437
ISO/IEC 27043, 437
ISO/IEC 27050, 437
ISP (Internet Service Providers), 43
Last Visited, cyber forensics, 450
laws/legislation, 328
Computer Security Act of 1987, 24
court records/criminal checks, cyber detectives, 413
Cyberterrorism Preparedness Act of 2002, 396
Federal Rule 702, 459
Industrial Espionage Act of 1996, 218
OMB Circular A-130, 25
PCI DSS, 329
privacy laws, 25
Sarbanes-Oxley Act, 329
state-specific computer security laws/legislation, 25
United States Code (the Privacy Act), 24
layered security approaches, 23
LEAP (Lightweight Extensible Authentication Protocol), 289
least privileges, 22
Leszczymski, Alexander, Internet fraud, 75
link-local addresses, 47
Linux
live machines, cyber forensics, 432
local networks
Locard’s Principle of Transference, 436
loggers, key, 9
logical network perimeters, 462
login attacks, 119
logs
loopback addresses, 47
loss
LTE (Long Term Evolution), 454
Lynsis, 359
M flags, 48
MAC (Media Access Control) addresses, 61
MAC (Message Authentication Code), 254
MacDefender virus, 137
machine learning
machine-local addresses, 47
macro viruses, 132
Magnet Forensics, 439
anti-malware, 157
APT, 152
BlackEnergy, 383
characteristics of, 9
defined, 8
key loggers, 9
spam, 152
StopGeorgia.ru malware, 383
Stuxnet, 382
viruses
Apple viruses 1, 2, and 3, 140
armored viruses, 133
Atlanta ransomware attack, 136
Black Basta virus, 134
boot sector viruses, 132
Clop virus, 136
Creeper virus, 140
CryptoLocker virus, 135
CryptoWall virus, 135
defined, 131
early viruses, 140
FakeAV virus, 137
Gameover ZeuS virus, 135
impact of, 140
MacDefender virus, 137
macro viruses, 132
memory-resident viruses, 133
metamorphic viruses, 133
Mindware virus, 136
Morris Internet worm, 139
multi-partite viruses, 133
nonvirus viruses, 139
Petya virus, 134
polymorphic viruses, 133
Rombertik virus, 135
rules for avoiding, 141
Shlayer virus, 138
sparse infector viruses, 133
Thanatos ransomware, 136
Titanium virus, 134
virulancy, 137
Wabbit virus, 140
WannaCry virus, 134
worms versus, 142
worms, 142
MATLAB, cybersecurity engineering, 473
McCullum, Juan R., harassment, 85
MD5, 253
medical devices, hacking, 17
Medico, Joseph, harassment, 85
memcache, DoS attacks, 121
memory-resident viruses, 133
metamorphic viruses, 133
micro blocks, TCP SYN flood attacks, 113
Microsoft Security Advisor, 26
Mindware virus, 136
mistaken identity, 415
mitigation, risk assessments, 7
mobile phones
modeling/simulation
monitoring, DAM, 287
mono-alphabet substitution, 230
Morris, Robert T.
Morris Internet worm, 139
MPE (Mean Percentage Error) formula, 474
MSD (Mean Squared Deviation) formula, 474
MTTR (Mean Time To Repair) formula, 475
multi-alphabet substitution, 231
multi-partite viruses, 133
Murphy, Robert James, cyber stalking, 84
NAP (Network Access Points), 43
nascent state/factory default state, cell phones, 452
NAT (Network Address Translation), 46
National Vulnerability Database, 365
net user script attacks, 186
NetBIOS protocol, 42
Netstat command, 56
Network Access layer (TCP/IP network model), 61
network host-based firewalls, 275
Network layer (OSI network model), 60
basics, 35
data transmission, 41
firewalls, 59
forensics, 460
iDEN, 454
local networks
logical network perimeters, 462
MAC addresses, 61
NAP, 43
NAT, 46
NIC, 35
proxy servers, 59
scanning techniques
TCP/IP model, 61
VPN, 296
wireless networks
new employee policies, 316
New Hackers Dictionary, 20
NGFW (Next-Generation Firewalls), 276
NIST (National Institute of Standards and Technology)
NNTP (Network News Transfer Protocol), 42
nonvirus viruses, 139
NSA (National Security Agency)
NSA ANT catalog, 384
nuclear secrets, industrial espionage, 206
O flags, 48
OC3 connections, 38
OC12 connections, 38
OC48 connections, 38
Offensive Security, 367
old backup media, 349
“old” encryption, 251
old passwords, 344
OMB Circular A-130, 25
online resources, 25
OpenVAS, 363
OR operations, 235
OSForensics forensics tool, 439
OWASP (Open Web Application Security Project)
Oxygen forensics tool, 439
packets
Pakistan, cyber terrorism, 381
Panda Security, machine learning and malware, 141
PAP (Password Authentication Protocol), 288
pass the hash attacks, 185
passive IDS (Intrusion Detection Systems), 280
passive security approaches, 23
passwords
PASTA threat modeling, 490
PC, finding evidence (cyber forensics)
PCBC (Propagating Cipher-Block Chaining) mode, 244
PCI DSS (Payment Card Industry Data Security Standard), 189, 329, 365
PDoS attacks, 118
PEAP (Protected Extensible Application Protocol), 289
Pegasus spyware, 147
People’s Drug Store, The, 191
perimeter security approaches, 23
Petya virus, 134
phlashing, 118
phone taps/bugs, industrial espionage, 211
Physical layer (OSI network model), 60
physical security
plain text, encryption, 237
Plaskett, Stacey, harassment, 85
PoD (Ping of Death), 117
Pod slurping, 181
poisoning
Polybius cipher, 233
polymorphic viruses, 133
POP3S (POP3 Secure), 42
ports
PPTP (Point-to-Point Tunneling Protocol), 296
Prefetch, cyber forensics, 451
Presentation layer (OSI network model), 60
Principle of Transference, Locard’s, 436
privacy
privileges, least, 22
procedures, security, 323
protocols
public-key (asymmetric) encryption, 245
pump and dump scams, 77
RAID, 327
rail fence cipher, 232
Ramos, Jeron, harassment, 85
ranges, IPv4 addresses, 45
ransomware
recent documents, cyber forensics, 450
reconnaissance phase, hacking, 167
red teams, 167
registration DoS attacks, 118
related-key attacks, 259
relay node, The Dark Web, 192
repeaters, local networks, 37
reports, forensics, 438
Republic of Georgia, StopGeorgia.ru malware, 383
request forgeries, cross-site, 180
resources, online, 25
RFC 3227, 437
Rijndael block cipher. See AES
rings, 242
RIPEMD (RACE Integrity Primitives Evaluation Message Digest), 254
risk
RJ-45 connectors, 35
RMF (Risk Management Framework), 476
Rombertik virus, 135
router-based firewalls, 275
routers
RST cookies, TCP SYN flood attacks, 114
Russia
sandboxes, virus scanners, 271
SANS Institute website, 26
Sarbanes-Oxley Act, 329
SCADA (Supervisory Control and Data Acquisitions)
scanners, virus, 269
scanning techniques
scientific method, cyber forensics, 437
screened hosts, 275
Scytale cipher, 233
searches
SEC (Securities and Exchange Commission), Internet fraud, 75, 77
security activities
Security Advisor, Microsoft, 26
security approaches
security block diagrams, 489
security checklists, 344
security concepts
security devices
security resources, online, 25
security tools/technology, 268
antivirus software, 272
DAM, 287
honey pots, 286
IDS, 279
intrusion deflection, 288
intrusion deterrence, 288
IPsec, 297
PPTP, 296
SIEM, 287
virus scanners, 269
semi-active state, cell phones, 452
sensitive data, industrial espionage, 202
Serpent, 243
server rooms, physical security, 345
servers
services
Session layer (OSI network model), 60
“sheep dip” machines, 271
ShellBags, cyber forensics, 451
shielding bids, 79
shill bidding, 79
Shlayer virus, 138
SIEM (Security Information and Event Management), 287
signatures, digital, 252
SIM (Subscriber Identity Modules), 452
simulation/modeling
sinkholing, 122
Skipjack, 243
SLE (Single Loss Expectancy), 6
Sleuth Kits, 439
SMART acronym, cybersecurity engineering, 469
SMB (Server Message Block) protocol, 42
SMTP (Simple Mail Transfer Protocol), 42
SMTPS (SMTP Secure), 42
sneakers, 19
SNMP scans, 173
Snowden, Edward, insider threats, 14
social engineering attacks, 10
software
spam, 152
SPAP (Shiva Password Authentication Protocol), 289
sparse infector viruses, 133
spear phishing, 219
specificity, evaluating cyber stalking threats, 88
speeds, network connectivity
SPI (Stateful Packet Inspection), 274
SPI firewalls, TCP SYN flood attacks, 115
SSH (Secure Shell) protocol, 42
SSL/TLS (Secure Sockets Layer/Transport Layer Security), 292–296
state-specific computer security laws/legislatuon, 25
StopGeorgia.ru malware, 383
storage, virtual, 462
STP (Shielded Twisted-Pair) cabling, 36
STRIDE threat modeling, 489
Stuxnet, 382
subnetting, 46
substitution alphabets
swatting, 86
SWGDE (Scientific Working Group on Digital Evidence), 436, 437
switches, local networks, 37
SYN/ACK communications, packets, 50
SYN cookies, TCP SYN flood attacks, 114
SYN scans, 171
system administration policies, 316
system vulnerabilities, 6
systems engineering, cybersecurity engineering, 468
T1 connections, 38
T3 connections, 38
Taiwan Semiconductor Manufacturing Company, impact of viruses, 140
TCP headers, 49
TCP/IP network model, 61
teardrop attacks, 118
Telnet, 42
termination/expulsion policies, 315
terminators, local networks, 35
terminology, 18
terrorism, cyber, 378–379, 387. See also information warfare
text
TFN (Tribal Flood Network), DoS attacks, 111
TFN2K, DoS attacks, 111
TFTP (Trivial File Transfer Protocol), 42
Thanatos ransomware, 136
THC-Hydra password cracking tool, 184
Thread wireless protocol, 41
threats
breaches
compromising system security
DDoS attacks, 11
DoS attacks, 5, 10–11, 106–107
AWS attack, 120
blackholing, 122
blocking ICMP packets, 122
Boston Globe, 121
CC attacks, 120
defined, 8
degradation of service attacks, 120
DHCP starvation, 118
distributed reflection DoS attacks, 109
EDoS attacks, 120
FastMail DDoS blackmail attack, 121
Fraggles, 116
Google attack, 120
HTTP POST DoS attacks, 118
ICMP flood attacks, 117
login attacks, 119
login DoS attacks, 118
memcache attack, 121
PDoS attacks, 118
phlashing, 118
PoD, 117
registration DoS attacks, 118
security policies, 320
sinkholing, 122
teardrop attacks, 118
TFN, 111
TFN2K, 111
weaknesses, 112
XOIC, 110
Yo-Yo attacks, 119
hacking
insider threats, 14
phreaking, 20
web attacks, 11
Time Stamps, cyber forensics, 451
Titanium virus, 134
TKIP (Temporal Key Integral Protocol), 40
tools/technology, security, 268
antivirus software, 272
DAM, 287
honey pots, 286
IDS, 279
intrusion deflection, 288
intrusion deterrence, 288
IPsec, 297
PPTP, 296
SIEM, 287
virus scanners, 269
transference
Transport layer (OSI network model), 60
Transport layer (TCP/IP network model), 61
transposition ciphers, 232
tunneling protocols
Uber, industrial espionage, 206
UML (Unified Modeling Language), 473
UMTS (Universal Mobile Telecommunications Systems), 454
uninstalled software
United States Code (the Privacy Act), 24
University of Dayton School of Law, cybercrime laws/legislation, 78–91
U.S. Department of Justice (DOJ)
U.S. Securities and Exchange Commission (SEC), Internet fraud, 75, 77
usage policies
U.S.C. 1028 (Identity Theft and Assumption Deterrence Act of 1998), 90
UserAssist, cyber forensics, 450
usernames, login attacks, 119
UTP (Unshielded Twisted-Pair) cabling, 36
Vega, 362
vehicles, hacking, 17
Verizon, m2014 Data Breach Investigation Report, 18
Vigenere cipher, 231
virtual forensics, 460
virtual storage, 462
viruses
antivirus software, 272
Apple viruses 1, 2, and 3, 140
armored viruses, 133
Atlanta ransomware attack, 136
Black Basta virus, 134
boot sector viruses, 132
Clop virus, 136
Creeper virus, 140
CryptoLocker virus, 135
CryptoWall virus, 135
defined, 131
detecting/eliminating
early viruses, 140
FakeAV virus, 137
Gameover ZeuS virus, 135
impact of, 140
MacDefender virus, 137
macro viruses, 132
memory-resident viruses, 133
metamorphic viruses, 133
Mindware virus, 136
Morris Internet worm, 139
multi-partite viruses, 133
nonvirus viruses, 139
Petya virus, 134
polymorphic viruses, 133
Rombertik virus, 135
rules for avoiding, 141
scanners, 269
Shlayer virus, 138
sparse infector viruses, 133
Thanatos ransomware, 136
Titanium virus, 134
virulancy, 137
Wabbit virus, 140
WannaCry virus, 134
worms versus, 142
vulnerabilities
Wabbit virus, 140
WAF (Web Application Firewalls), 276
WannaCry virus, 134
war-dialing, 10
war-driving, 10
warfare, information, 388. See also cyber terrorism
war flying, 10
WBS (Work Breakdown Structures), 471
“Weakness in the 4.2BSD Unix TCP/IP Software, A,” 13
web attacks, 11
WebCracker password cracking tool, 183
whaling, 219
Whois protocol, 42
Wi-Fi
6LoWPAN wireless protocol, 41
ANT+ wireless protocol, 41
DASH7 wireless protocol, 41
RC4 stream ciphers, 40
Thread wireless protocol, 41
war flying, 10
WirelessHART wireless protocol, 41
WPA3, 40
Zigbee wireless protocol, 41
Z-Wave wireless protocol, 41
Windows computers
finding evidence
hacking, 185
Windows Date/Time Stamps, cyber forensics, 451
wireless attacks, 181
wireless networks
WirelessHART wireless protocol, 41
workstations
worms
WPS attacks, 181