U.S. CAPTIVE INSURANCE LAW
  • Welcome
  • Basic Information
    • Who Should Form a Captive?
    • Convert To A Pure Captive
    • How We Work
  • Following the Rules
    • Introduction to Anti-Avoidance Law
    • Substance Over Form
    • Sham Transaction
    • Step Transaction Doctrine
    • The Economic Substance Doctrine
  • Articles
  • Blog
  • About US

Cyber Risk and Fault Tree Analysis

10/9/2018

0 Comments

 
I've been trying to think of a business that does not have exposure to cyber risk.  I can't think of one.  At minimum, everybody stores confidential data on a computer, which means they have a valuable commodity subject to data breach.

Let's take a higher-level view of this risk by using a fault-tree analysis.  Here's what that would look like:

Picture
The left side focuses on compromised data.  Here's the general process criminal use to get your information:

  1. Research: The cybercriminal looks for weaknesses in the company’s security (people, systems, or network).
  2. Attack: The cybercriminal makes initial contact using either a network or social attack.
  3. Network/Social attack: A network attack occurs when a cybercriminal uses infrastructure, system, and application weaknesses to infiltrate an organization’s network. Social attacks involve tricking or baiting employees into giving access to the company’s network. An employee can be duped into giving his/her login credentials or may be fooled into opening a malicious attachment.
  4. Exfiltration: Once the cybercriminal gets into one computer, he/she can then attack the network and tunnel his/her way to confidential company data. Once the hacker extracts the data, the attack is considered successful.

The right side discusses network breaches.  Here are some of the ways hackers will use to infiltrate networks:

  • Emails containing viruses and malware - This is one of the most popular methods of spreading malware hidden in an attachment in the email. Once the attachment is opened, the malicious software executes and/or downloads onto the computer that receives it.
  • Emails with links to malicious websites - Often referred to as phishing these emails attempt to emulate legitimate emails from well-known organisations that the receiver would tend to trust such as a bank. The html links lead to fake websites which try and trick the user entering sensitive information such as passwords and banking details. Sometimes these websites also attempt to install malware, viruses or spyware on the recipient’s computer.
  • Probing for weaknesses - Sometimes hackers send out mass emails in an attempt to compromise firewalls, intrusion detection systems and intrusion prevention systems to gain access to computer systems behind these defences. It’s a numbers game with millions of emails going out to identify malfunctioning, misconfigured or un-patched equipment.
  • Social networking pages - People tend to let down their guard and be less wary on social networking sites. With this method, a fake profile entices real users into following links to malicious websites or giving up sensitive personal information.
  • Inserting malicious packets - This relies on access to a swathe of zombie computers to send out large quantities of data packets to a large number of recipients targeting a specific port. The aim is to identify a router or firewall with the specific port open and gain access to the computers behind the firewalls
  • Hijacking ads - Cybercriminals often place ads containing malicious code on legitimate websites. They do this either by purchasing ads directly, hijacking the ad server or hacking someone else’s ad account.
  • Malware sold as legitimate software - Fake antivirus programs have infected millions of computers. Software is offered as free, available through the internet that includes malware designed to infect computers.
  • Advanced Persistent Threats (APTs) - APT means a sustained multi-pronged attempt to break into a specific organization’s or institution’s data networks. With APTs, hackers use many methods from sending fake promotional material to network attacks. The aim is to breach the network and steal information. APTs are different from other forms of attack because generally take place over the long term and can last months and years.




0 Comments



Leave a Reply.

    Archives

    April 2019
    March 2019
    February 2019
    January 2019
    November 2018
    October 2018
    September 2018
    August 2018
    October 2017
    September 2017
    August 2017
    June 2017
    May 2017
    April 2017
    March 2017
    February 2017
    January 2017
    November 2016
    October 2016
    September 2016
    August 2016
    July 2016
    June 2016
    May 2016
    April 2016
    March 2016
    February 2016

    RSS Feed

  • Welcome
  • Basic Information
    • Who Should Form a Captive?
    • Convert To A Pure Captive
    • How We Work
  • Following the Rules
    • Introduction to Anti-Avoidance Law
    • Substance Over Form
    • Sham Transaction
    • Step Transaction Doctrine
    • The Economic Substance Doctrine
  • Articles
  • Blog
  • About US