Topic 4

1. David is worried about banking on the internet. He has read a report from
Raytheon (2015) which states that financial services companies encounter
security incidents 300% more frequently than other industries.

It also states that there is an increasing trend to target employees and trick them
with phishing emails and that cybercriminals bombard sites with low-level attacks
(e.g., low-level DDOS) to provide background noise which distracts security staff
from targeted attacks (Raytheon/Websense, 2015). David says he’s going to stop
internet banking because of this issue.

What is a phishing email?

A phishing email is one that looks like an email from a well-known

company or organization. It is an attempt to get people to give up personal
information, like their bank account details.

Do you agree with the report?

A valid reason for ‘No’ is: Since these are employee-targeted attacks,
stopping internet banking will have no effect on the risk.

2. If you were a Company Chief Information Security Officer, what action would you
take to improve security from these attacks and to improve customer confidence?

For example, I may initiate a program to build a security culture in the

company.
 Regular training for the staff.
 An awareness program.
 Regulation of rules.
 Test the technical controls.
 Analyzing the company's security environment.
3. In May 2016, Forbes magazine ran an article with the title: “Cyber Risk: People
Are Often the Weakest Link In The Security Chain”.

The article stated that phishing was a particularly common way of breaking
security in corporate systems.

Explain what the term phishing mean

 Sending fake emails from respected companies.
 passwords and credit card numbers in order to gain access to
private information.

4. Give an example of how phishing might compromise security.

 Macro virus infects computer and collects personal information from

employee who clicks on link to download it.
 Email that looks like it came from a bank. The victim clicks on a link
to a spoof site and gives out personal information.

5. Give TWO (2) examples of ways to reduce the threat of phishing.

 Spam filters.
 AV scans of emails.
 Link checking software.
 Training users.

6. Secure Multipurpose Internet Mail Extensions (S/MIME) supports encryption of

email messages and their contents via public-key encryption technology. State
THREE (3) security services it provides.

 Authentication.
 Message integrity.
 Non-repudiation of origin.
 Privacy.
 Data security.
7. Explain how the OpenPGP protocol is used to encrypt an email message

 The text is compressed.

 Create a random session key.
 The message is then signed digitally using the sender's private key.
 The session key and symmetric algorithm encrypt the message and
signature.
 The session key is added to the encrypted message with the
recipient's public key.
 The recipient gets the encrypted message.
 Recipient reverses these steps.

8. Cryptography is used in email systems as a security feature. State THREE (3)

reasons why cryptography is used in email systems:

 Sign an email to ensure its integrity and validate its sender's identity.
 Encrypt the body of an email to protect its privacy.
 Encrypt messages between mail servers to protect the message
body and header.

9. State TWO (2) widely used standards for signing and encrypting message
bodies.

 Open Pretty Good Privacy (OpenPGP).

 Secure/Multipurpose Internet Mail Extensions (S/MIME).

10. Explain THREE (3) email threats

 Viruses can ruin vital papers and programs.

 Hackers will try to get private data.
 With spam, various components of the communications
infrastructure can suffer.

11. Explain the term Phishing.

  Used for identity theft.
 Misrepresenting emails from reliable sources.
 Request personal information such as bank account numbers.
 Most are aimed at individuals.

12. Explain TWO (2) protocols that can be used for securing email.

S/MIME
 Secure/MIME is a MIME protocol version.
 It enables public-key encryption for email messages and their
contents.
 Based on the MIME protocol.

OpenPGP
 OpenPGP uses both public and symmetric keys.
 Digitally signed message digests use public key cryptography.
 The message body is encrypted with a symmetric key method.