CONTENTS
Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xix
Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxi
Part I
Challenges
1 The French Connection . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
Industry: Software Engineering
Attack Complexity: Low
Prevention Complexity: Low
Mitigation Complexity: Low
2 The Insider . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Industry: Software Engineering
Attack Complexity: Moderate
Prevention Complexity: Moderate
Mitigation Complexity: Hard
3 The Parking Lot . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
Industry: Commercial Online Retailer
Attack Complexity: Moderate
Prevention Complexity: Moderate
Mitigation Complexity: Moderate
4 The Hinge Factor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43
Industry: Software Engineering
Attack Complexity: Low
Prevention Complexity: Low
Mitigation Complexity: Moderate
5 Maggie’s Moment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49
Industry: Computer Engineering
Attack Complexity: Devilish
Prevention Complexity: Moderate
Mitigation Complexity: Moderate
6 The Genome Injection . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59
Industry: Genetic Research
Attack Complexity: Hard
Prevention Complexity: Low
Mitigation Complexity: Hard
7 Up in the Air . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65
Industry: Software Engineering
Attack Complexity: Devilish
Prevention Complexity: Moderate
Mitigation Complexity: Moderate
8 The Tip of the Iceberg . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71
Industry: Financial Services
Attack Complexity: Moderate
Prevention Complexity: Low
Mitigation Complexity: Moderate
9 FDIC, Insecured . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89
Industry: Online Banking
Attack Complexity: Moderate
Prevention Complexity: Low
Mitigation Complexity: Hard
10 Jack and Jill . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111
Industry: Online Retail
Attack Complexity: Moderate
Prevention Complexity: Low
Mitigation Complexity: Low
11 The Accidental Tourist . . . . . . . . . . . . . . . . . . . . . . . . . . . . 121
Industry: Semiconductor Manufacturer
Attack Complexity: Low
Prevention Complexity: Hard
Mitigation Complexity: Moderate
12 Run for the Border . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127
Industry: Banking and Financial Services
Attack Complexity: Devilish
Prevention Complexity: Moderate
Mitigation Complexity: Low
13 Malpractice . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135
Industry: Health Care
Attack Complexity: Moderate
Prevention Complexity: Low
Mitigation Complexity: Moderate
14 An Apple a Day . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141
Industry: High School/Community College Network
Attack Complexity: Moderate
Prevention Complexity: Low
Mitigation Complexity: Moderate
15 A Thousand Razors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 149
Industry: Government Contractor
Attack Complexity: Low
Prevention Complexity: Hard
Mitigation Complexity: Hard
16 One Hop Too Many . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 157
Industry: Civil Engineering
Attack Complexity: Low
Prevention Complexity: Low
Mitigation Complexity: Hard
17 Gluttony . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 165
Industry: Network Engineering/Sales
Attack Complexity: Low
Prevention Complexity: Low
Mitigation Complexity: Low
18 The Sharpest Tool in the Shed . . . . . . . . . . . . . . . . . . . . . . . . 171
Industry: Medical Diagnostic Equipment Engineering
Attack Complexity: Moderate
Prevention Complexity: Low
Mitigation Complexity: Hard
19 Omerta . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 177
Industry: University
Attack Complexity: Devilish
Prevention Complexity: Low
Mitigation Complexity: Moderate
20 Nostalgia . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 187
Industry: Pharmaceutical/Web Hosting
Attack Complexity: Moderate
Prevention Complexity: Low
Mitigation Complexity: Low
Part II
Solutions
1 The French Connection . . . . . . . . . . . . . . . . . . . . . . . . . . . . 197
2 The Insider . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 203
3 The Parking Lot . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 209
4 The Hinge Factor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 215
5 Maggie’s Moment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 223
6 The Genome Injection . . . . . . . . . . . . . . . . . . . . . . . . . . . . 237
7 Up in the Air . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 245
8 Tip of the Iceberg . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 251
9 FDIC, Insecured . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 265
10 Jack and Jill . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 271
11 The Accidental Tourist . . . . . . . . . . . . . . . . . . . . . . . . . . . . 279
12 Run for the Border . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 283
13 Malpractice . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 289
14 An Apple a Day . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 293
15 A Thousand Razors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 299
16 One Hop Too Many . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 305
17 Gluttony . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 311
18 The Sharpest Tool in the Shed . . . . . . . . . . . . . . . . . . . . . . . . 317
19 Omerta . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 325
20 Nostalgia . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 333
Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 339
Download
Another Hacker books
No comments:
Post a Comment