Difference between revisions of "Talk:Team 13 Main"
| Line 7: | Line 7: | ||
== Draft == | == Draft == | ||
=== Section 1 === | === Section 1 === | ||
| + | A plain English, no jargon description of attack techniques attempted, vulnerabilities exposed, estimated difficulty, and the estimated cost/feasibility of defending against other, similar attacks in the future. (We encourage the policy members of the team to write this section of the report -- it will ensure that the technical members of the team have helped teach them the technical basics.) | ||
| + | |||
| + | === Section 2 === | ||
| + | Estimated dollar value of the damage that such an attack could cause 1) to a private home computer, 2) to a corporate computer used for letters and correspondence by Walmart's Corporate VP for Ordering Stuff from China, and 3) to a Charles Schwab computer used to place buy/sell orders on the New York Stock Exchange. Your estimate should consider potential damage to both the computer's owner and third parties. | ||
| + | |||
| + | === Section 3 === | ||
| + | Estimated feasibility and strategic value of the attack technique to a terrorist organization. Teams should consider, at a minimum, 1) scalability of techniques, 2) feasibility of acquiring the required technical and financial resources, and 3) potential value of cyberattack as a tool for achieving the various terrorist aims identified in lectures 1, 2, 3, and/or 5. | ||
| + | |||
| + | === Section 4 === | ||
| + | Feasibility and cost of defending against such attacks. For each class of target (home, corporate, financial), teams should 1) identify existing financial and non-financial incentives for installing defenses, 2) evaluate the adequacy of these incentives, 3) discuss whether additional protection would be cost-effective, 4) identify the lowest cost provider for upgrading protection (e.g., Microsoft, Norton, AOL, Corporate IT networks, computer owners), and 5) list and evaluate possible policy levers for government intervention (e.g., tax incentives, legal liability, insurance). | ||
Revision as of 00:00, 19 October 2005
Status/updates
- 10/18/2005 5pm [Jeff Bilger] - Sent email to Alex explaining exploit and information relevant to section 1.
Draft
Section 1
A plain English, no jargon description of attack techniques attempted, vulnerabilities exposed, estimated difficulty, and the estimated cost/feasibility of defending against other, similar attacks in the future. (We encourage the policy members of the team to write this section of the report -- it will ensure that the technical members of the team have helped teach them the technical basics.)
Section 2
Estimated dollar value of the damage that such an attack could cause 1) to a private home computer, 2) to a corporate computer used for letters and correspondence by Walmart's Corporate VP for Ordering Stuff from China, and 3) to a Charles Schwab computer used to place buy/sell orders on the New York Stock Exchange. Your estimate should consider potential damage to both the computer's owner and third parties.
Section 3
Estimated feasibility and strategic value of the attack technique to a terrorist organization. Teams should consider, at a minimum, 1) scalability of techniques, 2) feasibility of acquiring the required technical and financial resources, and 3) potential value of cyberattack as a tool for achieving the various terrorist aims identified in lectures 1, 2, 3, and/or 5.
Section 4
Feasibility and cost of defending against such attacks. For each class of target (home, corporate, financial), teams should 1) identify existing financial and non-financial incentives for installing defenses, 2) evaluate the adequacy of these incentives, 3) discuss whether additional protection would be cost-effective, 4) identify the lowest cost provider for upgrading protection (e.g., Microsoft, Norton, AOL, Corporate IT networks, computer owners), and 5) list and evaluate possible policy levers for government intervention (e.g., tax incentives, legal liability, insurance).
