Team 12 Main
Edit this outline as necessary, adding in details where they fit.
I. Information about the attack.
A. Report from each engineering member on techniques used, difficulty of attack,
feasibility of automating attacks.
1. Simple buffer overflow attack, as described in the readings. Ended up needing a hard-coded address to stick in the return address portion of the stack. This leads to less effective mechanism for a remote attack. A more dynamic method for determining the address of the buffer that contains the exploit code is required to be feasible, especially for automating the attacks.
Interestingly, availability of the source code of the target program allowed a much quicker exploit. Thus, obfuscation does indeed have value, but should obviously not be the primary form of defense.
--Cmckenzie 11:39, 21 October 2005 (PDT) I'm concerned about our ability to describe this effectively in 'plain english'. I don't think a cut and paste from the readings will do the trick.
II. Potential financial damages
A. Home computer
1. Credit card fraud - This can be exploited several different ways, but in the end, the consumer's liability is limited to $50.00. Thus, it is a more significant risk for the financial institutions than for the consumer.
--Cmckenzie 11:39, 21 October 2005 (PDT)We still need to assess the risk, whoever is ultimately legally liable for the loss. There is a useful statistic on the average cost of an incident of internet credit card fraud which places the value in the US at around $2K (I misplaced the stat but I'll find it again). Losses are potentially very great if this vulnerability allows the implementation of an automated system for credit card fraud - $2K every how many seconds? Also worth thinking about the different implications for high/low net worth individuals.
2. Identity theft - This can have much more serious financial consequences for the individual and can take several years to sort out.
--Cmckenzie 11:39, 21 October 2005 (PDT)There's a stat somewhere on this too, I'll try to find it if noone else does.
3. Botnet/DDOS applications
--Cmckenzie 11:39, 21 October 2005 (PDT)Cost is entirely borne by others. The incremental increase in cost of having a single computer added to a DOS is, I would guess, very low, so the cost here depends on scalability.
4. Reporting incorrect information.
--Cmckenzie 11:39, 21 October 2005 (PDT)5. Ability to execute/enter financial transactions (online trading, loan apps, etc) outside the authority of the normal user.
B. Walmart ordering computer
1. All of the home computer items, and...
--Cmckenzie 11:39, 21 October 2005 (PDT)Probably not identity theft or cc fraud, if Walmart have 1/10th of no concept of security. Perhaps low level staff would be allowed to use their computers for personal business, but it would pay to not allow this if a computer had large ordering authority.
2. Ordering things inappropriately.
--Cmckenzie 11:39, 21 October 2005 (PDT)Potential cost - if ordering is done with no further communication, potentially write-off entire value of order. Potential loss = ordering authority of computer.
3. Failing to order things when requested.
--Cmckenzie 11:39, 21 October 2005 (PDT)Probably not as bad. Potential loss = loss on profit per item rather than write off of entire cost.
4. Business strategy advantage for either supplier, competitor of supplier, or competitor of Walmart (depending on who compromises the computer)
C. Trading computer
1. Making trades inappropriately.
--Cmckenzie 11:39, 21 October 2005 (PDT)The cost of this is going to depend on what can be traded. For example, making inappropriate futures contracts would probably allow an incredibly large loss to be made, though there would be a strong argument that such contracts wouldn't be legally binding, meaning the outcome was only a small loss of efficiency within the market. If contracts can be made and (4) is done too, then, maybe, bigger trouble. That said, trades happen at two endpoints and are centrally recorded on exchanges, so it may be difficult to kill off the records. Also, if the attacker can cover their steps sufficiently well, the institution may be unable to prove that the trades were executed without authorisation.
2. Failing to make trades when requested
3. Reporting incorrect information.
4. Failing to store records of trades
--Cmckenzie 11:39, 21 October 2005 (PDT)This is an interesting idea. Managing to undermine property rights within a trading system would be potentially very destructive. Interestingly, I have a contact with a risk management guy at a large scale funds management and consulting group, who told me that they keep more paper records than you would guess despite automatization, to fight this very problem.
III. Applications of value to terrorists (Brian's written up some of this in e-mail - please paste it in Brian)
A. Scalability
B. Feasibility of acquiring the technical and financial resources
C. Potential value of cyberattack as a tool for accomplishing the aims of terrorists (David C would like to work on this section)
1. Successfully attacking the financial markets, possibly through means such as causing trading computers to fail to store the records of transactions, could seriously damage both domestic and international confidence in the U.S. financial markets. That could have signicant economic consequences as the economy runs on more or less of a confidence and trust basis. (Summarization - not all I have to say!)
IV. Defenses
A. Home Computer
1. Anti-Virus software
2. Anti-Spyware software
3. Firewalls
4. High quality software (implying few intrinsic vulnerabilities)
5. Easily configured for high-security settings
6. Defaults to secure
7. Effective patching / updating mechanism
B. Walmart Ordering Computer
1. All of the above
2. Intrusion detection tools
3. Auditing tools
C. Trading Computer
