CHAPTER 7 CASE STUDY: INFORMATION SECURITY THREATS AND POLICIES IN EUROPE

1. Botnet.

A botnet is a network of autonomous malicious software agents that are under the control of a bot commander. The network is created by installing malware that exploits the vulnerabilities of web servers’ operating system, or applications to take control of the infected computer. A botnet also refer to the collection of internet –connected programs in order to perform task. This can be as mundane as keeping control of an internet relay chat (IRC) channel, or it could be used to send spam email or participate in distributed denial-of-service attacks. The world botnet is a portmanteau of robot and network.

2. Some of the main points of the Digital Agenda for Europe.

Digital Agenda for Europe has recently launched by European commission. The goal of this initiative is to define the key role that information and communication knowledge technologies will play in 2020. The initiative calls for a single, open European digital market. Another goal is that broadband speed of 80Mbps be available to all European citizens by 2020. The initiative is considering the implementation of measures to protect privacy and the establishment of a well-functioning network of CERT to prevent cybercrime and respond effectively to cyber attacks.

3. How cyber attack can be carried out.

The cyber attack on Estonia start in late April 2007 and lasted for almost three weeks. During this period , vital parts of Estonia internet network had to be closed from access from outside the country, causing millions of dollars in economic losses. At round same time, Arsys important Spanish domain registration company also targeted international hackers. Arsys reported hacker had stolen codes then use the code to insert links to external server containing malicious codes in webpage of its clients. French the UK and Germany were amount European countries suffered most inspection.The French navy had grown all military planes when discovered its computer network was infected. In UK, Worm infected computers in ministry of defence, the city of Manchester’s city council and police network. Computers in network of German Army were infected too. Once, install on computer, co flicker is able to download and install other malware from control the website infected computer could be under full control of hackers.

4. Weakness exploited by malware.

Malware may exploit weakness to initially infiltrate a system or to gain additional privileges on an already- compromised machine. The weaknesses may be exploiting automatically by malware authors creations or manually by attempt will be generically called attackers. Weaknesses fall into 2 broad categories, based on where the weakness lies. Technical weakness involves tricking people. The malware, hidden in shortcuts to executable programs (files with extension .ink) was executed automatically when the content of an infected USB drive was displayed. Employing this same technique, the worms were capable of installing other malware.

Data gathered later by other experts indicates that the worms was actually looking for some specific programmable Logic Controllers(PLC) devices used in a specific industrial plants. A facts that points to the possibility that malware was part of the sites infected with sabotage.

The significance that such a sophisticated treat represents to the industrial recourses in Europe and others parts of the world cannot be underestimated.