CHAPTER 8

CASE STUDY : Information security threats and policies in Europe

1) What is a botnet?
In the term "botnet" as used here, the "bot" is short for robot. A single bot is a software
program that can, when surreptitiously installed on a person's computer, execute certain
specified commands. Botnet is a network of autonomous malicious software agent there are
under the control of a bot commander. The network is created by installing malware that
exploits the vulnerabilities of Web servers, operating systems, or application to take control
of the infected computers. A botnet also refer to the collection of internet connected programs in
order to perform task. This can be as mundane as keeping control of an internet relay chat (IRC)
channel, or it could be used to send spam email or participate in distributed denial-of-service attacks.
The world botnet is a portmanteau of robot and network.

2) Describe some of the main points of the Digital Agenda of Europe.

The main point of the Digital Agenda of Europe is to define the key role that information and
communication technologies will play in 2020.The initiative calls of a single, open Europe
digital market. Another goal is that broadband speed of 30Mbps be available to all European
citizen by 2020 in term of security, the initiative is considering the implementation of
measure to protect privacy and the establishment of a well-functioning network of CERT to
prevent cybercrime and respond effectively to cyber-attacks. The European Commission has
proposed a Digital Agenda. Its main objective is to develop a digital single market in order to
generate smart, sustainable and inclusive growth in Europe.
The obstacles hindering the Digital Agenda are the:fragmented digital markets;
lack of interoperability;
rising cybercrime and risk of low trust in networks;
lack of investment in networks;
insufficient research and innovation efforts;
lack of digital literacy and skills;
missed opportunities in addressing societal challenges

3) Explain how a cyber-attack can be carried out.

From a simple individual ping commands and message flooding to more sophisticated
distributed denial of service (DDoS) attacks. Hacking is coordinated by using a large number
of compromised servers organized in a botnet distributed around the world.
There are 3 basic parts to a cyber-attack:
i.

Access: a method to get inside or gain access to a network or system

ii.

Vulnerability: some part of the system that the attacker can take advantage of or
manipulate

iii.

Payload: the purpose of the attack, namely, what exactly is the target and how
significant will the damage

There are many other forms cyber-attacks may take.

Denial Of Service attack occurs when an attacker attempts to prevent legitimate users from
accessing information or services. This is typically accomplished when the attacker
overloads a system with requests to view information. This would be an example of a remote
attack.
Spear phishing is another simple method by which an attack may gain access to a computer
system or network. Once some information about a target is acquired, an email is sent
purporting to be from a legitimate company asking for information such as usernames and
passwords to banking websites or network logins.
Backdoors, or hooks, are placed inside a computer or network in order to create a
vulnerability that can be exploited later on.
And tampering with basic electronics is a simple type of cyber-attack. It is also possible that
such software or even hardware could be installed into electronics by the original
manufacturer

4) Describe some of the weaknesses exploited by malware.

Malware, known as Stuxnet is a shorthand term that encompasses all types of malicious
software. This includes viruses, worms, Trojan horses, spyware, and all other types of
software that get put onto your computer without you knowing it. Malware may exploit
weakness to initially infiltrate a system or to gain additional privileges on an alreadycompromised machine. The weaknesses may be exploiting automatically by malware authors
creations or manually by attempt will be generically called attackers. Weaknesses fall into
two broad categories, based on where the weakness lies. Technical weakness involves
tricking people. The malware, hidden in shortcuts to executable programs (files with
extension .ink) was executed automatically when the content of an infected USB drive was
displayed. Employing this same technique, the worms were capable of installing other
malware.
Data gathered later by other experts indicates that the worms was actually looking for some
specific programmable Logic Controllers(PLC) devices used in a specific industrial plants. A
fact that points to the possibility that malware was part of the sites infected with sabotage.
The significance that such a sophisticated treat represents to the industrial recourses in
Europe and others parts of the world cannot be underestimated.