Cybersecurity Fundamentals: Laws, Regulations, and Testing Methodologies
Cybersecurity Fundamentals
International Laws and Regulations
European Council Convention on Cyber Crime
This convention aims to standardize computer crime laws across the European Union.
Organization for Economic CO-Operation and Development (OECD)
The OECD creates policies to promote sustainable economic growth, including those related to cybersecurity.
Council Directive on Data Protection
Established in 1995, this directive outlines data protection measures based on OECD guidelines.
US Laws and Regulations
1973 US Code of Fair Information Practices
Developed by the health and education sectors, this code addresses record-keeping, privacy, prevention, correction, and maintenance of information.
18 USC Section 1029 Fraud and Related Activity in Connection with Access Devices
This law criminalizes unauthorized access to accounts and possession of unauthorized devices, including software for generating credit card numbers and cloning cellphones.
18 USC Section 1030 Computer Fraud and Abuse Act
This act focuses on computer security, extortion, viruses, worms, and other computer crimes.
18 USC Section 2510 Electronic Communication Privacy Act
This act limits unauthorized access to electronic communications.
Cyber Security Enhancement Act of 2002
This act provides for life sentences for cybercrimes causing bodily harm and supplements the Patriot Act.
1996 U.S. Kennedy-Kasselbaum Health Insurance Portability and Accountability Act (HIPPA)
HIPPA mandates healthcare professionals to ensure the integrity and confidentiality of individually identifiable electronic health information.
2000 Graham-Leach-Bliley Act (GBA)
Similar to HIPPA, the GBA applies to financial institutions and their handling of sensitive data.
2001 USA Patriot Act
This act allows for enhanced surveillance procedures, making it easier for law enforcement to intercept computer crimes and conduct penetration testing on US government systems.
2002 Federal Information Security Management Act (FISMA)
FISMA mandates better security access controls for federal infrastructure and broadens the USA Patriot Act’s provisions on testing federal networks.
2003 Sarbanes-Oxley Act (SOX)
SOX requires CEOs and CFOs of SEC-reporting companies to provide written reports on their internal systems.
Testing Methodologies
OSSTMM (Open Source Security Testing Methodology Manual)
OSSTMM defines key concepts like scope, channel, index, and vector to guide security assessments. It offers various testing approaches, including blind, double-blind, gray box, and tandem testing. The framework is adaptable and aligns with industry regulations.
ISSAF (Information Systems Security Assessment Framework)
ISSAF is a process-oriented framework with four phases: planning, assessment, treatment, and accreditation. It assesses controls against vulnerabilities and addresses key areas of information security.
OWASP (Open Web Application Security Project)
OWASP focuses on web application vulnerabilities and testing at the OSI level. It provides coding principles and guidance for addressing high-risk problems.
WASC-TC (Web Application Security Consortium Threat Classification)
WASC-TC identifies risks through testing and classification, including enumeration, development, and taxonomy cross-referencing.
Information Gathering
Information gathering involves various sources, such as company websites, public filings, newsgroups, user group meetings, dumpster diving, and social engineering.
Vulnerability Scanners
Several vulnerability scanners are available, including NESSUS, SAINT, SARA, ISS, and NetRecon, each with its own features and capabilities.
Accessing a Website
The process of accessing a website involves DNS resolution, socket creation, and HTTP requests.
Web Vulnerabilities and Tools
Tools like Brutus, NetCat, ISS Xploit, and CleanIISlog can be used to exploit web vulnerabilities and erase logs.
Windows Password Hashes
Windows password hashes are stored in the SAM file and can be extracted using tools like pwddmp2 or DLL injection.
LanMan and NTLM
LanMan is an older, less secure password hashing algorithm, while NTLM, introduced with Windows NT, is significantly stronger.
Viruses and Worms
Several notable viruses and worms include Chernobyl, I Love You, Melissa, Bugbear, MyDoom, W32/Klez, Blaster, SQL Slammer, and Sasser, each with its own characteristics and methods of infection.
WEP Encryption
WEP uses the RC4 encryption algorithm but has known vulnerabilities due to incorrect implementation of initialization vectors.