A social media policy is a document that describes how an organization and its employees should behave online. DDoS attacks are the „next generation“ of DoS attacks on the Internet. This type of attack is not new. UDP and TCP SYN floods, ICMP echo request floods, and ICMP-led broadcasts (also known as Smurf attacks) are similar to DDoS attacks. However, the scale of the attack is new. Victims of DDoS attacks experience a flood of packets from many different sources, possibly spoofed IP source addresses, which immobilizes their network connectivity. In the past, the typical DoS attack involved a single attempt to flood a target host with packets. DDoS tools allow an attacker to perform the same attack on thousands of systems. Motivation can also be political or in the form of vigilant justice. Anonymous is currently the most well-known hacktivist group.
As the most recent example of its activities, Anonymous attacked the Quebec government`s website in May 2012 after enacting legislation that raised new requirements for the right of college and university students to protest. Money mulching is the practice of hiring individuals as „mules“ recruited by handlers or „wranglers“ to create bank accounts or even use their own bank accounts to help transfer money from a fraud victim`s account to another location, usually overseas, via bank transfer or automated clearing house (ACH) transaction. Silver mule operations often involve individuals in several countries. Of course, people within organizations often intentionally do harm: most security incidents are caused by insiders. Therefore, rigorous internal security controls are required and special organizational practices may need to be implemented. It really happens! Like many people, Fred Jones thought he had a tough job. As an information systems manager in a small school district, he was responsible for operating a district-wide computer network, from installation and maintenance to user support and training. While it was clearly not a one-man job, it was his own staff. Fred had tried to explain to his superintendent that the county network was vulnerable to a number of threats because its small budget and non-existent staff prevented it from effectively managing the security of the system, but its warnings were still ignored. One morning at a staff meeting and to Fred`s surprise, the superintendent announced that he had read a newspaper article about a student breaking into the computer system of a nearby school district and altering testimonial records. The boss went on to explain that Fred will now be responsible for developing and implementing an IT security policy for the school district.
After the meeting was over, Fred turned to the Superintendent to make an appointment to discuss a common vision for the development of the security policy. „An effective security policy requires the input and commitment of the entire organization, so I think we should sit down and develop a plan for the development of our security policy,“ Fred explained. But the superintendent declined the invitation to participate in the political development process. „Fred, I`m too busy to get involved in this project. I hope you will do a job that will make us all proud. When Fred asked him if he wanted to increase his staff and budget to accommodate the increased workload, the superintendent again dismissed the problem. .