Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
45 Cards in this Set
- Front
- Back
What do Cyberattacks do?
|
(1) disrupt equipment and hardware reliability,
(2) change processing logic, or (3) steal or corrupt data |
|
What are the types of cyber-terrorist attacks?
|
Direct: Cascading disruption or arrest of the functions through direct attacks on a critical node, system, or function
Indirect: Cascading disruption and financial consequences for government, society, and economy through reactions to an attack Exploitation: Exploitation of elements of a particular infrastructure to disrupt or destroy another target |
|
Computer Fraud & Abuse Act: CFAA - What computers does it protect?
|
Protects almost all computers
|
|
What was the first copyright?
|
British Statute of Anne (1710)
|
|
When do you get copyright protection?
|
original works of authorship fixed in any tangible medium of expression, now known or later developed, from which they can be perceived, reproduced, or otherwise communicated....
|
|
What is the difference between a license and an assignment in regards to copyrights?
|
assignment = sale, license = rental
|
|
What is the First Sale Doctrine?
|
First sale doctrine establishes right of owner to control initial distribution, Thereafter, first sale buyers free to distribute a particular copy (not free to make additional copies)
|
|
A&M Records, Inc. v. Napster (2001)
|
Decision
P2P file sharing of compressed music files using a central server and database is not fair use |
|
Lenz v. Universal Music Corp. (2007), youtube mom
|
copyright holders can't order one of their songs removed from the Web without first checking to see if the excerpt was so small and innocuous that it was legal
|
|
Lanham (Trademark) Act 1946
|
Protects identification symbols and features in order to distinguish the source of a good or service
|
|
How does a trademark get more protection?
|
Generally, the more a trademark is distinctive, the more protection it gets
|
|
Do generic marks get protection?
|
The law generally does not protect marks that are considered to be “generic”, ex. “television,” “computer,” or “refrigerator”
|
|
What are "Trade Secrets?"
|
Any formula, pattern, physical device, idea, process, or other information that:
(1) has commercial value or provides a competitive advantage (2) is treated in a way that can reasonably be expected to prevent the public or competitors from learning about it, absent improper acquisition or theft |
|
What can trade secrets be used for?
|
used in cases where a patent or copyright will not be sought, but where the owner wants to keep data/process/idea a secret from the world
|
|
Who is not involved in National Infrastructure Protection Plan and why?
|
CIA, NSA not involved so they don’t have to share
|
|
Where do patents first appear in the constitution?
|
Article I, section 8:
“Congress shall have power . . . to promote the progress of science and useful arts, by securing for limited times to authors and inventors the exclusive right to their respective writings and discoveries” |
|
What is Infringement of a patent?
|
the unauthorized making, using, offering for sale, or selling any patented invention or importing any patented invention during the term of the patent
|
|
What are the types of critical infrastructure?
|
o National Monuments and icons
o Nuclear Power Plants o Dams o Government Facilities o Commercial key assets |
|
Why can hiring private contractors be a security risk?
|
o Many contractors have single manufacturing and distribution points – many are vulnerable to attack
|
|
World War 2.0: Estonia
|
2007
Cyber attack disabled websites of government, political parties, newspapers, banks, and companies Cyber-assault by "distributed denial-of-service attack." |
|
World War 2.0: Georgia
|
2008
Cyber-assault by "distributed denial-of-service attack." The Georgian government blamed Russia -- Russian government denied responsibility |
|
What are the types of cyber-terrorist attacks?
|
Direct: Cascading disruption or arrest of the functions through direct attacks on a critical node, system, or function
Indirect: Cascading disruption and financial consequences for government, society, and economy through reactions to an attack Exploitation: Exploitation of elements of a particular infrastructure to disrupt or destroy another target |
|
What is phishing?
|
o Fraudulent attempt, usually made through electronic means, to steal personal info for purpose of exploitation
|
|
What was the Slammer Worm?
|
Example of possible vulnerability of control systems when SCADA controls are interconnected with office networks
August 2003, the “Slammer” corrupted for five hours the computer control systems at the Davis-Besse nuclear power plant located in Ohio The computer worm penetrated systems in the control room largely because the business network for its corporate offices was found to have multiple connections to the Internet that bypassed the control room firewall |
|
What are the laws used to combat cyber-crime?
|
o Computer Fraud & Abuse Act: CFAA
Provides for criminal and civil penalties for unauthorized access to computers Focus on computer-related fraud & related activity o USA-PATRIOT Act Section 814 amended the Computer Fraud and Abuse Act in a number of ways o The Cybersecurity Act of 2009 Would significantly increase federal authority over critical infrastructure and cyberspace generally |
|
What's the difference between cyber-crime and cyber-espionage?
|
o Cyber-espionage is unauthorized probing to test a target computer’s configuration or evaluate its system defenses, or the unauthorized viewing and copying of data files
Over 100 different foreign intelligence organizations regularly attempt to hack into the computer systems of U.S. government agencies and U.S. companies. o Cybercrime is crime that is enabled by, or that targets computers: Can involve theft of intellectual property, a violation of patent, trade secret, or copyright laws May also includes attacks against computers to deliberately disrupt processing Cyber attack may be crime or terrorism -- distinction in the intent of the attacker; possible to be both. |
|
What did the Canadian researchers discover?
|
o March 28, 2009: According to Canadian researchers, a cyber spy network based mainly in China tapped into classified documents from government and private organizations in 103 countries and Tibetan exiles.
|
|
Why does cyber-terrorism appeal to terrorists?
|
o Target rich environment
Vast number of computers/networks o Anonymity Can conceal online identity; no physical barriers or borders o Cheaper than traditional terrorist methods Only need computer and online connection o Less risk Conducted remotely o Broader range of impact Cyber attack could affect large numbers; generate headlines |
|
How does the PATRIOT act deal with cyber-terrorism?
|
o Section 814 amended the Computer Fraud and Abuse Act in a number of ways
increased penalties for hackers who damage protected computers (from a maximum of 10 years to a maximum of 20 years) clarified the intent required to make explicit that a hacker need only intend damage, not a particular type of damage added a new offense for damaging computers used for national security or criminal justice expanded the coverage of the statute to include computers in foreign countries so long as there is an effect on U.S. interstate or foreign commerce allows losses to several computers from a hacker’s course of conduct to be aggregated for purposes of meeting the $5,000 jurisdictional threshold. |
|
What's the difference between cyber-crime and cyber-terrorism?
|
o Crime usually doesn’t want to be known, wants money
o Terrorism wants recognition, take down systems |
|
What is the hierarchy of Intellectual Property protection?
|
o Patent (most)
o Copyright o Trademark (least) |
|
What is the Uniform Trade Secrets Act?
|
o Info derives independent economic value from secrecy subject to efforts to maintain secrecy
|
|
What are the penalties for economic espionage?
|
o Penalties
Economic espionage • Individuals: 500,000 • Organizations: 10,000,000 Theft of trade secret • Individuals: 500,000 or 10 years • Organizations: 5,000,000 ******* espionage higher penalties |
|
Which IP need to be filed, enforced, etc.?
|
Patents
|
|
What are the periods of protection for Intellectual Property?
|
o Patent limited to a fixed term 20 years
o Copyright - generally protects for lifetime + 70 years |
|
What's the defense if you didn't know something was a trade secret?
|
o Innocent receipt************** got it not knowing it was a trade secret (did not know or should have known)
|
|
How are ideas treated?
|
o Ideas not copyrightable – only the expression of ideas
Ideas, procedures, processes, system, methods of operation, concepts, principles, or discoveries |
|
What are the requirements for a copyright?
|
o Original works – fixed in any tangible medium of expression ******
Now known or later developed, from which they can be perceived, reproduced, or otherwise communicated Collection and assembly of pre-existing materials or data selected Originality and creativity *********** |
|
What are the types of patents?
|
o Utility – processes, machine, article of manufacture, or composition of matter
90% of all patents Patents of invention Process – transformational Machine – mechanism with moving parts that produces predictable results Manufacture – articles made that have new form/characteristics Composition of matter: combination of two or more substances o Design patents o Plant patents – new variety of plants |
|
What things cannot be patented?
|
o Naturally occurring things
Herbalist remedies o Abstract ideas (time, honor) o Laws of nature (gravity) o Mathematical formulae |
|
Do we protect lists of facts with copyright?
|
No
|
|
What is the basic offense called when you interfere with someone’s patent?
|
Infringement
|
|
What are the requirements for patent-ability?
|
o Patentable subject matter
Process, machine, manufacture, or composition of matter, or improvement o Utility Requires a defined “real world use” o Novelty Must be new compared to “prior art” o Nonobviousness Can’t be obvious to a person “having ordinary skill in the art” o Enablement Must reveal how to use the patent |
|
What is treble damages?
|
Three times the damages
|
|
What's a legal order?
|
Cease and Desist
|