Académique Documents
Professionnel Documents
Culture Documents
Get ready to take on some of the biggest cybersecurity problems facing society today! TEAMS 2013 challenges students to use their engineering and design skills to address pressing issues currently faced by computing and information technology industries. Cybersecurity is a field that frequently turns to engineers for solutions to its challenges. Wireless network breaches, Web application attacks, and digital espionage illustrate the increasing sophistication of hackers and virus programmers, who can take advantage of loopholes and vulnerabilities in company computer systems. The skills of engineers who design proper countermeasures to protect networks against infiltration, damage, and theft are now more crucial than ever. Challenges facing computing and information technology industries today include: How can Internet users protect themselves against phishing emails which, when opened, would allow a hacker to gain access to personal information? How can businesses secure their wireless networks so they are not vulnerable to infiltration by hackers? How can users protect themselves against a program that appears to be scanning a computer for viruses but actually is creating a backdoor access for hackers? How can businesses prevent attacks including unlawful access to bank accounts and other vital databy their own employees?
Who can address these and other cybersecurity issues? Engineers! Explore the impact that engineers can have on computing and information technology challenges. The TEAMS scenario summaries offer an overview of the topics that will be addressed in the 2013 TSA TEAMS competition. Scenarios may be edited and expanded upon in the actual competition questions; however, the general content will be similar. To get started: You can begin to prepare for the competition by researching key concepts and terms presented in the scenarios. A list of related Web links is provided at the end of each scenario summary for extended exploration. These links should not be considered all inclusive; team members and coaches are encouraged to research content beyond the provided lists.
Disclaimer: These scenarios are for reference use only and include links providing direct access to Internet sites not controlled or maintained by TSA. TSA takes no responsibility for the content or information contained on or within the links and sites. TSA does not exert any editorial or graphic control over the sites. Refer students to these sites and links after your review.
Technology Student Association 1914 Association Drive Reston, VA 20121 Toll free: 888/860-9010 www.tsaweb.org
Scenario #1
By using countermeasures, engineers can design ways to deter phishing attempts by hackers.
A typical Internet user receives hundreds of emails on a weekly basis. Most of these emails are from legitimate senders known to the recipient. On occasion, a phishing email is directed to the users inbox. This kind of email is an attempt to gather personal information about the recipient, such as usernames, passwords, and banking information. When an unsuspecting recipient opens a phishing email, a hacker can collect personal information by posing as a legitimate organization. How can engineers make a difference? Your team will design a set of countermeasures to prevent phishing attempts by hackers.
http://www.dhs.gov/stopthinkconnect
STEM Careers to Explore: Explore more Article: 10 Ways to Avoid Phishing Scams http://www.phishing.org/scams/avoid-phishing/ Report Phishing http://www.irs.gov/uac/Report-Phishing Combating Phishing http://blogs.msdn.com/b/tzink/archive/2012/08/30/combating-phishing.aspx Computer engineering Software engineering
Technology Student Association 1914 Association Drive Reston, VA 20121 Toll free: 888/860-9010 www.tsaweb.org
Scenario #2 Engineers can design safeguards that protect Web applications from attacks by hackers who want to insert malicious code or steal personal information.
Have you shopped online recently for those cool sneakers you saw a friend wearing? While you were shopping for shoes, hackers may have been shopping for your personal information. Hackers look for vulnerable Internet sites and use them to launch their attacks, secretly gathering information about you and other unsuspecting users. Social networking sites are especially susceptible to these attacks, because much of their content is user generated. How can engineers make a difference? Your team will design a program to protect Web applications from attacks by hackers.
Explore more Article: Top 5 Ways to Hack into Your Web Application (and how to close those security loopholes!) http://blog.inetu.net/2009/05/top-5-ways-to-hack-into-your-web-application-and-how-toclose-those-security-loopholes/#.UET2G6PCaSo Cross-Site Scripting FAQ http://www.cgisecurity.com/xss-faq.html SQL Injection http://msdn.microsoft.com/en-us/library/ms161953%28v=sql.105%29.aspx
STEM Careers to Explore: Computer engineering Software engineering Computer programming Web design Computer forensics and investigation
Technology Student Association 1914 Association Drive Reston, VA 20121 Toll free: 888/860-9010 www.tsaweb.org
Scenario #3 Engineers can design protections to prevent vulnerable wireless networks from breaches by external attacks.
Many businesses now use wireless networks that allow employees to access the Internet without cables or Ethernet outlets. Such networks are especially useful when guests or remote employees visiting a business office wish to log in to the onsite network using laptops or other portable equipment. If these wireless networks are not secure, the business may become vulnerable to external attacks from hackers, who can then gain access to the entire business without identification. Wireless networks must be secured with specific encryption codes that are designed to prevent access from outside sources. How can engineers make a difference? Your team will design a set of protections for wireless networks to prevent breaches.
Explore more Article: Hospitals Seeing More Patient Data Breaches http://www.networkworld.com/news/2012/041312-hospital-data-breaches-258270.html What is Wireless Network? http://www.home-network-help.com/wireless-network.html Wireless Security http://www.abrfid.com/Wireless-LAN/Wireless-Security
http://benefitsbuzz.blogspot.com/2009_03_01 _archive.html
Technology Student Association 1914 Association Drive Reston, VA 20121 Toll free: 888/860-9010 www.tsaweb.org
Scenario #4 Engineers can design solutions to protect websites from organized cyber attacks by protesters whose intention is to slow or shut down a Web server.
The owner of a company makes a controversial statement. Someone strongly disagrees with that statement and organizes a protest movement. He creates a computer program that sends recurring emails to the companys website with alarming speed and regularity. In addition, he recruits others who disagree with the company owners statement to send hundreds of tweets. In just a short time, the companys servers are overloaded with information, resulting in decreased operational speed and eventual website shutdown. How can engineers make a difference? Your team will design a set of protections against cyber attacks from organized protest groups; the protections will include both preparatory and incident response measures. Explore more Article: The Paradox of Cyber Protest http://www.marshall.org/pdf/materials/1087.pdf Hacktivism http://searchsecurity.techtarget.com/definition/hacktivism Anonymous Analytics site http://anonanalytics.com/
Anonymous logo (Note: Anonymous is a hacktivist group that has organized cyber-protest campaigns.) Source: http://en.wikipedia.org/wiki/File:Anonymous_emblem.svg
Technology Student Association 1914 Association Drive Reston, VA 20121 Toll free: 888/860-9010 www.tsaweb.org
http://www.securedgenetworks.com/secureedge-networks-blog/?month=3&year=2012
Technology Student Association 1914 Association Drive Reston, VA 20121 Toll free: 888/860-9010 www.tsaweb.org
Scenario #6 Engineers can protect computer systems from malicious software by designing protection measures that isolate and destroy these programs.
A computer user clicks onto a website for the first time. Surprisingly, a window pops up claiming that the computer is under attack by a virus; simultaneously, a complete scan of the computer is initiated. What the user does not know is that the scan is actually creating a backdoor for the attacker to gain information or cause a disruption in the operation of the computer. How can engineers make a difference? Your team will design a program to protect computers against malicious software. Explore more Malware http://onguardonline.gov/malware Article: How to Protect Against Malicious Software http://www.seas.ucla.edu/security/malware.html Article: Malware Poses as Software Updates: Why the FBI Is Warning Travelers http://www.techrepublic.com/blog/security/malware-poses-as-software-updates-why-thefbi-is-warning-travelers/7871
STEM Careers to Explore: Computer engineering Software engineering Computer programming Computer forensics and investigation
Technology Student Association 1914 Association Drive Reston, VA 20121 Toll free: 888/860-9010 www.tsaweb.org
Scenario #7 Engineers can prevent insider attacks and abuse by using technological methods and procedural controls that provide proper oversight of employees.
Employers often choose to promote employees from within their company rather than hire individuals externally. Consider this situation: An employee in the business department of a company has access to the companys bank accounts. The employee is promoted to a position of authority over the distribution of the money in these accounts. The employee realizes that her access to the accounts has not been altered, and she begins to create payments to herself under the name of a fictitious vendor. As a result, the employee is able to steal thousands of dollars from the company without discovery. Insider attack and abuse occurs when internal employees who have legitimate access to a company network use it for unethical or illegal purposes. In designing countermeasures against insider abuse, you must consider both technological methods and procedural controls that provide proper oversight of employees. How can engineers make a difference? Your team will design a set of countermeasure solutions to protect business networks against insider abuse and attack. Explore more Article: Insider Attack: Three Key Considerations http://www.infosecurity-magazine.com/blog/2011/9/21/insider-attack-three-keyconsiderations/411.aspx Wi-Fi Security http://www.fbi.gov/news/stories/2008/may/wifi_050608 Article: CYBERSECURITY EXPERT: The US Is Vulnerable to Viruses Much Simpler Than Those It Used Against Iran http://www.businessinsider.com/us-networks-vulnerable-cyber-attacks-2012-6
STEM Careers to Explore Computer engineering Software engineering Hardware engineering Systems engineering
Source: http://www.flickr.com/photos/netiq/5512075425/
Technology Student Association 1914 Association Drive Reston, VA 20121 Toll free: 888/860-9010 www.tsaweb.org
Scenario #8 Engineers can design spyware countermeasures that protect computer users from digital espionage and potential system-wide failures.
A new college student frequently visits social media websites. At first, the students computer operates at a normal speed. As the year progresses, however, Word documents take a long time to load and rebooting becomes laborious. Eventually, the computer becomes so overloaded with spyware that it locks up and becomes inoperable. How can engineers make a difference? Your team will design a program that effectively detects and destroys spyware that can accumulate on a computer system. Explore More Spyware http://www.us-cert.gov/reading_room/spywarehome_0905.pdf Article: What Is Spyware? http://www.microsoft.com/security/pc-security/spyware-whatis.aspx Article: How Spyware Works http://computer.howstuffworks.com/spyware.htm
STEM Careers to Explore: Computer engineering Software engineering Hardware engineering Computer programming
Technology Student Association 1914 Association Drive Reston, VA 20121 Toll free: 888/860-9010 www.tsaweb.org