Frequently mentioned techniques

Increase effort Increase Risks Reduce Rewards Reduce Provocation Remove Excuses
1.Harden target
  1. Firewalls [Bee05,Bro07a,Mor04b,New03]
  2. Vulnerability patches [Bee05,Mor04b]
  3. Encryption [Bro07a]
  4. Antivirus [Bro07a]
  5. ISP as a first line of defence [Mor04b]
  6. IDS [Mor04b]
6.Extend guardianship
  1. RFID [Bro07a]
11.Conceal Targets
  1. DMZ [Bro07a,Bee05,Col10a]
16.Reduce frustrations
    21.Set rules
    1. Educate end-users [Mor04b]
    2. Provide a clear code of conduct [Rey10]
    2.Control access
    1. Authentication using passwords, pins [Bee05,Col10a,Bro07a,New03]
    2. Caller ID like technology for Internet [Mor04b]
    3. Logical: IDS [Col10a]
    4. Logical: Firewalls [Col10a]
    7.Natural surveillance
    1. Report suspect email and information request to ISP [New03]
    12.Remove Targets
      17.Avoid disputes
        22.Post instructions
          3.Screen exits
          1. IDS [Bee05]
          2. Antivirus [Bee05]
          3. Audit trail [Bro07a]
          4. Audit trail [Mor04b,New03]
          5. Logical: Firewalls [Col10a]
          8.Reduce anonymity
          1. RFID [Bro07a]
          2. Caller ID [Bro07a]
          3. Audit trails [Col10a]
          13.Identify property
          1. RFID [Bro07a,New03]
          18.Reduce arousal
            23.Alert conscience
            1. Public awareness on the consequences of crime [Mor04b]
            2. educate: `copying software is stealing' [New03]
            4.Deflect offenders
              9.Place Managers
              1. IDS [Bro07a]
              14.Disrupt markets
              1. ISP should be keen to assist investigations [Mor04b]
              19.Neutralize peer pressure
                24.Assist compliance
                1. Security education of staff [Col10a,Wil09]
                5.Control facilitators
                1. Caller ID [Bro07a]
                2. Make the ISP accountable for the traffic [Mor04b]
                10.Formal surveillance
                1. Auditing and trail reviews [Bee05]
                2. RFID [Bro07a]
                3. Early warning systems of viruses and hacking attacks [Mor04b]
                4. IDS [Col10a,Wil09]
                15.Deny benefits
                1. Encrypt valuable data [Bee05,Col10a,Wil09,New03]
                20.Discourage imitation
                1. Prompt software patching [Wil09,Col10a]
                25.Control disinhibitors
                1. Cyber-ethics education [Bee05]
                2. Campaign against hacker culture [New03]

                All techniques

                Increase effort Increase Risks Reduce Rewards Reduce Provocation Remove Excuses
                1.Harden target
                1. Firewalls [Bee05,Bro07a,Mor04b,New03]
                2. Vulnerability patches [Bee05,Mor04b]
                3. Encryption [Bro07a]
                4. Antivirus [Bro07a]
                5. ISP as a first line of defence [Mor04b]
                6. IDS [Mor04b]
                7. Closed ports [Bee05]
                8. Promote security best practice [Mor04b]
                9. Safeguards for children [Mor04b]
                10. Industry should develop and promote greater use of deterrents [Mor04b]
                11. Design and build systems for a hostile Internet, not a trusted one [Mor04b]
                12. Government action should be informed by risk analysis [Mor04b]
                13. Initiatives need to focus on smaller firms and individuals [Mor04b]
                14. Build security requirements into the design of IT systems and outsourcing arrangements [Mor04b]
                15. Companies should use a best practice patching and security configuration checking policy [Mor04b]
                16. More focus on e-crime prevention rather than response [Mor04b]
                17. Design security into operating system languages [New03]
                18. Design out security holes in software [New03]
                19. Keep computing devices in a physically secure place [New03]
                20. Robust packaging for home delivery [New03]
                21. Keyless entry and ignition for delivery vehicles [New03]
                22. RFID Verification that purchased product meets relevant standard [Whi09]
                23. Limit exposure -- Do not accept any messages from unknown parties, do not reciprocate (L:6,7,8) [Rey10]
                24. Limit exposure -- If you choose to participate, keep personal information vague (for example, do not give out address or phone number) (L:5) [Rey10]
                25. Limit exposure -- do not divulge personal information (L:1,2,3,4,9) [Rey10]
                26. Limit exposure -- Never reply to a cyberstalker (L:1,2,3,4) [Rey10]
                27. Limit exposure -- Change online identity if necessary (L:3,4) [Rey10]
                28. Limit exposure -- Stay out of problem chat rooms (L:9) [Rey10]
                29. Malicious software protection [Col10a]
                30. Physical locks and restrains for critical equipment and media [Col10a]
                31. I/O controls, sensitive system isolation [Col10a]
                6.Extend guardianship
                1. RFID [Bro07a]
                2. Use Fraud Information Gathering System (FIGS) [Bro07a]
                3. RFID readers in second-hand shops and routinely used in vet/PDSA clinics? [Whi09]
                4. Enhance surveillance by providing more ways to report abuse, and unwanted contacts (R:4,6) [Rey10]
                5. Escorting of visitors [Col10a]
                6. Supervision of staff in secure areas [Col10a]
                7. Guardianship of mobile facilities outside offices [Col10a]
                11.Conceal Targets
                1. DMZ [Bro07a,Bee05,Col10a]
                2. Minimize reconnaissance info [Bee05]
                3. No port bannering [Bee05]
                4. Make blue tooth non-discoverable [Bro07a]
                5. Immediately repair damage to system [New03]
                6. Limit publicity about new security [New03]
                7. Regulate fraudulent advertising and scam web sites [New03]
                8. Adopt filtering software [New03]
                9. Advise customers to resist too-good-to-be-true offers [New03]
                10. RFID disabled parking badges [Whi09]
                11. Minimize information about location of critical equipment or offices [Col10a]
                12. Conceal use of PCs when travelling [Col10a]
                13. Reduce website details [Col10a]
                14. Minimize information on login application screens [Col10a]
                15. Use of logical decoys [Col10a]
                16. Remove any rank or status information on authentication IDs [Col10a]
                16.Reduce frustrations
                1. Good helpdesk [Bro07a]
                2. Speeds crowd movement into sports grounds measured with RFID [Whi09]
                3. Pleasant working environment [Col10a]
                4. Recreational activities [Col10a]
                5. Breaks [Col10a]
                6. Employee welfare [Col10a]
                21.Set rules
                1. Educate end-users [Mor04b]
                2. Provide a clear code of conduct [Rey10]
                3. Acceptable use policy [Bee05]
                4. User agreements [Bee05]
                5. Clear laws [Bee05]
                6. Information security policies [Wil09]
                7. Consumers should be more aware of risks [Mor04b]
                8. ICT industries could work with regulatory and consumer bodies [Mor04b]
                9. Push strongly on BS7799 (ISO17799) programme for government departments [Mor04b]
                10. Encourage industry to comply with IT security standard ISO 17799 [Mor04b]
                11. Enforce the law in simple area such as data protection [Mor04b]
                12. Provide or recommend best practice configuration guides [Mor04b]
                13. Industry should increase awareness to home users of threats [Mor04b]
                14. Industry to do their part, training employees and create suitable 'usage' policies [Mor04b]
                15. Prosecute offenders, enforce harsher penalties [Mor04b]
                16. Industry should attempt to understand and comply with relevant guidelines [Mor04b]
                17. Regulators (e.g. FSA) should make information security requirements explicit [Mor04b]
                18. Take cases involving new technologies to court to establish precedents [Mor04b]
                19. Amend Computer Misuse Act [Mor04b]
                20. Government should Issue guidance on risks and protection measures [Mor04b]
                21. Organisations need an up-to-date security policy [Mor04b]
                22. Review legislation so that cybercrimes are recognised and punishable [Mor04b]
                23. Theft Act isn't strong enough [Mor04b]
                24. UK government needs to provide leadership [Mor04b]
                25. Develop security policy and procedures for employees [New03]
                26. Adopt secure transaction protocol [New03]
                27. International agreements for copyright law, grey market commerce [New03]
                28. Promulgate best practice guides [New03]
                29. Rights and responsibilities policy for ISP [New03]
                30. Require proof of delivery for merchandise [New03]
                31. Access by RFID renders physical attempts at entry conspicuous [Whi09]
                32. Security policy [Col10a]
                33. Disciplinary procedures [Col10a]
                34. Conflicts of interest guidelines [Col10a]
                35. Confidentiality agreements [Col10a]
                36. Training /Awareness Program [Col10a]
                37. Third-Party Contracts [Col10a]
                2.Control access
                1. Authentication using passwords, pins [Bee05,Col10a,Bro07a,New03]
                2. Caller ID like technology for Internet [Mor04b]
                3. Logical: IDS [Col10a]
                4. Logical: Firewalls [Col10a]
                5. Digital certificates [Bee05]
                6. Smartcards [Bro07a]
                7. Wireless device Authentication [Mor04b]
                8. Differentiated access control [New03]
                9. Refuse suspect sellers at auctions [New03]
                10. Vet employees [Mor04b,New03]
                11. Do not open suspect e-mail or files [New03]
                12. Only give credit card information on secure sites [New03]
                13. Query requests for personal data [New03]
                14. Do not use public access computers (e.g. Internet cafes) for purchase [New03]
                15. Be wary of grey market web sites [New03]
                16. RFID-bearing card access [Whi09]
                17. Restrict access of all accounts to ``friends" only (R:3) [Rey10]
                18. Physical: Card/token for access [Col10a]
                19. Physical: locks for doors [Col10a]
                20. Physical: Reception desk and security guards (at entry) [Col10a]
                21. Physical: Visitor tags/cards [Col10a]
                22. Logical: Strong remote authentication [Col10a]
                7.Natural surveillance
                1. Report suspect email and information request to ISP [New03]
                2. Tamper-proof network cabling [Bee05]
                3. Network monitoring [Bee05,Bro07a]
                4. Bluesnarfing warning [Bro07a]
                5. Establish community watch on auction sites [New03]
                6. Monitor for illegal sales [New03]
                7. Provide customer feedback on auction transactions [New03]
                8. RFID checks in vet surgeries to identify stolen animals [Whi09]
                9. Open plan offices [Col10a]
                10. Incident reporting mechanism (e.g., hotline) [Col10a]
                12.Remove Targets
                1. Information & hardware segregation [Bee05]
                2. Bluetooth off when not in use [Bro07a]
                3. Keep valuable databases offline [New03]
                4. No dial-up access to database [New03]
                5. Refuse auction of stolen, counterfeit or unethical items [New03]
                6. Discourage payment in cash for auction items [New03]
                7. Provide third party escrow services and card acceptance for auction customers [New03]
                8. RFID allied to direct billing reduces need to carry cash [Whi09]
                9. Clear desk policy [Col10a]
                10. Workstation Time-out/Password Protected Screen Savers [Col10a]
                11. Paper shredders [Col10a]
                12. Secure disposal of old PCs and media [Col10a]
                13. Regulate use of USB devices or other media [Col10a]
                14. Thresholds on access to resources [Col10a]
                17.Avoid disputes
                1. Moderators in chat rooms [Bro07a]
                2. Definitive proof of ownership of goods with RFID [Whi09]
                3. Anticipate and manage negative workplace issues [Col10a]
                22.Post instructions
                1. `Authorised use only' login banners [Bro07a]
                2. Security policy [Bro07a]
                3. RFID Tagging Practiced Here signs [Whi09]
                4. Email disclaimers [Col10a]
                5. Security Policy [Col10a]
                6. Access labels for critical areas [Col10a]
                3.Screen exits
                1. IDS [Bee05]
                2. Antivirus [Bee05]
                3. Audit trail [Bro07a]
                4. Audit trail [Mor04b,New03]
                5. Logical: Firewalls [Col10a]
                6. Lawful interception [Bro07a]
                7. Quarantine feature [Mor04b]
                8. Analyse use patters to detect deviant use [New03]
                9. Check for sniffers and remove [New03]
                10. Check for rogue files [New03]
                11. Minimise cookies [New03]
                12. RFID as merchandise tag [Whi09]
                13. Physical: Security guards and reception desks [Col10a]
                14. Physical: Visitor tags/cards [Col10a]
                15. Physical: Accountability for assets that exit the premises [Col10a]
                8.Reduce anonymity
                1. RFID [Bro07a]
                2. Caller ID [Bro07a]
                3. Audit trails [Col10a]
                4. RFID embedded in soccer season tickets [Whi09]
                5. Increase effort required to obtain an account (R:1,3) [Rey10]
                6. Embed personal identifiers into every sent message (R:1,6,7,8,9) [Rey10]
                7. ID tags for staff and visitors [Col10a]
                8. Event logging [Col10a]
                13.Identify property
                1. RFID [Bro07a,New03]
                2. Information classification [Bee05]
                3. Watermarking [Bee05]
                4. IMEI [Bro07a]
                5. Digital signature standards [Bro07a]
                6. Copyright web pages [New03]
                7. prominent display copyright material on software and other elctronic products [New03]
                8. General retail goods identification with RFID [Whi09]
                9. Property marking [Col10a]
                10. Digital signatures [Col10a]
                11. Copyright protection [Col10a]
                12. Data labeling [Col10a]
                13. Data labeling [Col10a]
                18.Reduce arousal
                1. Makes shop theft less attractive if goods believed chipped with RFID [Whi09]
                2. Selection of user-friendly controls [Col10a]
                3. User participation in the risk analysis process [Col10a]
                23.Alert conscience
                1. Public awareness on the consequences of crime [Mor04b]
                2. educate: `copying software is stealing' [New03]
                3. Multi-level warning banners [Bee05]
                4. Codes of ethics [Bee05]
                5. Pop ups warning of illegal access attempt [Bro07a]
                6. Insert piracy awareness raising notifications [Bro07a]
                7. Government should educate citizens on e-crime prevention [Mor04b]
                8. Responsible use agreements [New03]
                9. Visible RFID tags [Whi09]
                10. Use of messages, i.e., copyright protection, privacy protection etc. [Col10a]
                11. Code of Ethics [Col10a]
                4.Deflect offenders
                1. Honeypots/ honeynets [Bee05]
                2. Segregation of information [Bee05]
                3. Segregation of duties [Wil09]
                4. Accept only credit card [New03]
                5. Use digital cash and digital certificates [New03]
                6. Promote use of smart cards [New03]
                7. Auctions: No cash payments [New03]
                8. Install biometric authentication [New03]
                9. Revocable club RFID-enabled cards [Whi09]
                10. Limit exposure -- Spam filters on incoming emails (L:1) [Rey10]
                11. Honeypots/honeynets [Col10a]
                12. Segregation of duties [Col10a]
                13. Personnel screening [Col10a]
                14. Key splitting [Col10a]
                9.Place Managers
                1. IDS [Bro07a]
                2. Resource usage info [Bee05]
                3. Include regular employees in security team [New03]
                4. Train all employees in correct security procedures [New03]
                5. Offer incentives for employee vigilance [New03]
                6. Equipment hire company checking on integrity of hired equipment on return with RFID [Whi09]
                7. Management supervision [Col10a]
                8. Two person sign-off [Col10a]
                9. Nonitoring by system administrators [Col10a]
                14.Disrupt markets
                1. ISP should be keen to assist investigations [Mor04b]
                2. Penalise customers for breaches of security [New03]
                3. Hold auction websites responsible for illegal services [New03]
                4. Hold college campuses responsible for hackers [New03]
                5. Insist that merchants acknowledge security errors [New03]
                6. Remove user rights if rules of use not followed [New03]
                7. Sanctions against corporations if appropriate protective and remedial measures are not taken [Mor04b]
                8. Pressure/legislation on ISPs to improve services that enable counter-measures to be taken. [Mor04b]
                9. IT users need to accept some responsibility for security issues. [Mor04b]
                10. Counterfeit goods will not have RFID [Whi09]
                19.Neutralize peer pressure
                1. Advertise that hacking is illegal [Bro07a]
                2. Provides excuses not to steal pets tagged with RFID [Whi09]
                3. Disciplinary processes [Col10a]
                24.Assist compliance
                1. Security education of staff [Col10a,Wil09]
                2. Hacker challenges [Bee05]
                3. Employment opportunities for ex-hackers [Bee05]
                4. Remove the need for sharing passwords [Bro07a]
                5. Provide a central public attack warning notice when incidents are expected [Mor04b]
                6. Government to accredit independent advisors for the prevention of computer related incidents [Mor04b]
                7. CESG and the Office of the e-Envoy should be funded to distribute free protective software [Mor04b]
                8. Global security alerts from credible source. CERT is okay but only addresses technical community [Mor04b]
                9. Devise easy backup and restoration for customers' software [New03]
                10. Easy access to information about copyright holders [New03]
                11. Publish names and links to trusted online merchants [New03]
                12. Provide links to organisations that rate online businesses and survey online fraud [New03]
                13. Easy remote payment with RFID [Whi09]
                14. Single sign-on [Col10a]
                15. Point of reference for security issues Screening [Col10a]
                5.Control facilitators
                1. Caller ID [Bro07a]
                2. Make the ISP accountable for the traffic [Mor04b]
                3. Masking IP addresses [Bee05]
                4. Leased lines [Bee05]
                5. No broadcast [Bee05]
                6. Blacklists [Bro07a]
                7. Unique ID wireless equipment [Mor04b]
                8. Remove anonymity [Mor04b]
                9. Delete account of ex-employee [Wil09]
                10. Check attributes of critical files [New03]
                11. Use public key and other digital identification [New03]
                12. Governments should allow high level cryptography to be used internationally [New03]
                13. Advise customers to keep records of all transactions with online retailers [New03]
                14. Smart bullets with RFID [Whi09]
                15. Authentication systems [Col10a]
                16. Download control and mbile code protection [Col10a]
                17. Web access controls [Col10a]
                18. Access removal for ex-employees [Col10a]
                19. Removal of administrative rights [Col10a]
                20. Restricted use of devices (i.e., USB tokens, wireless access) [Col10a]
                21. Need-to-know access to information [Col10a]
                10.Formal surveillance
                1. Auditing and trail reviews [Bee05]
                2. RFID [Bro07a]
                3. Early warning systems of viruses and hacking attacks [Mor04b]
                4. IDS [Col10a,Wil09]
                5. Anomaly detection [Bee05]
                6. Lawful interception [Bro07a]
                7. Network monitoring [Mor04b]
                8. Appoint CSO [Mor04b]
                9. Publicise use of encryption and strong security surveillance [New03]
                10. Electronic tracking of delivery vehicles [New03]
                11. Maintain hidden presence on news groups and bulletin boards [New03]
                12. Fine art tagging in galleries and museums with RFID [Whi09]
                13. Monitor public websites, blogs, rooms etc for misuse (R:2,4,5,9) [Rey10]
                14. Security guards [Col10a]
                15. CCTV in areas with sensitive equipment or information [Col10a]
                16. Alarms (both physical and logical) [Col10a]
                15.Deny benefits
                1. Encrypt valuable data [Bee05,Col10a,Wil09,New03]
                2. Automatic data destruction mechanisms [Bee05]
                3. Remove defaced web site immediately [Bro07a]
                4. Blacklists [Bro07a]
                5. Use Fraud Information Gathering System (FIGS) [Bro07a]
                6. Antipiracy mechanisms [Mor04b]
                7. Business continuity plans [Mor04b]
                8. Contingency arrangements in case of a major hi-tech crime [Mor04b]
                9. Make software inoperable if user not authenticated [New03]
                10. Products only work with corresponding RFID [Whi09]
                11. Property marking [Col10a]
                12. Software dongles [Col10a]
                13. Use of multiple hardware or storage media (backup) [Col10a]
                14. Business continuity planning [Col10a]
                15. Insurance [Col10a]
                16. Effective/ timely incident handling [Col10a]
                17. Crisis management [Col10a]
                20.Discourage imitation
                1. Prompt software patching [Wil09,Col10a]
                2. Publish failed hacks, keep silent about successful hacks [Bro07a]
                3. Witnessing alarms triggered by RFID deters [Whi09]
                4. Rapid repair for web defacement [Col10a]
                5. Enforcing security policy on incidents or disciplinary procedures [Col10a]
                25.Control disinhibitors
                1. Cyber-ethics education [Bee05]
                2. Campaign against hacker culture [New03]
                3. Supervised computer use [Bee05]
                4. `Hackers hurt innocent people' [New03]
                5. RFID tags in proof of age ID [Whi09]
                6. RFID tagging of controlled substances [Whi09]