Staying safe: cybersecurity in modern museums
Wendy Pryor, Museums Victoria, Australia
AbstractMuseums are in the thick of data security: selling tickets and products online, collecting and updating members’ details, sending e-newsletters, recording donations, granting staff access to collection cataloging software, or negotiating agreements with commercial partners. A basic understanding of cyber threats, with a toolkit to combat them, is critical for maintaining cybersecurity. Cybersecurity refers to preventative methods used to protect the confidentiality, integrity, and availability of data. Part one of our paper describes threats and approaches to protecting information, intellectual property, and the computer network itself from external, internal, and hidden cyber threats. An effective cybersecurity approach should include network firewalls and gateways, anti-malware, user access management and authentication controls, backup management, business continuity and disaster recovery planning, patch management, and software updates. These will be bolstered by staff education. Supported by your executive, the cybersecurity strategy will align with your museum’s business goals and risk appetite. Part two focusses on cryptography (writing and solving codes) to emphasize that information security is a perennial problem. Historically, the potential rewards for breaking codes and deciphering messages are obvious: outsmarting enemies, exposing diplomatic secrets, or unravelling plots. Four examples (Ceasar Cipher, Mary Queen of Scots Cipher, Polybius Square Cipher, Enigma machine) demonstrate the escalating complexity of cryptography since classical times. Modern cryptography exists at the intersection of mathematics, computer science, and electrical engineering. Current applications of cryptography include ATM cards, computer passwords, electronic commerce, digital rights management and copyright—all of which are relevant to museums.
Keywords: Cryptography, cryptology, cipher, security, encryption, data
Introduction to cybersecurity
Museums are in the thick of cybersecurity. Whether selling tickets and products online, collecting and updating members’ details, sending e-newsletters, recording donors and their donations, granting staff access to collection cataloguing software or corporate finance systems, or negotiating agreements with commercial partners, a basic understanding of cybersecurity, with a toolkit to match, is critical for staying safe. Put simply, the more data a museum collects about its visitors and stakeholders, and the more sensitive that data is, the greater its attractiveness to cyber criminals.
Cybersecurity refers to preventative methods used to protect information from being stolen, compromised, or attacked. An understanding of potential information threats is needed in order to develop strategies for prevention. In a museum dependent on data and information, cybersecurity is not just an Information and Communications Technology (ICT) issue, but a business issue as well—an issue linking organizational objectives to risk appetite, to security priorities. The creation of a pragmatic and fit-for-purpose cybersecurity strategy depends on a common language and fruitful exchange between technologists and museum leaders. This paper is a beginning.
The first part describes threats and approaches to protecting information, data, intellectual property and the computer network itself from external, internal, and hidden cyberthreats. This is not modern scare-mongering: information security is a perennial problem. The second part uses examples of cryptography (writing and solving codes) to illustrate historical and contemporary approaches to information security, with a nod to the future of cybersecurity.
Importance of cybersecurity
We care about cybersecurity because we care about our data. When our data is compromised our reputation is at stake. A recent report by Deloitte (2015, 3) noted that 73% of consumers would reconsider using a company if it failed to keep their data safe.
October 2016 was Cyber Security Awareness Month in the UK. According to Morgan (2016) October was quiet in terms of data breaches and cyberattacks; only about 140 million records are known to have been leaked during that month! Morgan’s blog includes these alarming headlines, with hyperlinks to more detail, from around the world:
- “Hacker grabs over 58 million customer records from data storage firm” (US)
- “IES users’ data leaked due to ‘inadequate’ security measures” PDPC (Singapore)
- “Information of 13,000 Baystate patients possibly compromised due to ‘phishing'” (US)
- “Laptop with crucial CMO data stolen” (India)
- “Nurse suspended after snooping though 64 patients records” (New Zealand)
- “Rainbow Children’s Clinic notifies 33,368 patients of ransomware attack” (US)
- “Event Organizer Suffers Data Breach After Hacker Steals Mailing Lists” (Australia)
- “Province says it might have sent tax documents to wrong addresses” (Canada)
- “Private student information mistakenly posted online by Surrey School Board” (Canada)
- “96,000 public servants in new data breach” (Australia)
Healthcare and finance businesses are often targeted by cyberattacks due to the highly sensitive nature of their data. Closer to our world of museums, a recent data breach investigations report (Verizon, 2016, 4) noted 2,707 data security incidents in the entertainment industry (which includes museums) for 2015. This comprised 18 small, one large and 2,688 of unknown scale. A Google search revealed a report by Northrup (2015) of a zoo and museum gift shop operator confirming details of a payment data breach.
Part 1: Threats and approaches to cybersecurity
Protecting information, data, intellectual property and the network itself from cyber threats is the ultimate goal of an affective cybersecurity strategy. Threats fall into three categories: external, internal, and hidden.
External threats to cybersecurity and approaches to prevention
Building up defenses to secure an organization’s digital boundaries reduces the chance of unauthorized access from outside. Two such defenses are firewalls and gateways.
A firewall is a network security device that monitors and controls incoming and outgoing network traffic flows between an untrusted zone (such as the Internet) and a trusted zone (such as an organization’s network). The firewall acts as a filter in the network; all communication flows through it, and traffic is admitted or rejected according to a set of defined security rules. Firewalls can be implemented in hardware, software, or a combination of both.
A gateway is a device that joins together two different networks, for example, an internal network with the Internet. A router is an example of a gateway device; it decides where information is sent based on its computer (IP) address. A gateway therefore provides entry into different networks so we can send e-mail, read Web pages, and transact online.
Boundary firewalls and gateways provide a basic level of protection by monitoring network traffic and identifying and blocking unwanted and potentially harmful information, but they don’t necessarily protect against malicious software (malware). For example, an attacker might send an infected PDF as an email attachment to a user inside your network. The user opens the PDF, gets infected, and malware is installed on their computer.
Malware is software that was created for the purpose of doing something sinister to your computer or network. Using malware, cyber criminals operate remotely. There are many different types of malware, often named for the way they attack your computer. Below are some examples of insidious horrors.
|Type of malware||Aim||Technique|
|Virus||To gain access to, steal, modify and/or corrupt information and files from a targeted computer system||A small piece of software program that can replicate itself and spread from one computer to another by attaching itself to a computer file|
|Worm||To damage networks and possibly deliver payloads which allow remote control of the infected computer||Worms are self-replicating and do not require a program to attach themselves to. They seek vulnerabilities in operating systems and report back to the worm author when weaknesses are discovered.|
|Spyware/Adware||To take control of your computer and/or to collect personal information without your knowledge||By opening attachments, clicking links or downloading infected software, spyware/adware is installed on your computer.|
|Trojan||To create a “backdoor” on your computer by which information can be stolen and damage caused||A software program appears to perform one function (for example, virus removal) but actually acts as something else|
|Distributed denial-of-service (DDoS)||To overwhelm and disable a target system by sending a torrent of fake traffic, thereby denying service to legitimate users||Multiple compromised systems, which are often infected with a Trojan, are used to target a single system causing a Denial of Service (DoS) attack.|
|Ransomware||To encrypt data on a computer or network and then demand a ransom payment to decrypt or not publish it||Installs covertly on a victim’s computer and executes a cryptovirology attack that causes denial-of-access. Typically carried out using a Trojan that has a payload disguised as a legitimate file|
Table 1: types of malware, with aims and techniques
Anti-malware is a piece of software that you knowingly install on your computer with the purpose of protecting your system from malware infiltration and infection. Anti-malware programs are able to do this in three ways: they detect malware on your computer, safely remove it, and clean up any of the damage to the computer that the malware may have caused. Anti-malware software can be installed on an individual computer, gateway server or dedicated network appliance, or purchased as a cloud subscription service.
Technology alone is inadequate to counteract malware threats. Staff members are your human firewall. In order to function in this critical role they need awareness training so they can spot a suspicious email or unusual computer behavior. Staff should know how to report such an event and how to stop an infection from spreading.
Internal threats to cybersecurity and approaches to prevention
Behind the carefully constructed defenses described above, insider threat is noted by Verizon (2016, 35) as one of the main causes of data breaches–either malicious or unintentional. Careless or disgruntled staff can leak information or provide access to external parties without the organization knowing. This risk can be mitigated by ensuring that computers and network devices are configured so that they provide only the services required for a particular role. Examples of threats and controls follow.
User access management relates to the process of managing user access to applications and data, including how access is approved, revoked and periodically reviewed to ensure it is aligned with staff roles and responsibilities. Special consideration should be given to the role and privileges of ‘super users’ who may have the ability to create other users. Weaknesses in user access management controls may result in system and data access being awarded to staff for whom it is not necessary, thus jeopardising integrity and confidentiality of ICT systems and data.
Authentication controls assist in determining whether a user attempting to access a system is who they claim to be. Authentication is commonly performed through the use of passwords of defined complexity with regular cycles for change. In more tightly managed environments, two-factor authentication combines something the user knows (such as a password) with something the user has (such as a security token). Weaknesses in authentication controls may increase the risk of breaches in the confidentiality, integrity, and availability of systems and data.
Backup management refers to copying and archiving computer data so it may be used to restore the original after a data loss event or to recover data from an earlier time. Managing backups requires a balance between accessibility, security, and cost. Business continuity planning details the response strategy of an organization in order to continue operations and minimize the impact in the event of a disaster. It will normally include a section on ICT. ICT disaster recovery planning describes a process to assist in the recovery of an organisation’s ICT infrastructure in the event of a disaster.
The development of policies and procedures for user access management and authentication controls, aligned with organisational values and risk appetite, will assist in the management of internal threats. Developing plans and strategies for backup management, business continuity and ICT disaster recovery will increase the ability of an organisation to recover its critical systems and transactions in a complete and timely manner in the event of a breach.
Hidden threats to cybersecurity and approaches to prevention
Hidden threats may lurk in trusted software. Technical vulnerabilities, once discovered and shared publicly, can be exploited by cyber criminals; keeping software updated is an excellent prevention strategy.
Patch management applies to regularly applying patches to reduce the risk of unauthorised access to systems and data, thus enhancing the overall security profile of the ICT infrastructure. A patch is an additional piece of software released by vendors to fix security vulnerabilities or operational issues.
Ongoing/continuous vendor support is normally only available for current software. End-of-life describes ICT software or an application that a vendor intends to stop marketing or supporting. Vendors typically notify their customers in advance when such support arrangements will cease, to enable a smooth transition to current software. Committing to current software ensures that the vendor will continue to provide patches and other support.
To protect the confidentiality, integrity, and availability of data, an affective cybersecurity strategy should include network firewalls and gateways, anti-malware, an approach to user access management and authentication controls, backup management, business continuity and disaster recovery planning, patch management, and software updates. These will be bolstered by staff education. Supported by your executive, the cybersecurity strategy will align with your museum’s business goals and risk appetite.
Part 2: Cryptography and its application to data security
For thousands of years, kings, queens, and generals have relied on efficient communication in order to govern their countries and command their armies. All have been aware of the consequences of their messages falling into the wrong hands, revealing precious secrets to rival nations and betraying vital information to opposing forces. The threat of enemy interception motivated the development of techniques for disguising a message so that only the intended recipient could read it (Singhe, 2000, ix). Cryptography is picturesquely explained in the following way:
Derived from the Greek word kryptos, meaning ‘hidden.’ The aim of cryptography is not to hide the existence of a message, but rather to hide its meaning, a process known as encryption. To render the message unintelligible, it is scrambled according to a particular protocol which is agreed beforehand between the sender and intended recipient. Thus the recipient can reverse the scrambling protocol and make the message comprehensible. The advantage of the cryptography is that if the enemy intercepts an encrypted message, then the message is unreadable. Without knowing the scrambling protocol, the enemy should find it difficult, if not impossible, to recreate the original message from the encrypted text. (Singhe, 2000, 6.)
Here is the same explanation using the specialized vocabulary of cryptography. The original message is called the plaintext. The transformed message is called the ciphertext, and the process of creating the ciphertext (using an encryption algorithm or cipher with some built-in flexibility, known as the key) is encryption. The process of getting the original message back is called decryption, using a decryption algorithm. Thus one decrypts the ciphertext. To pass an encrypted message from one person to another, it is first necessary that both parties have the key for the cipher, so that the sender may encrypt it and the receiver may decrypt it.
The potential rewards for breaking codes and deciphering messages are obvious: outsmarting enemies, exposing diplomatic secrets, or unravelling plots. The history of encryption is as follows:
…the history of the “contest of wits” between encryption developers and encryption code breakers. Each time a new encryption algorithm is created, it has been decrypted, and that in turn has led to the creation of a new encryption algorithm, and cycles of algorithm creation and decryption have been repeated to this day… (Thawte, 2013, 3.)
One contemporary and four historical examples demonstrate the escalating complexity of cryptography:
Ceasar cipher is a type of simple substitution cipher in which each letter in the original plaintext is “shifted” a certain number of places down the alphabet. For example, with a shift of one, A would be replaced by B, B would become C, and so on. The method is named after Julius Caesar, who apparently used it to communicate with his generals.
|Plaintext||defend your data at all costs|
|Ciphertext||efgfoe zpvs ebub bu bmm dptut|
|Key||Number of characters (in this case 1) to shift the cipher alphabet|
Table 2: example of the use of the Ceasar ciper (Lyons, 2012)
Mary Queen of Scots cipher
The Babington Plot of 1586 was a plan to assassinate Queen Elizabeth I of England and put Mary, Queen of Scots on the English throne. Mary’s messages were captured by Elizabeth’s spies and they were cracked by her chief codebreaker. Mary was put on trial and the deciphered messages were used as evidence of her treachery. She was found guilty and executed in 1587.
The cipher that Mary used included a cipher alphabet, with substitutions for each letter from A to Z. The cipher also contained some code symbols for the most common words, and some more sophisticated symbols. This mixture of codes and ciphers, known as a nomenclator cipher, made decrypting the cipher more difficult—but not difficult enough to keep Mary safe. The codes were listed in a code book, which was the key to the cipher. The code book was in the possession of both senders and recipients.
Polybius Square Cipher
The Polybius Square is an ancient Greek invention, discovered by a scholar named Polybius, which can be used to translate letters into numbers. In order to fit the 26 letters of the alphabet into the 25 spots created by the table, the letters i and j are usually combined.
Using the Square, each letter is replaced with the two numbers that represent its position in the grid. In the example above, the number from the vertical axis precedes the number on the horizontal axis, so D becomes 14, E becomes 15 etc. A worked example follows.
|Plaintext||defend your data at all costs|
|Ciphertext||141521153314 54344542 14114411 1144 113131 1334434443|
Table 3: example of the use of the Polybius Square Cipher (Rodriguez-Clark, 2013)
Introducing the idea of a key to the Polybius Square adds to its complexity. This is achieved by reordering the alphabet before putting it in the grid. The letters of the keyword are added first, ignoring any repeat. So using a keyword polybius produces the mixed square below.
Decryption is straightforward provided the receiver of the message understands the basic form of the square and the keyword. Rodriguez-Clark (2013) notes also that the Polybius Square has been used for signalling with flags across long distances and as a “knock code” for prisoners to send messages to each other by knocking on the wall; it was used successfully in this way by American prisoners of war in the Vietnam War to talk to each other without detection.
Cracking the substitution cipher
Cracking substitution ciphers, like the examples above, marked the birth of cryptanalysis or code breaking. The key realisation was that if a message is enciphered so that every letter is substituted for a different letter (or symbol), then the new letter will take on all the attributes of the old letter, including how frequently it occurs.
In cryptanalysis, frequency analysis is the study of the frequency of letters or groups of letters in a ciphertext. According to Wikipedia (2016), frequency analysis is based on the fact that, in any given stretch of written language, certain letters and combinations of letters occur with varying frequencies. This characteristic distribution of letters is roughly the same for almost all samples of that language. For instance, given a slab of English language, E, T, A and O are the most common, while Z, Q and X are rare. Likewise, TH, ER, ON, and AN are the most common pairs of letters, and SS, EE, TT, and FF are the most common repeats.
Thus an approach to using frequency analysis for code breaking might entail counting the letters in the ciphertext and substituting the most common English letter, substituting the most common English pairs for the most common pairs in the ciphertext and so on—tentatively making and testing assumptions begins to unravel the message. Each painstaking revelation leads to greater clarity as more and more letters are patiently revealed. Perhaps unsurprisingly, during the Second World War some codebreakers were recruited based on their ability to solve crossword puzzles speedily.
Mechanical era ciphers: The Enigma machine
Mechanical ciphers developed around the Second World War relied on sophisticated gearing mechanisms to encipher text. The most famous example of a mechanical cipher was the Enigma, used by the Germans. The Enigma machine is similar to a complex type writer. All Germans had the same Enigma machine and the initial wheel configuration (the key) of the machine was communicated to all the teams. When a letter was pressed on the machine, a cipher letter lit up on the screen. Complexity was added when the wheel rotated after a certain number of letters, so that the cipher kept on changing. There could be many millions of possible configurations, thus deciphering Enigma was a monumental challenge.
Alan Turing, a Cambridge University mathematician, was instrumental in inventing an electromechanical machine that could find settings for the Enigma machine and unlock the German messages. The information acquired by decrypting the messages encrypted by Enigma was an important source of information for the Allies until the end of the war. This engrossing and now popular codebreaking story shows that, although mechanical ciphers are invariably more secure than their earlier counterparts, they could still be broken by sufficient application of skill, resources, and motivation.
Limitation of traditional cryptography
In the traditional use of cryptography to protect communications, it is necessary that both the originator and the recipient(s) have common knowledge of the cryptographic process (the algorithm) and that both share a secret common piece of information (the cryptographic key). Such a scheme, in which both communicating parties must share a key, is called symmetric cryptography. Its primary weakness is the operational disadvantage of requiring a safe method of distributing keys to all relevant parties.
Cryptography in the age of the internet
To address the limitations of symmetric cryptography, a scheme called asymmetric cryptography (or public-key cryptosystem), was developed in the mid-1970s. Each participant actually has two keys: public and private. The public key is published, is freely available to anyone, and is used for encryption. The private key is held in secrecy by the user and is used for decryption. Using asymmetrical keys (public and private) means that communications can be encrypted without delivering a key in advance.
The asymmetric cryptography system is based on number theory and prime numbers. A prime number is only evenly divisible by 1 and itself (examples are 2, 3, 5, 7, 11, 13, 17). A common practice is to use a ridiculously large semi-prime number (that is, the result of multiplying two prime numbers) as the number securing the encryption. In order to break the encryption it is necessary to find the two or more prime numbers that were multiplied together to result in the original semi-prime number. This works because modern computers can relatively easily generate a very, very large semi-prime number. However, if that number is large enough, computers might take days, months or years to work out which primes, when multiplied together, created the original semi-prime number. The security of the system therefore relies on the current limitations of modern computers which are unable to deduce the prime numbers in a reasonable time frame.
Hyper Text Transfer Protocol Secure (HTTPS) is an example of asymmetric cryptography. HTTPS is the secure version of HTTP, the protocol over which data is sent between your browser and the website that you are connected to, and is used to protect confidential online transactions like banking and purchasing. HTTPS means all communications between your browser and the website are encrypted with a secure protocol using an asymmetric Public Key Infrastructure (PKI) system with public and private keys to encrypt information. Anything encrypted with the public key can only be decrypted by the private key and vice-versa.
According to Comodo (2017), in the case of a website, the private key remains securely ensconced on the Web server. But the public key is distributed to anybody who needs to decrypt information that was encrypted with the private key. When you request an HTTPS connection to a webpage, the website will initially send its SSL certificate to your browser. This certificate contains the public key needed to begin the secure session. Based on this initial exchange your browser and the website then initiate the “SSL handshake.” The SSL handshake involves the generation of shared secrets to establish a uniquely secure connection between you and the website. A padlock icon in the browser address bar denotes an HTTPS connection.
Current uses of cryptography
Applications of cryptography have gone beyond its historical roots as secret writing. Today, cryptography serves as a powerful tool in support of cybersecurity. Dam & Lim (1996, 54-55) note that cryptography provides many useful capabilities:
- Confidentiality is the characteristic that information is protected from being viewed in transit during communications and/or when stored in an information system. With cryptographically provided confidentiality, encrypted information can fall into the hands of someone not authorised to view it without being compromised.
- Authentication is cryptographically based assurance that an asserted identity is valid for a given person (or computer system). With such assurance, it is difficult for an unauthorised party to impersonate an authorised one.
- Integrity check is cryptographically based assurance that a message or computer file has not been tampered with or altered. With such assurance, it is difficult for an unauthorised party to alter data.
- Digital signature is cryptographically based assurance that a message or file was sent or created by a given person. A digital signature cryptographically binds the identity of a person with the contents of the message or file, thus providing nonrepudiation; the inability to deny the authenticity of the message or file.
- Digital date/time stamp is cryptographically based assurance that a message or file was sent or created at a given date and time. Generally, such assurance is provided by an authoritative organization that appends a date/time stamp and digitally signs the message or file.
Other modern uses of cryptography are as follows:
- Digital rights management: Cryptography is central to digital rights management, a group of techniques for technologically controlling use of copyrighted material, implemented and deployed to benefit copyright holders.
- Data transfer: Encryption is also used to protect data in transit, for example data being transferred via networks (e.g. the Internet, e-commerce), mobile telephones, wireless microphones, Bluetooth devices and automatic teller machines.
The high level of confidence in the success of modern asymmetric cryptography for data protection indicates that the code makers are winning—for now. However, public-key algorithms can potentially be broken by a sufficiently large quantum computer.
Future of cryptography: quantum computing
As explained by Bonsor & Strickland (2000), quantum computers, harnessing the power of atoms and molecules to perform memory and processing tasks, have the potential to perform calculations significantly faster than any silicon-based computer. Unlike current computers which manipulate bits that exist in one of two states (0 or 1), quantum computers aren’t limited to two states; they encode information as quantum bits, or qubits, which can exist in superposition. Because a quantum computer can contain these multiple states simultaneously, it has the potential to be millions of times more powerful than today’s most powerful supercomputers.
Given the history of cryptography, quantum computing means that code breakers may gain the upper hand—but not for long. As the need for secret messages is unlikely to diminish, quantum computing will herald another escalation in the battle of wits between the code makers and code breakers.
Modern cryptography exists at the intersection of mathematics, computer science, and electrical engineering. Applications of cryptography include ATM cards, computer passwords, electronic commerce, digital rights management, and copyright—all of which are relevant to museums. Cryptography is a technology that can play an important role in addressing certain types of information vulnerability, although it is not sufficient to deal with all threats to information security. An understanding of potential cyber threats is critical to developing strategies for prevention applied across the ICT infrastructure. Every staff member has a role to play in protecting the confidentiality, integrity, and availability of their museum’s data.
Bonsor, K. & J. Strickland. (2000). “How Quantum Computers Work.” HowStuffWorks.com. Consulted January 9, 2017. Available http://computer.howstuffworks.com/quantum-computer.htm
Comodo. (2017). What is HTTPS? Consulted January 9, 2017. Available https://www.instantssl.com/ssl-certificate-products/https.html
Dam, K. W., & H.S. Lim (eds.) (1996). Cryptography’s role in securing the information society. Washington, D.C.: National Academies Press. Consulted January 25, 2017. Available https://www.nap.edu/read/5131/chapter/1
Deloitte. (2015). “Consumer data under attack: The growing threat of cyber crime.” Deloitte Consumer Review. Consulted December 28, 2016. Available https://www2.deloitte.com/content/dam/Deloitte/uk/Documents/consumer-business/deloitte-uk-consumer-review-nov-2015.pdf
Lyons, J. (2012). “Caesar Cipher.” Practical Cryptography website. Consulted January 6, 2017. Available http://practicalcryptography.com/ciphers/caesar-cipher/
Morgan, L. (2016). “List of data breaches and cyber attacks in October 2016 – 142, 160,000 records leaked.” IT Governance. Last updated October 27, 2016. Consulted January 6, 2017. Available http://www.itgovernance.co.uk/blog/list-of-data-breaches-and-cyber-attacks-in-october-2016-142160000-records-leaked/
Northrup, L. (2015). “Zoo And Museum Gift Shop Operator Confirms Details Of Payment Data Breach.” Consumerist website. Last updated October 15, 2015. Consulted January 6, 2017. Available https://consumerist.com/2015/10/15/zoo-and-museum-gift-shop-operator-confirms-payment-data-breach/
Rodriguez-Clark, D. (2013). “Polybius Square.” Crypto Corner website. Consulted January 7, 2017. Available http://crypto.interactive-maths.com/polybius-square.html
Singh, S. (n.d.). “Mary Queen of Scots.” The Black Chamber website. Consulted January 6, 2017. Available http://simonsingh.net/The_Black_Chamber/maryqueenofscots.html
Singh, S. (2000). The code book. London: Fourth Estate.
Thawte, Inc. (2013). History of Cryptography: An easy to understand history of cryptography. Consulted December 28, 2016. Available http://digcert.com/docs/thawte/history-cryptography.pdf
Wikipedia. (2016). Frequency analysis. Last modified December 9, 2016, at 19:51. Consulted January 9, 2017. Available https://en.wikipedia.org/wiki/Frequency_analysis
Wikipedia. (2017). Enigma machine. Last modified January 4, 2017, at 02:27. Consulted January 9, 2017. Available https://en.wikipedia.org/wiki/Enigma_machine
Verizon. (2016). 2016 Data Breach Investigations Report: 89% of breaches had a financial or espionage motive. Consulted January 9, 2017. Available http://www.verizonenterprise.com/verizon-insights-lab/dbir/2016/
. "Staying safe: cybersecurity in modern museums." MW17: MW 2017. Published January 23, 2017. Consulted .