Cybersecurity 1st Edition Duane C.

Wilson
Visit to download the full and correct content document:
https://ebookmeta.com/product/cybersecurity-1st-edition-duane-c-wilson/
More products digital (pdf, epub, mobi) instant
download maybe you interests ...

Cybersecurity 1st Edition Duane C. Wilson

https://ebookmeta.com/product/cybersecurity-1st-edition-duane-c-
wilson/

Rockwell s Lady 1st Edition A C Wilson

https://ebookmeta.com/product/rockwell-s-lady-1st-edition-a-c-
wilson/

Supercharge, Invasion, and Mudcake Growth in Downhole

Applications 1st Edition Wilson C. Chin

https://ebookmeta.com/product/supercharge-invasion-and-mudcake-
growth-in-downhole-applications-1st-edition-wilson-c-chin/

Cybersecurity and Third Party Risk Third Party Threat

Hunting 1st Edition Gregory C. Rasner

https://ebookmeta.com/product/cybersecurity-and-third-party-risk-
third-party-threat-hunting-1st-edition-gregory-c-rasner/
Thomas Calculus Solutions Manual 14th Edition Duane
Kouba

https://ebookmeta.com/product/thomas-calculus-solutions-
manual-14th-edition-duane-kouba/

Maritime Cybersecurity A Guide for Leaders and Managers

2nd Edition Gary C. Kessler

https://ebookmeta.com/product/maritime-cybersecurity-a-guide-for-
leaders-and-managers-2nd-edition-gary-c-kessler/

Care Climate and Debt Transdisciplinary Problems and

Possibilities 1st Edition Benjamin C Wilson Editor

https://ebookmeta.com/product/care-climate-and-debt-
transdisciplinary-problems-and-possibilities-1st-edition-
benjamin-c-wilson-editor/

Wilson, Carter - The New Neighbor 1st Edition Wilson

https://ebookmeta.com/product/wilson-carter-the-new-neighbor-1st-
edition-wilson/

Historical Dictionary of Inter American Organizations

Second Edition David W Dent Larman C Wilson

https://ebookmeta.com/product/historical-dictionary-of-inter-
american-organizations-second-edition-david-w-dent-larman-c-
wilson/
CYBERSECURITY
The MIT Press Essential Knowledge series

A complete list of the titles in this series appears at the back of this book.
 CYBERSECURITY
DUANE C. WILSON

The MIT Press | Cambridge, Massachusetts | London, England

© 2021 Massachusetts Institute of Technology

All rights reserved. No part of this book may be reproduced in any form
by any electronic or mechanical means (including photocopying, recording,
or information storage and retrieval) without permission in writing from
the publisher.

The MIT Press would like to thank the anonymous peer reviewers who
provided comments on drafts of this book. The generous work of academic
experts is essential for establishing the authority and quality of our
publications. We acknowledge with gratitude the contributions of these
otherwise uncredited readers.

This book was set in Chaparral Pro by New Best-set Typesetters Ltd.

Library of Congress Cataloging-­in-­Publication Data

Names: Wilson, Duane, author.

Title: Cyber security / Duane Wilson.
Description: Cambridge, Massachusetts : The MIT Press, [2021] | Series:
The MIT Press essential knowledge series | Includes bibliographical
references and index.
Identifiers: LCCN 2020033978 | ISBN 9780262542548 (paperback)
Subjects: LCSH: Computer security. | Internet—Security measures. |
Computer networks—Security measures. | Data protection.
Classification: LCC QA76.9.A25 W554 2021 | DDC 005.8—dc23
LC record available at https://lccn.loc.gov/2020033978

10 9 8 7 6 5 4 3 2 1
 CONTENTS

Series Foreword vii

1 Cybersecurity Origins 1
2 Foundations 9
3 Cryptography Demystified 31
4 Cybersecurity in Layers 47
5 Who Attacked Me? 67
6 Malware in Action 83
7 Modern-­Day Applications 99
8 Cybersecurity for the Future 115

Glossary 129
Notes 137
Further Reading 141
Index 143
 SERIES FOREWORD

The MIT Press Essential Knowledge series offers accessible,

concise, beautifully produced pocket-­size books on topics
of current interest. Written by leading thinkers, the books
in this series deliver expert overviews of subjects that
range from the cultural and the historical to the scientific
and the technical.
In today’s era of instant information gratification, we
have ready access to opinions, rationalizations, and super-
ficial descriptions. Much harder to come by is the founda-
tional knowledge that informs a principled understanding
of the world. Essential Knowledge books fill that need.
Synthesizing specialized subject matter for nonspecialists
and engaging critical topics through fundamentals, each
of these compact volumes offers readers a point of access
to complex ideas.
 1

CYBERSECURITY ORIGINS

Internet security has become an enormous challenge.

Almost everything we see, touch, or use is connected to the
internet, including cell phones, wearable devices, home
appliances, and even semiautonomous vehicles. The inter-
net is a portal for businesses, governments, and other insti-
tutions, providing remote access to trade secrets, medical
records, and financial data. And such is the paradox of con-
nectivity: the more connected our computer systems, the
more exposed they are to cyberattacks—­attempts to steal
data, corrupt software, disrupt operations, and even phys-
ically damage hardware and networked infrastructures.
The field of cybersecurity exists to meet the challenge
of understanding and protecting against such attacks. In
this book, I will present the risks associated with internet
use, modern methods to defend it, and general principles
for safer internet use. These principles, which have been
developed over the years by cybersecurity experts, tend to
be disseminated to and implemented by businesses, gov-
ernments, and other organizations for which the stakes
are understandably high.
A network, however, is typically only as strong as its
weakest link. A cyberattack on an organization often pro-
ceeds from a successful attack against just one individual.
And if that person has not been trained to identify the key
indicators of a cyberattack, they may unwittingly open the
back door, or front door, to an intruder. This book aims to
arm the reader with the knowledge needed for the front
line of the cyberbattle.
The origins of cybersecurity can be traced back to
World War II. At that time, cipher machines were used for
cryptography—­the act of sharing secrets using codes. A
cipher machine is a device that is used to keep communica-
tions private through encryption—­the process of making
a message private. These machines were rudimentary but
frequently effective methods of secure communication
during wartime. During World War II, the primary cipher
machine used by Nazi Germany was called Enigma (see
figure 1) and the ones used by the Japanese troops were
code-­named Purple. Both machines had a similar opera-
tional protocol:

1. An operator—­the sender—­at a command post would

be given a message to encrypt.

2. The sender would type the message on the machine.

2  chapter 1
Figure 1 Enigma machine and components.

3. For each key pressed, a lamp would light up. The

character corresponding to the lamp that lit up would
actually be determined by a pseudorandom substitution
cipher (or code). The action of pressing a key also moved
one or more rotors inside the machine so that the next
key press would trigger a different substitution pattern.

4. On the other end of the message, the receiver would

see the lamp corresponding to the encrypted letter.1

5. An operator—­at the receiving command post—­would

then press the keys associated with the lit letters and
piece together the message (e.g., similar to decoding
Morse code).

Cybersecurity Origins 3
 Cipher machines allowed military personnel to encrypt
and decrypt communications. That process is called confi-
dentiality, one of six fundamental goals of cybersecurity.
(All six are formally introduced in chapter 2.) These days,
cybersecurity technologies are much more complex and
sophisticated than cipher machines. But it is essential
that we understand the basic vulnerabilities of electronic
communications.
As computer technologies became more sophisti-
cated and interconnected, they became more susceptible
to more pernicious—­and malicious—­forms of attacks.
Malicious software, or malware, emerged as the first class
of threats to computer and networked systems. Some of
the more commonly known types of malware are viruses,
worms, ransomware, spyware, adware, Trojans, and
bots. (For an overview of malware, see chapter 6.) The
earliest-­known cases of malware were viruses and worms.
A computer virus infects another computer program and
spreads whenever that program is used. A computer worm
is a stand-­alone program that exploits a vulnerability in a
computer system, and spreads itself through vulnerabili-
ties or by tricking the user into executing (or running) it.
The Creeper virus (or technically, the Creeper worm)
was created in 1971 by Robert (Bob) H. Thomas, a re-
searcher at BBN Technologies in Cambridge, Massachu-
setts. (BBN designed the first generation of gateways,
or routers, for the Advanced Research Projects Agency

4  chapter 1
Network [ARPANET], the precursor to the modern in-
ternet.) Creeper was an experimental self-­ duplicating
program that was designed to demonstrate mobile trans-
mittal of computer applications. It moved between com-
puters connected to the ARPANET (the first version of the
internet) and using BBN’s TENEX operating system (OS),
infected both computers and printers, displaying the mes-
sage “I’M THE CREEPER: CATCH ME IF YOU CAN.”2
In 1982, Richard Skrenta, a curious fifteen year old,
wrote the code for Elk Cloner, the first computer virus
known to be spread “in the wild,” meaning outside a closed
network or research environment. The virus was installed
on floppy diskettes that stored the Apple II OS. When
a computer was booted from an infected disk, the virus
would copy itself to any uninfected floppy disk it could
access—­at that time, most computers had dual disk drives,
and OS disks were often used to boot up multiple comput-
ers. On every fiftieth infected computer, the virus would
display the following text (shown here in the groovy style
of the 1980s):

Elk Cloner: The program with a personality

It will get on all your disks

It will infiltrate your chips

Yes it’s Cloner!

Cybersecurity Origins 5
 It will stick to you like glue

It will modify ram too

Send in the Cloner!3

These two cases illustrate how software applications—

if they are able to spread uncontrollably—­can be irritat-
ing and intrusive at best, even if they weren’t meant to
be harmful. Yet the Morris worm created in 1988 was
deliberately written with malicious intent and arguably
led to the cybersecurity field as we know it today. Robert
Tappan Morris, then a graduate student at Cornell Univer-
sity, launched his worm surreptitiously from a computer
based at MIT that was connected to the then-­nascent
internet. What made the Morris worm malicious was that
it created far more copies of itself than Morris intended,
which drained the infected computer’s resources—­this
is now known as a denial-­of-­service attack. Such attacks
impact a computer system’s availability, the second fun-
damental cybersecurity goal. Estimates at the time
claimed that the worm infected more than ten thousand
computers and cost the government hundreds of thou-
sands to millions of dollars to decontaminate the stalled
computers. Morris was tried and convicted in a federal
court.
So why was the internet’s design so insecure? Have
there been improvements over the years to address some

6  chapter 1
of its inherent vulnerabilities? To answer these questions,
we must briefly understand one of its core features—­
packet switching. In 1961, MIT PhD computer science
student Leonard Kleinrock published a theoretical paper
on packet switching, an alternative method to purely elec-
tronic signals for sharing data between connected com-
puter systems. A packet consists of a header and payload;
the header tells the network’s hardware where and how
to deliver the payload, the contents of the message. The
concept was later adopted in the early plans for ARPANET
by MIT-­trained electrical engineer Lawrence (Larry) G.
Roberts, who was then working for the Defense Advanced
Research Projects Agency.
Kleinrock would later obtain a professorship at the
University of California in Los Angeles; his lab was se-
lected as the first node for the nascent ARPANET. As more
computers were added to ARPANET, computer scientists
focused on software to govern the shuttling of data across
the network. An early example is the host-­to-­host proto-
col, which outlined the rules by which information is ex-
changed: the message (or packet) format, delivery time,
file type, and other such variables. Today, consumers as-
sume that their internet-­connected devices have built-­in
cybersecurity measures, however that was not a concern
for the internet pioneers. Somehow they did not antici-
pate the diversity and intensity of the cyberattacks that
now plague the internet.

Cybersecurity Origins 7
 The Morris worm attack could have been prevented.
Estimates are that it shut down roughly 10 percent of
all the computers connected to the internet at the time;
that’s essentially a cyberpandemic! That worm prolifer-
ated largely because the early internet had a flat structure
rather than a hierarchical one. Today, the internet is essen-
tially made up of public and private networks separated by
firewalls—­cybersecurity protocols that monitor and con-
trol the flow of traffic into and out of private networks (i.e.,
an organization’s local network). A simple firewall would
have stopped the Morris worm in its tracks. The inter-
net is now more secure, but it is also more threatened. In
the subsequent chapters, I will explore both the threats
and modern cyberdefenses. Additionally, I will show how
cybersecurity is practically implemented on the internet,
and discuss how the field is likely to change with new and
forthcoming technologies, such as blockchain technology
or quantum cryptography.

8  chapter 1
 2

FOUNDATIONS

In the early 1960s, people saw the great potential of

transmitting and sharing information across different
systems, with a focus on the scientific and military fields.
The theory of packet switching, which forms the basis
of the modern-­day internet, emerged after MIT’s J. C. R.
Licklider proposed the first global network of computers
in 1962. Along with early technological innovations came
the need to secure sensitive data, software, and applica-
tions, giving birth to cybersecurity. Further underscoring
the importance of cybersecurity is the explosion of inter-
net (or World Wide Web [WWW]) users, who jumped from
one billion in 2005 to more than four billion in 2019.1
And that’s only 53 percent of the world’s (still growing)
population!
The WWW is responsible for the interaction between
humans via technological mediums. The terms WWW and
internet are often used interchangeably, yet WWW refers
to the web of information (i.e., websites, files, and other
resources) accessible via the internet (i.e., a global con-
nection of computers linked together). Tim Berners-­Lee
introduced the idea for the WWW in 1989.2 Since then, a
total of four web generations have been introduced. Web
1.0 was essentially an information portal for businesses
to broadcast their information. Web 2.0 introduced the
concept of a social network in which people were grouped
based on common interests. Web 3.0, or the semantic web,
featured machine-­readable content that aimed to reduce
the number of tasks and decisions a human would make,
with the goal of making it easier for humans to find in-
formation online by training machines to understand
the interrelationship between data. This was the advent
of what we know today as artificial intelligence and ma-
chine learning. Web 4.0, or the symbiotic web, aims to
take the interrelationship between humans and machines
to an even deeper level. In a symbiotic web, machines are
clever enough to read internet content and react to it; for
example, the web could bring up the last page you viewed
or display ads based on previous searches. With the advent
of Web 4.0, it is more important than ever that we un-
derstand and implement effective cybersecurity. But to do
that, we first need to know what cybersecurity actually is.
The overall aim of cybersecurity is to protect digital
assets from being compromised. I mentioned in chapter 1

10  chapter 2
that there are six goals of cybersecurity. In fact, there are
three industry-­recognized major goals (1–­3), and three
others (4–­6) that are often neglected.

1. Confidentiality: keeping information secret

2. Integrity: keeping information correct and reliable

3. Availability: ensuring information is available to the

right people at the right time

4. Authentication: verifying an identity

5. Authorization: verifying access to resources

6. Nonrepudiation: validating the source of information

Keeping Information Secret

Confidentiality is a principle that is easy to understand

because it applies to many non-­ cyber situations. The
government frequently uses it to denote the act of keep-
ing sensitive or classified data from people without the
proper clearances; the information is only shared on a
“need-­to-­know” basis. Sometimes confidentiality is used
interchangeably with privacy, as in keeping all confidential
information in a private or locked container. In the cyber
world, people’s information is kept confidential through

Foundations 11
the use of encryption. Described further in the next chap-
ter, encryption is a fundamental part of cryptography that
allows for data to be translated into a form that is illegible
to those without authorized access. Encryption requires a
secret key that is known only to the parties that possess
it. Decryption is the opposite of encryption and is known
as the process of converting the encrypted data back to its
original form. In the digital world, encryption and decryp-
tion are accomplished at varying levels of sophistication,
but at a high level, they are essentially the same as using a
key to lock and unlock our house or car.
There are two forms of encryption: symmetric and
asymmetric. Symmetric encryption uses the same key
to both encrypt and decrypt data. Asymmetric encryp-
tion uses a key that is publicly available to encrypt (pub-
lic key) and a key that is kept private to decrypt (private
key). Symmetric key encryption is much faster than asym-
metric key encryption, so it is the preferred choice for
encrypting or decrypting data. The asymmetric key can
be used to encrypt the symmetric key to protect it from
being stolen. The combination of symmetric and asym-
metric key encryption is effective for protecting a variety
of online transactions. Indeed, it forms the basis for the
blockchain and other technologies that have given rise to
cryptocurrencies.
The standard technology for keeping an internet con-
nection secure while safeguarding sensitive data being

12  chapter 2
In the cyber world,
people’s information
is kept confidential
through the use of
encryption.
sent between the client and web server is the Secure Sock-
ets Layer (SSL). Someone who purchases a domain name
is typically given the option of purchasing an SSL certifi-
cate, which works like a digital wallet containing infor-
mation that identifies its owner and the metadata about
that owner. An SSL certificate prevents criminals from
reading and modifying any information being transferred
between websites, including potential personal details.
When a website is secured by an SSL certificate, the web-
site address, or URL, will show up as a Hypertext Trans-
fer Protocol Secure (HTTPS), and not just HTTP. A recent
update to the SSL is Transport Layer Security (TLS), which
allows users to view the details of the certificate, including
the issuing authority and corporate name of the website
owner.
Both SSL and TLS enable us to talk to other users or
computer systems online in a secure manner –­through
the establishment of a secure communications channel.
They are generally used interchangeably, and you will often
see them denoted as SSL/TLS in writing. SSL/TLS uses
both asymmetric and symmetric key encryption to accom-
plish the goal of secure data transmission. At a high level,
the steps used behind the scenes for SSL/TLS are those
depicted in figure 2. In summary, a client (a networked
computer) and the server (the host of resources that the
client needs to access) contact one another, the SSL/TLS
certificate is presented, the client authenticates it, they

14  chapter 2
Figure 2 SSL/TLS encrypted session establishment.

Foundations 15
exchange a list of supported cipher suites and agree on
one, and then key exchange occurs.3

Blockchain Security

Encryption is also a fundamental process for cryptocur-

rencies, which have become a mainstream topic. The
underpinning of cryptocurrencies like Bitcoin is called a
blockchain—­a distributed database containing records, or
transactions, stored simultaneously on multiple comput-
ers. Cryptocurrencies are based on several cryptographic
foundations—­to include encryption. The unique charac-
teristic that makes the blockchain interesting is its ability
to verify various types of transactions without needing a
centralized authority. The encryption of blockchain data
is necessary to preserve a user’s privacy and confiden-
tiality. Each time a transaction is made, a record of it is
stored on the blockchain. Similar to the SSL/TLS hand-
shake protocol described above, a key aspect of privacy in
blockchains is the use of private and public keys. Block-
chain systems use asymmetric/public key cryptography
to secure transactions between users.4 With their growth
in popularity, blockchain systems are one of the primary
uses of cryptography today. Given the massive interest,
an increasing number of blockchain-­based start-­up com-
panies have sprung up, and investment in them has grown

16  chapter 2
from roughly $1 million in 2012 to more than $1 billion in
2017. In 2018, the blockchain protocol known as EOSIO
generated a massive $4.2 billion of investment in the “ini-
tial coin offering” for its EOS cryptocurrency.5

Integrity

Integrity is formally defined as “the quality of being hon-

est and having strong moral principles; moral uprightness.”
In the cyber world, integrity refers to the trustworthiness
and reliability of data and systems. A computer user wants
to know that the data they create, access, or receive is
verifiably reliable and accurate. Integrity is achieved by a
principle of cryptography called hashing. Hashing, unlike
encryption, is a one-­way operation that creates a represen-
tation of data that can only be verified through the same
transaction. When we discuss the primary purposes and
use cases of cryptography, they include both data confi-
dentiality and integrity.
Integrity comes in two flavors when applied in a cyber-
security context: system and data integrity. The order is
actually important since data resides on a computer sys-
tem of some sort, so you must be able to trust that system
first and foremost. Thus, system integrity is simply being
able to trust the system with which you are interacting.
This can be accomplished in two primary ways: verifying

Foundations 17
the identity of the users authorized to access a system,
and verifying that the system has not been compromised
since the last log-­in. The first principle requires the use
of some form of biometric data. Most modern machines
now have some form of biometric authentication avail-
able, such as an iris scan, fingerprint reader, or voice rec-
ognition that works in combination with text-­based log-­in
credentials, like a username and password. The second
principle is usually accomplished by an OS function called
secure boot. Imagine that before you can enter your car or
house, there is a scan to determine whether or not it has
been broken into. This is akin to what a secure boot does
for a computer system. If the scan results in any errors (i.e.,
something has changed since the last log-­in), the system
will shut down and refuse to boot until it is analyzed for
compromise. The combination of these two principles—­
biometric authentication and secure boot—­provides sys-
tem integrity.
Data integrity is the successor to system integrity.
Why? In the analogy I used above regarding the house,
once you have verified that (in general) things have not
been tampered with, then you want to verify the con-
tents one by one, especially the most critical ones. In
computing, data comes in many different formats, sizes,
and access levels (e.g., classified information). Both data
and system integrity verification require some form of
hashing. As mentioned above, hashing is a cryptographic

18  chapter 2
transformation that produces an irreversible representa-
tion of the item that was hashed. In other words, data is
transformed using a cryptographic key and function that
results in a string of characters that represents that file,
application, password, or system contents. This same
operation can be performed before the file, application,
password, or system contents are accessed. This verifies
that the integrity of the item has not changed since its last
known “trusted” state. Referring back to the house anal-
ogy, let’s say you notice that your safe has been tampered
with; you may still have an integrity issue regardless of the
results of the “house scan” for system integrity.
Three of the top examples of integrity principles being
used today are passwords, application verification, and
tripwire. Passwords are still the most widely used form
of authentication in conjunction with some form of a
username. To maintain their integrity and confidential-
ity, passwords are not stored in their native form. Once
you create a password, it will be hashed, salted, and then
stored. Adding the salt to hashing provides another level
of security for password integrity. A salt is essentially a
one-­time random stream of characters that is changed
every time the password is updated. The application auto-
matically updates the salt, without requiring interaction
by the user or system owner. The best modern-­day exam-
ple of a salt is the completely automated public Turing test
to tell computers and humans apart (captcha). Each time

Foundations 19
you navigate to a website and attempt to log in, a differ-
ent captcha code is presented, which serves as part of the
authentication process.
In the event that an application may have been tam-
pered with, application verification can be initiated, which
is typically done when an application (like a hash) is cre-
ated and downloaded (e.g., the same hash is computed or
verified). If the hash verification process fails, the user
should not trust the application.
Lastly, tripwire is an application used primarily for file
integrity. By now you can see the pattern for integrity, and
tripwire follows suit. Once installed, it will create hashes
of all the files you select and update these hashes when-
ever an authorized user updates the files. On accessing the
files that have been integrity protected, tripwire will send
an alert if a file has been modified by an unauthorized user.

Availability

In the context of cybersecurity, availability refers to data

being accessible when it is required. Availability is par-
ticularly important to businesses and other organizations
that require “on-­demand” access to data. For example, if
an online retailer is selling a sweater that is also avail-
able on other websites, it must ensure that its sweater is
available at the same time or even before its competitors.

20  chapter 2
Otherwise the retailer is likely to lose sales. Key metrics
related to availability are uptime and downtime, which
reflect the percentage of time a system could potentially
be up or down, respectively, during a given period. Table 1
shows the mapping between percentages and actual time
periods. As you can see, even the smallest percent-
age change results in a lot more downtime across years,
months, weeks, and days.6
Availability affects many aspects of our online interac-
tions. Many organizations are now using cloud computing
(accessing remote data centers for resources, data storage,
and computing power) to enable digital transformation
(how digital information is used or transformed). Accord-
ing to the latest Gartner report, the cloud technologies
services market was projected to grow 17.3 percent ($206
billion) in 2019, up from $175.8 billion in 2018; by 2022,
90 percent of organizations will be using cloud services.7

Table 1 Uptime Chart

Availability Downtime Downtime Downtime Downtime

per year per month per week per day

90% (“one nine”) 36.50 days 72.0 hours 16.80 hours 2.4 hours
95% 18.25 days 36.0 hours 8.40 hours 1.2 hours
97% 10.96 days 21.6 hours 5.04 hours 43.2 minutes
98% 7.30 days 14.4 hours 3.36 hours 28.8 minutes
99% (“two nines”) 3.65 days 7.2 hours 1.68 hours 14.4 minutes

Foundations 21
 Clouds are particularly important for e-­commerce. Stud-
ies estimate that 1.92 billion global digital buyers existed
in 2019. Today, about 25 percent of the world’s popula-
tion of 7.7 billion people shop online.8 The ubiquity of the
cloud makes the goal of availability all that much more
important.
Availability is also critical to governments, and espe-
cially their departments of defense. When a business’s
cyber system fails or is interrupted, business operations
and revenue are negatively impacted. When a government-­
run system goes down, lives can be lost. For example, the
US Department of Defense’s Advanced Field Artillery Tac-
tical Data System is used by the army and marine corps
to provide automated support during conflicts.9 When a
“request-­for-­fire” command is made to this system, a num-
ber of components and subsystems need to be available at
that precise moment in order to achieve a precision strike.
Any interruption to such a system could be catastrophic.

The Overlooked Cybersecurity Goals

There are three goals that are typically left out of primary
cybersecurity definitions: authentication, authorization,
and nonrepudiation. Although confidentiality, integrity,
and availability are the foundations on which the entire

22  chapter 2
field is built, if you cannot verify online identity (authen-
tication), determine what users have access to (authoriza-
tion), and prevent users from denying that things have
occurred (nonrepudiation), you are only solving a portion
of the cybersecurity problem.

Authentication
In its simplest form, authentication is usually accom-
plished by a username and password selected by the user.
It is safe to assume that most individuals have had to use
some form of authentication online. Its purpose is to ver-
ify that a user is who they say they are. Multifactor authen-
tication (MFA) is typically required to access a resource.
One of the first steps of access control is the identification
and authentication of users. There are three common fac-
tors used for authentication:

• Something you know (such as a password)

• Something you have (such as a smart card)

• Something you are (such as a fingerprint or other

biometric method)

The combination of these factors provides a strong method

of validating an individual and suppling the information
required for the next step—­authorization.

Foundations 23
Authorization
Authorization works in conjunction with authentication;
it takes place after an individual has been authenticated
to a system. Authorization then is responsible for deter-
mining the scope of access to a resource that a particu-
lar person has once authenticated. What is a resource? A
resource can be anything in a computing environment.
The most common resources are files (like a word proc-
essing document) or applications (like a word processing
software or internet browser). All files in any variant of
an OS—­Microsoft’s Windows, Red Hat’s Linux, or Apple’s
iOS—­can be assigned permissions. File permissions facili-
tate the authorization’s scope and type. See figure 3 for the
Linux OS’s permissions structure.
Applications contain similar permissions structures,
but let us take a closer look at how permissions work. As
you can see, there are four general permissions sections:
file type, file owner permissions, group owner permissions, and
other user permissions. The file type section is simple, ask-
ing: Are these permissions applicable to a file or directory
(which hosts multiple files)? The file owner is the authen-
ticated user. This section denotes whether or not a user
can read (r) the file only, or both read and write (w) to the
file (i.e., edit the file). The (x) is specifically for applications
that can be executed or run. These same permissions apply
for people in the same group. For a particular organization,
you can have all administrative assistants or engineers in

24  chapter 2
Figure 3 Linux permissions structure.

the same group if desired. The last set of permissions are

for “everyone else.” For example, this might be people out-
side your organization not authorized to access the file/
application.
I have discussed multiple applications of authentica-
tion to include system/device/web access, MFA, and bio-
metrics. The top examples for authorization are access
control lists (ACLs) for files, applications, and several
network devices. ACLs for files and applications are essen-
tially the same as the permissions I previously described.
Network devices such as a firewall or intrusion prevention
system (IPS) control access to traffic flowing in or out of a
network. They both leverage some form of authorization

Foundations 25
techniques in their approach to traffic control. Firewall
ACLs are called rules. For instance, most companies pre-
vent access to certain sites (e.g., pornography sites) from
an internal computer. One or more rules that disallow
a web browser from navigating to that type of website
accomplishes this block. An IPS is usually deployed to pre-
vent malicious traffic from coming into a network. An easy
illustration to understand is an email that has an attach-
ment with some form of malware in it. XYZ has designed
an IPS to detect this type of traffic, and then block the
attachment or prevent the email from reaching the recipi-
ent’s in-­box.

Nonrepudiation
The last goal of cybersecurity—­nonrepudiation—­is typi-
cally handled using a digital signature or something simi-
lar. It prevents someone from being able to claim that they
did not send a message or authorize some other action,
when they actually did. It is most commonly used in email,
however it has its origins off-­line in the postal service.
Postal services offer the mail service of registered mail in
many countries. Registered mail provides the sender proof
of mailing via a mailing receipt, and on request, electronic
verification that the mail service delivered an article or
attempted to make a delivery. In this case, nonrepudia-
tion is focused on the recipient—­not the sender—­but the
same principles apply. A second, nontechnical example is

26  chapter 2
a notary public—­someone authorized by the government
to serve the public as an impartial witness in performing a
variety of official fraud-­deterrent acts related to the sign-
ing of important documents. A notary’s duty is to screen
the signers of important documents for their true identity,
to sign without duress or intimidation, and to be aware of
the contents of the document or transaction.
In the digital world, nonrepudiation plays a role in
email origin verification, financial transactions, and audit
records. For email, since malware is often transmitted
through attachments, nonrepudiation gives the sender
some form of proof that the origin of the message is
legitimate and can be trusted. This is accomplished using
a digital signature. If you recall, earlier I discussed asym-
metric key cryptography. In this form of cryptography,
there is a public and private key. I will explore this in fur-
ther detail in chapter 3, but here it is helpful to note that
the private key is used to produce a digital signature that
can be verified by the recipient of an email message. In
financial transactions, users are required to provide iden-
tifying information before making a purchase and each
transaction is associated with a unique ID. This is, in part,
to provide nonrepudiation to protect vendors from users
making false refund claims for products they have already
received. Lastly, financial websites maintain a detailed
record of each page visited including information such
as internet protocol (IP) addresses. Digital forensics can

Foundations 27
use this information to prove the authenticity of a user’s
actions.10

Cyber Principles in Action

I end this chapter by looking at a real-­world incident that

encompasses a number of these cyber principles gone
wrong. This attack was so impactful it even has its own
website (www.heartbleed.com). Here is the background of
the attack, which occurred in 2012 and was publicly dis-
closed in April 2014, directly from the site:

The Heartbleed Bug is a serious vulnerability in the

popular OpenSSL cryptographic software library.
This weakness allows stealing the information
protected, under normal conditions, by the SSL/
TLS encryption used to secure the Internet. SSL/
TLS provides communication security and privacy
over the Internet for applications such as web, email,
instant messaging (IM) and some virtual private
networks (VPNs). The Heartbleed bug allows anyone
on the Internet to read the memory of the systems
protected by the vulnerable versions of the OpenSSL
software. This compromises the secret keys used
to identify the service providers and to encrypt the
traffic, the names and passwords of the users and the

28  chapter 2
 actual content. This allows attackers to eavesdrop on
communications, steal data directly from the services
and users and to impersonate services and users.

Remember, there are two types of encryption: one

that uses the same key for encryption and decryption
(symmetric encryption), and another that uses two dif-
ferent keys (asymmetric encryption). In the Heartbleed
attack, almost 70 percent of internet users were affected
since OpenSSL was used by about 66 percent of the web
servers currently in use at the time. Based on the attack,
the private key within the asymmetric key pair was com-
promised. This was a widespread attack that affected over
six hundred million internet sites. A simple programming
error caused it, but the result was catastrophic. Attacks
of this magnitude affect most (if not all) cybersecurity
tenets. The primary result of this attack was the ability
for an attacker to eavesdrop. This impacted confidential-
ity and integrity as an attacker could obtain the traffic of a
user and manipulate it before it reached its final destina-
tion. Similarly, even if the source was authenticated via a
digital signature, since the private key was compromised,
the signature could not be trusted as being from the
actual key owner. This overcame both the nonrepudiation
and authentication tenets. Next, recall that authentica-
tion is a prerequisite for authorization. If a user cannot
be authenticated, implicitly they cannot be authorized

Foundations 29
to access a particular resource since they cannot be veri-
fied. Due to the Heartbleed attack, a number of websites
were taken down to be updated, resulting in widespread
downtime across the web. Even though this downtime was
temporary, it still affected the availability of a large per-
centage of websites online. As I have shown through the
Heartbleed attack, a single attack can adversely affect any
and all of the cybersecurity tenets. As a result, it is impor-
tant to have a good understanding of how to preserve
these tenets.

30  chapter 2
 3

CRYPTOGRAPHY DEMYSTIFIED

In the last chapter, I introduced all the main tenets within

the field of cybersecurity: confidentiality, integrity, availa­
bility, authentication, authorization, and nonrepudiation.
In this chapter, I further examine the field of cryptography
and demonstrate how it enables several of these tenets. To
help understand its importance, let’s again take a look at
the real-­world example of Heartbleed, a security bug in
the OpenSSL cryptography library, which is a widely used
implementation of the TLS protocol.
The Heartbleed bug allows anyone on the internet to
read the memory of the systems protected by the vulner-
able versions of the OpenSSL software. The flaw allows
an attacker to steal sensitive information by compro-
mising the mechanism used for protecting data privacy
(or confidentiality). The secret keys are what enable the
cybersecurity tenet—­confidentiality—­which is focused
on keeping online conversations private. Even in 2017,
almost three years after this nasty bug was first discov-
ered, close to two hundred thousand websites and serv-
ers remained vulnerable to it. Thankfully, this issue has
now been resolved for most websites and servers. Yet it
shows just how dependent we are on cryptography for
secure communications online. One “minor” program-
ming error affected billions of internet users across the
globe; that’s why cryptography is such a foundational
concept, and needs to be more broadly understood and
appreciated.

Cryptography as an Equation

In its simplest form, cryptography can be described as the

study of encrypting and decrypting data—­which repre-
sents the base functions of the foundational field. The fol-
lowing two equations further explain how cryptography
works:

ciphertext = plaintext + encryption key(1)

and

plaintext = ciphertext + decryption key(2)

32  chapter 3
 For equation (1), some form of plaintext is translated
by an encryption key to produce the ciphertext. For equa-
tion (2), some form of ciphertext is translated by a decryp-
tion key to produce the original plaintext. In the case of the
equations above, the same key is used for both encryption
and decryption. This is not always the case, as I will detail
further in this chapter. For now, let’s break down each
equation component. Plaintext is an input for an encryp-
tion algorithm, and can be in the form of text, audio, video,
and images. Ciphertext is generally described as the out-
put of the encryption process. Or to look at it another way,
plaintext is in a human-­readable or legible format. To pre-
serve the confidentiality of the plaintext, the ciphertext
should not be human readable or legible. Here is a simple
illustration using a substitution cipher from the Practical
Cryptography website.1 Keys for the simple substitution
cipher usually consist of twenty-­six letters. An example
key is:

plain alphabet: abcdefghijklmnopqrstuvwxyz

cipher alphabet: phqgiumeaylnofdxjkrcvstzwb

The plaintext that I will encrypt is “defend the east wall of

the castle” and is shown below:

plaintext: defend the east wall of the castle

ciphertext: giuifg cei iprc tpnn du cei qprcni

Cryptography Demystified 33
 To create ciphertext, each character of the plaintext
is replaced with the corresponding letter in the cipher
alphabet. The cipher alphabet is simply a mapping that
denotes how to go from the plaintext to ciphertext. The
simplest instance of this is abc —­> xyz. Wherever you see
an a, replace it with an x; when you see a b, replace it with
a y; and when you see a c, replace it with a z. So “cab” would
be translated to “zxy.”
In cryptography, a substitution cipher is a method of
encrypting by which ciphertext replaces units of plain-
text. It is important to note that the simple substitution
cipher offers little communication security as it can be
easily broken, even by hand, especially as the messages
become longer (more than several hundred ciphertext
characters). An encryption key is typically a random string
of bits generated specifically to scramble and unscram-
ble data. Encryption keys are created with algorithms
designed to ensure that each key is unique and unpredict-
able. The longer the key that is constructed this way, the
harder it is to break the encryption code. It is important
to keep this premise in mind, as keys are foundational to
the field of cryptography and analogous to a physical key.
You can have the strongest fortress protected by dragons,
moats, guards, and other defense mechanisms, but if the
key (or mechanism) used to enter that fortress is com-
promised or stolen, all those defenses will become null
and void.

34  chapter 3
Confidentiality and Encryption

Confidentiality is one of the key tenets of cybersecurity,

and encryption (to produce ciphertext achieves it). As just
mentioned, an encryption key is typically a random string
of bits generated specifically to scramble and unscramble
data. Encryption methods can either be symmetric or
asymmetric. Symmetric key encryption uses the same key
for encryption and decryption. Asymmetric key encryp-
tion uses different keys for encryption and decryption.
They both have specific uses as well as pros and cons.
Symmetric encryption involves the use of relatively
short keys that both parties can use to encrypt and decrypt.
It enables a faster and more efficient use of computer
resources by handling a greater volume of data in a given
time. This makes symmetric key encryption the preferred
method for encrypting large quantities of data, but it
also exposes one of its major weaknesses, resulting in the
need for asymmetric key encryption. The main purpose of
encryption is to preserve confidentiality. To do this, the
encryption keys must remain private. So if the same key is
used for both symmetric key encryption and decryption
operations, how can we share it if the encrypted message
is sent between parties over the internet and they do not
live near each other? One option could be to send it via
another medium. If that medium is insecure, however, the
key could be compromised and the message could still be

Cryptography Demystified 35
Another random document with
no related content on Scribd:
 "On that point I am distressingly short of information. Lem's description
is rather vague. He describes it as being 'higher than anything at all, with
fire coming out of its eyes, long hair reaching to the ground, and dressed in
white.'"

"Oh, of course!" said Drummond. "Who ever heard of a ghost that

wasn't dressed in white? 'Pon my honor, I am quite enchanted at the
opportunity of making the acquaintance of its ghostship."

During this conversation Sibyl had left the room "on hospitable
thoughts intent," and now returned to announce that supper was already
progressing rapidly—most welcome news to our hungry gentlemen.

Sibyl had taken off her hat, and now her raven curls fell in heavy tresses
to her waist. In the shadow, those glittering ringlets looked intensely black;
but where the firelight fell upon them, a sort of red light shone through.

As she moved through the high, shadowy rooms, with the graceful, airy
motion that lent a charm to the commonest action, Willard Drummond,
following her with his eyes, felt a secret sense of exultation, as he thought
this magnificent creature was his, and his alone. This bright, impassioned
sea-nymph; this beautiful, radiant daughter of a noble race; this royal,
though dowerless island-queen, loved him above all created beings. Had
she not told him as he whispered in her willing ear his passionate words of
love, that he was dearer to her than all the world besides? Some day he
would make her his wife, and take her with him to his princely home in
Virginia; and he thought, with new exultation, of the sensation this glorious
planet would make among the lesser stars of his native State.

So thought and argued Willard Drummond in the first flush and

delirium of love.

He did not stop to think that he had loved with even more intensity once
before; that he had raved even in a like manner of another far less bright
than this queenly Sibyl. He did not stop to think that even so he might love
again.
 No. Everything was forgotten but the intoxicating girl before him, with
her sparkling face, her glorious eyes of jet, and her flashing, sun-bright hair.

From the rhapsody of passion—from the seventh heaven of his day-

dreams, he was at last recalled by the voice of Sibyl herself summoning him
to supper.

He looked up with a start, half inclined to be provoked at this sudden

summons from his ideal world to the vulgar reality of a supper of hot-cakes,
tea, and preserves. But there sat Sibyl at the head of the table, bright and
smiling—beautifying even the dull routine of the tea-table with the charm
of her presence. And then, too—now that this airy vision was gone—Mr.
Willard Drummond began to recollect that he was very hungry, and that
"dreams and visions" were, after all, very unsubstantial things, compared
with the bread and butter of every-day life, degrading as the confession
was.

Guy had already taken his place, so Willard took the seat his young host
pointed out to him, and the business of the tea-table commenced.

When the meal was over, Aunt Moll cleared the table, and the three
gathered round the fire—for, though the weather was warm, the great
unaired room was chill enough to render the fire pleasant.

By degrees, perhaps it was owing to the strange, dreary loneliness of the

place, the conversation turned upon deserted houses, bold robberies,
murders, and by a natural consequence, upon ghosts.

Willard and Captain Campbell seemed striving to outvie each other in

telling the most frightful tales, the latter taxing his imagination to invent
them, when the original failed to produce the necessary degree of horror.
Every one knows what a strange fascination such ghostly legends have, the
hours passed almost unnoticed, and it was only when the fire burned low on
the hearth, and the solitary candle guttered in the socket before going out,
that our party became aware of the lateness of the hour.

"Well, we have been profitably spending the evening, I must say,"

remarked Captain Campbell, rising, with a laugh. "You should have been in
bed an hour ago, Sibyl. Here! Aunt Moll," he cried, going to the door,
"bring us lights, and show Mr. Drummond to his room."

He waited for a response, but none came, only the echo of his own
voice sounded dolefully through the hall.

"Hallo! Aunt Moll, I say—Lem, bring candles," once more called

Captain Campbell. Again he waited for an answer, and again none came.
"Confound it!" he muttered, turning away, "the sleepy-headed pair have
doubtless been in bed for the last three hours, and are as sound as the Seven
Sleepers by this time."

"Never mind, Guy," said Sibyl, laughing at his rueful face, "I'll go. Aunt
Moll and Lem are tired, doubtless, with their extraordinary exertions this
evening, and it would be a pity to wake them."

She quitted the room as she spoke, in the direction of the kitchen, in
search of lights.

And presently she reappeared, and announcing that Aunt Moll was
stretched out on her pallet, before the kitchen fire, asleep, she took her light,
and bidding them a smiling good-night, left them to seek her own room.

And Captain Campbell, taking a candle, preceded his guest in the

direction of the "haunted chamber."

Willard Drummond entered, and looked round. It was a high, wide,

spacious chamber, as were all in the house, with floors, doors, and
casements of dark, polished oak, black now with time and use. In the wide
fire-place at one end, a fire had been burning all the evening, but only the
red, smouldering embers remained now. At the other end of the room,
opposite the fire, was his bed, and between them, facing the door, was a
deep dormer window. The room looked cheerful and pleasant, and throwing
himself into an easy, old-fashioned arm-chair before the fire, he exclaimed:

"Well, in spite of all the ghosts and hobgoblins that ever walked at 'noon
of night,' I shall sleep here as sound as a top until morning. Your ghost will
have to give me a pretty vigorous shaking before I awake, when once I
close my eyes."

"Perhaps the ghost, if in the least timorous, will not appear to so

undaunted an individual as yourself. May your dreams be undisturbed!
Good-night!" And placing the light on the table Captain Campbell left the
room.

Willard's first care was to lock the door securely, and then carefully
examine the room. There was no other means of ingress but the one by
which he had entered, and the room did not seem to communicate with any
other. The window was high above the ground, and firmly nailed down.
Clearly, then, if the ghost entered at all it must assume its ghostly
prerogative of coming through the keyhole—for there was no other means
by which ghost or mortal could get in.

Satisfied with this, Willard Drummond went to bed, but in spite of all
his efforts sleep would not come. Vain were all his attempts to woo the
drowsy god; he could only toss restlessly from side to side, with that feeling
of irritation which want of sleep produces.

The moonlight streaming in through the window filled the room with
silvery radiance. The silence of death reigned around, unbroken even by the
watch-dog's bark. The dull, heavy roar of the waves, breaking on the shore
like far-off thunder, was the only sound to be heard. And at last, with this
eerie, ghostly lullaby, Willard Drummond fell into a feverish sleep.

And sleeping, he dreamed. He was in a comfortably furnished home,

and was recovering from a serious illness. Just well enough to be up, he sat
in a chair made comfortable for his back by pillows. He had been reading,
and, as he saw Sibyl enter the room in a neat-fitting white-merino morning-
robe, he let his book fall to the floor, while she dropped on her knees beside
him, and, with loving anxiety beaming from her brilliant eyes, glanced into
his face.

Then the scene abruptly changed, and he seemed wandering on the

verge of a precipice, treading a path so narrow and precarious that a single
false step would hurl him to certain destruction down the unfathomable gulf
below. Where that path was to end he knew not, but a white robed siren,
with shining golden hair and smiling eyes and lips, went before him and
lured him on. An inward voice seemed whispering him to beware, that the
path he was treading must end in death; but the smiling eyes of the golden-
haired tempter were beaming upon him, and the voice whispered in vain.
Above every steep crag, as he passed, the wild black eyes of Sibyl seemed
gleaming with deadly hatred and fierce malignity on him; but even those
dark, warning eyes could not tempt him back from the road he was treading.
Suddenly the siren vanished; he sprang after her, and fell down, down,
down into the awful gulf below.

A wild laugh rang out on the air, and Sibyl was bending above him,
holding a glittering dagger to his heart, while her great black eyes burned
like two flames. He held out his hands for mercy, but she only mocked him
with her deriding black eyes, and raised the knife to plunge it into his heart.

With a cry of terror he awoke to find it not all a dream.

An icy cold hand lay on his face.

He sprang up in bed with a thrill of horror, to behold a white, wild face,

with vacant, unearthly eyes and long, streaming hair bending over him.

Paralyzed by the sudden apparition, he sat, unable to move or speak,

and ere he could fully recover his senses the ghostly visitant was gone.

He sprang out of bed and seized the door. It was locked as he had left it,
and, with his blood curdling, he stood rooted to the ground.

Morally and physically Willard Drummond was brave, but this midnight
visit from a supernatural being might have chilled the blood of the most
undaunted. Sleep now was out of the question; therefore, seating himself by
the window, he prepared to wait for the approach of morning. The moon
was already sinking behind the western horizon, bathing the placid river in
its soft beams. The morning star shone bright and serene in the cloudless
blue sky; and, gazing on the calm beauty without, the young man's pulse
ceased its feverish throbbings, and he began striving to account for this
ghostly visit by natural means.
 But he strove in vain. The door was firmly locked, and there could be
no secret passage through those strong, oaken walls. Then he arose, and
carefully searched every crevice in the room that could by any possibility
be made a hiding-place of. Still in vain. The room contained no living thing
but himself.

Morning was now growing red in the east, and, exhausted with
watching, he threw himself on the bed, and fell into a deep dreamless sleep,
from which he did not awake until the sun was high in the heavens.

He sprang hastily out of bed, and proceeded to dress himself. And now
a new difficulty arose. He felt he would be questioned about the
supernatural visitors of the haunted chamber, and he was at a loss how to
answer. If he related the event of the night, he dreaded the ridicule of the
unbelieving Captain Campbell, who would assuredly laugh at him for being
conquered in spite of his boasting; and to be laughed at in the presence of
Sibyl was not to be endured. If, on the other hand he did not tell, he would
be obliged to continue the occupant of the haunted chamber while he
remained on the island—a thing he had not the slightest wish to do.

His toilet was finished before he could come to any conclusion; and still
debating the case, he descended the stairs, and entered the sitting-room they
had occupied the night before.

CHAPTER V.

THE MIDNIGHT CRY.

"And when the midnight hour is come,
A sound is heard in yonder hall—
It rises hoarsely through the sky,
And vibrates o'er the moldering wall."
 In a former chapter, we left Mrs. Tom in rather an appalling situation.

Accustomed to the quiet unexciting life of the lonely, sea-girt island, the
events of the night had momentarily terrified her, albeit her nerves were
none of the weakest. The mysterious revelation of the dying man; his tale of
night, and storm, and crime; the wild, ghostly face at the window; and,
lastly, his sudden death, were quite enough to thrill for an instant with terror
even a stronger heart than that of the solitary old widow.

For some moments Mrs. Tom sat still, gazing alternately at the window
and on the ghastly face of the dead man before her, with a chill of horror
creeping over her.

The sudden striking of the clock, as it chimed the hour of eleven,

aroused her at last from her trance of terror. It was a sound of life, and it
reassured her.

Rising, she gathered courage to approach the window cautiously, and

looked out. Nothing was to be seen but the bright moonlight, bathing rock
and river in its silvery light. Beyond, she could see the huge, black pile of
Campbell's Castle, casting its long, gloomy shadow over the ground. Lights
were still twinkling in the windows—a sight as unusual as it was pleasant—
and, with renewed confidence at this sign of life, Mrs. Tom went to arouse
Carl to assist her to watch beside the dead.

"It's onpossible to sleep with a corpse in the house," thought Mrs. Tom,
as she climbed up the ladder leading to Carl's lofty dormitory; "leastways, I
couldn't sleep a wink, though I do s'pose that there lazy, sleepy-head of a
Carl could snore away jest as soundly as ef we was all dead in a heap. I
reckon I'll hev an hour's work getting him up. Here, you Carl! Carl! Get up,
I tell you!"

Then Mrs. Tom shook him lustily. The sleeper only replied by turning
over with a grunt.
 "Carl! Carl! Lor' sakes! you great, sleepy, good-for-nothing, open your
eyes. I do b'lieve the last Judgment wouldn't wake you, once you got a-
snorin'. Ef nothin' else won't do, I'll try how you'll like this!"

And Mrs. Tom caught the unfortunate Carl by the hair and pulled it
vigorously, until that ill-used youth sprang upright, with a roar that might
have been heard half a mile off.

"Thunder and lightning, aunty, do you want to kill a feller?" roared

Master Carl, in a rage.

"Hush, Carl! Don't get mad, honey," said Mrs. Tom, soothingly. "I only
want you to come down stairs and set up with me. That there sick man's
dead."

"Dead!" repeated Carl, staring with all his eyes.

"Yes, he's dead as can be; and it's the most lonesomest thing in the
world settin' up alone with a corpse, so I waked you up."

"Well don't sit up with him, then," said Carl, with a tremendous yawn.
"If he's dead, he won't mind staying alone all night, I suppose. Anyhow, I
know I ain't going to get up this time of night, if he was dead twice over."

And Carl lay down, and composed himself for another nap.

But Mrs. Tom was resolved not to be disobeyed; so, dropping the
pacific tone she had first adopted, she very summarily snatched away sheets
and quilts, pulled the mattress from under him, and overset poor Carl on the
floor, from which she soon made him spring up with a sound box on the ear.

"Now then," said the indignant old lady; "tell me ag'in you won't, will
ye? Now, look here, ef you ain't dressed and down stairs in five minutes, I'll
come back, and this ain't no circumstance to what you'll get. Tell me you
won't, indeed! There's no tellin' what the impidence of these scape-goats of
boys 'ill come to, ef they ain't minded in time," muttered the old lady to
herself, as she descended the ladder.
 Carl's toilet, thus unpleasantly hastened, was soon complete, and he
descended to the lower room with a very sulky face, and grumbling
inwardly at his hard fate in being governed by so tyrannical a task-mistress:

"I don't see why the old feller couldn't have died somewhere else,"
inwardly muttered the ill-treated Mr. Henley; "a coming here and giving
bother, keeping a feller from his sleep of nights. It's downright mean!"

Taking possession of Mrs. Tom's rocking-chair, while the old lady

bustled about, laying out the corpse as best she could under the
circumstances, Carl was once more soon sound asleep. Then, when all she
could do was done, Mrs. Tom lay down on the hard wooden sofa, or
"settee," as she called it, and, in spite of the presence of death, followed her
worthy nephew to the land of dreams.

Morning was far advanced before either awoke. Mrs. Tom's first care
was to send Carl up to the lodge to inform its inmates of the death of her
guest, and desire Captain Campbell's immediate presence.

Immediately after breakfast the young captain hastened to the cottage,

while Sibyl and Drummond went out for a stroll round the island.

Mrs. Tom had been anxiously revolving in her mind the singular story
told her the night before, and resolved to reveal it to Captain Campbell and
learn his opinion about it.

Accordingly, when he entered, Mrs. Tom—having first taken the

precaution of turning Carl out of doors—related the story in substance as it
had been told to her.

Captain Campbell listened in astonishment and in credulity.

"Now, Master Guy, what do you think of that?" exclaimed Mrs. Tom,
when she had finished.

"My dear madam," replied the young man, gravely, "the man, excited,
half crazed, delirious as he was, must have imagined all this. No such
horrible thing could have ever occurred in a Christian land."
 "But he wasn't crazy," asserted Mrs. Tom, almost angry at having the
truth of the story doubted. "He was just as sensible, all through, as you or I.
He wasn't colirious a mite."

"Now, Mrs. Tom, it's not possible that, with all your good sense, you
can credit such an incredible tale."

"But, Master Guy, the man told it on his death-bed. Think o' that."

"And doubtless believed it, too; but that does not make it any more
probable. I have heard of such cases before. It is all owing to the
imagination, my dear lady. He had fancied this story, and thought about it so
long, that he at last believed it himself."

"Well, I don't know nothin' 'bout the 'magination, thank my heavenly

Master," said Mrs. Tom, in a sort of sullen unbelief; "but I do know, ef you
was to talk till this time to-morrow, you couldn't make me believe
differently. I shouldn't wonder now ef you tried to make me think the face I
seed stuck at the winder was all 'magination, too."

"I was just about to say so," said Guy, repressing a smile. "It could be
nothing else, you know. The hour of night, the thrilling tale, and the man's
dying cry that he saw her there, would have made you imagine anything;
therefore——"

But Mrs. Tom's wrath was rising. She had been inwardly priding herself
on the sensation her story would create, and this fall to her hopes was more
than she could patiently endure.

"It's no sich thing," she cried, in a voice louder and sharper than she was
in the habit of using to any one but the unfortunate Carl. "I seen it all with
my two blessed eyes, and nobody's goin' to make me believe it was my
'magination. 'Magination, indeed!" continued the old lady, in a tone of
profound contempt. "Thank my divine Master, I never was troubled with
'magination since the day I was born, and 'tain't likely I'd begin now in my
old age o' life. I allers hid a great respect for you, Master Guy; but I'm a
poor, lone 'ooman, and can't stand to be onsulted by nobody. I hain't no
doubt you mean well, but I like to hev people b'lieve me when I do tell the
truth. Scat, you hussy! afore I twist your neck for you."

The latter part of this oration was addressed to Trot, the mottled cat, and
was accompanied by a kick, which ejected that unoffending member of
society out of doors, much quicker than was at all agreeable. Captain
Campbell, quite unprepared for this burst of eloquence, listened in
amazement, and seized the first opportunity, when angry Mrs. Tom paused
for breath, to humbly apologize for his offense.

"My dear Mrs. Tom," said the young captain, humbly, "I had not the
remotest intention of offending you, and most deeply regret having done so.
I have fallen into a bad habit, of late, of doubting everything; and really this
story appeared so improbable, that I think I may be pardoned for not
yielding it full credit on the spot. Come, now, my dear madam," he
continued, seeing the cloud still hanging on Mrs. Tom's honest face, "let's
be friends still; and I promise for the future to believe everything you
choose to tell me, no matter what it is."

Good Mrs. Tom was not proof against the insinuating tone of Master
Guy, who had always been her favorite; so the cloud disappeared, and her
own cheery smile once more beamed forth.

Having arranged that Lem should come down and prepare a grave
during the morning, Captain Campbell left the cottage, and went in search
of Mr. Drummond and his sister to tell them what he had heard.

He found them down on the shore. Sibyl stood on a high cliff, her dress
fluttering in the morning breeze, her hat off, and her long, glittering, jetty
tresses waving behind her like a banner. The wind that came sweeping
across the waters had deepened the glow on her crimson cheeks and lips,
and sent a living light into her glorious eyes.

Willard Drummond stood beneath, gazing at her as a poet might gaze on

the living realization of his most beautiful dreams. Captain Campbell
shrugged his shoulders expressively as he saw his impassioned glance, and
thought inwardly of the confession he had once made to him of there being
but one woman in the world worth loving.
 "Well, Sibyl, one would think you were attitudinizing for the stage,"
said Captain Campbell, dryly, as he approached.

Sibyl laughed gayly, as she sprang down on the white, level sands
between her brother and lover.

"I was only looking out for a sail, which I failed to discover," she
replied.

"Well, Campbell," said Drummond, "had your old lady down below any
important revelations to make, that she sent for you in such haste this
morning?"

"Not very important in my eyes, though they are in hers," replied the
young captain. "She wished to reveal the dying deposition of our passenger,
Richard Grove."

"And what had he to tell? Was I right in saying remorse for some crime
preyed on him more than mere illness?"

"Faith, Sibyl, according to worthy Mrs. Tom, I believe you were. He

succeeded in frightening that good, but slightly credulous old lady out of
her wits."

"Well?" said Sibyl, inquiringly.

Captain Campbell, condensing the story, gave them the outline and
principal facts in a few words. Both listened with deep interest; but when he
spoke of the pale, haggard face, with its dark, waving hair, glaring at them
through the window, Willard Drummond started violently, and turned pale.
Sibyl's eagle eyes were fixed on his face, and she alone observed it.

"And what does Mrs. Tom take this nocturnal visitor to be?" inquired
Sibyl. "A mortal like herself, or a spirit disembodied?"

"Oh, a ghost, of course," replied her brother. "The spirit, perhaps, of the
woman walled up to perish in the room with the murdered man. Ugh! the
story altogether is hideous enough to give one the nightmare! And now that
you have learned all, I believe I'll go and send Lem down to inter the body."

Captain Campbell sauntered away, and the lovers were alone.

"And what do you think of this story, Willard?" inquired Sibyl.

"I cannot tell. Yesterday I would have joined your brother in laughing at
it; but, to-day——"

He paused.

"And why not to-day?" breathlessly inquired Sibyl.

"Sibyl, I do not wish to needlessly alarm you, but last night, as if to

punish my presumption, I experienced something very like a supernatural
visit."

"Good Heavens, Willard! Then the story told by the negroes is true?"

"It certainly seems like it. Had any one else told me what I experienced,
I should think they were humbugging me; but I cannot discredit what I saw
with my own eyes."

"And what was the appearance of the nocturnal visitor?"

"Exactly like the description Mrs. Tom gives of the face that appeared at
her window—white as that of the dead, with dark, streaming hair, and wild,
vacant, dark eyes."

"Oh, Willard! Can it be that—— But, no; it is impossible. At what hour

did this apparition appear?"

"Between one and two, as near as I can judge."

"Strange! strange! I, too, heard something dreadful last night."

"Is it possible? What was it, dearest Sibyl?"

 "Listen! About midnight I was awakened by something that sounded
like a heavy fall right outside my door, followed by a groan so deep, so
horrible, that the very blood seemed freezing in my veins. Trembling with
terror, I half rose to listen; but all for a time was still. Trying to persuade
myself I was only dreaming, I was about to lie down again, when a shriek
the most appalling broke upon the air, and died away in an agonized moan.
I dared not move; I could not sleep; and I lay cowering in superstitious
horror until morning. With the bright sunshine came renewed courage, and I
feared to mention what I had heard to my brother or you, lest I should be
laughed at—even as you feared the same. Willard, there must be some
horrible mystery here! Some foul crime, I fear, has at some time been
perpetrated within those walls. What if——"

She paused.

"Well, Sibyl?" he said, inquiringly.

"Oh, Willard! what if this house has been the scene of that mystery the
dying man spoke of! I thought of it from the first."

"Nonsense, Sibyl! What an idea!" And yet he looked disturbed himself,

as he spoke.

"How otherwise are we to account for those ghostly visitings, those

midnight apparitions, and appalling shrieks?"

"And yet nothing could induce your brother to adopt your belief. He
would laugh at our credulity, were we to tell him what we have seen and
heard."

"Yes; and, perhaps I had better not tell him, Willard. I will have your
room changed, and my own likewise. Even if they are less comfortable,
they will be more endurable than to be disturbed by midnight specters."

"Be it so, then, fairest Sibyl," he said, gayly. And turning, they walked
together to the Lodge.
 CHAPTER VI.

"OFF WITH THE OLD LOVE, AND ON WITH THE

NEW."
"Holy St. Francis! what a change is here!
Is Rosalind, whom thou didst love so dear,
So soon forsaken? Young men's love, then, lies
Not truly in their hearts, but in their eyes."—ROMEO AND JULIET.

The following night passed without disturbance, either earthly or

ghostly, at Campbell's Lodge.

Early in the morning, Captain Campbell went over to the mainland on

business. And Sibyl, accompanied by Drummond, went down to the
cottage, to visit Mrs. Tom. There was an inward feeling of pleasure at
Sibyl's heart, when she learned Christie was away to the mainland on a
visit. Not that she doubted Willard; but she remembered Christie as a very
pretty child, grown by this time, doubtless, into a lovely girl, and it might
not be altogether safe, to throw the gay man of the world into dangerous
society.

Toward noon, as they were sauntering along the sun-shiny beach, she
hanging on his arm, while he softly whispered the words "ladies love to
hear," they espied a boat advancing toward them. Sibyl raised her telescope
to survey the new-comers.

"Rev. Mr. Mark Brantwell and wife," she exclaimed, in tones of surprise
and pleasure. "Guy has doubtless called upon them, and told them I was
here."
 "Friends of yours?" asked Willard.

"Yes, the Episcopal clergyman of N——, whom I have known since my

earliest childhood. But here they are."

The boat at this moment touched the shore, and Sibyl, disengaging her
arm, ran down to meet them. Willard more leisurely followed, just in time
to see his lady-love folded in the arms of a gentleman who sprang from the
boat.

The stranger was of middle age, married, and a clergyman; yet, in spite
of all, Mr. Drummond felt a sudden twinge of jealousy and anger at
beholding the embrace. But the next moment jealousy, anger, every feeling
was swallowed up in intense astonishment, not unmingled with
superstitious horror. For as the clergyman turned round, and Willard
obtained a full view of his face, he recognized the countenance of him he
had seen years before in that mystic vision at the Egyptian's.

For a moment he stood regarding him, pale with wonder; and he only
awoke from his trance of surprise, when he heard the clear, ringing voice of
Captain Campbell, as he approached him, saying, with a hearty slap on the
shoulder:

"Why, Drummond, man alive, what ails you? You are as pale as a
ghost!"

"Are you ill?" said Sibyl, anxiously, as she approached, leaning on the
arm of Mrs. Brantwell.

"A slight headache—nothing more," said Willard, recovering himself by

an effort; "nothing worth being alarmed about," he added, seeing Sibyl's
still anxious eyes.

"Why, Sibyl, have you grown nervous and cowardly?" exclaimed Mr.
Brantwell—"you, who used to be as bold and daring as a mountain eaglet.
But perhaps," he added, glancing meaningly at Willard, "it is only where
some very particular friend is concerned that your fears are thus easily
aroused."
 Willard smiled slightly, while Sibyl's dark face grew crimson as she
hurried on with increased rapidity, drawing her companion with her, and
leaving the gentlemen behind.

When they reached the lodge Sibyl left her brother to entertain their
guests, while she set about preparing luncheon. When the meal was over
Mrs. Brantwell said:

"And now, Miss Sibyl, I have come to carry you off. It is three years
since I have had the pleasure of seeing you, and I shall certainly take you
with me now. Come, no excuses—I will not hear one of them."

"But, my dear Mrs. Brantwell——" began Sibyl.

"But, my dear Miss Campbell, you must come—do you hear that? Your
brother can certainly do without you for a week."

"Yes, and glad to be rid of her, too," said the gallant Captain Campbell.

Sibyl stole a glance toward Drummond from under her long eyelashes.
He was sitting, looking out of the window with an exceedingly dissatisfied
frown on his brow. Mrs. Brantwell perceived the glance, and broke out
again with her usual bluntness:

"And as for that other gentleman you are looking at, Sibyl, I am sure he
will be generous enough to spare you for a few days, as he will, in all
probability, have enough of you before long."

Again Sibyl crimsoned and glanced reproachfully at her plain-spoken

friend, and again Mr. Drummond was forced to smile, in spite of his ill-
humor, at the good lady's brusque bluntness.

"You will have to come, you see, Miss Sibyl," said Mr. Brantwell,
laughing.

"Of course, she will," added his frank spouse; "and upon my word I
think I am doing her a favor in taking her from this lonesome island, and
letting her see a little of civilized life at our hands; though, from Sibyl's
looks, I should say she doesn't feel at all grateful for it."

"Indeed, Mrs. Brantwell, I do, but—"

"There, there! I won't listen to another word." And Mrs. Brantwell, a

tall, good-humored looking lady, clapped her hands over her ears. "Guy,
make this ungrateful sister of yours hold her tongue, and do as she is told."

"Come, Sibyl, there is no help for it, you see," said Guy. "Drummond
and I will get along swimmingly during your absence. He can keep his hand
in, in making love to Aunt Moll, while I try my powers of persuasion over
Mrs. Tom."

Sibyl laughed, and paused for a moment in thought. She would

infinitely have preferred remaining on the island with Willard, but it would
never do to allow them to think that was her reason; and after all, a week
would soon pass. Had Christie been home, no persuasions could have
induced her to go; but in her absence there was nothing to fear. Then, too,
Willard, so long accustomed to her presence, would miss her so much when
she was gone that doubtless his love would be increased rather than
diminished.

Involuntarily, while thinking of him, her eyes wandered to where he

stood. Again the sharp-sighted Mrs. Brantwell observed it, and again she
broke out impatiently:

"Lord bless me! Mr. Drummond, just turn round, will you, and tell Sibyl
she may go. Nothing earthly will induce her to come till you give
permission. I'm sure if you were her father she couldn't be more afraid of
displeasing your lordship."

"Miss Campbell needs no permission of mine. I am only too happy to

think she will have an opportunity of enjoying herself so well," said
Willard, with a grave bow.

"Well, I'm sure that's a mercy to be thankful for. Now, perhaps, you will
come, Sibyl," said the plain-spoken old lady; "and as for you, sir, I shall
expect to see you at the parsonage every day with Master Guy."

"I shall be most happy," said Willard, his face brightening a little, while
Sibyl's eyes sparkled with anticipation.

"Well, now, run and get ready," said Mrs. Brantwell, turning to Sibyl.

Sibyl soon reappeared, dressed for her journey. And then, as the
afternoon was far advanced, the whole party descended to the beach. The
adieus were spoken, the boat pushed off, leaving the two young men alone
on the sands.

"I must go over to Westbrook dock-yard this afternoon," said Guy,

"where the Evening Star is now lying. What do you say to coming with
me?"

"I prefer remaining here," said Willard, who had not yet recovered his
good humor, after what he was pleased to call Sibyl's desertion.

"Well, then, I'll remain with you," said Guy, who was the soul of
frankness and good temper.

"By no means!" said Drummond, hastily. "Do not stay on my account. I

have a slight headache still, and will retire to my room."

"But it seems hardly courteous to leave you altogether alone."

"Nonsense, my dear fellow. I insist upon it. I hope you do not think of
standing on ceremony with me?"

"So be it, then," said Captain Campbell, gayly, as he sprang into his
boat, pushed off, and shot like an arrow out into the water.

Drawing a cigar from his pocket, Willard Drummond lit it and

proceeded to stroll up and down the beach, in no very amiable frame of
mind. He felt angry, in spite of all, at Sibyl's leaving him; and with this
feeling would now and then mingle another—profound amazement at the
exact resemblance this Mr. Brantwell bore to the face he had seen in that
singular vision. Was the fell prediction about to be verified?
 Lost in such thoughts as these, he was suddenly startled by a voice
singing a wild, sweet song of the sea, in the clearest and most delightful
tones he had ever heard. Surprised at the unexpected sound, he sprang up
the rocks in the direction whence it came, and beheld a sight that transfixed
him with amazement.

A young girl, beautiful as an angel, stood on an overhanging crag, with

one round, white arm resting lightly on the rocks, singing to herself as she
gazed on the sparkling waters. Her hair, of the palest golden hue, rose and
fell in the breeze, and flashed in the sunlight that rested like a glory on her
bright young head. Her complexion was dazzlingly fair, with rose-tinted
cheeks and full, red lips—like wet coral—and eyes large and bright, and
blue as the summer sky above her. Her figure was slight, but round and
voluptuous; and there was passion, and fervor, and wild enthusiasm in her
look, as she stood like a stray seraph, dropped from some stray cloud, on
that lonely island.

Willard Drummond stood immovable, drinking in, to intoxication, the

bewildering draught of her beauty. She was in every respect so very
different from Sibyl, that she seemed to him the more charming from force
of contrast. Transfixed he stood—everything forgotten but this lovely
creature before him—when suddenly, like an inspiration, came the
remembrance of his singular dream, and of the fatal siren with the golden
hair. Strange that it should have come back to him so vividly and painfully
then!

The young girl's song ceased, and turning, she leaped lightly as a young
deer from her fairy perch, without perceiving him who stood so intently
regarding her. Leaping from rock to rock with a fleetness that awoke the
surprise of Willard, she reached the road and disappeared within she cottage
of Mrs. Tom.

Everything was forgotten now but the one intense desire of knowing
who this radiant sea-nymph was. Turning, therefore, into the path she had
just taken, he approached the cottage and encountered Carl at the door.

"Well, Master Henley, how are you?" said Willard, carelessly.