|← Business Intelligence||Converging Technologies →|
Cyber threats are evolving everyday thus increasing the need to develop and tighten security measures to ensure the protection of everyone using the cyber space. Increasing use of cyber space throughout the world coupled with globalization has increased the complexity of cyber threats. Cyber security threats continue to escalate in frequency and variation. This has led to major security threats thus the need for installation of better security measures to prevent the occurrence of these threats. Typically, the threats could be categorized into three; malicious codes network abuses, and network attacks. Malicious codes include worms, viruses, spyware, trojen horses, BOTs, and key loggers. According to Cavelty (2008), network abuses include phishing, pharming SPAM, and network related forgery. Lastly network attacks include DoS attacks, intrusions and web defacement. This paper looks into such cyber security threats and how they could be counter attacked.
The biggest nuisance and threat for the internet community of the world has to be hacker and spammers. Even the strongest security measures have not been able to contain this group of people. For instance, social sites like facebook and twitter were sweet spots for hackers in 2009 and 2010. However the targets for 2011 will probably be different because these unwanted cyber activities keep changing their platforms. They might now move to Smartphones since most people now own them. Hackers also take advantage of results on search engines to spread malicious content. According to Cavelty (2008), the US government is now spending so much money in the investigation of cyber security because the recent attack on Google has pushed the issue so far. It has been argued by the security experts that this kind of security assault that can go beyond even the most sophisticated company's defense systems is a huge threat to the security of those using the cyber space and the general public in particular. One great example of what cyber attackers are capable of doing is the 2007 cyber attack in Estonia. The attackers used more than one million computers that operated in over 70 countries to plot an attack on Estonia. They managed to bring down the entire country's computer networks including government and banking systems.
There are two ways by which the vulnerabilities are attacked. The first one is where software developers like Microsoft come up with a security update to scrap vulnerabilities for computer users (Cavelty, 2008). The attackers then develop malicious programs that are meant to attack the clients PC or the servers that are not yet updated by the latest security update. In most cases it used to take more than month from the time when the security update was released to the first attack. However things have changed and now the period is growing shorter and shorter to even a few days. The other way known as the "zero-day attack" is where an attacker establishes a new vulnerability and immediately attacks it before it has been updated by the latest security update.
There are also criminal groups which seek to extort money from the innocent and sometimes ignorant public. For instance, some of them will trick those using the internet into believing that they have won huge chunks of money. They will then ask then for bank accounts or credit card pin numbers. Cooney (2009) argues that the moment they get information that they could use to access the users bank account, they make sure they drain their accounts. Alternatively some attack the system using spyware/malware so as to commit identity theft. There have been several cases where hackers would use email accounts of different people to extort, money from their relatives and friends. For instance, the hacker will impersonate the owner of the email account and send messages to close friends asking them to send money to a specific account number on claims that the owner of the account might be in some kind of problem. So many people have fallen into such traps and lost so much money.
Perhaps the most resent and most dangers cyber security threat has to be cyber-terrorism. The frequency of recent terrorist attacks has made security experts very concerned about the threat US faces due to access to information assets. The Federal Bureau of Investigation defines cyber-terrorism as any premeditated attack against computer systems, information, computer programs, or data. Terrorist seek to incapacitate, destroy or exploit critical infrastructure, to cause mass casualties, threaten national security, damage public confidence and morale and most of all weaken the economy (Cooney, 2009). These attacks are also politically motivated and most often result to violence against targets by sub-national groups or clandestine agents. While a virus might prevent someone from accessing information on a computer, cyber-terrorist attacks would cause extreme financial harm or physical violence. Possible target for cyber-terrorism include military installations, banking industry, air traffic control centers, power plants and waster systems.
It should be understood that terrorist only require a short time to gain access into a network of critical information like security to accomplish their goals. They could therefore take advantage of limited opportunity to destroy part of the networked infrastructure. As nations like the US continue to come up with new technologies without really having enough sufficient security processes or software and hardware assurance schemes that extend throughout the networks' lifecycle, it increases the likelihood of an opportunity presenting itself to the terrorist. The nation's infrastructure and its citizens could therefore be affected by attacks from terrorists. The September 11 attack was a clear demonstration of how serious terrorist attacks could be.
Foreign intelligence services
They use cyber tools to gather information from various departments as part of their espionage activities. Moreover, most foreign nations are really working hard to develop programs, information warfare doctrines and capacities that could make it possible for a single entity to have serious effects by disrupting communication, supply and economic infrastructure. All these are important for military power and the overall security and therefore could affect the daily lives of citizens in various parts of the country. As Cooney (2009) puts it, the growing levels of both non-state and state adversaries are targeting information infrastructure that includes the internet, computer systems, and communication systems in the most critical industries within countries. For instance in 2008, cyber attackers hindered the communication system of Georgia by using a cyber supported kinetic communication attack to hinder its response to a military attack. In the same year, there was a malicious computer code was placed on a flash disk by a foreign intelligence agency. The flash disk was then inserted into a laptop of the U.S military (Johnson & Spector, 2010). The code was able to spread intensively throughout the network of the US central command thus transferring classified information to other servers that were under foreign control.
According to Probst (2010), disgruntled insiders working within an organization could also be another source of cyber security threat. Insiders won't require so match knowledge about the intrusions made in computers because they have the knowledge of a victim system. This therefore allows them to gain access to any part of the system and can steal anything they wish or damage the system. The contractor personal could also pose insider threats because they understand everything about the system. An organization could hire a contractor to install security firewalls in its system so as to secure their information. However, if these contactors are of ill motive, they could use this opportunity to get access to any kind of information they would like thus posing a threat to the entire organization.
Improvement and prevention of cyber security
In order for the effects of cyber security threats to be reduced, the US has to put in place various measures to prevent such attacks. It's commendable that the US spends billions of dollars to improve its private and public defenses against increasing aggressive and sophisticated foreign cyber threats, however, there advances are not just enough to lower the ever increasing cyber attacks on the financial sector, electrical grid, the military and the common citizens. With the increasing use of computer networks in various countries, it is important that all countries join hands in the fight against cyber security threats. Probst (2010) explains that since networks can link computer systems in various countries, it will be useless for only one country to claim to be fighting against these threats because its system could still be accessed from other parts of the world. The best thing would therefore be for the US to show global leadership in this fight. For instance, it could seek an international accord that will help prevent cyber war. In this process, it will be able to strengthen its security and more so the ability to identify or locate the cyber attackers and punish them accordingly.
Johnson & Spector (2010) recommend that by putting up a cyber security summit, the US will be able to spear head international policy making and therefore will not be hindered by laws and agreements that are made without its consent. The summit will therefore help prevent cyber threats by improving cooperation among different countries in the world to respond to the cyber attacks that have proven to be an international problem. It will also ensure that there is an agreement on acceptable verification regimes to establish where the attackers might be originating from and provide the necessary support to their countries of origin to take full responsibility for all attacks that are initiated within their borders. Similarly, cooperation will ensure that there is an improvement and standardization of cyber defense frameworks so as to protect critical infrastructure.
Individual users of the cyber space are vulnerable to cyber security threats because they lack the better awareness of the threats. As the attackers continue to aim at making more money, individual users become more vulnerable to bigger fraud and other financial damages. Most ignorant users are frequently lured by web site buttons and unknown mails and end up falling victim to phising and spyware. It is therefore important that the US comes up with a program where users of the cyber space are educated. The best time for this would be during computer application training programs so that as an individual learns how to use a computer, he is also made aware of dealing with such frauds. Literacy classes could also be offered in various towns in the US to teach the citizens about the dangers of cyber threats in the most easy, simple and friendly manner. Japan has proven that this initiative could be very useful. For this to happen, it is necessary that there is public-private collaboration (Johnson & Spector, 2010). Security seminars could also be established especially for cooperate users to help teach them on the awareness of cyber security threats and how to deal with them.
According to Johnson & Spector (2010) law enforcement is also very important. It's commendable that most countries including the US have laws against cybercrime. For instance in the US, several bills have been introduced by the members of Congress to address this issue so as to help improve the country's defense capacities. Legislations however are not simple solutions. There has to be a decisive implementation of the legislations. Moreover, considering that most jurisdictions and legislations are meant to work in a specific country, it becomes difficult to tackle threats from other borders. This is why collaboration and coordination with other countries comes in handy. Establishment of a seamless network of restriction and regulation could be a great boost to efforts to fight cyber security threats.
Cyber crime technology is also improving each and everyday. New social engineering methods are being invented by hackers on a daily basis. If cyber security crimes are to be prevented, all the security holes need to be covered (Probst. 2010). The government should therefore invest more in improvement of software engineering and development. The colleges and universities should come up with Curriculums that are intensive in teaching software engineering. Students from such courses will be very useful to the country's security because they will be in a position to counter attack any threats from hackers to words the computer networks of important government institutions like the military and communication networks.
From the above discussion, it is evident that cyber security threats are very dangerous to the country's security. The major problem has to be because technology is improving everyday and so are new ways for the hackers and cyber terrorist's methods of breaching cyber security. As explained above, an attack into the military records of the country could give attackers access to critical information that can threaten the security of the entire country. Similarly, users of the internets are courses of cyber security threats by themselves. It becomes very difficult to different between a genuine user of the internet and one with ill motives. For instance, if you go into a cyber café, there is screening method to identify why users want to browse. All that the attendants do is to ask for money after you log out, for the period you will have used their services. It is because of such issues that it is necessary for the government to do everything in its position to ensure that the cyber space is safe for everyone's security.
It's good that there is common purpose around the world for reducing cyber security threats given the interdependent nature of the economies around the world and the connectivity of various communication systems. The private sector and the United State should continue with building strong defensive capabilities as the enemies try to exploit vulnerabilities. However, defensive measures along are not enough. Given the persistent and evolving nature of cyber security threats, there is need to establish an international agreement for accountability, responsibility and deterrence in the frontier of digital warfare which is increasingly dangerous.