Premium Essay

Review of Cyber Attacks

In:

Submitted By waitwhat
Words 1450
Pages 6
Help Net Security is a site (www.net-security.org) run specifically in order to help disseminate information about current security problems and concerns across the full spectrum of computing systems. According to “About” page, Help Net covers “news around the globe… technical articles and papers, vulnerabilities, various vendor advisories, latest viruses, malware and hosts the largest security software download area with software for Windows, Linux, Mac OS X and Windows Mobile.” The paper under review today is titled “Targeted Cyber Attacks”, written by the site GFI.com and published as an eBook available at Help net Security.
Targeted Cyber Attacks is an extensive, 25-page review of cyber attacks in a general sense, exposing the impact, extent of the problem, effectiveness of attacks, solutions and attack avoidance. It explains that the definition of a cyber attack is specifically when a company is attacked electronically for the purposes of gaining access to data or compromising functionality and causing denials of service.
The paper starts off with a definition of those who are actually at thread for attack – EVERY organization. The paper’s position is that all organizations are vulnerable, whether they believe it or not, and that there is no target too large or too small that can be attacked. Visibility of the company, perception of the ease of attack, and hiding their vulnerability from the public all have nothing to do with whether or not an attack will take place.
GFI explains how the actual extent of the problem is wide-ranged, consisting mainly of opportunistic (non-targeted) attacks such as Trojan horse programs, phishing scams, 419 scams, and mass-scanning for vulnerable services (which can transition to a targeted attack!). One test reported in the paper showed that an unprotected Windows-based system might be compromised by opportunistic

Similar Documents

Premium Essay

China Saper Threat

...Weak USA Cyber Policy vs China’s Security Threat to the USA? Abstract A cyber spy network based mainly in China hacked into classified documents from government and private organizations. One of the biggest questions still remains unanswered. Should the U.S. Congress conduct an in depth assessment of Chinese cyber spying and consider imposing tougher penalties on companies that benefit from industrial espionage. In this paper I will review china’s cyber threat and possible USA solutions to protect against the threat. Could Weak USA Cyber Policy be the cause of China’s Security Threat? U.S. corporations and cyber security specialists have reported an daily attack of computer network intrusions originating from China. Of the seven cases that were adjudicated under the Economic Espionage Act in 2010, six involved a link to China. U.S. corporations and cyber security specialists have reported a huge increase of computer network intrusions originating from China. Some of these reports have alleged a Chinese corporate or government sponsor of the activity, but the U.S. intelligence community has not been able to confirm these reports. In a study released in February, McAfee attributed an intrusion attempt they labeled Night Dragon to a Chinese Internet Protocol (IP) address and indicated the intruders stole data from the computer systems of petrochemical companies (Minnick, W. 11 Dec, 2011).” So could the problem be U.S. Cyber policy? I believe congressional committees...

Words: 793 - Pages: 4

Free Essay

Living in the Age of Cyber Attacks and Cyber Warfare

...Living in the Age of Cyber Attacks and Cyber Warfare UMUC   If you asked the average person on the street about cybersecurity and cyber warfare, they would probably say they don’t know much about it other than the fact that it involves computers. In fact, for anyone outside of the cybersecurity industry, the closest thing to cyber warfare that they may have experienced was their viewing of the movie War Games, or the fourth installment of the Die Hard series, Live Free or Die Hard. While those movies had a profound impact on the lives of the characters in the script, the audience probably thought it was merely fiction, not fully based on fact. In Live Free or Die Hard, John McClain (played by the indefatigable Bruce Willis) is attempting to stop a domestic cyber-terrorist who is acting out on a vendetta against the United States. The cyber-terrorist is successful in launching an online attack to overload and destroy a power grid that left much of America’s East Coast in darkness. When I first saw this movie, I was curious if an attack like that was really possible; however, most people around me just labeled the movie as “Hollywood’s overactive imagination”. With cyber attacks literally having the ability to affect lives in a nanosecond, it is vital that everyone understand what cyber attacks entail, the impact of these cyber attacks on a domestic and international scale, and knowing what to expect in the future while living in a world dominated by virtual experiences...

Words: 2352 - Pages: 10

Free Essay

Cyber Crime and Security

...Solo causing $800,000 in damages (Campbell, 2014). While in the systems, McKinnon deleted vital files from the operating systems, which ultimately shutdown approximately 2,000 computers on the U.S. Army and Navy networks. In 2002, the UK National Hi-Tech Crime Unit (NHTCU) interviewed McKinnon and his computer was seized. During the interview, he acknowledged accessing the systems, but stated he was gathering information about UFOs because the government was hiding pertinent facts. Additionally, McKinnon was indicted by a federal grand jury in the U.S. and potentially faced a maximum sentence of 70 years in confinement; however, he was not extradited because of a controversy involving jurisdiction , extradition laws and penalties for cyber crime. Furthermore, the Director of Public Prosecutions (DPP) refused to conduct a trial in the UK because a bulk of the evidence was located in the US and McKinnon’s actions were against the US and its interests (Arnell & Reid, 2009). In 2008, McKinnon was medically diagnosed with Asperger’s Syndrome, a form of autism, and having clinical depression. After being diagnosed, the political parties within the UK were divided because the main topic of discussion was McKinnon’s human rights versus his criminal behavior (Mackenzie & Watts, 2010). Even though some called McKinnon’s condition a trick and a way for him to avoid extradition, others felt the UK government was being insensitive and should have done more because various reports...

Words: 1063 - Pages: 5

Premium Essay

Secuirty Term Paper

...Cyber Security Project Marci James Liberty University BMIS 520 DR. Delano May 29, 2016 Scope The world of technology is advancing ever year and people are just trying to stay up to date, but there are those in the world that make it there life to stay up on technology but in all the wrong ways. The people that are just every day users of technology do not see the people in the background hoping to gain access to their private information. As technology advances so must the ways people protect their private information; even in places that they think are new and untouchable to the normal person. Even the most technology educated person can fall victim to cyber-attacks and lose of personal data. As technology advances the world of computer security will also change; the word computer is not just referring to a desktop computer that sits a desk but now refers to your tablet, smart phone, and even smart watch. The way that personal data is saved is not just limited to a floppy disc or even a CD-ROM anymore, but now a day there is clouds that will have personal data stored from all over the world sometimes in one location. The discussion in the review below will give more detail on what is coming for technology and as well as how technology is being used against people to receive their personal data. Literature Review Technology is estimated to move even more rapidly within the next twenty years and this all new growth starts this year; with this happening it means that...

Words: 1825 - Pages: 8

Free Essay

International Security

...International Security: Cyber Warfare – notes 10/3/12 * Review * Drones * What is Cyber Warfare? * Cyberspace: Interconnected network of information systems * Cyber warfare: using cyber capabilities to disrupt information in computers of another state * Inexpensive, just need to create unique computer code * Types * Denial of Service (DoS) * Goal: shut down network * Method: flood networkd with so many extra requests it overloads * Variant: Distributed (DDoS) attack from many infected bots * “carpet bomb in cyberspace” * Variant: Permanent (PDoS) * Damagers hardware * Malicious Programs * Goal: Disrupt of gain control of target computer * Method: Open a back door for remote access * Types: * Virus: Attached to file, self-replicates * Worm: Self-replicates, travels unaided * Trojan Horse: Apparently harmless program with code inside to gain system control * Logic bomb: * Goal: Coordinate timing of an attack * Method: Watch for specific event or predetermined time to trigger malicious code * Digital Manipulation * Goal: misinform/deceive audience * Method: Digitally alter images/audio * Extent: Real-time video, voice morphing * Cyber Espionage * Definition: Using cyber capabilities to acquire information about another...

Words: 406 - Pages: 2

Premium Essay

Metasploit Vulnerability Scanner Executive Proposal

...Metasploit Vulnerability Scanner Executive Proposal Paul Dubuque Table of Contents Page 3 Executive Summary Page 5 Background Information Page 6 Recommended Product Page 7 Product Capabilities Page 10 Cost and Training Page 11 References Page 13 Product Reviews Executive Summary To: Advanced Research Corporation Mr. J. Smith, CEO; Ms. S. Long, V.P. Mr. W Donaldson, CCO; Mr. A. Gramer, CCO & Mr. B. Schuler, CFO CC. Ms. K. Young, MR. G. Holdsoth From: P. Dubuque, IT Manager Advance Research Corporation (ARC) has grown rapidly during the last five years and has been very successful in developing new and innovative devices and medicines for the health care industry. ARC has expanded to two locations, New York, NY and Reston, VA which has led to an expanded computer network in support of business communications and research. ARC has been the victim of cyber-attacks on its network and web site, as well as false alegations of unethical practices. ARC’s network is growing, with over two thousand devices currently and reaching from VA to NY. ARC needs to ensure better security of communications, intellectual property (IP) and public image, all of which affect ARC’s reputation with the public and investors. ARC has previously limited information technology (IT) expenditures to desktop computers and network infrastructure hardware such as routers, firewalls and servers. It is imperative that ARC considers information security (IS) and begins to invest in products...

Words: 2593 - Pages: 11

Premium Essay

Attack Prevention Paper

...Attack Prevention Paper Introduction Cyber-attacks which are exclusively performed for the only objective of information collecting vary from monitoring the activities which a user makes to copying vital documents included in a hard drive. While those which do harm generally involve monetary thievery and interruption of services. Cyber-attacks are a slowly growing situation which is based on technology. The secret to avoiding this kind of attack is in the applications and programs which one uses for protection which identifies and informs the user that an attack is certain generally known as Cyber Warfare. As stated in the 1st explanation. However dependence and reliance aren't the only items which technology provides. Or an effort to monitor the online moves of people without their permission as the sophistication of cyber criminals continues to increase; their methods and targets have also evolved. Instead of building the large Internet worms that have become so familiar, these criminals are now spending more time concentrating on wealth gathering crimes, including fraud and data theft. An online article from Cyber Media India Online Ltd., suggests that because home users often have the poorest security measures in place, they have become the most widely targeted group. Cyber Media states that 86% of all attacks are aimed at home users (2006). As attacks on home users increase, new techniques are surfacing...

Words: 951 - Pages: 4

Premium Essay

Ifsm B-1

...decision-making frameworks to IT related ethical issues: Computer-Based Crimes INTRODUCTION/PROBLEM STATEMENT Today’s technology has opened up a new realm of criminal activity, and new ways to exploit innocent people. Cyber-related crimes have been increasing for the past decade and include a number of different illegal activities to include: identity theft, phishing, cyber-stalking, and the use of malware. Criminal activities are of course, unethical, and cyber-crimes are no exception. It is a problem plaguing our society, and people have to be diligent to avoid being attacked and exploited. “It seems that everything relies on computers and the internet now — communication, entertainment, transportation (car engine systems, airplane navigation), shopping, and medicine (equipment, medical records). How much of your daily life relies on computers? How much of your personal information is stored either on your own computer or on someone else's system? Cyber security involves protecting that information by preventing, detecting, and responding to attacks” (US CERT, 2013). Today, we’ll look at an ethical approach (Reynolds' Seven-Step Ethical Decision-Making Approach) to develop protective measures that could help in mitigating cyber-crimes Ethically, cyber-crimes really boil down to what’s right and wrong. Deontological theories focus on the right action, doing the right thing, no matter the consequences. All humans on this planet have a deontological duty to do what’s...

Words: 1300 - Pages: 6

Free Essay

Cyber Security: Cyber Terrorism

...Introduction Cyber security refers to the practices and processes that are used in technologies such as networks, computers, information and programs from damages by unwarranted entities (Ahmad, Yunos & Sahib, 2012). There are different attacks towards technology which may distort information or be used to create tension in an organization. Information stored in computers has some level of privacy and this depends on the level of sensitivity that such information may have towards that organization. Business strategies, political discussions and government documents are some of the documents that require a higher degree of privacy. However, there are individuals who cause deliberate attacks on the information systems of organizations and governments in order to unlawfully access information or distort the meaning of such data. The intention of cyber attacks has led to the classification of these attacks into particular classes. For example, we have cyber bullying and cyber terrorism. Under cyber bullying, the attackers use technology to abuse and intimidate their targets. Cyber bullying has been common through the presence of the social media where an individual will use pseudo-accounts to publish half truths about others with a bid to embarrass them. On the other hand, cyber terrorism involves the use of technology to access vital government sites in order to cause harm and fear in the society through terrorism activities. Brunst (2010) indicates that cyber terrorist activities...

Words: 1810 - Pages: 8

Premium Essay

Attack Prevention Paprer

...Attack Prevention Paper Introduction Cyber-attacks which are exclusively performed for the only objective of information collecting vary from monitoring the activities which a user makes to copying vital documents included in a hard drive. While those which do harm generally involve monetary thievery and interruption of services. Cyber-attacks are a slowly growing situation which is based on technology. The secret to avoiding this kind of attack is in the applications and programs which one uses for protection which identifies and informs the user that an attack is certain generally known as Cyber Warfare. As stated in the 1st explanation. However dependence and reliance aren't the only items which technology provides. Or an effort to monitor the online moves of people without their permission as the sophistication of cyber criminals continues to increase; their methods and targets have also evolved. Instead of building the large Internet worms that have become so familiar, these criminals are now spending more time concentrating on wealth gathering crimes, including fraud and data theft. An online article from Cyber Media India Online Ltd., suggests that because home users often have the poorest security measures in place, they have become the most widely targeted group. Cyber Media states that 86% of all attacks are aimed at home users (2006). As attacks on home users increase, new techniques are surfacing, including the use...

Words: 951 - Pages: 4

Free Essay

Information Security Threat

...associated with these threats. External cyber-attacks are on the rise and have become a real challenge for network administrators as well as network design planners to ensure their respective networks are protected from external attacks resulting in loss of website availability, confidential data, and internal processes critical to mission objectives. Cyber-attacks can cost companies large sums of unrecoverable revenue associated with site downtime and possible compromise of sensitive confidential data. It is imperative today’s corporate network is configured and prepared to protect itself from external cyber-attacks. Since there is no 100% method to stop external cyber-attacks, attention to detail must be made in regards to proper configuration of the network to include state of the art hardware and software. To include current security patches for both software and hardware respectively. Additionally, hardware and software measures will be limited in their effectiveness without network policies and techniques to protect against external cyber-attacks such as Denial of Service, Distributed Denial of Service, Masquerading and IP Spoofing, Smurf Attacks, Land c Attacks, and Man-in-the-Middle attacks. In close coordination with our IS team engineers and IT network director an approved plan has been incorporated to minimize risk of an effective cyber-attack on our network. Specifically this plan covers a comprehensive review of current network design and interdependencies...

Words: 735 - Pages: 3

Premium Essay

Cyber Warfare

...Cyber warfare One of the first cyber-attacks was the Morris worm in the year 1988. It had affected the world cyber infrastructure. This worm utilized the weak areas of UNIX system Noun1. This worm has replicated adversely and slowed down the computers in all of the US and made them unusable. Cyber warfare has become a societal issue now. Though the roots of cyber warfare aimed at military areas primarily, it extended its effects to non-military areas too. The information infrastructure based companies have become victimized due to abundant availability of cheap cyber weapons over internet. This resulted in economic instability. Libicki classified information warfare into seven categories. They are intelligence based warfare, economic information warfare, hacker warfare, psychological warfare, electronic warfare, command and control warfare and cyber warfare. CSI and CERT information reflects that securities incidents are common, private firms are the major targets and much of these security incidents never receive public acknowledgement (Geeks et al., 2010). Several tools in the cyber warfare are developed based on Windows and are available free of cost. They require a minimal understanding about the technology frames. Many of the network organizations today are using well developed proxy servers, intrusion detection systems and firewalls. However these defensive systems are often configured improperly and carried known vulnerabilities. This weakness gave an opportunity even...

Words: 1988 - Pages: 8

Premium Essay

Cyber Security

...analysis on security. Technology these days is going up very fast and technology has been changed the route business administered by giving online services to their customers, to secure data in to “cloud” and allowing them to get their data from smart phones and tablets. This process of securing data has given many benefits to small and large business alike. But where the benefits are there will be some risk present. Risk will be like lost of data or to protect data by any attack of security. According to a survey which took place in 2012 about security, the graph of crimes and security attacks is gradually going up every year. As we talk about security it’s a very huge field to do research on it. Security has many different units in a field. One can’t do a research on this topic. The topic I am going to discuss in my research is cyber security. Cyber security these days is important everywhere. Where ever the data is, we need cyber security to protect and maintain our data according to our requirements Cyber crime is far reaching, general and continually joined with different parts of the criminal natural gathering. It runs from the thievery of a specific's character to the complete interruption of a nation's Internet compromise in light of a huge trap against its masterminding and taking care of assets. The definite focus of cybercrime divisions is on information-the information which is stored electronically for resulting and recovery reason. To get to think about that size...

Words: 1426 - Pages: 6

Premium Essay

Cyberbulling in School Children

...Binalfew Mecuriaw EN 102 Prof. Nuredinoski 5/13/13 Cyber-bulling In School Children According to the an author, Zetter, Kim, a neighborhood women setup an account in MySpace anonymously to contact one of her daughter’s classmates. The goal of the woman was to find out why the girl did not go along with her daughter. After she set up the account, the women started contacting her daughter’s classmate. The girl thought the account was for a 16 years old boy. She did not realize that she was contacting her schoolmate’s mother because the woman created the account anonymously. After they started contacting to each other, the woman started abusing the girl with her repeated and mean messages. She started insulting the girl via MySpace repeatedly. Finally, the girl was found hanged behind her house. We all remember that when we were in elementary and high schools, teachers would have to stand on the play ground during break time and monitor the bullies, who would try to take another child’s lunch money, or to take a note being passed around in the classroom that would read something like “I will see you on the play ground after school.” We all passed through this kind of bulling. This kind of bulling used to be performed by physically bigger students and it was not also that much serious. However, over the past few years, with the improvement and tremendously changed of networking technology, the way of life and interaction among people has been altered completely in both...

Words: 2238 - Pages: 9

Premium Essay

Cybersecurity Standards: a Case Study on Malaysian Banking Sector

...of 22.3 hours online per week 87.9% of Malaysians on the internet access Facebook Once online, Malaysian’s Top 3 activities 1. social networking sites 2. instant messaging 3. reading local news Source: The Nielsen Company (April 2011) Copyright © 2013 CyberSecurity Malaysia 3 HIGH LEVEL USAGE = HIGH RISK Copyright © 2013 CyberSecurity Malaysia 4 HIGH LEVEL USAGE = HIGH RISK Cyber Security Incidents (1997-2013) Reported to Cyber999 Help Centre 16,000 15,218 Type of incidents: 14,000 • • • • • • • • 12,000 10,000 8,000 As at 31st August 2013 Fraud and scams Intrusion and web defacement Destruction Denial-of-Service Virus / Malware Harassment Content-related Intrusion attempts 9,986 7753 8,090 6,000 3,566 4,000 2,123 2,000 81 196 1997 1998 527 347 1999 2000 860 625 2001 2002 1,372 912 915 754 2003 2004 2005 1,038 2006 2007 2008 2009 2010 Number of cyber security incidents referred to CyberSecurity Malaysia (excluding spams) Copyright © 2013 CyberSecurity Malaysia 2011 2012 2013 HIGH LEVEL USAGE = HIGH RISK 1.6 RM The cybercrime situation in Malaysia Billion lost to scams in...

Words: 1957 - Pages: 8