...President Obama, Sony executives, Target organization and many of its’ customers have all been victims of some form of cyber crimes. This writer will provide a brief overview of the six types of cybercrimes and the economic loss as it affects America’s businesses. TYPES OF CYBER CRIME The growth and availability of technology has resulted in cyber attacks becoming a major concern for governments worldwide (Dzielinski, 2014). Small companies along with the larger corporations are now being targeted. A recent survey reported that more than one-third of small companies have been victims of some form of cyber attacks (Dzielinski, 2014). Approximately 75 percent of these companies were unable to recover their stolen data. The Central Intelligence Agency (CIA) has classified cyber crimes into six categories; fraud, computer trespassing, hardware hijacking, bullying-harassment-stalking, spam, and cyber warfare. Financial fraud is considered to be the most common of the six cyber attacks. The Target Corporation, the third largest U.S. retailer, and its customers were affected in 2013 (Target Corporation, 2013). Despite in place security measures, Target failed to detect the breach. The retailer was notified by credit card processors of an unusual high number of fraudulent purchases with one commonality, the cards were all used in their store. This breach hit more than 40 million customers whom used their debit or credit cards (Target Corporation, 2013). Computer trespassing...
Words: 1600 - Pages: 7
...EXECUTIVE SUMMARY This paper details the importance of cyber security in the face of evolving cyber threats and the ever-increasing attacks on government and businesses alike. We live in a globally connected world and globally distributed cyber threats. Not restricted by geographical boundaries these threats target all technologies, service providers, and consumers. The threats are at an all-time high, in terms of sophistication and volume, and continue to trend upwards. WHAT IS CYBERSECURITY? Twenty years ago businesses did not think twice about cyber security. In a world of mainframes and dumb terminals with no connectivity to anything outside, viruses, malware, and hacking was unheard of, however, with the introduction of the Internet things have now changed. The term cyber security is getting more and more mixed usage lately, so much so that it is almost as ambiguous as the term "cloud". Cyber security, referred to as information technology security, is the focus on protecting computers, networks, programs, and data from unintended or unauthorized access, change, or destruction. Cyber security also encompasses ten different security domains. The following domains provide a foundation for security practices and principles: • Access Control - to maintain information confidentiality, integrity, and availability, it is important to control access to information. Access controls prevent unauthorized users from retrieving, using, or altering information. They are...
Words: 1611 - Pages: 7
...IA1 – EVALUATION OF THE GLOBAL IMPACT OF THE ESTONIA CYBER EVENT Sherquita Tucker CSEC655 Section 9041 Table of Contents 1. Introduction 3 2. Background and Global Impact 4 3. Vulnerabilities in Cybersecurity Policy and Practices 5 4. Advantages of Reducing Vulnerabilities for Future Attacks 8 5. Disadvantages of Reducing Vulnerabilities for Future Attacks 8 6. Advantages of Improving Security Practices or Policies 9 7. Disadvantages of Improving Security Practices or Policies 10 8. Summary and Conclusion 12 References 14 IA1 – Evaluation of the Global Impact of the Estonia Cyber Event 1. Introduction What if suddenly the safety systems of nuclear power plants unexpectedly malfunctioned, or suddenly floods of water was released atop a neighboring community due to a malfunctioning of the control systems of a major dam, or air traffic control systems of major airports was to suddenly render inoperable, or business transactions of stock exchanges or major banks stopped or vanished ? Even worse, what if it all occurred instantaneously? Would this be an idea behind a new movie thriller, or the realism of cyber war in the twenty-first century? The notation of the using computing and networking systems as an alternative method to the traditional terrorist attacks has always been a major concern. In the early 1990s, since the public debut of the Internet, not all consumers have used cyberspace with peaceful intent. This is particularly...
Words: 3346 - Pages: 14
...Cyber-Attack Prevention As cyber-criminals become cleverer with the cybercrimes, more and more individuals are in danger of a cyber-attack. The threats become more intense and damaging as technology grows. Often times, home users think computing and surfing the Internet is safe when at home. It is a necessity to be aware of the prevention methods whether at home or at work. To further the comprehension of cyber-attack prevention, an article is chosen and an evaluation is the article. The evaluation of an article will include a stance on the quality of the material, selections of various aspects, descriptions of each aspect, reasons for an individual viewpoint, and an example. Article Summary Home users need to practice prevention methods when using the Internet at home. Cyber-criminals’ methods and targets have evolved (Damico, 2009). Several home users may not be aware that any connection to a network is networked activity and requires some measure of protection. According to the Damico (2009) article, a prevention system must identify and stop malicious attacks before they do damage and have a chance to infect a system. It is not only imperative to use prevention methods, but also it is imperative to understand prevention methods. Technology prevention methods will no longer be adequate to protect against the modern cyber-criminals of today. Material Quality The quality of the material is credible. The article is valid. The author uses more than one in-text citation...
Words: 722 - Pages: 3
...Infect Windows based computers: Stuxnet, as previously stated, could infect networked and non-networked computers utilizing zero-day exploits and rootkits in multiple versions of the Microsoft Windows operating systems. Stuxnet would also “install[ing] signed drivers on Windows operating systems” (Mueller & Yadegari, 2012) that would make it appear as though it were produced and installed by a reliable software company which provided the means to escape detection by anti-virus software. 2. Check: Stuxnet would then identify whether the affected computer was in fact its target as a controller of industrial systems. 3. Update: If the infected computer was the intended target, Stuxnet would attempt to connect to the Internet where it would be able to receive updates. 4. Compromise: Stuxnet would then exploit zero-day vulnerabilities in the software of the industrial system’s logic controllers that had not previously been identified. 5. Control: Stuxnet would analyze the operations of the targeted system. The information that is gathered is then exploited to allow for the worm to control the physical layer of the industrial system. At this point, the worm would cause the centrifuges to spin at high speeds without slowing...
Words: 1263 - Pages: 6
...movie Die Hard 4 as our individual assignment and have been told to do a summary report based on the movie that have been watch and based on the movie we need to collect the content of the movie summary based on the rubric given. We watch it in the class for about 1 and a half hour. Below is the summary that I have summarized. McClane is attempting to stop cyber terrorists who hack into government and commercial computers across the United States with the goal to start a "fire-sale" of financial assets. The F.B.I. responds to a brief computer outage at their Cyber-Security Division by tracing down top computer hackers, finding several of them have been killed. Taking others into protective custody, the F.B.I. asks New York City Police Department detective John McClane to collect Matthew "Matt" Farrell. McClane arrives in time to prevent Farrell from being killed by assassins working for a cyber-terrorist named Mai Linh who was working for her boss and love interest, Thomas Gabriel. En route to Washington, D.C. Farrell reveals that he received a large sum of money from Mai to write an algorithm that can crack a security system. As they arrive in D.C., Gabriel orders his own crew of hackers to take control of the transportation grids and stock market, while nationally broadcasting a message threatening the United States. Farrell recognizes this as the start of a "fire sale", an attack designed to target the nation's reliance on computer controls, such that "everything must go"...
Words: 2197 - Pages: 9
...Sherief Beshara ENG 302-DeFazio Metacognitive Assignment Role of Cyber Security in Preventing Future Attacks 1. Copy/paste the following items from your major scholarly project into your Metacognitive Assignment document: * One of the main concerns is whether or not we are prepared for a cyber war. We have to equip ourselves with the education and understanding of what goes into preventing a cyber-attack and what we need to be on the offensive side. Our safety depends on it. Cyber security plays a daily role in our protection and we don’t even realize it. * Another opposing view shows that cyber security sometimes is not enough, and that the need for it is not just limited to our government, but also corporate America is in deep need for cyber security to protect its databases from malicious software and hackers that are always ready to invade and attack their firewalls. Bruce Schneider, a security expert with the Berkman Center at Harvard, mentions how important encryption is and mentions that it “protects our data from criminals. It protects it from competitors, neighbors, and family members. It protects it from malicious attackers, and it protects it from accidents” (Bailey). That is why encryption needs to be automatic to any type of data that needs to be protected or that is a target to any hacker out there. He is saying that encryption just generally puts a protective cover over all the data that needs to be protected and just protects it from everybody, even...
Words: 1179 - Pages: 5
...Metasploit Vulnerability Scanner Executive Proposal Paul Dubuque Table of Contents Page 3 Executive Summary Page 5 Background Information Page 6 Recommended Product Page 7 Product Capabilities Page 10 Cost and Training Page 11 References Page 13 Product Reviews Executive Summary To: Advanced Research Corporation Mr. J. Smith, CEO; Ms. S. Long, V.P. Mr. W Donaldson, CCO; Mr. A. Gramer, CCO & Mr. B. Schuler, CFO CC. Ms. K. Young, MR. G. Holdsoth From: P. Dubuque, IT Manager Advance Research Corporation (ARC) has grown rapidly during the last five years and has been very successful in developing new and innovative devices and medicines for the health care industry. ARC has expanded to two locations, New York, NY and Reston, VA which has led to an expanded computer network in support of business communications and research. ARC has been the victim of cyber-attacks on its network and web site, as well as false alegations of unethical practices. ARC’s network is growing, with over two thousand devices currently and reaching from VA to NY. ARC needs to ensure better security of communications, intellectual property (IP) and public image, all of which affect ARC’s reputation with the public and investors. ARC has previously limited information technology (IT) expenditures to desktop computers and network infrastructure hardware such as routers, firewalls and servers. It is imperative that ARC considers information security (IS) and begins to invest in products...
Words: 2593 - Pages: 11
...Communication Technologies (ICT) has become the backbone of many organizations. Particularly, the internet has become an important aspect through which education institutions use to carry out research, communicate and innovate. Even through this evolution has brought many benefits but also it has also brought serious threats such as cyber-attacks that has been demonstrated over the past few years through acts of cyber espionage and cyber-crime through the virtual space. In this context, the University of Dar es Salaam needs to develop policies towards cyber threats even through this has often be clustered and fragmented. Using theoretical and conceptual models this paper provides an informed understanding and critical assessment of the University of Dar es Salaam cyber security policy through addressing the following research questions: What are the IT risk management policy and systems that can be developed for the University of Dar es salaam? The primary data is collected through surveys, and interviews that are open ended and close ended. The results of the paper demonstrated that colleges and universities have been a target for cyber-attacks due to the fact that of the vast amount of computing power they possess, and they provide open access to their constituents and to the public. The research also showed that University of Dar es Salaam doesn’t have a comprehensive IT security risk management policy or guidelines that will guide the business process in the event of an IT...
Words: 7435 - Pages: 30
...Table of Contents 1. Executive Summary ......................................................................................................................... 2 2. Introduction ...................................................................................................................................... 2 3. Theory and Concepts ...................................................................................................................... 2 3.1. Cyber Crime ................................................................................................................................. 2 3.2. Cyber security ............................................................................................................................... 3 4. Key Findings / Discussion of your research topic ............................................................................ 3 4.1. The major risks of cyber security ................................................................................................. 3 4.1.1. To consumers ........................................................................................................................ 3 4.1.2. To businesses........................................................................................................................ 4 4.1.3. IT organisations ..................................................................................................................... 4 4.1.4. Telecommunication companies...
Words: 3380 - Pages: 14
...policies and procedural guidance to private industries. This relationship between government and private industry are not conflict immune as the balance between protecting the national interest and invading privacy is in question. Senior management from the private industry caught in between making the right decision to protect their customer or investing in cyber security. This research paper covers the impact of government regulations, security laws, and legal concepts on the private sector to protect national security and its interpretation and acceptance by the public. The Role of the Government in Protecting National Security The US government invested a lot to protect its critical infrastructure from cyberattack by creating and implementing policies and procedures for private sectors. The executive branch of the government led by the Department of Homeland Security with close cooperation with other agencies including the National Institute of Standard and Technology (NIST) create mandatory policies and enforces their implementation by the private industry. This change was as a result of the September 11, attack where over 16 law...
Words: 1899 - Pages: 8
...DeVry University Alhambra, California Cyber Security Systems By Alvin Canlas (D01621385) Hernando De Leon (D40160634) Arees Dikranian (D01501086) Edward Huron (D01298546) Sandry Kho (D40246297) Chirag Patel (D40152599) Maria Ramirez (D01636860) Jaime Solorzano (D40201380) Submitted in Partial Fulfillment of the Course Requirements for MGMT 404 Project Management Dr. John Lindem October 15, 2014 Executive Summary Information Technology continues to change at a rapid pace. These changes greatly affect the world we live in. Corporate giants such as Target, Home Depot, and Apple have been recent targets of cyber-attacks. To protect customer date we have to constantly adapt to the different style of attacks and adjust to their business technology policies. At Cyber Security Systems (CSS) it is our mission to maintain the continuity of these vital services and preserve the public’s trust in our information systems. In addition, it requires new levels of communication and cooperation among the public and private sector, corporate agencies and departments. Furthermore, it involves protecting our critical infrastructures from intrusion or attack as well as using the infrastructure as a tool with which law-enforcement agencies can gather, analyze and disseminate information. This business plan will provide a vision, purpose, mission and goals for technology at Cyber Security Systems. In addition, it also includes the current organization of Information...
Words: 4839 - Pages: 20
...Abstract: Advanced cyberattacks on the public and private sectors at the local, national, and international level have prompted an increase in funding and support for the study of emerging cybersecurity technologies. The considerations for this paper are to discuss the emerging technologies and strategies that can be integrated across the public and private sector to improve cybersecurity on a local, national, and international level. New technologies need to dynamically assess networks real-time such as with the use of Remote Agents and Real-time forensic analysis. These technologies also need to make the attack space less predictable and constantly evolving such as through the use of moving target defense. Emerging Cybersecurity Technologies The E-government Act of 2000 was signed by President Bush to move toward a more 24-7 government. The dream was to eliminate the need to have to stand in line at the DMV for half a day just to pay annual vehicle registration fees (Barker, 2011). Security was certainly a concern, but it was not at the forefront of the move as government agencies would go through massive changes in equipment, manning, and practices in order to move information and programs online. Now, over a decade later we still see moves and changes taking place, such as the department of Veterans Affairs recently moving all of their applications, forms and records online. The expensive cost of getting the government caught up was expected with such an overhaul...
Words: 2624 - Pages: 11
...Operations December 9, 2010 Congressional Research Service 7-5700 www.crs.gov R41524 CRS Report for Congress Prepared for Members and Committees of Congress The Stuxnet Computer Worm: Harbinger of an Emerging Warfare Capability Summary In September 2010, media reports emerged about a new form of cyber attack that appeared to target Iran, although the actual target, if any, is unknown. Through the use of thumb drives in computers that were not connected to the Internet, a malicious software program known as Stuxnet infected computer systems that were used to control the functioning of a nuclear power plant. Once inside the system, Stuxnet had the ability to degrade or destroy the software on which it operated. Although early reports focused on the impact on facilities in Iran, researchers discovered that the program had spread throughout multiple countries worldwide. From the perspective of many national security and technology observers, the emergence of the Stuxnet worm is the type of risk that threatens to cause harm to many activities deemed critical to the basic functioning of modern society. The Stuxnet worm covertly attempts to identify and exploit equipment that controls a nation’s critical infrastructure. A successful attack by a software application such as the Stuxnet worm could result in manipulation of control system code to the point of inoperability or long-term damage. Should such an incident occur, recovery from the damage to the computer systems programmed...
Words: 5499 - Pages: 22
...Authority on cyber warfare As we approach a new generation of warfare, we face new problems. Each generation before us has shown that there are continued advancements in warfare technology and with new technology there are different guidelines and terms of use in concordance with international law. The art of war has not changed since the beginning of time. Yes, there are new weapons, but the content for the most part is the same. Defeat your enemy, rendering them unable to strike back, or attack them where it hurts so that they do not want to proceed in the war. Through the evolution of war, the United States has conquered and been defeated. We may not always be law abiding, but we do what we deem necessary to defend the nation. In the process of defending, we learned that technological advancements are not always a positive thing, and technology can become too powerful for any one nation alone. The creation of the nuclear bomb was just that. Now that there is this terrifying new advancement in warfare technology, how do we stop it from getting into the hands of the wrong people? Executive summary, In this paper, I will discuss how the Stuxnet virus was used to stop the use and development of nuclear weaponry in Iran. The laws on proper use will also be discussed, exploring whether it was lawful to deploy the virus, with relation to the use of Traditional Military Activities and presidential findings. In addition...
Words: 6507 - Pages: 27