IT Vulnerabilities - Basic Cyberspace Attacks- by Lillian Ekwosi-Egbulem

1,048 views

Published on

IT Vulnerabilities -Basic Cyberspace Attacks-

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,048
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
4
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

IT Vulnerabilities - Basic Cyberspace Attacks- by Lillian Ekwosi-Egbulem

  1. 1. Running head: IT VULNERABILITIES Basic Cyberspace Attacks Lillian Ekwosi-Egbulem
  2. 2. IT VULNERABILITIES 2 Basic Cyberspace Attacks Introduction The semantic layer of the Cyberspace contains the machine that holds the information and is the level at which attacks occur (Libicki, 2009). Cybercriminals use this domain for their personal gain, taking advantage of the anonymity it offers. Before, hackers used to break into computers just to brag about their accomplishments but now, different kinds of attacks such as Cyberterrorrism and Cyberwar have emerged. Cyberterrorism targets the critical infrastructure and tends to be destructive and disruptive enough to create fear and intimidation among governments and their people. This setting creates a conducive atmosphere for the terrorists to deliver their political or ideological motivated message. Cyberterrorism must not be confused with Cyberwar which is more of government activities (Denning, 2007) and includes other types of computer abuse and information warfare. Although many terrorist activates on the internet have prompted government initiatives to protect the critical infrastructures, however, no cyber attack has been terrible enough to call for retaliation. Therefore, this analysis will delve into basics cyberattacks, motives, damages, impact, and proffer countermeasures that protect the information and the information system. Cyberspace attacks Internet fraud Advance fee fraud, aka 419 is a type of internet crime very prevalent in Nigeria. “The Nigerian 419 basics involve an unsolicited e-mail, an alleged African official needing recipient's help in transferring millions of dollars from the bank account of a deceased African leader, company official or senior government officer” (Loguercio, 2011). The method used by the scammers is to make the victim believe that they will transfer some free money into the victim’s account while in the actual fact, the victim will end up paying some fees to release the promised
  3. 3. IT VULNERABILITIES 3 money that never existed in the first place. The motive that drives both the perpetrator and the victims is greed. The scammer wants to get rich quick while the victim wants to receive free money “reap where he did not sow”. As recorded in Computer Fraud & Security (2009), John Rompel from Canada received an unsolicited email from a 419 scammer announcing that someone with the same last name and no relatives had left him about thirteen million dollars. Prompted by greed, he borrowed $150,000 from his family to pay the fees for the transfer. Unfortunately, he lost his money to the scammers and suffered both economical and emotional damages. To avoid falling prey to scammers, it is advisable not to respond to unsolicited get-rich- quick emails and letters. Also, installing software security such as popup blockers, spam filters with the Simple Mail Tranfer Portocol (SMTP), and firewalls prevent spam emails and block off unwanted advertisements. Destructive attack: Destructive attack is the use of an exploit such as the introduction of malicious code to compromise a controlled system. Worm, virus, and Trojan horse are usually hidden in legitimate programs or files that have been altered by attackers. When the files are opened, virus and worm infect the computer by replicating themselves, spreading to computers and activating their malicious instructions. In recent years, network worms have caused tangible disruption to infrastructure (MarketWatch, 2005). As recorded in The Cyber Crime Hall of Fame (Lozzio, 2008), a 23-year-old Cornell University student Robert Morris, released 99 lines of code that became known as the Morris Worm, infecting, replicating and crashing about 60,000 computers (Marsan, 2008) across the country. His motive was experimental, trying to gauge the size of the Internet. Research shows
  4. 4. IT VULNERABILITIES 4 that the damage caused by this worm ranges from economical to emotional. “People disconnected from the network and the irony is that disconnecting from the 'Net also broke down our major communications channels" (Marsan, 2008). The damage was estimated between $10 and $100 million. Morris was tried and convicted for violating the 1989 Computer Fraud and Abuse Act. (Hurley, 2007) but he only served 400 hours of community service Installation of packet filters and personal firewall as a first line of defense prevents malicious packets from infecting the system. Intrusion Detective and Preventive System (IDPS) monitor patterns of normal behavior and prevent network intrusion. Managing the Operating System (OS) updates and the installation of antivirus help mitigate these threats Theft of Intellectual property In this type of Cyberattack, States prepare their hackers to steal classified information such as intellectual property, inventions, and patents. China has constantly unleashed this cyberattack on the US. Malicious insiders also rob legitimate owners of their ideas, inventions, and creative expressions. Malicious insiders include current or former employee, contractor or other business partner who has or had authorized access to data and intentionally misuse that access to compromise the confidentiality, integrity and availability of the information or the system (Cappelli & Hanley, 2010). There are always elements of asymmetric warfare involved in Intellectual Property theft because though the involvement of Nation-State is suspected, but it cannot be proved which makes retaliation problematic. Unfortunately, theft of intellectual property has become a growing threat due to the rise of digital technologies and Internet file sharing networks such as Peer-to-Peer application (The FBI, 2010).
  5. 5. IT VULNERABILITIES 5 An example of Intellectual Property theft as recorded in The FBI, (2010) describes how Engineer Shanshan Du, an employee of the General Motors asked to be reassigned to work where she could gain access to the company’s trade secret. She allegedly copied sensitive GM document, passed it to her husband who used it s for his own business and later sold it to a Chinese auto company. The couple was arrested and convicted while the crime cost GM an estimated $40 million in trade secret. The motive is basically industrial espionage, gain of business and competitive advantage. The damage caused by this cyber attack includes loss of revenue, investors’ confident, and money invested in business research and development. Intellectual property theft can be prevented using employee exit interview as well as effective audit log and baseline to alert unusual large amount of data downloads. Also, monitoring for IP addresses and files transfer leaving the network is imperative. Maintaining physical security, principle of least privilege and prohibition of personal devices use in the system especially removable media, are necessary in mitigating this type of threat. Denial of service Attack (DoS) Typically, DoS causes loss of service to users. Attackers do not break into the system rather, their intention is to crash the system, bring the network or system down, deny communication, and hang the system. An attacker can achieve this by flooding the network with requests that it cannot handle. Distributive Denial of Service (DDoS) is a variant form of DoS where hundreds of zombie computers controlled by an attacker are used as botnets to flood a network with requests. Of interest is the DDoS attack of 2007 that rendered the Estonian government, banking, media, law enforcement, and Internet infrastructure paralyzed for three weeks (Geers, 2008).
  6. 6. IT VULNERABILITIES 6 Russia was accused and their motive was purely political. The damage was economical because Estonia depended so much on Information Technology. The impact of this politically motivated cyberattack “brought unprecedented attention to cyber security” (Geers, 2008) around the world. Once DoS starts, it is difficult to contain it, hence it becomes necessary to apply the optimum defensive measures to prevent such attack. Intrusion Detective and Preventive System (IDPS) monitor for network intrusion and report any anomalies. Honeypot traps or tricks the attackers by directing them away from the legitimate server, while traditional firewalls analyze incoming packets and allow valid packets or drop the invalid DoS packets. Conclusion Information is a critical element in today’s businesses, government agencies and organizations, consequently, it must be protected at any cost. The effect of IT vulnerabilities has significant economic impacts in form of loss estimated in billions of dollars annually and threatens U.S. national security (GAO, 2007). In conjunction with the countermeasures listed in each attack above, basic safeguards such security policies and procedures must be put to place to enforce the acceptable use of the information and the information systems. Training and awareness are of paramount importance because users are the greatest threat to information security. There is a link between IT vulnerabilities and cyberattacks because all computer attacks are ultimately the fault of the system’s owner and attackers who penetrate a system do that through paths permitted by software (Libicki, 2009). This link is the exploit. Therefore, looking at this link and its unassailable logic, it becomes clear that if there no vulnerability, there will be no exploits and if there are no exploits, there will be no cyberattack.
  7. 7. IT VULNERABILITIES 7 References Cappelli, D. M., Hanley, M., P. (2010). CERT: Monitoring Strategies for Detection of Insider Threats. Retrieved from http://docs.google.com/viewer?a=v&q=cache:Y6nWJkW4Cq4J: www.uscert.gov/GFIRST/presentations/Monitoring_Strategies_for_Detection_of_Insider _Attacks.pdf+www.cert.org/archive/pdf/CyLabForeignTheftIP.pdf&hl=en&gl=us&pid=b l&srcid=ADGEESjR4hSl3D8oHTk0uokBSriQ7Yyi1F2bGM0h_RFjf27P6YjTTScXhwE bq92DykFmTjMTcqqA5oOZ8FC81GzcLnw-EF j3Jr3GWt6hyiTW7l8a0ZTMKc5lY9s KkolQsFPowVIGciK&sig=AHIEtbQj4hcUl5keKLauELfXOkIfAuwxLA Computer Fraud & Security, (2009). Canadian 419 victim loses $150,000.(1),5.doi:10.1016/ S1361-3723(09)70006-Retrieved from: http://www.sciencedirect.com.ezproxy.umuc. edu/science?_ob=MiamiImageURL&_cid=271971&_user=961261&_pii=S13613723097 00065&_check=y&_origin=search&_zone=rslt_list_item&_coverDate=2009-01- 31&_qd=1&wchp=dGLzVlS zSkWz&md5=3b7aa0d061babfa125b 963224 0497a 0b/1-s 2.0-S1361372309700065-main.pdf Denning, D. (n.d.). A view of Cyberterrorism Five Years Later. Retrieved from http://faculty.nps.edu/dedennin/publications/Cyberterror%202006.pdf GAO, (2007). Cybercrime: Public and Private Entities Face Challenges in Addressing Cyber Threats. Retrieved from http://www.gao.gov/products/GAO-07-705 Geers, K. (2008, August 27). Cyberspace and the changing nature of warfare. Retrieved from http://www.scmagazineus.com/cyberspace-and-the-changing-nature-of- warfare/article/115929/ Hurley, C. (2007). Penetration Tester's Open Source Toolkit. Retrieved from http://books.google.
  8. 8. IT VULNERABILITIES 8 com/books?id=O3EFpf9N6BgC&printsec=frontcover&source=gbs_ge_summary_r&cad =0#v=onepage&q&f=false Libicki, M. (2009). Cyberdeterrence and Cyberwar. Santa Monica, CA: RAND Corporation Loguercio, M. (2011). They Made Me an Offer I Can't Refuse. Insurance Advocate, 122(7), 22. Retrieved from http://ehis.ebscohost.com/eds/pdfviewer/pdfviewer?vid=5&hid=23&sid= Lozzio, C. (2008). The Cyber Crime Hall of Fame. Retreved from http://www.pcmag.com/ article2/0,2817,2355309,00.asp Marsan, C., D. (2008). Networkworld. Morris worm turns 20: Look what it’s done. Retrieved from http://www.networkworld.com/news/2008/103008-morris-worm.html New research predicts digital Armageddon. (2005). MarketWatch: Technology, 4(2), 23-24. Retrieved from http://ehis.ebscohost.com/eds/pdfviewer/pdfviewer?sid=c988c48a-1148- 42c9-a8fe-a50efda63d15%40sessionmgr12&vid=13&hid=23 The FBI. (2010). Trade Secret Theft: Couple Conspired to steal Hybrid Technology. Retrieved from http://www.fbi.gov/news/stories/2010/september/steal-hybrid-technology

×