IT Vulnerabilities - Basic Cyberspace Attacks- by Lillian Ekwosi-Egbulem
Running head: IT VULNERABILITIES
Basic Cyberspace Attacks
IT VULNERABILITIES 2
Basic Cyberspace Attacks
The semantic layer of the Cyberspace contains the machine that holds the information
and is the level at which attacks occur (Libicki, 2009). Cybercriminals use this domain for their
personal gain, taking advantage of the anonymity it offers. Before, hackers used to break into
computers just to brag about their accomplishments but now, different kinds of attacks such as
Cyberterrorrism and Cyberwar have emerged. Cyberterrorism targets the critical infrastructure
and tends to be destructive and disruptive enough to create fear and intimidation among
governments and their people. This setting creates a conducive atmosphere for the terrorists to
deliver their political or ideological motivated message.
Cyberterrorism must not be confused with Cyberwar which is more of government
activities (Denning, 2007) and includes other types of computer abuse and information warfare.
Although many terrorist activates on the internet have prompted government initiatives to protect
the critical infrastructures, however, no cyber attack has been terrible enough to call for
retaliation. Therefore, this analysis will delve into basics cyberattacks, motives, damages,
impact, and proffer countermeasures that protect the information and the information system.
Advance fee fraud, aka 419 is a type of internet crime very prevalent in Nigeria. “The
Nigerian 419 basics involve an unsolicited e-mail, an alleged African official needing recipient's
help in transferring millions of dollars from the bank account of a deceased African leader,
company official or senior government officer” (Loguercio, 2011). The method used by the
scammers is to make the victim believe that they will transfer some free money into the victim’s
account while in the actual fact, the victim will end up paying some fees to release the promised
IT VULNERABILITIES 3
money that never existed in the first place. The motive that drives both the perpetrator and the
victims is greed. The scammer wants to get rich quick while the victim wants to receive free
money “reap where he did not sow”. As recorded in Computer Fraud & Security (2009), John
Rompel from Canada received an unsolicited email from a 419 scammer announcing that
someone with the same last name and no relatives had left him about thirteen million dollars.
Prompted by greed, he borrowed $150,000 from his family to pay the fees for the transfer.
Unfortunately, he lost his money to the scammers and suffered both economical and emotional
To avoid falling prey to scammers, it is advisable not to respond to unsolicited get-rich-
quick emails and letters. Also, installing software security such as popup blockers, spam filters
with the Simple Mail Tranfer Portocol (SMTP), and firewalls prevent spam emails and block off
Destructive attack is the use of an exploit such as the introduction of malicious code to
compromise a controlled system. Worm, virus, and Trojan horse are usually hidden in legitimate
programs or files that have been altered by attackers. When the files are opened, virus and worm
infect the computer by replicating themselves, spreading to computers and activating their
malicious instructions. In recent years, network worms have caused tangible disruption to
infrastructure (MarketWatch, 2005).
As recorded in The Cyber Crime Hall of Fame (Lozzio, 2008), a 23-year-old Cornell
University student Robert Morris, released 99 lines of code that became known as the Morris
Worm, infecting, replicating and crashing about 60,000 computers (Marsan, 2008) across the
country. His motive was experimental, trying to gauge the size of the Internet. Research shows
IT VULNERABILITIES 4
that the damage caused by this worm ranges from economical to emotional. “People
disconnected from the network and the irony is that disconnecting from the 'Net also broke down
our major communications channels" (Marsan, 2008). The damage was estimated between $10
and $100 million. Morris was tried and convicted for violating the 1989 Computer Fraud and
Abuse Act. (Hurley, 2007) but he only served 400 hours of community service
Installation of packet filters and personal firewall as a first line of defense prevents
malicious packets from infecting the system. Intrusion Detective and Preventive System (IDPS)
monitor patterns of normal behavior and prevent network intrusion. Managing the Operating
System (OS) updates and the installation of antivirus help mitigate these threats
Theft of Intellectual property
In this type of Cyberattack, States prepare their hackers to steal classified information
such as intellectual property, inventions, and patents. China has constantly unleashed this
cyberattack on the US. Malicious insiders also rob legitimate owners of their ideas, inventions,
and creative expressions. Malicious insiders include current or former employee, contractor or
other business partner who has or had authorized access to data and intentionally misuse that
access to compromise the confidentiality, integrity and availability of the information or the
system (Cappelli & Hanley, 2010).
There are always elements of asymmetric warfare involved in Intellectual Property theft
because though the involvement of Nation-State is suspected, but it cannot be proved which
makes retaliation problematic. Unfortunately, theft of intellectual property has become a
growing threat due to the rise of digital technologies and Internet file sharing networks such as
Peer-to-Peer application (The FBI, 2010).
IT VULNERABILITIES 5
An example of Intellectual Property theft as recorded in The FBI, (2010) describes how
Engineer Shanshan Du, an employee of the General Motors asked to be reassigned to work
where she could gain access to the company’s trade secret. She allegedly copied sensitive GM
document, passed it to her husband who used it s for his own business and later sold it to a
Chinese auto company. The couple was arrested and convicted while the crime cost GM an
estimated $40 million in trade secret. The motive is basically industrial espionage, gain of
business and competitive advantage. The damage caused by this cyber attack includes loss of
revenue, investors’ confident, and money invested in business research and development.
Intellectual property theft can be prevented using employee exit interview as well as
effective audit log and baseline to alert unusual large amount of data downloads. Also,
monitoring for IP addresses and files transfer leaving the network is imperative. Maintaining
physical security, principle of least privilege and prohibition of personal devices use in the
system especially removable media, are necessary in mitigating this type of threat.
Denial of service Attack (DoS)
Typically, DoS causes loss of service to users. Attackers do not break into the system
rather, their intention is to crash the system, bring the network or system down, deny
communication, and hang the system. An attacker can achieve this by flooding the network with
requests that it cannot handle. Distributive Denial of Service (DDoS) is a variant form of DoS
where hundreds of zombie computers controlled by an attacker are used as botnets to flood a
network with requests. Of interest is the DDoS attack of 2007 that rendered the Estonian
government, banking, media, law enforcement, and Internet infrastructure paralyzed for three
weeks (Geers, 2008).
IT VULNERABILITIES 6
Russia was accused and their motive was purely political. The damage was economical
because Estonia depended so much on Information Technology. The impact of this politically
motivated cyberattack “brought unprecedented attention to cyber security” (Geers, 2008) around
the world. Once DoS starts, it is difficult to contain it, hence it becomes necessary to apply the
optimum defensive measures to prevent such attack. Intrusion Detective and Preventive System
(IDPS) monitor for network intrusion and report any anomalies. Honeypot traps or tricks the
attackers by directing them away from the legitimate server, while traditional firewalls analyze
incoming packets and allow valid packets or drop the invalid DoS packets.
Information is a critical element in today’s businesses, government agencies and
organizations, consequently, it must be protected at any cost. The effect of IT vulnerabilities has
significant economic impacts in form of loss estimated in billions of dollars annually and
threatens U.S. national security (GAO, 2007). In conjunction with the countermeasures listed in
each attack above, basic safeguards such security policies and procedures must be put to place to
enforce the acceptable use of the information and the information systems. Training and
awareness are of paramount importance because users are the greatest threat to information
There is a link between IT vulnerabilities and cyberattacks because all computer attacks
are ultimately the fault of the system’s owner and attackers who penetrate a system do that
through paths permitted by software (Libicki, 2009). This link is the exploit. Therefore, looking
at this link and its unassailable logic, it becomes clear that if there no vulnerability, there will be
no exploits and if there are no exploits, there will be no cyberattack.
IT VULNERABILITIES 7
Cappelli, D. M., Hanley, M., P. (2010). CERT: Monitoring Strategies for Detection of Insider
Threats. Retrieved from http://docs.google.com/viewer?a=v&q=cache:Y6nWJkW4Cq4J:
Computer Fraud & Security, (2009). Canadian 419 victim loses $150,000.(1),5.doi:10.1016/
S1361-3723(09)70006-Retrieved from: http://www.sciencedirect.com.ezproxy.umuc.
31&_qd=1&wchp=dGLzVlS zSkWz&md5=3b7aa0d061babfa125b 963224 0497a 0b/1-s
Denning, D. (n.d.). A view of Cyberterrorism Five Years Later. Retrieved from
GAO, (2007). Cybercrime: Public and Private Entities Face Challenges in Addressing Cyber
Threats. Retrieved from http://www.gao.gov/products/GAO-07-705
Geers, K. (2008, August 27). Cyberspace and the changing nature of warfare. Retrieved from
Hurley, C. (2007). Penetration Tester's Open Source Toolkit. Retrieved from http://books.google.
IT VULNERABILITIES 8
Libicki, M. (2009). Cyberdeterrence and Cyberwar. Santa Monica, CA: RAND Corporation
Loguercio, M. (2011). They Made Me an Offer I Can't Refuse. Insurance Advocate, 122(7), 22.
Retrieved from http://ehis.ebscohost.com/eds/pdfviewer/pdfviewer?vid=5&hid=23&sid=
Lozzio, C. (2008). The Cyber Crime Hall of Fame. Retreved from http://www.pcmag.com/
Marsan, C., D. (2008). Networkworld. Morris worm turns 20: Look what it’s done. Retrieved
New research predicts digital Armageddon. (2005). MarketWatch: Technology, 4(2), 23-24.
Retrieved from http://ehis.ebscohost.com/eds/pdfviewer/pdfviewer?sid=c988c48a-1148-
The FBI. (2010). Trade Secret Theft: Couple Conspired to steal Hybrid Technology. Retrieved