Cyber Attacks on America - Literature review Example

? Cyber Attacks on America Introduction The 11 September terrorist attack on the US exposed the vulnerability of the country to foreign attack in a way not witnessed in a long time. Since then, the public, media and even the federal government have been on alert to avert any future attacks by undertaking appropriate precautionary measures. In addition to these physical attacks, the US now faces another form of attack, cyber-attacks, against computer networks that crucially serve the economy and security of the nation. Attackers target organizations across the various sectors of the economy including both private and government institutions (Sanger & Perlroth, 2013). These include voice communication systems, financial institutions and federal agencies among others. Whereas physical attacks would be carried out by hostile foreign nations and terrorists, cyber-attacks could be executed by a wide array of enemies including organized protest groups, terrorists, foreign states and even teenagers. Additionally, Lee (2013) observes the incapacity to protect all computer networks or cell phones or pagers from attack, especially now that 95% of these gadgets are operated and owned by the private sector. Therefore, America is increasingly vulnerable to cyber-attacks which grow by breadth and complexity, indicating the need for the country to continuously adopt and re-engineer its protection approaches that would uphold its cybersecurity. Cyber-attack refers to an attack originated from a computer system against another computer system or a website, aimed at altering, stealing or erasing information or have the functionality of the targeted computer system impeded or destroyed (Lee, 2013). A report on cybercrime documented recently by Hewlett-Packard indicates that the number of cyber-attacks have risen by 42% as compared to the year 2012 (Lau & Xia, 2013). Organizations get successfully attacked 102 times weekly with the annualized cost as a result of these cyber-attacks rising to $8.9 million per organization. Furthermore, it was indicated that security breaches by an organization could cost it up to 1% of its market value. Citing the examples of recent attacks on HSBC, the New York Stock Exchange and major commercial banks such as Citi Bank and Bank of America, PricewaterhouseCoopers, PWC (2013) appreciates cyber-attacks as a serious problem in America that needs critical intervention. Types of Cyber Attacks Cyber-attacks could occur in different ways. First, it could occur in form of exploits. As explained by Vatis (2002), this form of attack involves a sequence of commands, chunk of data or piece of software which takes advantage of software bug to cause unanticipated or unintended reaction by the computer hardware, software or any piece of electronic. It normally includes denial of service, allowing privilege escalation or gaining control of the system. Secondly, the attack could take the form of eavesdropping where the attacker surreptitiously listens to private conversation. This could be done through the monitoring of faint electronic magnetic transmissions which get generated by the hardware. Moreover, attackers have penetrated even the most secure computer systems leveraging on the carelessness of authorized individuals or through deliberate deceit of such individuals. Lee (2013) refers to this as social engineering. Denial of service attacks are a unique approach to cyber-attacks. They are not used to control a system or gain unauthorized access, but rather render the system unusable. This could include multiple deliberate entry of a wrong password to lock the user or overloading the capability of a system or network so as to block it. Finally, direct access to a computer system could lead to the installation of devices that could compromise security, including modification of operating systems. It could also include downloading crucial information from the system (Brenner, 2010). Using this knowledge, cyber attackers have adopted varied approaches to executing their intentions. Cyber-Attack Techniques in America The volume, coordination and sophistication of cyber-attacks keep increasing. Sanger and Perlroth (2013) in particular note that the increased attacks aim at sabotage more than they aim at espionage. This increased sophistication opens up organizations to myriad types of cyber-attacks. They could take place through unauthorized intrusion where an attacker breaks into a computer system using various techniques in hacking or exceeds the authorized access to carry out unauthorized activities in the network. The attacker could also use destructive viruses or worms, spread through various computers in a network by different ways of data exchange such as emails leading to loss of functionality in parts of the system. Denial of service, DOS involves bombarding a computer with communication using various techniques leading to an overload which hamper its functionality. Lee (2013) observes that America faces a myriad of politically motivated attacks, and this forms the basis of analyzing the various types of cyber-attacks in this section. Computer crimes could be perpetrated by a disgruntled insider. As noted by Lau and Xia (2013), insiders do not require a great deal of knowledge on computer intrusion since the knowledge they posses on the system could be adequate enough to allow them access with the intention of stealing or damaging data. Though receiving less media coverage, insider related attacks account for 34% of all cyber-attacks according to a report by PWC (2013). This is the largest proportion of the types of cyber-attacks. Even former employees constitute insider threats based on the information that they have on the organization. Together with the current employees, they make up 21% of the cyber-attacks. A majority of information security tools dwell on authentication and access but are less effective in controlling insiders such as contractors, employees and third parties with legitimate access to the system and sensitive data. Many organizations seem not to appreciate the potential threat from insiders on business operations, corporate assets and reputation. Increasingly, criminal groups use cyber intrusions to attack systems for monetary gains. For instance, these groups could collect information from phonebooks and use it to trick employees who would then give out their details, including crucial passwords. Such information would be used to break into the targeted systems. According to PWC (2013), this approach contributed 4% of the threats to cyber-attacks in the US organizations. Therefore, cyber-attacks use even the old fashioned trickery to undertake their action, though to a minimal extent. The threat from hackers has been keeping at par with the advancement in technology. Hackers in America launch politically instigated attacks on email servers or web pages accessible publicly (Lee, 2013). These attacks could fail to alter networks or operating systems but damage services and deny the public access to the websites that have information. This category of attackers makes up 22% of the risk of cyber-attacks (PWC, 2013). Furthermore, America faces a great risk of cyber-attacks from virus writers. Virus writers have been noted to pose greater threat than hackers do (Lee, 2013). A computer virus refers to a malware which on execution replicates through insertion of its copies into data files, a computer program or the hard drive’s boot sector. These viruses, including worms, are known to steal into the space of the hard drive or the CPU time, corrupt data, access private information, spamming or displaying humorous messages on the monitor (Brenner, 2010). Even though not all viruses are destructive, they share the characteristic of self-installation without consent from the user. With America and Israel having used this approach to attack nuclear facilities in Iran, using Stuxnet worm, the countries face retaliatory threats from other nations (Sanger & Perlroth, 2013). Terrorists remain one of the major threats to cybersecurity in America. They threaten to destroy or disrupt critical infrastructure such as emergency response services. They also engage in information theft and denial of service attacks (Lau & Xia, 2013). Lee (2013) gives an example of the al Qaeda terrorists who declared ‘cyber jihad,’ choosing cyber-attacks because of the comparative remoteness and safeness as compared to strapping on a bomb. Such was the attack that hit the computer systems run by the private industry and the government in the year 2011 through denial of service. Finally, the threat from foreign intelligence services on America’s cybersecurity remains a critical consideration. PWC (2013) documents this threat from countries such as North Korea, Russia and China among others to stand at 11%. Sanger and Perlroth (2013) cite officials from the Department of Homeland Security noting that the current threat majorly emanates from the Middle East. This came after it was observed that a majority of American companies faced major attacks from China aimed at stealing trade secrets and obtaining confidential information so as to gain competitive advantage. On the contrary, the latest form of attacks were aimed at manipulating industrial machinery or destroying data, then shut down or take over the networks meant for running industrial processes or delivering energy. This resembles the Stuxnet worm secretly used by Israel and the US to fight against Iran’s nuclear plants a while back. This threat in the US could therefore be a retaliatory attack, a fear shared by the US President Obama when the plan was launched. Critically contributing to cyber attacks in America is the increase exchange of cybercrime knowledge. Additionally, there has been an increase in transactions in tools used for cyber-attacks, such as Botnets, through dark markets with establishments in the social media (Lau & Xia, 2013). Further complicating the current cybersecurity efforts is the fact that attackers cover their tracks. A security system administrator should remove a system once it has been discovered to be under attack so as to reduce the ability of the attacker maintaining unauthorized access. Ideally, the logs would have all network transactions and scripts and could be developed by the system administrator to identify erroneous transactions. Conversely, an attacker would edit these logs so as to delete any indication of their existence. Therefore, cyber-attacks continue to spread in the country even as efforts to curb the problem continue to be geared up. Prevention Even though “there is no such thing as 100% security, on- or offline,” it is important to keep cyber-attacks on the minimal as possible (Lee, 2013, 119). The ability to effectively curb cyber-attacks would be pegged on activities by the private sector, the government and both. Tactically, adversaries aiming at launching attacks should be detected and early preparation undertaken to deter them from acting. The maiden and most basic approach in preventing cyber-attacks is implementing public awareness on cybersecurity. This realization saw DHS set October of every year as the month of national cybersecurity awareness (Lee, 2013). Additionally, other initiatives meant to make the public aware of cybersecurity such as the National Cybersecurity Awareness Challenge have played a critical role in making the public understand ways in which cyber-attacks occur, their impact and ways of preventing them. This is an approach that should be carried out continuously so as to keep the public updated with emerging issues. Key among the teachings during such public awareness programs would be to impart positively behavioral changes when dealing with computer systems. People should be taught the importance of protecting their passwords and avoid sharing or exposing the passwords. They should also be taught to develop the culture of saving their documents in formats that do not allow editing. The public should be made aware of the risks involved in using smartphones, especially for crucial services such as banking. In addition, all mobile services should be password-protected. Encryption of data should be encouraged, especially when using public systems such as Wi-Fi. This applies even to sending emails that contain sensitive data such as financial information. People should be taught of the importance of always logging out of any systems and avoid the habit of just closing the respective windows. Suspicious emails and other items should be reported for appropriate action (Brenner, 2010). Organizations should learn the importance of restricting administrative privileges in its systems because such accounts provide prime targets for attack. Prevention of cyber-attacks should also involve reducing the vulnerability of computer networks. Some of the approaches to this as noted by Vatis (2002) includes having a strict input validation and applying latest security patches. Additionally, it involves the development of network security architecture and placing the organization’s database in a web server different from the application server. This could also be undertaken through the implementation of a defensive architecture where a system has a series of increasingly cybersecurity concentric defensive layers that safeguard critical systems (Lee, 2013). The network should be scanned regularly to identify any security lapses and appropriate measures taken henceforth. It would also be critical to change all default passwords after the system is up and install up-to-date and effective antivirus software. This should be combined with the installation of an effective firewall which determines which systems access the target system. From a legal perspective, formulation and implementation of proper legislations could deter cyber-attacks. This would encompass law enforcement authorities investigating reported cases and gathering relevant intelligence (Brenner, 2010). There would be appropriate legislations that would seek to deter attacks and prosecute perpetrators so as to avert any future possible attacks. The American Congress has passed various legislations aimed at curbing cyber-attacks, having introduced the Cybersecurity Act 2012 to support other previous legislations, including the Cybersecurity and American Cyber Competitiveness Act 2011, the Cybersecurity Act 2009 and the Cybersecurity Enhancement Act 2007 (Lee, 2013). The Computer Fraud and Abuse Act, for instance, criminalizes unauthorized access or access in excess of authorization and using unlawful systems to access information leading to loss, defrauds and damage to the US government or any other party. However, there could be opponents to these legislations, citing intrusion into the privacy of businesses. Although this could be the case, the greater benefit from such acts overrides the argument against intrusion. The federal government has continuously employed various strategies to deal with the ever evolving forms of cyber-attacks. Importantly, the government has collaborated with the private sector in fighting against cyber-attacks as the problem affects both the government and private organizations. Information sharing serves as a critical approach to curb against cyber-attacks. The private sector owns and operates a vast of the nation’s cyber networks and critical infrastructure and therefore plays a significant role in cybersecurity (Lee, 2013). Sharing information on cyber-threats with the government could be used to avert any attacks. Appreciating this approach, the US President Obama in February 2013 through the Executive Order on Cybersecurity assigned the Department of Homeland Security, DHS to be the coordinator of intelligence sharing between the government and the private sector (PWC, 2013). The private sector had been unable to share intelligence information with the government because of the existence of many public-private information sharing groups which made it difficult to determine the government agencies to deal with. Developing an effective cybersecurity workforce would neutralize the effect of the advancement in cybercrime. This explains why the DHS has needed to expand its workforce of hacking specialists by 600 for the past four years to keep at par with the increase in the volume of attacks (Sanger & Perlroth, 2013). With attackers known to have skills and knowledge about the system that enables them to execute their actions, an equivalent or even better skilled workforce would be needed to combat the action of these attackers. Conclusion Generally, America’s vulnerability to cyber-attacks has increased leading to loss of confidentiality, integrity and availability. The country faces increased risk from insider threats, terrorists, criminal groups, hackers and virus and worm writers. Importantly, the US has faced significant threats from China with attackers seeking information that would give them competitive advantage in trade. The Middle East now poses threat deemed to be retaliatory to attack on Iran’s nuclear plans. Therefore, the federal government, in collaboration with the private sector, has adopted critical approaches to avert these attacks. Information sharing between the private sector and the government has gone a long way in providing intelligence on cyber-attacks for appropriate action. Techniques that could further protect America from cyber-attacks include sensitizing the public on cybersecurity, protecting computer systems against attacks and acquiring expert employees to fight against the problem. Deterrent legislation also plays a critical role in cybersecurity. Therefore, America needs to continuously discover appropriate approaches to cybersecurity now that it faces continued vulnerability to cyber-attacks in terms of volumes and sophistication. References Brenner, S. (2010). Cybercrime: Criminal threats from cyberspace. Santa Barbara, California: ABC-CLIO. Lau, R. Y. K. & Xia, Y. (2013). Latent text mining for cybercrime forensics. International Journal of Future Computer and Communication, 2 (4), 368 – 371. Lee, N. (2013). Counterterrorism and cybersecurity. New York, NY: Springer Science+Business Media. PricewaterhouseCoopers. (2013, June). Key findings from the 2013 US state of cybercrime survey. Retrieved 5 December 2013 from https://www.pwc.com/en_US/us/increasing-it-effectiveness/publications/assets/us-state-of-cybercrime.pdf Sanger, D. E. & Perlroth, N. (2013, May 12). Cyberattacks against U.S. corporations are on the rise. The New York Times. Retrieved 5 December 2013 from http://www.nytimes.com/2013/05/13/us/cyberattacks-on-rise-against-us-corporations.html?_r=0 Vatis, M. (2002). Cyber attacks: Protecting America’s security against digital threats. ESDP Discussion Paper. Retrieved 5 December 2013 from http://belfercenter.hks.harvard.edu/files/vam02.pdf Read More