Why and How Cyber Attacks Occur - Case Study Example

Cyber Attacks: Why and How Introduction Cyber attacks are executed by individuals or an entire organization with social or political motives. Cyber attacks are basically an illegal process of infiltration into computers to extract or destroy data and information. Today, with the ubiquity of the use of Internet in every political and social sectors cyber attacks are increasingly growing in numbers along with their complexity and severity. On the other hand, the effectiveness of defensive mechanisms against such cyber attacks is fracturing. The major reason behind this is that the concept of Internet governance is subjected to various political and economic difficulties along with lack of opportunities for assessing different regulatory policies (Shackelford, 2014, p.3). Those who engage in cyber attacks are taking advantage of the fact that any kind of cyber security is far from foolproof. It is possible to exert attack on any secured computer network providing the attacker has the time and resources. This paper will focus on the reasons and process of cyber attacks. Human beings are today increasingly becoming dependent on the Internet with purposes as varied as basic browsing for garnering information to business and monetary transactions. This has no doubt emphasized the expanse of cyberspace and with it enhanced cyber security against potential cyber threats which has been described as “criminal acts committed using electronic communications networks and information systems or against such networks and systems” (Lagazio et al., 2014, p.59). There are typically three categories of cyber attacks. First, unauthorized intrusions which means the attacker enters another computer system by hacking techniques. Second, viruses or worms that can be transmitted through emails in order to disrupt or delete all data in another computer. Third is denial of service attacks which destroys the functionality of another computer by inundating it with communications (Howitt & Pangi, 2003, p.221). The ubiquity of the Internet has opened avenues for criminals to execute cyber crimes and use cyber space as their criminal den. When organizations and individuals perform their personal and business activities on the Internet, they remain unaware that the same cyber space is also becoming grounds for criminals to base their cyber attacks. Although this is an indisputable fact that cyber space needs to be protected from such criminals, it is at the same time true that computer engineers have yet to fully comprehend the extent of cyber crime and its consequences. This lack of understanding leads to incompetent cyber security strategies. Cyber attacks are executed by many kinds of cyber criminals and they use both legitimate channels like the eBay or illegitimate channels which are specifically created as a domain for their criminal activities (Kshetri, 2010, p.244). Since cyber space exists in every level of social, economic and government sector, it provides a tempting opportunity to cyber criminals to base their opportunistic behavior. The cyberspace is almost akin to a neighborhood that is notorious for being a den for criminals. With growing temptations among cyber criminals to break rules, there are constant innovations in the hacking technology. Although IT engineers are constantly striving to find new and improved ways to combat against cyber crime, it seems cyber criminals are always one step ahead of them since security products are seldom without loopholes. In spite of increasing investments in defense strategies, computer networks always remain vulnerable to cyber attacks. Cyber law focuses on the behavioral pattern of cyber criminals based on the economic impacts. However, economy cannot always be the yardstick for measuring cyber attacks like those which are committed in the name of revenge in which case the perpetrator achieves psychological benefits and so often ignores the associated costs and even the possibility of getting caught. Economic perspectives come handy only when people commit cyber attacks for economic factors as such criminals compare their expected gains with the attached costs (Lagazio et al., 2014, pp.59-60). Considering the fact that economic factors are a major driving force for cyber crimes, it is therefore understood that cyber attacks can cause massive financial losses in various sectors like energy, transportation, health care and finance. This is because the Internet has become an intermediary field between the different sectors. Other than the direct impacts of cyber attacks in the form of massive economic losses, there are the costs to be considered on other aspects like “business interruption costs, replacement of hardware, customer reimbursements, spending on cyber defense, criminal use of credit card numbers, stolen identities, fines, infrastructure replacement, and cyber risk insurance” (Kelic et al., 2013, p.545). According to the US Defense Science Board, the issue of cyber attacks and security measures are major subjects of national concern more because foreign-built components are increasingly used in the country’s structure of communication and cyber facilities. Moreover the Department of Defense is not appropriately equipped and lack adequate skills to build strong defensive measures against cyber attacks (Kelic et al., 2013, p.545). Therefore, the first thing that has to be understood before finding appropriate solutions is the motivational factors that encourage cyber criminals to make cyber attacks. One arena where cyber criminals are focusing their acts on is the advanced metering infrastructure (AMI) which is the mechanism for recording data usage for utility companies that enable customers to make decisions on energy usage based on the price at the time of use. Like any other new technology, AMI has not been able to establish security frameworks beyond the basic measures. The major motivation that induces attackers to infiltrate AMI is terrorism, and their goal is to disrupt a country’s major infrastructural facilities. Even the amateur level cyber attackers are attracted towards such a big target. There are other important motivations guided by political or other goals like spying into large industrial sectors or disrupting business activities. Other than this, malicious attackers can strive to use the AMI as a starting point for other Internet attacks by “virtue of the vast number of devices, their ability to initiate many-pronged attacks, and even their ability to hide malicious or criminal data through dispersion among many nodes” (Foreman & Gurugubelli, 2015, p.101). When a particular system is attacked, the impact does not only remain confined in the concerned infrastructure. Due to interdependence of infrastructures, the repercussions can be felt on all levels of the attacked infrastructure and also associated infrastructures of other systems. A major example can be the electric industry whose disruption can have ramifications on other industries since every industry requires electric power. As such, a prolonged disruption in electric power can negatively affect a country’s economy (Amoroso, 2012, p.294). Conclusion Today, the use of Internet plays an extremely significant role in a country’s national security and economic growth. Cyber attackers can use their skills and resources to infiltrate every sector like communication, banks, emergency rescue measures, health care systems, and also public infrastructure like water, oil and gas resources. The complexity of cyber attacks is prominent from the fact that they can be executed by any individuals from terrorists, political foes to teenage hackers. Therefore, the need is to innovate and design cyber security measures keeping all these various scenarios in mind. Important thing is to integrate technology into policy making decisions so as to battle against cyber criminals on many fronts. The effort will not be fruitful unless there is complete cooperation between private and public sectors, NGOs and consumers. Cyber crime is undoubtedly a global issue since international collaborations play a big role in this. Such global dimensions of cyber crime make it even more important that cyber law agencies do not remain confined in local boundaries. References Amoroso, E. (2012) Cyber Attack: Protecting National Infrastructure, Elsevier The chapter that I have used in this paper talks about interconnection between different infrastructural facilities and because of this interconnectivity cyber attack on one field affects associated infrastructures. This is relevant for my paper as it helps to understand the extent of cyber attacks. Foreman, C. & Gurugubelli, D. (2015) Identifying the Cyber Attack Surface of the Advanced Metering Infrastructure. The Electricity Journal, 28(1), 94-103 In this article, the authors have identified AMI as cyber surface that currently acts as major target for cyber criminals. The paper has analyzed the vulnerability of AMI to get more information about its security posture. In this paper, I have used this article to understand the goals of cyber criminals that will help organizations to find appropriate solutions as defensive measure against cyber attacks. Howitt, A.M. & Pangi, R.L. (2003) Countering Terrorism: Dimensions of Preparedness, MIT Press I have used this book to get information about the various types of cyber attacks as this is important for this paper. The authors have talked about 3 categories of cyber attacks – all of which can destroy the functionality of the target computer. Kelic, A. et al. (2013) Decision framework for evaluating the macroeconomic risks and policy impacts of cyber attacks. Environment Systems and Decisions, 33(4), 544-60 In this paper, the authors have explored the economic risks of cyber attacks. The authors have argued that assessing the impacts cannot be fruitful unless the overall impact on all interconnected systems is studied. The paper has talked about the direct and indirect costs of cyber attacks based on the fact that the Internet acts as intermediary between different. Kshetri, N. (2010) The Global Cybercrime Industry, Springer The chapter that I have used from this book deals with different strategies used by cyber criminals. The authors have concluded that only by concerted efforts of public and private companies cyber crime can be fought. Lagazio, M., Sheriff, N. & Cushman, M. (2014) A multi-level approach to understanding the impact of cyber crime on the financial sector. Computers & Security, 45, 58-74 The paper has shown that the cost of cyber crime is based on customer security and maintaining market competition. However such costs are not dependent on the number of cyber crimes but on the protective strategies used against the crimes. This article is relevant to understand the economic perspective of cyber crime. Shackelford, S.J. (2014) Managing Cyber Attacks in International Law, Business, and Relations, NY: Cambridge Univ. Press I have taken the help of the first chapter as it talks about the increasing number of cyber attacks and their impacts. The author talks about the complexities attached to Internet governance, and the need of coordination between public and private sectors. Read More