Cybercrime Security Threat - Literature review Example

Cybercrime security threat Insert Insert Cybercrime also known as computer crime involves misuse of the internet through a computer on the network. The crime is commissioned in different ways like; hacking, identity theft, and confidential information theft (Moore, R. 2012). Cybercrime has posed security threats to many organizations in the world. Both government and private sector have been a victim. Despite extensive awareness of the impact of cyber crime, the attacks seem to be more rampant. According to a study conducted, a company in US uses $ 1.5 million to $ 36.5 million each year on cyber crime. Companies considered experienced 72 successful attacks per week (Ponemon Institute August 2011). The crimes termed most costly by businesses include crimes that as a result of malicious code, denial of service, stolen information, and web-based attacks. Due to loss accrued in cybercrime, companies must use hi-tech means to combat the crime. The measures must include anti-malware solutions that merge signature-based detection, heuristic analysis, and cloud-assisted technologies. This combination of solutions ensures that different forms of attacks on computers and data by criminals are minimized. Day by day, cybercriminals derive different ways of attack so organizations must stay equipped with the best tools to solve the problem as they arise (Kaspersky lab 2014). Financial institution is the hard hit institution by the cyber crime. Due to its vital nature, the financial sector has teamed up with the government and law enforcement agencies to help curb the offense. The financial sector has established a section to study new emerging threats and instantly warn their customers to avoid significant loss. Services like financial crime alerts service have been employed by financial institutions to warn in case of an attack. As criminals increase their tactics of attack, financial institutions like banks have used more safe ways. Banks encouraged customers to do their banking on their Smartphone application they tailored specifically for banking that seemed safer than the use of ATM cards (Mann and Sutton 2010). A terrible cyber attack was reported on a bank JPMorgan chase. It is the biggest bank in US by the number of properties it owns. The attack originated from Russia according to national intelligence report. It is believed that it was stage-manage and financed by the Russian government (The New York Times). The bank is said to hold 76million accounts for households and 7 million for small businesses. Almost 1 million accounts were affected according to Amie Dimon, chief executive of JPMorgan Chase. JPMorgan was not the only affected party; Home Depot was also hard-hit by the crime, it is reported that 56million cards were affected by the attack. In Target incident 70 million cardholders were affected by the attack, all this attacks have lowered the customer’s confidence in the financial institutions (The New York Times). With the major case of JPMorgan, the criminals happened to have hacked the client’s information on the internet. Forensic reports show that, customer’s important information like names, phone numbers, and email addresses were accessed. Account numbers of some customers were hacked, and personal identification numbers of ATM cards were hacked. It is the reason the criminals managed to gain access to accounts of 1million customers of JPMorgan; through their vital information. It saw the violation of Electronic Communications Privacy Act (ECPA). In addition, Computer Fraud and Abuse Act (CFAA) were violated by JPMorgan attack. The attack made each and every person, affected or not to understand the meaning of cyber crime In 2011, Nasdaq stock market was broken into but the systems installed prevented infiltration to the network that handles traders. All this attacks shows how institutions are susceptible to cyber crime. Measures must be taken to curb hacking as the primary threat. Extensive investigation by federal bureau of inquiry must be carried out especially on the issue of JPMorgan chase. The bank must also update its watchdog to avert re-attack by the criminals. The bank also intends to spend millions on digital defense; employ qualified security staff and ensure that the staff is given sophisticated mechanism to curb cyber crime. Staff members must be extensively educated about cyber crime so that they may be aware and not partake of it as the case of spear phishing. Attackers sent emails to individuals, and when a person opens the email, an attacker can quickly gain access to his/ her network. Some attackers sent emails and immediately call the individual to make sure that the email is opened. Some attackers pretend to be highly ranked employees of the company demanding the email sent to be opened. Watering holes is another technique employed by attackers and staff must be sensitized about. Attackers penetrate a site most visited by the target and place malicious code on it. They wait in lie until the target is achieved. Even though it works slowly, the attackers reach a lot since water hole tactic enable them gain IP address of the targeted institution like banks without suspicion. Data breach can happen in and outside the institution. Employees can be culprits to this innocently for example; an employee can work from home then sent an email to another person account without deleting the data in it. Access to data not meant for access is also a breach of data (Newman, R. 2011). Network attacks are another form of cyber crime; they are either active or passive attacks. Active attacks involve gaining unauthorized access to the system, passive attack entail monitoring transmission all with the aim of gaining information about the user, which can be used to hack his bank account or even medical account. Stolen information on customers is likely to be sold to fraudsters by cyber criminals. Fraudsters will use the information in ‘phishing’ and in other plots. Fraudsters may use the data to create email, which is then used to compare with existing email addresses on Facebook, Gmail, and twitter. It will enable fraudsters gain more information about a person, his family, friends, and academic background even place of work. The fraudsters in theft identity can misuse this information. Breaking The Identity Theft and Assumption Deterrence Act (ITADA), they can use your information to identify themselves thus you can be caught unaware in a scam committed by them. Due to many cyber crimes reported in the financial sector, bankers association is working on the best systems applied intelligence provider to create a service less vulnerable to crime. Financial institutions can put in place technical measures to reduce cybercrime and harden their system against attack some of the actions. They include activate companies firewalls, all services on the network must be checked by using access control lists (ACLs). Antivirus can be installed into the system to prevent the spread of malicious codes. For efficient use, the antivirus must always be updated. Cryptography can also be used to encrypt data using a cipher. Information sent can be encrypted so that even if hacked the criminal will not understand what the packet entails. Stored information can be encrypted to ensure no theft of stored data. Before using a password ensure that it is tested for its strength and security. All organizations and individuals must use the technique to provide their passwords are not too weak. Use of card access keys can be used to prevent physical access to the system (Newman, R. 2006). Main important measure that must be used is public awareness to educate individuals about threats they pose to as a public on cyber crime. They must be aware of forms of threats like ‘philshing’, malicious code and persuasive emails. Individuals must ensure that his/ her personal data is safe and only required parties get access to them. When accessing the internet, individuals are encouraged to sign out to avoid misuse of their accounts by fraudsters. Some sectors use biometric, identifying a person using his personality; fingerprints or the iris. All this measures can be of help in one way, or another, but measures that are more sophisticated must be implemented. More research must be carried out about cyber crime since every day a new crime emerges in a new form. Old ways of prevention may not be able to handle the new tactics used by the criminals The sector intends to work hand in hand with the government to make sure fraudsters; cybercriminals and other criminal intending to steal from clients are dealt with. Laws governing cyber crime and breach of data have to be in place, this will reduce economic crime. Close ties with the government and law enforcers on combating cyber crime will also ensure, fraud, terrorism financing, money laundering and bribery is cleared. All sector of the economy must work together to ensure cyber crime is dealt with enormously. A break into ones information on an organization means entry into vital information on other agencies. Any state organ holding information of persons must put on measures to curb cyber crime menace. References Moore, R. (2012) "Cybercrime: Investigating High-Technology Computer Crime," Cleveland, Mississippi: Anderson Publishing. Mann and Sutton 2010: Netcrime: More change in the Organization of Thieving. British Journal of Criminology; 38: 201-229. Oxfordjournals.org Ophardt, Jonathan A. "Cyber warfare and the crime of aggression: the need for individual accountability on tomorrows battlefield" Duke Law and Technology Review, February 23, 2010 Coleman, Kevin. "Cyber Attacks on Supply Chain Systems". defensetech.org. Retrieved 2 May 2011. Why the US Needs More Cyber Professionals". Norwich University. Retrieved 23 October 2014. Newman, R. (2006) Cybercrime, Identity Theft, and Fraud: Practicing Safe Internet – Network Security Threats and Vulnerabilities. Proceedings of the 3rd Annual Conference on Information Security Curriculum Development. Kennesaw, GA: ACM. p. 69. Read More