Criminal Threats From Cyberspace - Assignment Example

Question 1.

The ABC company needs to protect top secret information about an ongoing research from the potential rivals who could compromise the process. In this case, a method of data encryption is required as a fundamental of data security. Markedly, data encryption translates data into other forms or a code such that only people who have a secret key or password can access and read that information. The encrypted data is referred to as ciphertext while the unencrypted form is the plain text. It is worth noting that encryption is the most popular and effective data management method used by most organizations. The primary aim of encrypting data is to ensure confidentiality of digital data which is stored in computers and transmitted through the internet. There are two main methods of data encryption namely asymmetric and symmetric.

Thesis

Asymmetric data encryption is more effective since the public, and private key encrypts text to ensure sensitive data remains confidential, authentic and that there is integrity as well as zero repudiability particularly when transmitting data electronically by using digital signatures.

Asymmetric data key also known as cryptography utilizes both public and private keys to encrypt and decrypt information (Santanam et al., 2011). The keys comprise of large numbers that are dissimilar but paired together. The public key can be shared with a different number of people. In this case, the ABC company can give the public key to several people in the company as well as those working under XYZ. The other key in the pair is the private key. Both the private and public keys can be utilized when encrypting a message. However, it's not possible to derive one key from the other. The asymmetric ciphers include the RSA, DSA and the Diffie-Hellman.

The main advantage of the asymmetric key over the symmetric one is that no secret channel is required when exchanging the public key. The receiver only needs the reassurance of its authenticity. There is no need to transfer keys, therefore, eliminates the issue of key distribution. As long as the private key is kept safe, nobody can decrypt the encrypted data. Accordingly, data is easily distributed, and the corresponding public key can be distributed without worrying about who gets access to it. Anyone who has the public key can encrypt the file before uploading it to the server. Once the file is uploaded, the user utilizes the private key to decode the message. The ABC can, therefore, benefit from this method as research involves a variety of people who need to exchange information constantly.

In addition, the method creates fewer key management problems than the symmetric ciphers. For instance, only 2n keys are required for the entities to communicate securely. The method allows increased security in that the private key does not ever need to be revealed to a second party or transmitted to anyone (Santanam et al., 2011). Furthermore, the system allows digital signatures that can be repudiated.

The main disadvantage of using the asymmetric method is that the system is prolonged. The encryption can take up to a thousand more times CPU to process as compared to the Symmetric system. There is also a risk that a user can decrypt the data meant for another end and re-encrypt it with the real public key before distributing it. To protect data, it becomes necessary to ensure that an individual has the right public key.

Question 2

Computer Security

A threat to the computer system is any activity that results in loss or corruption of data or the physical damage to the hardware. In this case, gaining knowledge on how to protect a computer system is imperative. Some of the threats include a person who steals a computer that contains vital information. On the other hand, the cause could be nonphysical such as a computer virus or a hacker who gains unauthorized access to information on a private computer.

Physical threats entail activities that result in physical damage or loss of the computer system. The physical threats can be internal such as a fire, unstable power supply, or humidity in the surrounding environment among others. External threats include floods, earthquakes or lightning. Human activity entails theft, vandalism or intentional errors.

The non-physical threats which are also known as logical threats include:

Computer viruses are malicious computer programs often sent as downloads or computer attachments with the primary intention of infecting an individual’s computer as well as those on your contact list (Brenner, 2010). Notably, visiting some sites leads to an automatic download of the virus. The viruses send spams, give criminals access to the computer and information such as contact list, hijacking the browser and displaying unwanted ads or disabling the security settings. Once the program is running, the virus attached infiltrates the hard drive spreading to external hard drives and USB keys and any attachment created using the program sends the file to other computers such that they are at a risk of becoming infected.

Wi-Fi eavesdropping is a common method for cybercriminals to capture information. It entails virtual listening on information that is shared via an unsecured Wi-Fi network. In this case, criminals can steal passwords and login information and can potentially access the computer once they have the right equipment.

Worms are a common threat to any internet user. A worm is independent of files or programs. It stays in the computer memory but does not alter or damage the hard drive. However, it spreads by sending itself to other computer networks within the internet or an organization. A worm can cause a significant amount of damage by shutting some parts of the internet, affects an internal system and cause loss of certain data.

A trojan hose, on the other hand, is a malicious program that disguises itself as a legitimate software but it is an executable file that installs itself and automatically runs once it is downloaded. It deletes files, uses your computer to hack others, watches you through the webcam and logs your keystrokes as well as recording passwords and usernames and all personal information.

Spoofing is a technique used with Phishing in an attempt to steal information. Therefore, an email or website address is created to look like a legitimate source. It sends spam using the person’s email address. Moreover, it recreates a website that closely resembles the actual site.

Adware and Spyware utilize third parties to infiltrate the computer system. The software collects sensitive information without a person’s knowledge. The downloads are difficult to remove and can infect the computer with viruses. It also changes the way a computer system operates without the owner’s consent.

Hackers can utilize some of the mentioned techniques to gain valuable information from computer systems. According to Brenner (2010), Phishing is the most popular technique since hackers can send emails that appear as authentic communication for instance from the bank or an online payment site where it authorizes the owner to click on a link. Once the individual clicks on the link, he or she is asked to verify the account details supplying the hackers with the information they need to divert money away from that specific account. The other technique is to contact an individual and lie to them that they are victims of a scam. The hackers ask for sensitive information that will supply them with the necessary details to get access to needed information.

The hackers also use buffer overflow which is a sophisticated method to gain information by using online forms. In this case, the hacker can steal data or direct a person to an alternative point of entry. Hackers also steal passwords by determining the router used and changing the default passwords. The hacker can, therefore, access all information including social security numbers and bank information. Downloading free software also poses a risk since it might be a hacker’s method of sending a trojan horse or spyware that hacks into the computer system.

The rate of cybercrime continues to go up as technology advances, in this regard, it is necessary to keep you to date with the latest information regarding protecting the computer system and avoiding the potential damages caused through the explained techniques.

Question 3

Incident report

On the period of the Malware attack, most of the programs remained passive. In this case, the incident response report will show the necessary mitigation to prevent another malware attack in the future, show how passwords will be managed and the system audit activities that will keep downtime to a minimum in the event of a future attack. The activity is meant to protect the information despite the severity of the previous malware attack.

Overview and Objectives

• To ensure that all passwords are protected

• To minimize future malware attacks

• To ensure all employees are sensitized on the need to update the system as well as the imminent threats

• Assessing the situation quickly and effectively

Scope

This incident report contains the necessary methods of protecting the system from future hacking attacks that could compromise the smooth running of operations in the company.

Protecting the business from malware

The first incident is always to update the software as prompted by the Operating System. The organization lacked to update its software regularly leading to infiltration and loss of information and business for two days. In addition, the newly acquired firewall will be updated together with anti-virus and anti-malware.

The most necessary step is to encrypt data to ensure that unauthorized parties do not gain access to decrypt the information. It is an efficient way to prevent hackers from stealing information or prevent malware attacks. To maximize the event, the computers will be set to log out automatically after five to ten minutes of inactivity.

Backing up data will be an essential part to avoid future data loss. Rather than cloud storage, hardware will be used such that data is still available even after an attack. USB data will also be stored in a remote location. Finally, all staff members will be educated on how to use strong passwords that are not easily hacked, avoid download of files from unknown sources, identifying phishing and avoiding confidential posting of information unnecessarily.