The Trojan Horse Defense - Report Example

Executive summary Trojan horse fundamentally remains to be one of the up-to-the-minute’s solemn threats to the security of the computers. It not only affects the user’s computer, but the user can as well attack as well as infect others system unintentionally. Internet offers vast business prospects to both large-scale as well as small scale industry, with business organisations hoping to host their business activities online to get to the new market subsequent to their failure to attain effectiveness with either their sales team or promotion campaigns. Lately, internet has offered a universal base for purchasing and selling goods and services and steering crucial enterprise process within the organization. By devoting their wherewithal online, nearly all organizations anticipate to succeed in sales, as well increase understanding of the organization’s products. However, a Trojan horse poses an immense threat to the existence of an online-based business, given that it enormously reduces customer confidence; thus, negatively influencing the anticipated returns. Rooted in information abstraction, a Trojan horse is passive and merely views common communication; however, in some different versions, a Trojan horse may attempt to launch data stream development or affect the nature of the information sent For this reason, the study seeks to offer a comprehensive insight pertaining to the Trojan horse: its effect on security and businesses and its current status. The study offers a brief introduction pertaining to Trojan horse, in terms of its history and its contemporary status. Subsequently, the study offers a comprehensive analysis of a case study anchored on the fine inflicted by the Financial Services Authority (FSA). Prior to the conclusion, the study offers a critical analysis, highlights benefits and drawbacks of Trojan horses and explains fundamental methods of overcoming Trojan horse Trojan horse Introduction Trojan horse by definition is unlawful computer program camouflaged as lawful, or concealed as an element of any permissible program. A Trojan horse according to Badeen (16) can be depicted as an undisclosed flaw that is deliberately introduced into legal software. Principally, such a trap can be introduced at some stage in any point of the system’s life cycle (that is to say, during programming, designing, maintenance, or operation) by anybody stalled in any of the stages. “Trojan Horse” can assail nearly all programs, from application software of the users to basic systems software and the key setback in dealing with this threat is the vast complexity of finding out the subsistence of a Trojan horse (Calkins 172). The detection of this program, if sophistically introduced, is normally unfeasible; given that there is no universal resolution to the risk. In Volokh’s study he tries to partly resolve the setback by defining certain threats that can be dealt with, whereby they endeavour not to handle determining and averting a Trojan horse, but with averting and decreasing the losses it can bring about. For that reason, Volokh (261) describes three kinds of risks and threats to be dealt with: firstly, data leakage, which involves replicating and conveying data to a setting where a foe has permissible admittance to it. Secondly, omitting computer program segments whose implementation is very important (for instance, omitting the verification part), and finally, spoofing, which involves copying the system passwords through camouflaging itself as the OS. The computer industry is employing the Internet as a Trojan horse to extort market share and client power from the suppliers by dedicating enormous investments to improve the quality and variety of back-to-back services provided by a computer organization online (Brenner and Carrier 16). The earliest Trojans, which surfaced towards the end of the 1980s, were covered-up as suspicious programs. Traditionally, the term ‘Trojan’ was coined from the wooden horse utilized by the Greeks to creep into the city of Troy and incarcerate it (Goduscheit, Bergenholtz and Jørgensen 268). Immediately, as the credulous user starts the program, the Trojan might convey its damaging consignment. Therefore the copy-book description provided by nearly all anti-virus dealers is as follows: it is a non-copying program that seems to be legal but is intended to perform a number of damaging actions on the computer of the victim. During this Internet epoch, many corporate organizations have seen the surfacing of password pilfering Trojans, with the earliest intended for AOL, which surfaced in 1996, and then hundreds of them surfaced within a few years. Different from the first Trojans, the company experienced no damage to its database, rather, as the name advocates, they were intended to pilfer secret login details and mail them to the Trojan master or instigator. Trojans involved in AOL password pilfering were conveyed as innocent applications, providing improved AOL access or novel AOL application channels or services. From time to time, they were entrenched in RTF or DOC folders and enforced the moment the user double-clicked on them (Oates 392). Presently, things have advanced significantly from the time when most ‘copy-book’ Trojans definitions were in print. Far from materializing to be something caring, nearly all Trojans fail to ‘come out’ by any means, that is to say they mount mutely and the targeted user lacks knowledge that the Trojan is there. Ever since June 2004, there has been a change in approach from the malicious code writers (Loyola 115). The comparative decrease in occurrences of worldwide contagions appears to indicate a retreat from the utilization of mass assails on computers all over the world. Rather, assails are turning out to be more beleaguered and there are a number of rationales for this. For instance, police agencies across the globe now possess far more knowledge than ever before based on hunting down the architects of this computer crime. With the progressively more multifaceted business circumstances, competition, concern and budgetary dollars, directors rooted in a strategic account who profitably build up this capacity will probably take pleasure in a lasting association that generates substantial income for several years (Clark, Leblanc and Knight 556). An online based strategic account is a decisive connection where there is an established or impending desire for the following: promoting a wide collection of products or services; developing a lasting, joint, consequential connection; and creating noteworthy income over numerous years. With online-based strategic accounts, denoting an achievement is not a military geared up for skirmish or a group of violent hunting” salespersons, but is a line-up that generates consistency, trust and contemplation management through an encouraging, equally helpful association with vital contacts (Haughton 174). Offered with the swift advancement of Internet, it has turned out to be easier to interact and distribute resources in the midst of distinct terminal devices. Based on a recent report, it is believed that there are roughly 600 million PCs connected to the Internet and there were more than 2.5 billion users surfing the Internet in 2012, which mathematically is about six times compared to users in 2010 (Loyola 115). Based on this statistics, it is a certainty that the Internet has turned out to be a crucial tool for pressing the establishment of the community. Nonetheless, nearly all Internet companies and users are experiencing the threat of information leakage with a report by Privacy Rights Clearinghouse establishing that nearly 300 million entity records containing susceptible personal data were caught up in security infringements in the U.S. amid 2005 and 2008. Information leakage brings about not only direct loss like intellectual property and finance compensation, but also indirect loss like client loss and status corruption (Hennart, Roehl and Zietlow 18). In a study conducted by Bloom, Narahari and Simha (662), they established that 70 percent of the breaches were brought about by malware together with a Trojan horse and viewed as the most multifaceted malware that can pilfer any information regardless of the location (RAM or Disk). Brenner and Carrier (21) assert that the Internet will be in profound confusion if such forms of malware multiply across the globe. Actually, a lot of researchers have put in enormous attempts to eliminate this setback by identifying Trojans or malware. Most of their studies focused on identifying Trojan horses on the hosts rather than the network for two rationales: firstly, it is suitable to gather comprehensive information of the computers and secondly, it is simple to examine the information and build a paradigm to identify Trojans. Conversely, this technique has lethal flaws; first, it cannot gratify the desire of a network where novel tools are distributed, no protection software connects the network arbitrarily, and subsequently users may possibly uninstall the defence software for a number of reasons like functionality (Gozzi 83). In such two conditions aforesaid, the system cannot supervise the PCs which are more probable to being pilfered for susceptible information, but the malevolent network streams can be entirely supervised and recorded from the system. If the disparity amid malicious flows as well as benign flows is modelled, Buratovich (385) believes that it will be further adaptive for a changeable network. Basically, Trojans can produce large financial and intellectual property loss; thus, there is need to formularize ways of identifying Trojans (Oates 396). Case Study The £1 million fine inflicted by the Financial Services Authority (FSA) to Nationwide Building Society for being unable to defend client information stockpiled in a laptop incited a lot of business enterprises to evaluate their entire security plan for data stored in their computers. The possible alterations included data encryption stored in PDAs or laptops, as well as strategies to make sure that the machines are without delay disconnected from the company network or confidential services in the occurrence of their pilfering. Certainly, the FSA’s speedy act sent a warning sign to other companies that have such slackness based on sensitive data protection, which Clark, Leblanc and Knight (561) believe it was not up to standard, and instead more thorough actions were required. The 2006 event took place when a laptop containing client information was stolen after a break-in at a Nationwide’s worker’s house. FSA argued that Nationwide was responsible for not having efficient controls and systems in position to administer its data security threats. The severity of the fine echoed the failure of Nationwide to initiate an inquiry until three weeks following the burglary, having been uninformed that the stolen PC had secret client data. The lesson learnt from this occurrence is that the present security policies are ineffective if not thoroughly implemented. For this reason organizations are required to implement security policies that will see them protected from any kind of online-based attack such as a Trojan horse (Oates 394). Fig 1: Cybercrime statistics (Source: karenlodrick.com) Critical Analysis Trojan horse basically remains to be one of the modern’s solemn threats to the security of the computers. It not only affects the user’s computer, but the user can as well attack as well as infect others system unintentionally. A Trojan horse, in my own view can be defined as malevolent, security-infringement program that is camouflaged as something good. Someone can download a file, for instance, that looks like a song or movie, but upon clicking on it, the computer gets Trojan Horse program, which can delete all hard disk’ data , send passwords as well as credit numbers to the hacker. Basically, a Trojan horse not a virus, but a program, and it infect user’s computer as well permits the attacker to seize user’s computer. Often home-based users are extremely vulnerable to Trojan horse given that bank and other business organizations ensure their systems are secured beforehand and maintain a secure policy to avert any form of Trojan horse attack. I know Trojans horse multiply in various ways like in files sending in chat rooms (Facebook, Twitter or Whatsapp), email attachments, or they link a file containing Trojan horse in a justifiable file and after the user run it, the program is secretly set up in background. Immediately the hackers execute the program, they will comprehend that their targeted victim is online giving them best opportunity to do all they want. In this regard, the hackers scan Trojan horse infected computers; obtaining a cached password list plus they will manage to make use of the cached passwords to access nail account of the user access users’ mail account. Based on the knowledge I acquired in class, I know hackers can manage to access the victim’s file in a simple way they can access file from their own computer. Regrettably, they can access personal and crucial files like Carloan.txt, Bank Statements.txt, Holiday, Mortgage Payments.txt, Credit Card Statement.txt, and Password.txt. What’s more, Trojan horse installed can modify documents of the victim. Hackers are often concerned in getting the victims confidential documents, such as stored chat history, which most of the hackers use to blackmail the victim. Furthermore, Trojan horse exhibit pictures on the system of the victim. Even though, hackers in no way stop generating novel tricks to steal identities and commit fraud; thus users must take proactive measures to secure their computer systems. Personally, I believe to overcome Trojan horse the user must take a recipe of robust security software such as antivirus and an obligation to follow fundamental security rules. The reality that Trojans do not multiply individually is the fundamental aspect that differentiates them from bugs and viruses. Bugs and viruses are scrounging, toting up their cipher to the available host; for instance, an EXE file. As a result, they spread from file to file, and the more the user is tainted, the more the bug multiplies athwart their system and probably across the system as well if the malicious user can access the system. Contrary, Trojans lack committed duplication techniques. Therefore, during the surfacing of computer malware, i affirm that Trojan authors have to locate a number of means of conveying their code by hand: upload it in the disguise of a helpful application, intentionally placing it in the company network, or making use of the postal service to mail it to a pre-defined register of targets Basically, to overcome Trojan horse, users must protect their systems with robust security software and ensuring it is in state-of-the-art. Furthermore the user can make use of security-conscious ISP that enforces robust anti-phishing as well as anti-spam modus operandi. Another way is to regularly download Windows updates or activate automatic Windows updates to keep the OS safe from vulnerabilities such as Trojan horse. In my opinion, the user should as well set up patches from other software producers once they are on the market bearing the fact that a completely patched system protected by a firewall is the unsurpassed security against Trojan horse installation. What’s more, users must be extra cautious when opening file attachments, rather they must ensure that their anti-virus software is configured to scan all attachments by design. Trojan security threat can as well be solved by developing Security Policies, which entails formulating the System-definite policies, program policies and Issue-specific policies. In my opinion, the guidelines for security policies developments should include attainment of the dedication from top administration to implement security policies; establishing operational connections amid different units, such as internal audit, human resources and facilities management. Pursuing this further is establishing an endorsement procedure to take in human resources specialists, legal and dogmatic specialists, and strategy and process experts. Documenting Security Policies - Subsequent to development of IT security policies, every procedure and policies must be documented and all departments must defend their networks, decisive information systems, and responsive information from illegal exposure, alteration or obliteration. Consequently, policies and procedures based on information security should be documented to make sure that veracity, secrecy, responsibility, and accessibility of information are not interfered. Implementing Security Policies - Flourishing enforcement of IT security policies needs security responsiveness at every organization level. In this regard, organisation can generate responsiveness through extensively distributed documents, circulars, web site, and email programs. Re-examining and Evaluating Policies: Business organizations should re-examine their security policies at regular intervals to make sure they persist on accomplishing the organisation security requirements. Furthermore, all departments are also liable for re-examining and evaluating the efficiency of their policies and the associated procedures. Benefits and Drawbacks of Trojan horses A Trojan horse supervises information streams from a target with the aim of collecting data; thus, this form of attack usually entails sniffing network traffic, but may involve viewing other forms of information streams. Based on information confiscation, a Trojan horse is passive and merely views common communication; however, in some different versions, a Trojan horse may attempt to launch data stream development or affect the nature of the information sent (Buratovich 384). Nonetheless, in all versions of this attack, and differentiating this attack from information gathering techniques, a Trojan horse is not the targeted recipient of information stream; rather it is the observer of the explicit information channels such as network traffic. Based on data modification, communication privacy is vital in ensuring there is no modification or interception of information in transit. Distributed settings bring with them the likelihood that a malignant third party can perform a computer crime by meddling with information as it is in transit among sites. In this form of attack, a verified party on the network intercepts information transmitted and alters parts of the information before resending it; for instance, the bank transaction in changing $500 to $15000 dollars. Goduscheit, Bergenholtz and Jørgensen (271) assert that in this attack, a full set of legitimate information is interjected repeatedly onto the network. Based on the 2011 Norton cybercrime report, over 75 million people in the U.S. alone were victims of online attacks, which resulted in a direct financial loss of about $30 billion. Further examination of this developing issue found that 70% of adults connected online have at one point become victims of Trojans, which has resulted to enormous economic losses. Consequently, as today’s consumer depends heavily on computers and information systems, the risk of being vulnerable to Trojans is high with various survey showing companies acknowledging financial losses caused by computer breaches. As the economy heightens its dependence on the Internet, it becomes more vulnerable to Trojans, bearing in mind the fact that stock trades, bank transactions, and purchases using a credit card are all made using the Internet. Haughton (182) holds the view that the international financial market disruption remains the biggest impact of computer breaches, in that the present economy spans diverse nations and time zones. In this regard, disruption to independence of the world’s economic system in one region will undoubtedly have triple effects to other regions. Thus, any form of disruption of these systems would transmit shock waves to the external market, which is the origin of the problem (Bloom, Narahari and Simha 665). In addition, productivity is also at risk since attacks from Trojans steal the productivity duration away from the customer. As a result, machines could function slowly, networks might be wedged, and servers might be unreachable; thus, these attacks may negatively influence the overall productivity of the organization and the user (Cooper and Briggs 105)). Moreover, users’ concern over possible Trojan attacks hinders a significant cross-section of online buyers from transacting business online. Based on the above perceptions, it is evident that a sizable portion of e-commerce revenue is wasted because of the shopper doubt, uncertainty, and concern. Badeen (23) believes that this precedent may compel many insurance organizations to reimburse enterprises for damage brought about by Trojan attacks and other safety breaches. Consequently, as the security breach attributes transform, organizations continually re-examine their information system setting for threats. Lately, some insurance organizations have generated actuarial tables that they believe will provide means to gauge losses from computer disruption and Trojan attacks (Oates 405). However, these approximations are controversial mainly because of the historical information deficiency, with some organization insiders confessing that such plan rates are always set through guesswork. Cooper and Briggs (115) posit that based on the company’s size, an inclusive analysis offers a way for recognizing threats to security and examining their severity. Essentially, in information systems, risk assessment addresses the queries of what is the effect of an information system infringement and how much this will cost the company. However, examining the financial loss from a possible information system infringement is a troublesome step in the risk assessment process since most organizations are unwilling to determine the quantity of their financial losses caused by Trojan attacks. In addition, lack of historical data has compelled most organization not to report security breaches, due to fear of embarrassment, future crimes, and negative publicity all causing organizations not to report such cases (Loyola 149). Moreover, some companies fear negative financial outcome resulting from public disclosure of such attacks since such disclosure can lead to a drop in an organization’s stock price. Fundamental Methods of Overcoming Trojan horse Using authenticated public keys: In modern communication systems, a famous method of offering authentication in an authenticated Diffie–Hellman key pact protocol is to mark the outcome of the Diffie–Hellman one-way hash function such as Message-Digest Algorithm (MD5). The security of this protocol is founded on the frail of all the cryptographic hypothesis of the entailed algorithms; thus, a protocol designed from one cryptographic hypothesis would turn to be less secure than that containing multiple hypotheses. Using a single public Key: The public key infrastructure {PKI) technology is significant in bracing secure e-commerce and digital communication networks in the global platform. In essence, PKI is the security infrastructure platform whose services adopted and offered to use public key means; thus, most protocols for secure web service, emails, and authentication systems utilize PKIs. Applying Lamport's One-Time Password: One time password is utilized at most once to login to a computer system such that the first utilization of the password would agree for access, but a second or ensuing utilization of the similar password would fail to grant access. Furthermore, this mechanism is significant when passwords are being conveyed over a network in passive wire tappers presence that guards communications (Bequai 687). Conclusion In conclusion, online-based business utilizes the Internet for both business to the customer and business to customer transactions; however, Trojan attacks pose an enormous challenge to it. In addition, Trojan attacks are a threat inflicted by untrustworthy or scandalous behaviour of computer users taking advantage of the prevalent use of computer networks. Furthermore, a Trojan horse presents a solemn hazard to the safety measures, veracity as well as business information systems’ quality; therefore, development of resourceful security mechanisms has turned out to be top priority. Fundamentally, the economic influence of Trojan horses is vital for companies trying to make a decision based on where to place their data security budget as well as for insurance organizations that offer cyber-risk policies. This novel and developing view becomes even more crucial as many organizations depend on data systems in general, especially the Internet for conducting their business. Work Cited Badeen, Dennis. "Bernard Hodgson's Trojan Horse Critique of Neoclassical Economics and the Second Phase of the Empiricist Level of Analysis." Journal of Business Ethics 108.1 (2012): 15-25. Bloom, Gedare, et al. "Providing secure execution environments with a last line of defense against Trojan circuit attacks." Gedare Bloom, Bhagirath Narahari, Rahul Simha, Joseph Zambreno 28.7 (2009): 660-669. Brenner, Susan W and Brian Carrier. "The Trojan Horse Defense In Cybercrime Cases." Santa Clara Computer and High - Technology Law Journal 21.1 (2004): 1-52. Buratovich, Michael. "Uncommon Dissent: Intellectuals who Find Darwinism Unconvincing/Creationism's Trojan Horse: The Wedge of Intelligent Design." Christian Scholar's Review 34.3 (2005): 382-386. Calkins, Mary M. "They shoot Trojan horses, don't they? An economic analysis of anti-hacking regulatory models." Georgetown Law Journal 89.1 (2000): 171-224. Clark, John, Sylvain Leblanc and Scott Knight. "Compromise through USB-based Hardware Trojan Horse device." Future Generation Computer Systems 27.5 (2011): 555-563. Cooper, Rae and Chris Briggs. "'Trojan Horse' or 'Vehicle for Organizing'? Non-Union Collective Agreement Making and Trade Unions in Australia." Economic and Industrial Democracy 30.1 (2009): 93-119. Goduscheit, René Chester, et al. "Action Research in Inter-Organisational Networks: Impartial Studies or the Trojan Horse?" Systemic Practice and Action Research 21.4 (2008): 267-281. Gozzi, Raymond. "The Trojan horse metaphor." et Cetera 57.1 (2000): 80-84. Haughton, Graham. "Trojan horse or white elephant? The contested biography of the life and times of the Leeds Development Corporation." The Town Planning Review 70.2 (1999): 173-189. Hennart, Jean-Francois, Thomas Roehl and Dixie S Zietlow. "'Trojan Horse' or 'workhorse'? The evolution of U.S.-Japanese joint ventures in the United States." Strategic Management Journal 20.1 (1999): 15–29. Loyola, Mario. "Trojan Horse: Federal Manipulation Of State Governments And The Supreme Court's Emerging Doctrine Of Federalism." Texas Review of Law & Politics 16.1 (2011): 113-153. Oates, Sarah. "Going Native: The Value in Reconceptualizing International Internet Service Providers as Domestic Media Outlets." Philosophy & Technology 24.4 (2011): 391-409. Romstedt, Karl J. "Creationism's Trojan Horse, The Wedge of Intelligent Design." The Ohio Journal of Science 106.4 (2006): 169-170. Volokh, Eugene. "The Trojan Doctrine: Trademarks And The Law Of The Hor." Texas Review of Law & Politics 8.1 (2003): 259-260. Read More