Compromising Digital Devices - Essay Example

Internet Security “Hacking” AFFILIATION: Table of Contents Table of Contents 2 Internet Security“Hacking” 3 Brief Introduction of Hacking 3 Motivating factors for hackers 4 Characteristics of hackers 5 Impact of hacking on society / Security on Internet 6 Security issues in electronic transactions 7 Number of Visa users worldwide 8 Facts and figures about electronic crimes worldwide 9 Real life examples of hacking 10 Protection measures against hacking 10 Conclusion 12 References 13 Appendix - Vocabulary 15 Internet Security “Hacking” Brief Introduction of Hacking With the advent of time and development in the technological world, everything has become dependent on Information Technology (IT) as every organization has employed the latest IT infrastructures within their business premises for gaining competitive edge in the business market. As all the companies have started utilizing the latest IT systems, the computer hacking has become the biggest threat for the computer and Internet users. The word ‘hacker’ was coined by John Nash in 1980s who was a famous mathematician on the international level. In 1972, the first technology for hacks was determined; a single whistle from the box ‘Cap n’ Crunch’ was being used for making long distance phone calls free of any charge (Himma, 2007). In 1981, Ian Murphy hacked data of AT&T and changed the clocks so that people could avail late night discounts and he was the first hacker to be convicted of felony charges. At the same time, Kevin Mitnick was the leading hacker who hacked into IBM, DEC and Pacific Bell. In the late 1990s, the biggest hacking cases were reported such as Gary Mackinnon who was convicted of military crimes in US, Albert Gonzalez got the biggest jail sentence for stealing about two hundred million debit and credit numbers that cost losses of about £200 million (Ward, 2011). According to Sengupta, Mazumdar and Barik (2005), the hackers can be classified into four various generations. The first one was defined as technology-oriented and smart programmers, computer scientists and students from MIT as they hacked for professional and academic curiosities. The second comprised of hackers who were the technological radicals that developed the blue boxes for giving long distance calls on phone without any charges. The third generation constituted of people who were young and loved computer and personal computer games. The latest generation comprised of hackers who were involved in criminal activities that were triggered by power, revenge, greed or other cruel intentions. Motivating factors for hackers Hacking is defined as a way of gaining unauthorized access to the data that is stored in a computer. Hacking activities creates many problems for the users and users have a risk when dealing with IT systems for conducting money transaction. Risks are also present with the information of the user. In addition to getting access to valuable data and information, hacking includes invasion or attack on the people’s confidential information; majority of the people doing online transactions especially E-commerce are concerned about the preservation of their privacy (“Cybersecurity, innovation and the Internet community”, 2011). When customers are disclosing their confidential information in the form of credit cards for purchasing the items online, they want to be assured that their details will remain private and guarded. A hacker is defined as an agent or a person who accesses valuable files either for passing time in an enjoyable way, imposition of power or because of some interest in the data contained in the files so that it can be used. According to Ashoor and Gore (2011), the hackers are motivated to hack into other systems mainly for any of the three reasons i.e. recreation, revenge and remuneration. Recreation is described as the motivating factor for those people who hack in the network for having a fun-filled time or proving their technical skills and competencies. They hack other users’ private information just to have fun and enjoy the data retrieved due to their hacking skills. Revenge is described as the motivation of taking reprisal for customers who are dissatisfied, competitors who are angry and former employees who are disgruntled. The motive for such people is that they want to take revenge for their anger and dissatisfaction with the other party and hence use unethical means such as hacking in troubling the other party. On the other hand, Remuneration is defined as the motive of hacking the system for gaining some personal benefits for transferring funds into one’s own accounts in a bank. This is also a serious form of hacking as the element of money is involved in this case and people try to hack other people’s money via the hacking process. The electronic crimes that are reported worldwide are credit card fraud, identity theft, Advance Fee Fraud, Non-delivery of merchandise, romance scams, Work-for-home scams, Check fraud, Computer fraud and many more. These people either work on their own or in the form of horde of hackers so that they can commit multiple crimes in one point of time (Woo, 2003). Characteristics of hackers The hackers are mainly classified into three forms i.e. gray hats, black hats and white hats (Pandey & Rastogi, 2010). The black hat hacker is skilled with all the important expertise and competencies required for carrying out the injurious attacks on an information system. On the other hand, a gray hat hacker is one who has a split personality; in few situations, the person will avoid breaking the law and defend the network and in others, the hacker reverts back to the activities of black hat hacker. In order to respond to the growing issue of hacking, many security agencies and government officials in various countries have started providing white hat hacker or ethical hacking services to the people. The white hat hackers can work either as individual entities or independent consulting organizations that have the best team of professionals for enhancing the protection of computer systems. The experts have been trained in performing all mandatory security postures on networks and systems so that they can be easily defended from any form of malicious attack (Orsbon, 2008). Impact of hacking on society / Security on Internet When the personal details of a person or confidential information of an organization is subjugated, it becomes a threatening situation for the concerned people (Goessl, 2008). Since Internet is the most commonly used online Web tool, the number of computer attacks and crimes have increased at an accelerating pace in the last few years. The following figure shows the fluctuations in the number of cyber crimes reported at Internet Crime Complaint Center in US in the period of 2000-2011: (Source: “2011 Internet Crime Report”, 2012) The most commonly committed frauds and crimes online and on computer are password hacking (hackers illegally hack in the passwords of federal bureau and banks), network intrusion (using worms, wicked Trojan and other viruses for accessing the data stored in information system), cheating or identity theft (illegal using of identities of people), piracy of software (copy and use a software illegally), Spoofing of IP address (IP address is disguised and used to get illegal access to the confidential information of countries and organizations) and laundering of money (acquiring the funds illegally by manipulation of transactions and financial statements) (“California Office of Privacy Protection”, 2010). Hence, Internet security has become a growing area of concern for individuals and the organizations that are conducting their business operations online. With the passage of time, all corporations have developed their websites so that they can reach their customers through these online platforms. The organizations need to work upon security issues so that they retain the interest of the user in using the online activities of the organization. Although the sites are among highly workable solutions for enhancing a firm’s reputation among the target market but it is also subjected to various cybercrimes such as e-mail spamming, payments fraud, loss of customer’s confidential information, virus attack on the system and many more (Lesson & Coyne, 2005). In order to make sure that all the transactions and activities conducted through E-commerce facilities are harmless and locked, the management teams have to ensure that they take necessary measures for providing trustworthy and reliable services to their customers. In today’s world, the ethical hackers have developed software and programs which once installed in the company’s system provide value added security to all stakeholders from the suppliers to final consumers (Sengupta, Mazumdar & Barik, 2005). Such security software allows the consumers as well as suppliers to invest in the business as they trust the security issues of the organization. Security issues in electronic transactions Since the hacking tools and software are easily accessible by the hackers, the legal authorities in each country are implementing various rules and regulations so that the incidents of electronic crime can be controlled and mitigated to a great extent. It is one of the challenging issues for any country to cater as online hacking of confidential data, credit cards, user information and other such data may to lead to heavy consequences to be faced by the concerned party. Some of the hackers even provide tutorials to the people who want to learn hacking online in the form of documents and videos. The most common problem encountered in E-commerce field is the credit card fraud as the customers have to provide their card details for completing the transaction. One of the major hackings was done at eBay.com when information about its customers was hacked and it had to redesign the website to provide additional security to the customers. The website had to do a lot of efforts to gain back the confidence of its valuable customers and it is reported that it had to suffer loss of about $5 million that year (Computer fraud reporting, 2010). In 1990s, National Institute of Health (NIH) also suffered from hacking problem as its entire system was hacked and the complete information about its patients was within the control of the hacker. It took few months to recover back the lost information and install all necessary systems for improvised security of the data (Goessl, 2008). Number of Visa users worldwide Since E-commerce is the new trend in the market for conducting both B2B (Business to Business) and B2C (Business to Consumer) transactions, there are various credit card companies that are offering their valuable services to the customers. One of the leading payments technology company is Visa that has its presence in different countries. Visa is a global organization that connects banks, governments, consumers and businesses in about two hundred territories and countries. The headquarters of the company is located in San Francisco, USA that is employing more than 7,500 employees globally (About Visa, 2012). There are three centers for data storage in the two continents (Visa Inc. and Visa Europe) and Visa Europe has distinctive membership as it operates as a separate entity that has been given the exclusive licensee by the parent company so that it can use its technology and trademarks in the region of Europe. At present, the network span of Visa Inc. comprises of about 14,900 customers that also comprise of financial institutions, 2 million ATM machines and 2 billion Visa cards. In order to provide better security to the customers, the company has developed the superior level processing networks that has the capability of handling approximately 20,000 transactions every second in the most reliable, secured and convenient manner (About Visa, 2012). On a global level, Visa had 80 billion complete transactions, $3.9 trillion volume of payments and $6.3 trillion volume in total as of June 30, 2012. Facts and figures about electronic crimes worldwide Overall Statistics of electronic crimes reported at Internet Crime Complaints Center Total Complaints Received 314,246 Complaints reporting loss 115,903 Total Loss $485,253,871 Median dollar loss for those operating a loss $636 Average dollar loss overall $1,544 Average dollar loss for those reporting loss $4,187 (Source: “2011 Internet Crime Report”, 2012) Major Fraud and crime types reported in 2011 Work-from-home scams 17,352 Loan Intimidation 9,968 FBI Impersonation Scams 14,350 Romance Scams 5,663 Auto-action fraud 4,066 FBI-related scams 35,764 Identity theft 28,915 Advance Fee Fraud 27,892 Overpayment fraud 18,511 Non-delivery of merchandise 22,404 (Source: “2011 Internet Crime Report”, 2012) Country Name Number of Electronic Crimes United States 90.99% Canada 1.44% United Kingdom 0.97% Australia 0.66% India 0.50% Puerto Rico 0.22% South Africa 0.22% France 0.19% Germany 0.19% Russian Federation 0.17% (“2011 Internet Crime Report”, 2012) Real life examples of hacking It has been estimated by 2011 Internet Crime Report (2012) that hackers have been successful in stealing about $1 trillion amount in the Intellectual property. According to the report, hacking costs about $4 billion damages on yearly basis in US and $1 billion in China. In the survey by Symantec about 43% of businesses (2,100 were surveyed) had suffered losses because their proprietary information was hacked (Computer Fraud Reporting, 2010). The costs of hacking are too high and organizations have to suffer the loss of huge amount of money which can go up to millions and billions of dollars. In 2011, Play Station’s hacking made Sony incur losses of $170 million and Google even lost $500,000 in its hacking in the year 2005 (“2011 Internet Crime Report”, 2012). It has been stated by various researchers that even single instances of hacking can cost about $600,000 to $7 million of loss per day for the online businesses (it varied on the basis of revenue from operations). Although large organizations can easily bear the loss figure but it can get difficult for the small organizations as they don’t generate such huge amount of revenue. Protection measures against hacking In order to enhance the security of restricted information, it is mandatory for the individuals and organizations to implement all preventive measures. The common mistake that is done by the users of Internet is that they don’t update their systems on a continuous basis. When the systems are of previous versions, they will lack competence of identifying the new threats that are widespread in the technological world at that time. The credit card users have to ensure that they take some preventive steps on their behalf so that they can be assured that their personal details cannot be easily accessed (“California Office of Privacy Protection”, 2010). Since the demand of enhanced security in E-commerce has risen at an accelerating pace, there are many specialized companies that are offering their exclusive services for providing the instant solutions to make the systems prudent and sound for all kinds of transactions. Following are some of the protection measures that are vital for every individual and organization in today’s tough and ever changing business environment: 1. Installing a firewall – The hackers send out calls (pings) to many computers and wait for their responses. With the help of firewall, these calls can be prevented and it will block communications from the sources not permitted by the users. 2. Using Anti-virus software – The anti-virus software will keep the computer protected from any kind of virus attack that can destroy the data, or cause the computer to crash or slow down. The software should be updated on a frequent basis so that the new bugs can be easily identified on computer. 3. Browser should be managed properly – In order to enhance the level of protection, the browsers and systems have to be frequently updated so that they have the latest features for accurate running of the operations. 4. Anti-spyware software – The anti-spyware software is mandatory for safety of personal information as there are spywares on various websites that monitor and record a person’s online activities and collect the personal information when surfing the Web. It should be installed to ensure the security of all personal details. 5. Using strong passwords – The passwords should be strong enough which cannot be easily guessed by the hackers. One piece of advice is that it has to be changed on regular intervals so that the information is tightly held. 6. Shopping online from secured websites – Since most of the people like to do online shopping, it is better to purchase the things from secured and reliable websites. The payment mechanisms require disclosure of credit card information so it is vital that the site is trustworthy which will guard the details of the customers. Conclusion As Internet security is the common threat among E-commerce organizations and the number of incidences has increased at a fast rate, it has become obligatory for every individual and corporation to take all precautionary measures for enhancing the safety and security of valuable data. The law enforcement agencies are interfering in E-commerce businesses by passing Acts that will be beneficial for their operations and will allow them to carry on their activities without any fear of hacking. References 2011 Internet Crime Report (2012). Retrieved January 15, 2013 from http://www.ic3.gov/media/annualreport/2011_IC3Report.pdf About Visa (2012). Global Presence. Retrieved January 15, 2013 from http://corporate.visa.com/about-visa/our-business/global-presence.shtml Ashoor, A.S., & Gore, S. (2011). What is the difference between hackers and intruders. International Journal of Scientific and Engineering Research, 2(7), 1-3. California Office of Privacy Protection (2010). Protect your computer from hackers, viruses and spies. Retrieved January 15, 2013 from http://www.privacy.ca.gov/consumers/cis12english.pdf Computer fraud Reporting (2010). Internet Fraud, Scam and Crime Statistics – 2009. Retrieved January 15, 2013 from http://www.consumerfraudreporting.org/internet_scam_statistics.htm Cybersecurity, innovation and the Internet Community (2011). Retrieved January 15, 2013 from http://www.nist.gov/itl/upload/Cybersecurity_Green-Paper_FinalVersion.pdf Goessl, L. (2008). What hacking costs society? Retrieved January 15, 2013 from http://www.helium.com/items/840754-what-hacking-costs-society Himma, S.H. (2007). Internet Security: Hacking, counterhacking and society. Sadbury, USA: Jones and Barlett Publishers. Lesson, P.T., & Coyne, C.J. (2005). The economics of computer hacking. Retrieved January 15, 2013 from http://www.peterleeson.com/hackers.pdf Orsbon, K. (2008). E-commerce and security. Retrieved January 15, 2013 from http://www.it.uu.se/edu/course/homepage/ehandel/vt08/ehd04-vt08-security.pdf Pandey, D., & Rastogi, A. (2010). A critical research on threats and security technology related to payment system on E-Commerce Network. International Journal of Computer Applications, 8(3), 11-14. Sengupta, A., Mazumdar, C., & Barik, M.S. (2005). E-commerce security – A life cycle approach. Sadhana, 30(2-3), 119-140. Ward, M. (2011, June 9). A brief history of hacking. Retrieved January 15, 2013 from http://www.bbc.co.uk/news/technology-13686141 Woo, Hyung-Jin (2003). The hacker mentality: Exploring the relationship between psychological variables and hacking activities. Retrieved January 15, 2013 from http://athenaeum.libs.uga.edu/bitstream/handle/10724/6624/woo_hyung-jin_200305_phd.pdf?sequence=1 Appendix - Vocabulary 1. Access – Giving right of entry to a person for using data and information. 2. Advance fee fraud – A crime in which advance fee is collected and service is not provided 3. Bugs – Bugs are like viruses that damage the computers and systems 4. Charges – Penalties that have to be paid for being guilty of committing the crime 5. Competencies – Expertise/Skills/Ability to do a task with perfection 6. Confidential – Private/Not to be disclosed 7. Convicted – A person found guilty of the crime 8. Credit card fraud – Information about a person’s credit card is leaked out 9. Curiosities – Interest or anxiousness about something 10. Defend – Support someone or something 11. Disgruntled – Unhappy or dissatisfied person 12. Enhancement – Improving something 13. Firewall – A protection shield on the website for blocking harmful content that can damage the system 14. Frequent – Regular/Repeated 15. Hordes – Gang/Crowd 16. Identity theft – A crime in which a person’s personal information is stolen 17. Incur – Suffer/Encounter 18. Independent – Free/On your own 19. Instance – Example/Case 20. Intrusion – Cause disturbance or interruption 21. Invasion – To attack someone or something 22. Malicious – Cruel/Wicked 23. Military crimes – A crime in which information of government agencies is stolen and misused 24. Mitigate – Tone down or ease so that the after effect is minimal 25. Non-delivery of merchandise – Not delivering the items purchased to the customers after receiving the payment or agreeing on auction 26. Professional – A person who has expertise and skills in particular field or work 27. Reprisal – To take revenge from a person 28. Stakeholders – A group of people who have direct interest in a company’s performance 29. Subjugated – Valuable information is in control of the enemy 30. Threatening – A tactic used to frighten someone 31. Utilizing – Using something with purpose 32. Widespread – Something that can be commonly found anywhere 33. Worms – Worms are like viruses that self-replicate but don’t get attached to the code Read More