Threat Posed by Cyber Crimes to Homeland Security - Coursework Example

Homeland Security Name Institution Professor Course Date Homeland Security Cyber crime and insecurity is a major world threat to our daily lives and the threat posed by such activities as identity theft to western nations is significantly large to go unnoticed. There numerous threats that materialized while some have been neutralized making cyber crime is a major threat to economic and national security. The department of homeland security is tasked with the role of countering cyber threats and maintaining cyber security (DHS, 2010). This paper aims to identify the threat posed by cyber crimes to homeland security and also points out an example of an incident that has recently occurred and how it is a challenge to homeland security. It also identifies viable solutions and countermeasures that homeland security is currently implementing to curb this threat. Cyber crime describes any illegal activity that uses computer storage devices to store evidence. According to the department of homeland security, cyber threats are any efforts that lead to access to, manipulation and the impairment of confidentiality, security or availability of data (DHS, 2010), Cyber crime refers to offences that are committed against individuals or groups of individuals with a criminal motive to intentionally harm the reputation of the victim or cause physical or mental harm to the victim directly or indirectly (Kruse & Heiser, 2002). This form of crime takes various forms such as illegal intrusion of networks, intentional dissemination of viruses, as well as a range of activities such as identity theft, stalking, terrorism and bullying. Crimes that are most commonly perpetrated on computer networks include computer viruses, denial-of-service attacks and the use of malware. Surveys conducted indicate that the damage that cyber crime inflicts upon nations, organizations and corporations is large enough to go unnoticed. As far back as 1996, major corporations were reporting losses in millions resulting from computer break-ins. Government departments such as the pentagon have reported a high frequency of break-ins over the internet and most of them have gone undetected. Such websites contain highly sensitive and unclassified information and the damage that is caused by such information finding its way to the public is significant, almost always empowering antagonists to the government to incite the public. According to the DHS, businesses based in the U.S lose as much as $138 million every year due to hackers (Homeland Security News Wire, 2009). There have been numerous cases of cyber crime that have been recently documented. One such incident occurred in 2008 and was commonly referred to as dark market. It was a group of hackers who established a forum on the internet that acted as a market where financial information such as credit card information, login details and electronic equipment was bought and sold. The transactions involved were to the tune of millions and involved criminals from all over the world. The market was however discovered and shut down as agents of the FBI working closely with the department of homeland security infiltrated the group and shut down the network and in the process preventing the loss of valuable information valued at $70 million (DHS, 2011). Another widespread incident of cyber crime was the botnet that was commonly referred to as mariposa, and had infected as many as 13 million computers at its peak. It was reported that half of the fortune 500 companies had been infected by the virus. The virus launched denial of service attacks, e-mail spam, personal information theft such as passwords and bank credentials as well as attacks on the DNS servers that brought back search results that showed advertisements and pop-up ads. The removal of the botnet was valued to have costs tens of millions of dollars. Millions of internet users worldwide were exposed to identity theft due to this virus. Security research teams combined their efforts and formed Mariposa Working Group that took to analysis and extermination of Mariposa. The group took over the control of the virus and managed to dismantle it. Cyber Storm is a comprehensive framework that the department of homeland security has taken up as an extensive exercise in a bid to secure cyber space. It has experienced various phases, the most recent one being Cyber Storm III (CSIII). The different phases have been made necessary due to the need to keep up with evolving trends and vices that cybercrimes takes. The exercise was implemented on a national level, involving participants from eight departments on the cabinet level, 13 from the state level, 12 international participants, and 60 companies from the private sector (DHS, 2011). The objective of the exercise was to comprehensively address the procedures and mechanisms that should be used by the participants to identify a cyber incident. The exercise was also meant to assess the department of homeland security’s national cyber incident response plan as well as implement elements that past findings have recommended as necessary. Findings from CSIII indicated that though the relations between the public and private sector were improving, they were still found wanting so as to forge cooperation in a bid to enhance cyber security. Each party has inherent resources and coordination would enhance effective response mechanisms. Findings also indicate that the players in the private and public sector need to understand the type and value of information that will be provided to them by the other players. This will further influence them to effectively share information. Challenges also arise in creating and laying emphasis on the gravity of a cyber incident across all stakeholders (Sommer, 2004). Threats posed are not significantly passed across to the relevant stakeholders and as such the emphasis laid on such threats is minimal and not enough to fight cyber crimes. The department has several frameworks that are dedicated to cyber security. One such framework is the national protection and programs directorate (NPPD), which is tasked with securing the networks that are owned and operated by the executive, civilian networks, and various agencies. It also offers technical expertise to organizations in the private sector as well as resources that will help enhance cyber security, incident detection and response, and mitigation of threats. In addition, it raises awareness on cyber security to the general public and also coordinates management efforts in cases of cyber emergencies. DHS, acting through the comprehensive national cyber security initiative, now includes cyber security in its national security and safety plans. In 2009, DHS launched various recommendations that were meant to create a safe and secure cyber environment as well as raise awareness on cyber security. The national cyber security and communications integration center (NCCIC) houses the 24- hour cyber and communications warning center that keeps watch all the time (DHS, 2010). The NCCIC has strategic partnerships with various players in the private sector such as the information technology sector, sharing and analysis center, as well as banking, finance, and the energy sector. Such partnerships are aimed at enhancing cyber security. This widespread integration is vital for creating an effective response mechanism, and a resourceful and expert team to deal with cyber security incidents. DHS has various intrusion detection systems such as the EINSTEIN 1 and 2 that are tasked with observing and reporting cyber threats and alerts. Through the privacy impact assessment, an initiative known as the initiative three exercises has been established. It aims to demonstrate additional capabilities that go beyond those incorporated in the EINSTEIN framework, through the use of innovative technology (DHS, 2011). The exercise displays an intrusion prevention system and an intrusion detection system that will be used as a test run for the proposed implementation of a new framework, EINSTEIN 3. It will combine the use of new technology developed by the NSA so as to enable full time inspection of packets flowing through a network. This approach aims at tracking network traffic on a full time basis in order to detect malicious traffic. It will therefore enable intrusion prevention in a way that malicious traffic will be detected and acted upon before any harm is done. The exercise proposes to implement a better means of information sharing so as to enhance detection of intrusion. The use of this technology will also enable other advanced features that will enhance cyber security altogether. Once implemented, the technology will enable the identification of network traffic based on destination and source and hence routing information more effectively. Next, the traffic will have to be verified as destined to the specified location and will then have to pass through intrusion prevention and detection systems. The technology will also encompass advanced ability to redirect traffic according to relevance and destination and provide for system administration privileges. Subscribers to the use of such technology will however have to give consent due to the high level of scrutiny that this technology applies. Cyber crime is a major global threat in our world today. Modern living dictates that lives should be built over the internet. Increased dependence on the internet and computer networks to run our daily lives, results to greater susceptibility to cyber crimes. This would suggest that cyber security should be achieved at all costs. DHS is at the fore front of ensuring that the cyber environment is safe and secure. The future seems bright if such projects as EINSTEIN 3 are implemented, but before then, there is need for more awareness and attention to be laid on cyber security as there has been enough damage already caused by cyber crimes. References Department of Homeland Security. (2010). Privacy Impact Assessment for the Initiative Three Exercise. Retrieved June 2, 2012, from http://www.dhs.gov/xlibrary/assets/privacy/privacy_pia_nppd_initiative3exe Department of Homeland Security. (2011). Cyber Storm III. Retrieved June 2, 2012, from http://www.dhs.gov/xlibrary/assets/nppd-cyber-storm-iii-final-report.pdf Homeland Security News Wire. (2011). Cost of cyber attacks on the rise. Retrieved June 2, 2012, from http://www.homelandsecuritynewswire.com/cost-cyberattacks-rise Kruse, W. & Heiser, J. (2002). Computer forensics: incident response essentials. Boston, MA: Addison-Wesley. Sommer, P. (2004). The future for the policing of cybercrime. London: Elsevier. Read More

One such incident occurred in 2008 and was commonly referred to as dark market. It was a group of hackers who established a forum on the internet that acted as a market where financial information such as credit card information, login details and electronic equipment was bought and sold. The transactions involved were to the tune of millions and involved criminals from all over the world. The market was however discovered and shut down as agents of the FBI working closely with the department of homeland security infiltrated the group and shut down the network and in the process preventing the loss of valuable information valued at $70 million (DHS, 2011).

Another widespread incident of cyber crime was the botnet that was commonly referred to as mariposa, and had infected as many as 13 million computers at its peak. It was reported that half of the fortune 500 companies had been infected by the virus. The virus launched denial of service attacks, e-mail spam, personal information theft such as passwords and bank credentials as well as attacks on the DNS servers that brought back search results that showed advertisements and pop-up ads. The removal of the botnet was valued to have costs tens of millions of dollars.

Millions of internet users worldwide were exposed to identity theft due to this virus. Security research teams combined their efforts and formed Mariposa Working Group that took to analysis and extermination of Mariposa. The group took over the control of the virus and managed to dismantle it. Cyber Storm is a comprehensive framework that the department of homeland security has taken up as an extensive exercise in a bid to secure cyber space. It has experienced various phases, the most recent one being Cyber Storm III (CSIII).

The different phases have been made necessary due to the need to keep up with evolving trends and vices that cybercrimes takes. The exercise was implemented on a national level, involving participants from eight departments on the cabinet level, 13 from the state level, 12 international participants, and 60 companies from the private sector (DHS, 2011). The objective of the exercise was to comprehensively address the procedures and mechanisms that should be used by the participants to identify a cyber incident.

The exercise was also meant to assess the department of homeland security’s national cyber incident response plan as well as implement elements that past findings have recommended as necessary. Findings from CSIII indicated that though the relations between the public and private sector were improving, they were still found wanting so as to forge cooperation in a bid to enhance cyber security. Each party has inherent resources and coordination would enhance effective response mechanisms. Findings also indicate that the players in the private and public sector need to understand the type and value of information that will be provided to them by the other players.

This will further influence them to effectively share information. Challenges also arise in creating and laying emphasis on the gravity of a cyber incident across all stakeholders (Sommer, 2004). Threats posed are not significantly passed across to the relevant stakeholders and as such the emphasis laid on such threats is minimal and not enough to fight cyber crimes. The department has several frameworks that are dedicated to cyber security. One such framework is the national protection and programs directorate (NPPD), which is tasked with securing the networks that are owned and operated by the executive, civilian networks, and various agencies.

It also offers technical expertise to organizations in the private sector as well as resources that will help enhance cyber security, incident detection and response, and mitigation of threats. In addition, it raises awareness on cyber security to the general public and also coordinates management efforts in cases of cyber emergencies. DHS, acting through the comprehensive national cyber security initiative, now includes cyber security in its national security and safety plans.

Read More