Online Security Threats Removal - Essay Example

Can online security threats be removed altogether' Discuss. With the advent of internet the life of a common man has changed toa considerable extent. Before the introduction of internet, people have to spend hours in libraries to find relevant information but not any more. Although internet is widely used to get specific information but the facility of online shopping is nothing less than a blessing. But, it doesn't really matter if you use internet to get information or to shop around, you have to face certain security threats as there is an overwhelming increase in the cyber crime over the last few years. According to the FBI, the number of Internet crime complaints received in 2008 rose 33 percent from 206,884 to 275,284 at a total loss of $265 million. "This report illustrates that sophisticated computer fraud schemes continue to flourish as financial data migrates to the Internet," said FBI Cyber Division Assistant Director Shawn Henry in a written statement. "It also underscores the need for continued vigilance on the part of law enforcement, businesses, and the home computer user to be aware of these schemes and employ sound security procedures (Valenzuela, 2009)." In addition to fraud schemes other methods are also used by scammer and hackers to conduct cyber crimes. For instance, many people have to suffer great losses only because of viruses and worms. So, it is clear that several threats linger in the world of internet but online identity theft is one of the most prevalent issues. The reason is the availability of many tools and methods that are utilized by hackers to access a computer for online identity theft. Spoofing, back doors and internet worms are the most popular but following chart will give a clear idea in this regard. Now, this graph makes it quite clear that several methods are used by thieves to breach your security but there are some ways to stop them from obtaining any information from your system. However, there are lots of people who believe that solutions are insufficient and the issue of identity theft can not be resolved with them. The objective of this essay is to delve more into the details to find if identity theft has become an incurable disease or there are ways to get over it. What exactly is identity theft' Before delving more into the details pertaining to the solutions for identity theft it is important to get some more information about the concept of identity theft. Basically, online identity theft is a crime that occurs when personal information is unlawfully obtained by someone else without the owner's knowledge or consent in order to support criminal activity such as fraud, deception or to obtain benefits in the victim's name. The consequences for the victim can be devastating because once the thieves have your personal information they can open up credit cards and run up debts, take out loans or use your identity as a cover for criminal activity (Online Identity Theft: A New Threat). The outcomes of losing your identity can be critical, depending on the motives behind different hacking activities. Motives can different but most hackers look for financial information and that's the reason why the financial sector is more at risk, which is evident from the following charts. These charts show the identity theft activities in 2007. According to the charts, government sector was at the first place in terms of data breaches and exposed identities in 2007. It is followed by financial sector showing that hackers like to get financial information. But, hackers use different methods while targeting different sectors and that's why it is important to check some of the solutions in relation to the ways used by hackers to access computer for identity theft. Methods used by Identity Thieves: Installing a virus, worm or spyware is arguably the most common way of accessing sensitive information. Spyware is designed for exploiting infected computers usually for marketing purposes. The activity of the web browser is monitored, resulting to routing of HTTP requests to the web sites that are advertised through the spyware. Recently, spyware was used by an identity theft ring to retrieve and store remotely, user information. This was identified by research conducted by an antispyware firm, Sunbelt (Vijayan, 2005). It implies that viruses help hackers in a big way but the emphasis on viruses has always been changing, which is clear from the following chart. Source: Info-Tech Research Group, derived from data published by Symantec This chart shows virus trends during 2005 to 2007. You can see that worms and Trojans have always been affecting people but there was a decrease in virus attacks from 2005 to 2006, which increased again in 2007. The use of viruses has again become an effective tool for identity thieves but the basic solution to stop these viruses and worms is antivirus software, which is not sufficient. According to the general manager of the Australian Computer Emergency Response Team (AusCERT), Graham Ingram, most of the desktop antivirus applications simply "don't work". He further stated, "At the point we see it as a CERT, which is very early on -- the most popular brands of antivirus on the market ... have an 80 percent miss rate. That is not a detection rate that is a miss rate. "So if you are running these pieces of software, eight out of 10 pieces of malicious code are going to get in," said Ingram. It implies the fact that using antivirus software doesn't guarantee a safe computer. In addition to viruses, another common method used by identity thieves is spamming. By acting on spam emails you may have to deal with different forms of damage, including financial compromise, identity theft, installation of malware, disclosure of proprietary information and more. To cope with this particular problem different types of options are available for people. Spam filter, for instance, is a good option. It can help in stopping most of the spam emails but it is not a top-notch technique because many emails still survive from the filtering process. To cover this flaw, some companies now use more sophisticated techniques where they stop IPs involved in spam like activities. It is a better technique but the need to introduce new technologies is still there. After spamming, the other popular tool being used by identity thieves is spoofing. In spamming, bulk emails are sent to your account but spoofing is different. E-mail spoofing is the forgery of an e-mail header so that the message appears to have originated from someone or somewhere other than the actual source. Distributors of spam often use spoofing in an attempt to get recipients to open, and possibly even respond to, their solicitations (Email Spoofing, 2007). So, email spoofing can make people lose their sensitive information but there are some solutions as well. For home users it is recommended to stay away from clicking on any link available in emails. For businesses, there has to be something more refined. The good news is that some sophisticated options are now available to stop spoofing. SPF, for instance, is a good example. The Sender Policy Framework (SPF) is an emerging standard by which the owners of domains identify their outgoing mail servers in DNS, and then SMTP servers can check the addresses in the mail headers against that information to determine whether a message contains a spoofed address (Email Spoofing. What is it and how does one deal with the problem'). Surely, this option sounds interesting but it is still in its early phase. Now, it is easy to see that there are issues with solutions but solutions are not perfect and that's why identity theft is on a rise. But, it is also true that people are inclined to use traditional methods to deal with online security threats and end up losing their sensitive information. Following chart gives an idea about people's inclination towards the use of old methods. Excel based chart; (Data Source: CSO Magazine, 2007): According to this particular chart, the most popular method in 2007 was password complexity with 95% of people using it to stop identity theft. This was followed by Statefull Firewalls which were used by 94% of people. There are other technologies as well but all of them are insufficient. Actually, people are compelled to use these technologies because of the unavailability of more sophisticated solutions. Plus, employing a firewall or software is not a really expensive proposition for companies and users, so they opt for it without considering the fact that these methods are no longer the best. Conclusion Considering the details provided in previous paragraphs, it becomes quite clear that viruses, spam emails and spoofing are the most commonly used techniques for online identity theft. These threats are usually handled by using traditional methods. Sometimes these solutions work, sometimes they don't. But, there is a big need to introduce new techniques as companies can no longer deal with identity theft by making use of static IDs and passwords for authentication. So, it is easy to conclude that though solutions can help enervating the problem of online identity theft but this issue can not be resolved altogether, especially in the absence of more advanced techniques. But, it doesn't qualify to the fact that one must stop using available solutions as implementing those is better than doing nothing to stop identity theft. So, "You should never let down your guard when it comes to cybersecurity," said Jeff Jones, director of Trustworthy Computing for Microsoft. "Crime is a fact of life in the digital world just as it is in the physical world; even with the best security posture, you must still steadily guard against potential threat." References: "Email Spoofing. Search Security.com". Jun 04, 2007. Retrieved on May 14, 2009 from http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci840262,00.html "Email Spoofing. What is it and how does one deal with the problem"' Scribd. 2007. Retrieved on May 14, 2009 from http://www.scribd.com/doc/13055/Email-spoofing-What-is-it-and-how-does-one-deal-with-the-problem "Online Identity Theft: A New Threat. Identity Theft". Feb 08, 2009. Retrieved on May 14, 2009 from http://www.identitytheftproblem.com/online-identity-theft-a-new-threat/ Valenzuela, Beatriz E. "FBI says Internet crime on the rise". April 13, 2009. Daily Press. Retrieved on May 14, 2009 from http://search.ebscohost.com/login.aspx'direct=true&db=nfh&AN=2W62W6811706860&site=src-live Vijayan, J. 'Antispyware firm warns of massive ID theft ring', 5 August 2005, Retrieved on May 14, 2009 from http://www.computerworld.com/securitytopics/security/story/0,10801,103737,00.html Read More