Cyberspace Policy - Term Paper Example

Cyber Security In recent time, almost all business and personal operations are dependent on computer and technology. With the innovation of internet and other high level of computer programming, each and every organization is now dependent on computer program to make their operation smoother, less time consuming and much more error free. Various services like banking and finance, personal investment, purchase of goods like cloths or any other electronic or non-electronic products are now just a few clicks away from the individuals. US President Barack Obama in his speech has mentioned that “Technology is reshaping every aspect of our lives, and protecting our digital infrastructure from cyber threats is one of our highest security priorities.”(Martin, 2013). With the development of science and technology, the possibility of cyber threat is also increasing rapidly in modern times. From organized group of hackers supported by various kinds of political, ethical or retaliatory motives to virtual robbery activities, inspired by financial gain, it is very important understand the profile as well as mode of operation and targeted areas of the cyber criminals. “Targeted, organized and long-term threats categorized as “advanced persistent threats” can be a significant problem due to sophisticated technology, expert attackers and potentially Nation State sponsorship.”(Martin, 2013) The main objective of this paper is to analyze the concept of cyber security in association with a recent international event. The paper also analyzes the possible threats that people may face in cyberspace, discuss various questions related to cyber security such as: Who was/is being harmed by whom? -What is the harm/causation? -What is the broader implication of the harm? What is the major Moral issue on hand? And most importantly discuss about the process which various cyber companies have to consider as an obligation in light of theories such as rights theory, justice theory, an ethics of character, and an ethics of care while relating the same about the particular incident. Cyber Security - Types Before discussing about the concept of cyber security in modern world it is important to understand the concept of cyber threat. The concept of cyber security is being developed only to protect the individual users as well as companies from various kinds of cyber threats. The term cyber threat can be defined as an outsiders attempt to hamper the normal operation of any particular system which is designed to help the normal activities of the people in a society. Cyber threats can be a great danger for the people who are engaged in services with financial sector, a threat for the government officials and at the same time it is a great danger for the government services and army as well. In countries such as USA, the statistics associated with the cyber-crime is increasing rapidly over a course of time and the situation is so much alarming that the President of USA, Barack Obama forced to declare the month of October 2013 as the National Cyber Security Awareness Month. He in his speech has mentioned that “Technology is reshaping every aspect of our lives, and protecting our digital infrastructure from cyber threats is one of our highest security priorities,” said President Obama in the proclamation. “Our national and economic security depends on a reliable digital infrastructure in the face of threats.” (Lockheed Martin, 2013) To protect this cyber threat, it is important for the organizations as well as the government to first understand the threat profile of all the cyber attackers. In modern times, groups who are regularly targeted by the organized hackers group are more susceptible to break down and this kind of -term threats categorized as “advanced persistent threats” . While discussing it has been categorically mentioned that “ the nature of the cyber threat , The problem for most organizations is these advanced persistent threats evade detection by industry-standard tools because traditional tools make one flawed assumption: a response can only occur after the cyber breach itself. It took a team of Lockheed Martin analysts to discover the challenge of advanced persistent threats is also its solution.” (Lockheed Martin, 2013) Roy Girasa (2002) argued that, cybercrime is a generic term covering the multiplicity of crimes found in penal codes or in legislation having the use of computers as a center component.(Girasa, 2002). Cybercrime can be analyzed in both narrow as well as in broader sense. In narrow sense it can be defined as an illegal activity related to computer and computer aided services where as in broader sense, the same can be defined as an illegal work which can be committed by means of or in relation to computer or any kind of network system. Now one might discuss the concept of cyber security in modern world in light of increasing cyber threat. Cyber security can be defined as a system which is used by the government and also by various organizations in order to protect “information and systems from major cyber threats, such as cyber terrorism, cyber warfare, and cyber espionage.” (Stubley, 2013) The meaning of the term cyber security is very simple and that is to protect information related to software and their application, various information stored in the software, protecting those from any kind of unauthorized access, disruption, modification or destruction. Generally the term cyber security associated with following four different aspects namely, Securing computer system and computer networks from the access of unauthorized persons; Securing devices, products and applications from the access of unauthorized people to protect stored data; Securing hardware and software from malfunctioning and from the attack of the virus/hackers and Securing information, data and/ or databases which are filled up with data related to customers, central security and other necessary ones. (Sharma, 2011, p. 18). There are verities of cyber securities present in the modern world. These various forms are mainly based on types of attacks as well as variety of malfunctions of the database as well as the systems in the modern times. The types are: Network security, Data security and System security. Network security is most common type of cyber security used in world operations. This is associated with securing various networks both privately owned and government network system from the attack of various kinds of virus and other computer hackers to ensure that all the networks are operating smoothly. Generally in any specific networks, data are available for the authorized users against specific user id and password. The hackers can pretend to be the particular user and by providing the exact user id and password can access the same. Data security is associated with protecting data which are stored in various drives of any particular operation systems from the attack of virus and hackers. In this cyber security process, various kinds of antiviruses as well as firewalls are used by the concerned authority to protect data sets. The last kind of cyber security associated with protecting the computer system or the network against any kind of malfunctioning. It mainly concerns about malicious programs that can disrupt and sometimes destroy the computer systems. These malicious programs can be viruses such as Love Bug, rabbits, Logic Bomb, Trojan horse and worms such as Morris Worm and, bugs. (Tavani, 2007, pp.170-172). There are number of instances of cybercrime in all over the globe. The number of instances associated with cybercrime is increasing with every year. In the USA there are number of instances of cybercrime in recent years. One of the most significant one is hacking of banking portals specially the credit and debit card payment webpages. In last few years this incident increased drastically as a large number of people get affected by the cyber criminals who often hacked their user id and passwords and do banking transactions. Thereare a large group involved in this cybercrime, who just by hacking the operation able to access user ids and passwords of credit cards used by various common people and the scam is worth more than $300 million. The same group is also involved in the breaching of security of NASDAQ as well. Some other companies such as Visa Inc. licensee, J.C. Penney Co, JetBlue Airways Corp and French retailer Carrefour SA also get affected by this cyber-crime. They are able to hack data of at least 160 million payments card which resultant in the loss of over $ 300 million for the company. All these men are expert in their work and for a long period of time they are able to hack the operations of this payment card. While covering this story, Reuters News agency in their report has mentioned that “Oman Kotov mined them for data. They allegedly hid their activities using anonymous web-hosting services provided by Mikhail Rytiko. Russian Dmitriy Smilianets is accused of selling the stolen data and distributing the profits. Prosecutors said he charged $10 for U.S. cards, $15 for ones from Canada and $50 for European cards, which are more expensive because they have computer chips that make them more secure”.(Jones &Finkle, 2013). In this process the common people are the victims who often use their debit and credit cards to purchase various products using online shopping websites, make banking and other financial transaction and do other necessary works like making various payments (electricity bill, mobile and internet bill etc.). The process used by them to carry out cybercrime was a unique one and also unique in nature. By disabling the function of the anti-virus software of the payment mechanism system they were able to store data as per their requirement on various hacking platforms. As a result they are able to get access of number of user ids and password of hundreds of credit cards in the country. After acquiring all these data, they have sold those data to various “resellers, who then sold them on online forums or to "cashers" who encode the numbers onto blank plastic cards.”(Jones& Finkle, 2013) Among all the 5 accused the mastermind was Kalinin who was previously also accused for hacking the operation site of NASDAQ. He was involved in hacking the operation of NASDAQ as well for a span of 2 years, from 2008 to 2010. While reviewing their cybercrime associated with hacking of credit and debit card user-id-password it has been observed that they involve a huge number of people across the globe in this operation of hacking the log in data of the common people. They were involved in “theft of more than 130 million credit card numbers from U.S. payment processor Heartland Payment Systems Inc. beginning in December 2007, resulting in approximately $200 million of losses; 30 million payment card numbers from British payment processor Commidea Ltd in 2008 and 800,000 card numbers from Visa Inc.’s licensee Visa Jordan in 2011.An attack on Global Payment Systems that begin in about January 2011 resulted in the theft of more than 950,000 cards and losses of about $93 million.”(Jones & Finkle,2013). All these are done by this common group with the help of hundreds and thousands of people across the globe to disrupt the payment process. Impact on People In order to protect people from the hand of hackers various banking and financial sectors started to come up with more stringent policies in terms of their net banking facilities, issuing debit or credit card as well as allowing people to pay online by using their debit or credit cards. To protect bank account as well as net banking software banking groups started to enforce more and more firewall in their systems, making security password more case sensitive forcing their customers to change their passwords more and more frequently. It is more difficult to establish the claim for a one of incident of account hacking or hacking by using debit or credit card. As all these needs password to access so it is hard for people to established the fact that the transaction was made without their consent. The banking authorities in modern time imposing high degree of security for all the net banking software and every single transaction going through their portal but still sometime they are not in a position to maintain 100% security. Like the banking authorities, common people also need to maintain a keen eye on each and every transaction of their account, must change their passwords frequently, ensure they are not using those id-passwords in any kind of unsecured transactions etc. Dragon (2012) in his analysis has mentioned few points which in his opinion need to follow by the common men to protect their banking accounts as well as various banking transaction process, the steps are: paying proper attention, be financially diligent, follow old process like personally visiting bank for balance enquiry or any other non-financial works so that they can keep a regular update about every possible changes in the process made by the authorities, and most importantly changing password associated with net banking, credit or debit card regularly. (Dragon, 2012) Moral issues With increasing threat of cyber-crime, financial institution are now started to develop more and more stringent follow-up process with their customer to verify the authentication of almost each of their transaction made through online process. Banking process has improved and developed with the innovation of science and technology, but at the same time the risk associated with it has also increased drastically. Often, people who are using various kinds of net banking facilities faces various kinds of moral issues after they get heat by the cybercrime or they want to avail processes to protect themselves from cyber threat. Often they used to face allegation from the banking officials that they are making false claim as it is very hard for them to prove any online transaction as a hacked one. One of the key theories associated with this cyber hacking or cyber protection is the concept of Utilitarian Approach. This is largely associated with the consequences or outcome of a particular claim or incident. So whenever any individual asked for any kind of protection from cybercrime or claim anything against cybercrime, his or her intention is being critically analyzed. The bottom-line of Utilitarian Approach is to attain the utmost good for the highest number while making the slightest amount of damage or averting the greatest amount of suffering. (Stanford Encyclopedia of Philosophy, 2009) So in case of cyber security from financial crime it is very much important for the people who are offering the protection or judging the claim of the individuals against such incidents. Another theory associated with the cyberspace security is right theory. Right theory is often associated with the usual requisition that every individual used to enjoy. There are two kinds of rights for the common people, one is legal rights and the other one is the natural rights. One can define legal rights as those rights that are provided to us through things like the Constitution and include things like the right to bear arms or freely practice a chosen religion. These are rights that are man-made and are a set of laws that people in a specific society must follow”, and the natural rights are those which people generally enjoys irrespective of their status or position in the society. Cyber security can be considered as legal rights as people who often used internet for various kind of transactions and registered themselves for this special services generally enjoys. In modern era, it is very important to establish a new set of guidelines to make states responsible for any kind of cyber-attacks come from organizations or infrastructures, which are directly or partially under their jurisdiction. Banking and financial organizations are such groups who are partially or totally under states rue so it is the responsibility of states to protect people financial components.Clarke and Knake (2010) in their reviews have mentioned that to protect customers from cyber-crime, internet traffic from and to deviant states could be slowed or even cut off. This can hamper the service standard but to protect the security it is important. It is legal right for the victim to hack back, but as the cyber criminals are initially unknown in terms of identity do it is important to protect the financial strength first before hacking back (hitting back). (Clarke and Knake, 2010, pp. 249-252) A alternative way for the weaker US states in terms of cyber security is to take helps from the advanced states, states with high level of cyber security or those who like to spent high amount in protecting people’s rights can protect weaker states. At the same time, they can take help from the foreign countries such as European nations as well. Conclusion At the end one must consider some interdependencies between cyber security and the political goals of the respective nations; in this case it is USA. It has often been observed that by virtue of cyber security, various ruling parties used to keep track on the opposition which is not at all right. Not only the opposition political parties, very often the US government used to monitor other countries financial, activities as well as there are number of financial MNCs in the USA. Western companies and technologies now play an important part in the investigation and expurgating of internet communiqué all over the globe. Many claim for constricted transfer controls in those areas. This increases the question of whether onehas to ponder about the US cyber safety aid programs and the US internet liberty agenda as balancing or contrary efforts (Fontaine and Rogers, 2011, pp. 147-148) whether the cyber security policies is being misused by the government to keep a track on people’s personal matter or not. It has to be mentioned that, time and again cyberspace distortions ideas and programs that people used to think of as being parted. Perhaps this feature more than any other makes the business of international cooperation in the issue area so much complicated. References 1. Clarke, R. A. and Knake, R. K. (2010), Cyber war: The Next Threat to National Security and What to Do about It. New York: Harper/Collins. 2. Cyber Security: Coding Out Crime, (2013), Lockheed Martin; retrieved on 27.8.2014 from http://www.lockheedmartin.co.in/us/news/features/2013/coding-out-crime.html 3. Dragon, D. (2012), How to Stop Bank Hackers; Bank Trackers; retrieved on 28.7.2014 from http://www.mybanktracker.com/news/2012/10/23/prevent-bank-hackers/ 4. Driver, J. (2009), The History of Utilitarianism; Stanford Encyclopedia of Philosophy; retrieved on 28.7.2014 from http://plato.stanford.edu/entries/utilitarianism-history/ 5. Fontaine, R and Rogers, W. (2011), Internet Freedom and its Discontents: Navigating the Tensions with Cyber Security, America’s Cyber Future: Security and Prosperity in the Information Ag, Center for a New American Security, Vol: III 6. Jones, D &Finkle, J. (2013), U.S. indicts hackers in biggest cyber fraud case in history; Reuters; retrieved on 27.7.2014 from http://www.reuters.com/article/2013/07/25/us-usa-hackers-creditcards-idUSBRE96O0RI20130725 7. Roy J. G., (2002),Cyber law: National and International Perspectives. 8. Sharma,V. (2011), Information Technology-Law and Practice; New Delhi: Universal Law Publishing Co. Pvt. Ltd. 9. Stubley, D. (2013).what is Cyber Security? 7 Elements; retrieved on 27.7.2014 from https://www.7elements.co.uk/resources/blog/what-is-cyber-security/ 10. Tavani, H. (2007), Ethics and Technology, Ethical Issues in an Age of Information and Communication Technology; John Wiley & Sons 2007, United States of America. Read More