Syed Umar Ahmed | Freelancer Portfolio Item #139064

Cyber Attacks- A Daunting Menace to The Cyber World Cyber Security- An Undeniable Measure Information systems have evolved to become an indispensable tool for majority of the organizations worldwide, in the wake of the evolution of high-tech infrastructures lately. The masses become apprehensive when it comes to keeping their data and personal information secure within the information systems. Also, the plentiful hackers that have recently vandalized the integrity of the information systems by means of identity theft, has caused a serious dilemma to this situation. As a result of these factors, preserving the integrity of the data and information of an organization now seems to be of pronounced significance. There has been a rapid increase in the stealing of valuable data of many corporate organizations as reported by various news resources, as mostly all the sensitive data related to clients is being stored on computers nowadays. It is therefore imperative to be concerned about securing the information and data integrity as these are the core elements for any business. This information serves for the purpose of proper business operation and they do not contribute for profit sector which has the role of spreading awareness among the masses regarding identity theft cases. The absence of relevant information may cease the normal business operations, as the integrity and value of the information are very critical elements for every organization nowadays. In order to take full advantage of the scenario, organizations must realize the significance behind building up of an effective information security system. Organizations, with different volumes of its employees, gather and maintain their sensitive information about their customers, employees, financial operations, products or researches. A large number of information is processed, collected and stored on different computers and are then transmitted between different computers across a network. Unknowingly, if such information passes over an unidentified network, that may ultimately cause bankruptcy or even identity theft of the said business. These days, the evolution of information security has been the “Topic of the Town”. The proliferation of the information security sector has caused increased number of career opportunities, some of the notable areas of the information security sector are information systems auditing, security testing, network security, database security and application. Digital Forensics and Business Continuity planning are also some of the other notable areas. What is the terminology of Information Security? Information Security encompasses itself to the group of technologies, policies, management practices and standards that are pivotal in keeping the information secured. Alternately, it also encourages the practice of safeguarding the information systems infrastructure, so as to protect it from unauthorized personnel, information degradation, information disclosure, alteration of information, thus ensuring confidentiality and integrity of information. Information integrity is composed of safeguarding the information from inadequate information alteration or destruction that ensures adequate information An integrity means protect against improper information modification or destruction which includes ensuring the information non-dissent and originality. Whereas confidentiality occupies restricted access mechanism, protecting access mechanism and declaration that is inclusive of safeguarding proprietary information along with personal privacy and last but not the least, there is availability, which ensures prompt and definitive access to using the information in an effective manner. This idea is established on the very notion that stresses over the significance of maintain information integrity, as the absence of which, would result in substantial loss and harm to the business or government information system setup, here comes the part of information security that works to reduce such possibilities of system failure. The terms could be interchangeably used as information assurance, computer security or information security. Main Facets of Information Security The aspects of securing the information is of utmost importance for almost all the organization in today’s era. The information used to be secured in the previous era, but however, various organizations were able to obtain sophisticated security solutions, provided to them by other countries or organizations. 3 features contained in information security however could cause it to become impossible. Firstly, the information security’s attribute is comprised of gathering of influences, to which most of the organizations are introduced differs with other organizations. The security of information provided to the area in which business is running, its physical location, also the type of information technology infrastructure that is being employed by the organization. Second of all, information security also contributes to each and every behavioral and structural facets of an organization. This predicts the occurrence of information stealing events due to the inadequate security measures. Finally, every individual whether he is from the management, he is an employee, or even the employer is also the part of this information security system setup. Cyber Threats Cyber threats can be classified into the categories as follows: · Bot-Network Operators · Phishers · Spammers · Spyware and Malware Authors · Cyber Warfare · Cyber Crime · Hackers Challenges Faced During Cyber Security Implementation Having possessed distinctive features lead towards the occurrence of various challenges in the world of cyber security. The most significant of them all would be the co-operation and co-ordination among stake holders at global levels. A detailed substructure is therefore deemed essential to make sure there is co-ordinate response, information sharing mechanism, intelligence, recovery, responsibility of various agencies and governments clarity in roles. There has been a lacking in designated industry role in private-public partnership models at the state level. At global level, non-existence of internationally accepted standards presenting collaboration across jurisdictions, serving the purpose of banishment of cyber criminals by tracking them out, has been causing difficulties for law imposition bodies, thereby causing a significant hindrance in the effective trials of cyber criminals. Deficiency of proper training and knowledge of law imposition agencies as well as judiciary in most of the nations, which is vital in comprehending the authenticity of evidence which is usually presented by cyber forensic experts and cybercrimes. Preservation of sensitive information infrastructure appeared to be one of the crucial challenges in modern times. Conventionally, the exclusive government’s responsibility lies within the policies of National Security. The present-day responsibility of preserving sensitive information infrastructure in the wake of increasing number of hack attempts/cyber-attacks, has surely become a part of the national security’s purview. This brand- new responsibility, doesn’t however encompasses itself only within the government sector. Besides, private sectors also need to play a vital role, due to the fact that the majority of the owners of sensitive information infrastructure setups are privately held. Even so, the investment of private sector within the security sector is governed by business needs and aren’t driven by national security threats. So, what about any governmental intercession? By encouraging or managing private sector? A debate has been underway so as to decide the path nations would follow. It is a belief of many, that market entities can’t be able to produce the desired efforts and investments for assuring national security public safety. Whereas, others are of the view that increased involvement of government by means of various regulations could lead to subvert business effectiveness. Until now, we haven’t got any positive solution to that problem as yet. ICT Global Supply Chain has emerged to be one another source of distress, which is due to the over-reliance on ICT products, that have made nations raise fingers on their credibility, as they are being widely employed in growing realization of cyber risks and in operating critical sectors, with the fear of having their opponents introduce some harmful functions/codes to perform secretive scrutiny, derange services/ or immobilizing a nation. Attenuating such concerns and doubts to continue having received profits/benefits out of ICT chain is considered to be one major challenge, which is being faced in this cyber world since quite a long time. While a few nations are striving to cope up with this challenge, it is being done by building national and global capabilities, which will work to assess risks associated to supply chain, in such a manner which wouldn’t undermine the legitimate trade flow and global competitiveness; rest of the others are concentrating in building up native/local products in order to effectively cut down the over-reliance on the foreign sectors. Inadequate awareness and knowledge about threats encountered in cyber security setups and the obligation to implement best practices, is yet one another challenge having profound significance- which ranges between top government officials, management in the corporate world and school children as well. The adaptation of casual approach many a times lead to problematic situations. Absence of awareness and required knowledge among different users thereby causes risk occurrence to increase. Due to lack of awareness, one gets endangered and may become prey to the ongoing cyber-attacks, spurious email communication, phishing sites, etc. A fair percentage of these attacks could very well be alleviated by bringing in vigilance and awareness among individuals. Other bigger obstacles in examining issues pertaining to cyber security at a company’s level includes: treatment of security function as a cost center, lack of multi-departmental coordinated roadmap, difficulty in calculating Return on Investment (ROI) for security investments and lack of high-quality software development. Critical Analysis on The Topic Presently, we have been facing a crucial scenario which is causing cyber security to become of an adversary than a partner. It is now out of our hands, and now pushing people to ask if the private sector and government do have esteem for their civil independence or not. Soon after the development of cloud technology, both the private sectors and government have been storing massive chunks of information and data, out of their office premises, thus making it more vulnerable to cyber threats. The foes are able to harm your information from within the organization as easily as they could do from outside. A good instance of hacking was the famous Wikileaks, which was comprised of sensitive data from all around the globe related to embassy communications, and was downloaded and compiled by J. Kirk Wiebe, a U.S Soldier, which was later shared by him worldwide. Second example is of Edward Snowden, who is a renowned whistle blower coming from NSA, who executed yet another government leak of U.S.A, in which he was able to gather thousands of categorized files, who were striking from within NASA, in order to prove it to the world of what he was thinking, other countries privacy (Riley) and U.S. government in citizens were over-reaching in numbers. Whereas, the private sector and the government may be succeeding over the idea which focuses on assuring data integrity to its citizens, they are surrendering their civil freedom that has been a distinctive feature of our nation, as its foundation dates back 200 years. Now the government-based servers are not just apposite to cyber threats, but private sectors have also started falling prey to it. Firms like Sony and Target have been profusely shattered by such attacks. Huge market shares of Target were left astray because of the drastic cyber-attacks, that caused loss of bulk of confidential information regarding their client. Clients are avoiding themselves to deal with Target as they feel insecure about their sensitive information. There have been numerous attacks on Sony as well, but their management have strived hard to cope up with this, by deploying sophisticated encryption and security features, ensuring client’s integrity. Every attack on an organization is concerned with an advantageous result that has risen up from overall defects, which become uncovered, which in turn allows organization to do betterment within their cyber security domains. Heartbleed, is one useful example to this. Heart Bleed is a recently known bug that attacks through OpenSSL, its motive is to locate passwords, and some other private/sensitive customer’s information. It had caused considerable harm to once known to be impassable platforms like, Google, Yahoo, and Instagram. Several weeks later, all violations were addressed by adapting a flexible methodology. Presently, the competitiveness, shown by both the private sector as well as the government sector, for the purpose of facilitating the scarcity of cybersecurity professionals, has been resulting to cause a dispute between talent and resources, that is even causing problems for the affectionate side of the cyber sector to enhance in its framework. These cyberwarriors are now being targeted by the government, during their student life and get enticed before they think of joining a private organization. How it is done? They start paying scholarships, salary, books and tuition. Victor Piotrowski says “Contrary to most of the government programs, the budget of Cyber Corps got tripled to around $45 million per year, during the last 3 fiscal years”, Victor who is a front end program director at National Science Foundation for Cyber Corps. “Around 4 IT positions out of 10, were left vacant in the year 2013, it was reported in one survey comprising 500+ organizations by Institute of Ponemon, which studies data protection, information-security policy and privacy” stated by Lawrence. Very often, employees from the government sectors are enticed into getting handsome salaries offered by private companies. Lawrence says “Government has been under pressure as it has failed to retain much of its cyber skilled employees, as they decide to quit government sectors, due to the fact that they are not comfortable enough in closely observing US nationals without their awareness. Due to the presence of such obstacles, cyber security represents more like an adversary than a friend. Many of the new obstacles will continue to develop in near future within this cyber field. No one, would’ve ever thought of internet technology 70 years ago, that it would modernize our lives to such an extent that it would enhance the interaction patterns and the outlook of the world, it was so much difficult to speculate about it. But, it is true that we may theorize this idea, in near future. Cyber Security has already begun creating issues for technologies such as mobiles, and more likely this is going to increase with the passage of time. Mobiles are luring targets for the audience, as we may get crucial information such as secret work files, photos, location, credit card accounts Much large number of hackers have begun targeting this evolving platform. It was reported that there had been a considerable increase, by around greater than 30 times to be exact, in the detection of different types of threats as was observed on platform such as Google Android during the period from April, 2012 to Dec 2012, the same is speculated to attain the value of 1million soon. Are we going to experience the end of internet era, and if yes, where do we find ourselves in the near future? There have been massive expansions in the internet from time to time, which holds true for cyber security along with its corresponding privacy misuse and civil freedom. The internet era ruination could well be caused by NSA, due to the fact that they have devastatingly altered the smooth balance of governance, self-expression and internet cyber security. In one of the present-day speeches delivered by Snowden, it was stated: “You are the firemen” (McCracken) while NSA has setup fire to the internet”. One of the recent decisions made by the FCC pertaining to Fast Lane has emerged to become as an added problem that has same significance to the internet era future along with cyber security, this decision has allowed the internet service suppliers to ask for extra charges as premium in return for much faster and responsive speeds for websites. One situation could be explained here, where a big organization having much greater budgets may have the permission to distributing files as compared to those organizations having relatively smaller budgets in place. Many of the experts are of the view that such an intrusion on equal and free access to dispensing information via Internet leads to developing a menacing trend, that would likely permit the organizations manipulate the web stored information. Such a policy, initiated by US government, could serve to act as one of the worst things that could happen to the internet era and civil freedom, even worse than cyber security breaches. Since, cyber security and internet have been there in the history for a considerably shorter time period, it has drastically changed the means and ways of interaction by corporations, individuals and governments. During its initial stages, cyber security evolved to portray itself as a friendly medium, working to safeguard the then available source of information over the internet. Presently, a poor side of it, formulated for the purpose of US Citizens protection, has extensively changed US Government’s way of implementing cyber protection. Other governments besides the US citizens have gone in a shock state after realizing that their cellular calls as well as their data has certainly become exposed and open and could be scrutinized anytime by US Government. Organizations like Wiki leaks and Snowden have started to fight for the cause of reinstating balance of cyber security and civil liberties. This crucial issue is yet to have its future written down, but certainly it has become evident that cyber world hackers will continue to become more sophisticated, so extra vigilance shall be required in order to provide citizen’s safety. Development of unique and new viruses along with the bulk of digital weapons could very well cause the balance of power to be shifted among the countries and create an unwanted threat to our lives. Mercantilism, in the past, has paved a way for countries with maximum land shares to enjoy greatest authority, but now this historic fact has changed completely. In today’s era, a country having maximum number of resources and digital warriors would be victorious. The mechanism of cyber security was launched to help protect citizens and safeguard their valuable information, however things have changed drastically. Most of the Americans are of the view that the country that was founded upon the basic civil rights, here these rights are in severe danger, because of the evolution of digital protection. Security issues in cyber domain would likely economize the trends of information sharing. The global access ease of the www era, might well become a past event, as organizations will tend to retaliate their adversaries by building sophisticated communication channels, which will be dedicated to forbid passage to the world. Open platform that had been developed by the world, is now being destroyed from inside out. In today’s advanced era, individuals as well as organizations (like business houses, educational and financial institutions, corporations, government and military), do realize the significance of incorporating adequate cyber security measures, that help store and gather a large amounts of sensitive and private information on personal computers, these information then gets transmitted to various other computers via multiple networks. As far as families are concerned, safeguarding family members from the hazards of such crimes has certainly gained utmost importance. It is pivotal for any individual to have his social life information, personal information safeguarded appropriately. A large number of knowledgeable articles have become easily available via internet, but internet does have threats as well. Videos, photos and other sensitive information of an individual on different sites like Twitter and Face book could very easily be exploited, thus leading towards worst nightmare for that particular individual. Social sites have evolved to become as the most popular source of sharing ideas, information and socializing with people. But such sites have also contributed towards increased cybercrimes, information leakage and compromised personal identities. Hence it is vital for individuals to be aware on how to keep them protected by such hazards, and should also always understand the real world and virtual world’s dissimilarities. One should comprehend to safeguard personal information, so as to avoid its hacking and must also participate in some online activities in an attempt to gain knowledge about culminating the menace of cybercrime, thereby ensuring a much safer www environment. The measures incorporated within cyber security is very important for all state, central government and locals, as such organizations have a large database of customer information which is very sensitive, as well as records pertaining to the state citizens. Yet at the same time, many of the governmental firms experience hurdles in safeguarding their sensitive data due to limited funding, lack of security awareness and lack of adequate infrastructure in place. Stealth of private and sensitive data, from governmental firms, alongside digital spying could continue to create serious threats for a nation. Due to this very reason, implementing cyber security measures for government organizations has its own significance that could not be denied as it plays a crucial role in nation’s safety as well. The growing number of internet users on social media and other platforms has caused the significance of cyber security much more vital. Increasing number of cyber threats, such as phishing scams, cyber vulnerabilities and data theft, ask the users to enhance their security and be much more vigilant over the internet. It is therefore pivotal to comprehend the different types of threats involved in cyber space that are now quite dominant over the internet. Each user must take extra precautions before joining any unknown channel on the internet, they must also be extremely careful while sharing their critical and sensitive information through the Internet. Concluding Remarks The importance of implementing adequate cyber security measures is undeniable nowadays, as it is essential to national security and should become an essential part of every government’s policies. As threats continue to become more sophisticated, much more reliable and robust systems need to be designed to combat such threats effectively. Public sector services alongside Government services should work in collaboration with national defense and industries, to adequately implement policies of cyber security mechanism, which further involves testing and implementation of security measures. Since there has been a considerable increase in the use of social media and internet, therefore the need of putting cyber security measures to practice has become inevitable. Increasing cyber hazards such as cyber vulnerabilities, data theft and fraudulent scams have made the users realize the importance of having their data protected appropriately. The knowledge of various risk types within the world of internet is essential. Each user must be extra vigilant while using the internet for sharing information, like their personal or social information, they should exercise extra care while dealing with people over the internet.