Valdez 1
Genesis Valdez Professor Powell ENC 3241 March 10, 2013
Cyber Security: Protecting against Attackers Executive Summary Our lives revolve around technology now days, especially the use of the computer, it is almost implemented in our everyday lives, and as technology advances also the risk of being attacked by an intruder increases as well. Computers are used for controlling banking information, maintaining power grids with electrical companies, and mana ging the security and welfare of a country, and for man y personal uses as well. The Cyber security standards hav e been created recently because sensitive information is now frequently stored on computers that are attached to the internet. The energy company BP says sa ys it suffers 50,000 attempts cyber intrusion a day and The Pentagon reports getting 10 million attempts a day. These are examples of how intensive are the attacks to important agencies and businesses. It is a worldwide problem, not only in the United States, but b ut other countries such as the United Kingdom, Russia, India, Canada and France also suffer from Cyber Attacks in a daily basis. The question is how to protect oneself from these attacks. There is no way to prevent it fully, however being equipped with a knowledgeable team and an d the necessary tools can prevent a lot of damage. It is critical to be informed and having some knowledge on the matter will allow us to understand what is happening and perhaps how to prevent a cyber-attack from occurring.
Valdez 2
Figure 1.1. Cartoon image of Cyber Attack.
What are Cyber Attacks? The term Cyber Attack or Cyberwarfare refers to the hacking to conduct sabotage and espionage through the internet. It is a form of information of information warfare sometimes seen as analogous to conventional welfare although this analogy is controversial for both its accuracy and its political motivation.
Valdez 3
Methods of Attacks:
SabotageIt is intended a method used to disrupt the activities of computers and satellites which are vulnerable components. It can compromise the military systems which are responsible for communications and it can also be vulnerable to disruption, and be intercepted or replaced maliciously. Also power, fuel, water and transportation may be subject to the same. According to Clarke in “Clarke: More defense needed in cyberspace”, cyberspace”, the civilian realm is also at risk, noting that the security breaches have already gone beyond stolen credit card numbers, and that potential targets can also include the electric power grid, trains, or the stock stock market. According to the article” BBC: Spies 'infiltrate US power grid'”, grid'”, The US government has admitted the nation's power grid is vulnerable to cyber-attack, following reports it has been infiltrated by foreign spies. A Massive power outage caused by a cyber-attack, could cou ld disrupt the economy and distract from a simultaneous military attack.
EspionageEspionage or spying involves an individual or a government that obtains confidential information without the consent of the holder of th e information. It is done by exploiting methods through the internet, networks and software. It is in many cases illegal and punishable by the law.
Valdez 4
Figure 1.2. Cover of the Time magazine.
Recent Attacks: A hacker group calling itself Izz ad-Din al-Qassam C yber Fighters took credit for a series of attacks on the Web sites of Bank of America, Citigroup, U.S. Bank, Wells Fargo and PNC that caused intermittent delays on January 2013. The group said it had attacked the banks in retaliation for an anti-Islam video that mocked the Prophet Muhammad and pledged to continue its campaign until the video was removed from the Internet. In an online post po st on Tuesday, the
Valdez 5
group said that it had resumed Operation Ababil Ab abil and that, over the last several seve ral weeks, it had focused on nine banks: JPMorgan Chase, Bank of America, Citigroup, Wells Fargo, U.S. Bancorp, PNC, BB&T, Suntrust and Regions Financial. Of the nine banks, representatives of PNC, BB&T and Citigroup confirmed that their online banking sites had experienced intermittent disruptions because of a high volume of Web traffic, but they said that bank accounts and customer information had not been affected. Though they were not mentioned in the group’s group’s online hit list, Capital One and Fifth Th ird Bank also also experienced brief disruptions, according to the article “U.S. Banks Again A gain Hit by Wave of Cyberattacks”. Cyberattacks”.
A most recent attack was on February 2013, by the hacktivist group Anonymous, whom strongly opposes Internet censorship and surveillance, and has hacked various government websites including the pentagon. This group cyber attacked against the websites for the Federal Bureau of Investigations (FBI) and The United States Department of J ustice (DOJ) since they shut down a website that provided file sharing services called Megaupload.
Cyber intrusions Attempts: Attempts:
The energy company BP says sa ys it suffers 50,000 attempts cyber intrusion a day.
The Pentagon reports getting 10 million attempts a day.
The National Nuclear Security Administration, an arm of the Energy Department, also records 10 million hacks a day.
The United Kingdom reports 120,000 cyber incidents a day. That’s almost as many as the state of Michigan deals with.
Valdez 6
Utah says it faces 20 million attempts a day -- up from 1 million a day two years ago.
In 2007 the year that Twitter was founded, found ed, U.S. Computer Emergency Readiness Team (US-CERT) received almost 12,000 cyber incident reports. That numb er had more than doubled by 2009. The U.S. Computer Emergency Readiness Team is a national clearinghouse of cyber threat information ran b y The Homeland Security Department.
What is Cyber Security? Cyber Security involves preventing, protecting and responding to these cyber-attacks. Today everything relies on computers, and some examples are:
Communications o
Transportation o
Online stores, Credit cards.
Entertainment o
Airplanes and Car engines.
Shopping o
Cell phones, emails.
MP3, Video Stream.
Medicine o
Equipment.
Valdez 7
What can you do to protect yourself? Before we can cooperate in a higher level, lev el, we need to start securing secu ring our safety at home first, that is learning and understanding the risks and how to act when a situation arises. Evaluate your computer security settings: Enabling certain features to increase convenience or functionality may leave you more vulnerable to being attacked. It is important to examine ex amine the settings, particularly the security settings, and select options that meet your needs without putting you at increased risk. Use and maintain anti-virus software and a firewall: Protect yourself against viruses and Trojan horses that may steal or modify the data on your own computer and leave you vulnerable by using anti-virus software and a firewall, and make sure the virus definitions are up to date. Regularly scan your computer for viruses and spyware which are hidden in programs that may affect the functionality of your computer and give access of your data to attackers. Ensure you delete properly confidential information: Just deleting it, it does not mean it is completely gone, it is superficially deleted but is buried somewhere. The way to delete it is by by overwriting with new contents. There are softwares that allow the search of that information and overwrite it, deleting it completely.
Conclusion: As technology advances the threats to our ou r security system increases, and we need to ensure our systems are well secured because it can affect us greatly in our everyday ever yday lives. We need to become aware of the risks by learning how the cyber-attacks works, their types and measurements of securities we should take starting in our home and work place.
Valdez 8
Recommendations: Instead of the United States Government prosecuting groups like anonymous, they should partner and work together to protect America, and make it safer from other countries’ other countries’ cyberattacks. They certainly have the knowledge and capabilities since they were able to bring down the websites of the Federal Bureau of Investigations (FBI) and The United States Department of Justice (DOJ).
Valdez 9
Citations: Shiels, Maggie. “BBC: Spies infiltrate US power grid”. BBC News Web. 10 March 2013.
Richmond, Riva.“Malware Riva.“Malware Hits Computerized Industrial Equipment”. Equipment”. New New York Times. 24 September 2010. Web. 10 March 2013.
NP."Internet strikes back: Anonymous' Operation Megaupload explained". RT. January 20, 2012. Web. 10 March 2013. Perlroth, Nicole. “U.S. Banks Again Hit b y Wave of Cyberattacks”. New New York Times. 4 January 2013. Web. 10 march 2013. “Cyberwarfare.” Wikipedia.n.d. Web. 10 March 2013. Fung, Brian. “How Many C yberattacks Hit the United States Last Year?.” Nextgov. 8 march 2013. Web. 10 March 10, 2013. McDowell, Mindi. Householder, Allen.” Why is Cyber Securit y a Problem?.” United States Computer Emergency readiness team. 6 May 2009. Web. 10 March 10, 2013.