Internet Security Breaches
The world has been undergoing persistent transformation which some have been attributed to the changing developments in science and technology. In particular, information and communication technology is one of the most celebrated developments. Indeed, information technology has changed the lives of people across the globe.
Information technology has reduced the world to a global village through fostering advanced communicationforms. However, with the advancements in information technology, especially the internet, insecurity issues have emerged.
Insecurity issues have, in turn, sparked far reaching implications to the users. The most rampant security breaches that have been evidenced within the last six months include cyber bullying, network intrusion, cyber fraud, virus launching and data breaches. Cyber Fraud Cyber fraud can be defined as the use of software or internet services to defraud victims or taking advantage of them. This includes stealing information that is considered personal, in what constitutes identity theft. One of the most common forms of internet fraud entails distributing rogue security software.
Internet technology has created the allowance for criminals to carry out fraudulent transactions, as well as transmit the proceeds of the frauds to other institutions. Cyber frauds occur in message boards, websites, emails and even chat rooms (Messner, 2012). Purchase fraud is an example of cyber fraud and occurs when a perpetrator proposes a business transaction to a merchant, only to use fraudulent mechanisms, such as a fake or stolen credit card, to pay for it. The eventuality is that the merchant does not receive the payment and may even be charged back for accepting credit cards.
Another example of fraud is whereby theperpetrators post information about goods that they intend to sell. Interested buyers are asked to make payments for the purchase and delivery of the goods. However, it later turns out that the goods were non-existent and they had only been conned. The third example of cyber fraud is phishing, which is the act of masquerading as a person that can be trusted, such as bank agents or consultants, to acquire information that is sensitive, such as details of credit cards and passwords, among other details that victims may be convinced to share.
Subsequently, the information offered is used for fraudulent transactions. It is argued that cyber frauds makeheadlines each day. In October 2012, Barners & Noble Inc. made announcements that several PIN keypads had been hacked in as many as its 63 outlets, leaking the card information and PIN numbers of its customers. Easy Solution is one of the companies with evolving techniques of curbing cyber frauds. The company claims to be the only one that is well placed to curb various forms of electronic fraud, clouds and premises.
The company has introduced an updated version of the Detect Monitoring Services, which entails timely fraud protection, enhanced monitoring capabilities and enhanced fraud protection. Detect Monitoring Service software effectively monitors the behaviors and patterns associated with phishing scams. Thus, it stops the threats before they cause damage. The software comprises of a relatively simple interface that can effectively function for all forms of clouds and even premises. It is argued that of over 800, 000 phishing attacks, the service enabled the company to detect as many as 76% on timely basis, exhibiting 3.6 hours of average deactivation time. Online transactions services have been particularly affected by cyber frauds.
More often than not, customers often get cautious when asked to give personal information. Online transaction service providers have only resorted to instilling confidence in the customers as a way of encouraging them. This entails displaying policies, security badges and trust certificates, as well as the contact information. Online retailers should highlight security around the websites’ secured areas to assure customers that their confidential information is safe.
This should be done, regardless of whether some browsers have security indicators built in them. Some online retailing companies, such as Amazon, display this through the use of the sign-in button. Others opt to use padlock symbols that are located in the sign-in areas. This is advisable, even when it is not needed by the customers. Online retailing companies are advised to give alternative contact options. Indeed, some companies are offering customer care support by using call backs, e-mails, and chats to enable users report suspicious activities.
Data breaches includeall those cyber activities characterized by unauthorized access, use and disclosure of individuals’ or organization information over or from the internet. Malicious attacks are considered to constitute the most expensive data breach, yet they are increasing. Malicious attacks account for as significant as 40% of the data breaches where negligence account for about 32% (In Defense of Data, 2013)Computer software companies, healthcare records and companies have been the most targeted and have accounted for as significant as 93% of the global data breaches (In Defense of Data, 2013).
Network security is a necessity for every company. A company’s network cannot be said to be effective if it consists of security lapses. Threats to company’s network can be considered as a subject of various activities. However, former employees who leave the company due to downsizing can be considered as a significant threat. Other activities such as a daily courier dropping packages at the company’s premises, employees travelling on company business to other cities, or building management company installing a fire extinguisher system in company’s premises are not a serious threat.
It can be argued that individuals with the potential of hacking, sabotaging and damaging systems are those with familiarity to nature and form of network system. Therefore, an employee that left the company has the capability of hacking the company’s network since they are familiar about the loopholes in the company’s network system. What increases the possibility of hacking is,if the employees left the company due to retrenchment, the attempts of network hacking could be fueled by the whims of revenge.
It is argued that all former employees that worked in the company, accessing sensitive data bases and financial documents pose a threat to the company’s security. The fact that information technology does not respond to the altering of access points act as a fueling factor. Therefore, a person with information about the company’s network system has the potential of causing more harm than a hacker. According to the 2005 CERT survey, a significant number of former employees are increasingly utilizing the opportunity.
The survey indicates that about 59% of the security intrusion is done by former company’s contractors;48% of those involved in hacking had been sacked;38% had left the company due to downsizing while 7% had been retrenched. The survey also notes that former IT professionals are particularly a significant threat to data security(Hazelden Foundation, 2012). Data breaches caused by negligence could be resolved by addressing the factors associated with negligence. On the other hand, data breaches caused by malicious software could be prevented by using appropriate network intrusion, detection techniques and anti-spyware software.
Technological mechanisms would include updating and altering passwords for security purposes. Network intrusion/ Hacking Network intrusion or hacking refers to the unauthorized entry into a network, often characterized by malicious ambition of intercepting information from the network or website. The information can be used for other criminal activities such as fraud or espionage. Telvent Company hacking is considered as one of the recent hacking events that occurred in September 2012.
The company has learned that its firewall and security systems have been compromised by the attackers who installed malicious software that enabled them steal project files. Telvent, a company whose services and software are applied in monitoring energy industry reported that it has been hacked which affected its operation in United States, Spain and Canada. The incident was blamed on Chinese hacking groups opposed to Western interests (Thiel, 2012). Lately, US officials have blamed Russia and China for staging intrusion attacks against United States for espionage, economic gains and other selfish motives.
In November 2012, Leon Panetta, the US Secretary of Defense, had warned that United States was about to experience a cyber-attack comparable to Pearl Harbor, blaming hacking incidents that had been linked to the Middle East and United States Oil producers (Messner, 2012). The technological intervention to network intrusion is the development of Intrusion Detection Systems (IDSs). IDSs refer to application of device or software that aims at monitoring either networks or activities of systems against activities that are either malicious or that violate policies in place.
Types of IDSs include Network Intrusion Detection Systems (NIDSs) and Hot-based Intrusion Detection System (HIDS). Network Intrusion Detection System is considered as one of the most popular approaches. Network Intrusion Detection System refers to a system that is designed to detect activities that are considered malicious such as service denial attacks, port scans, as well as cracking into computers via Network Security Monitoring. NID senses the packets coming through the network and scans them in order to identify patterns that are suspected to be malicious.
Such patterns can be referred to as rules or signatures. Not only NIDSis limited to scanning of the network traffic that comes into the system but, one can also find a lot of important information concerning network intrusion from both local traffic and outgoing networks. More so, through NIDS, it is possible to stage attacks from the inside the network under monitoring and even a segment of the network. In this regard, such attacks are not in any way considered as incoming traffic. Usually, other various systems are incorporated to function with NIDS.
The other network systems could, for instance, deal with updating the blacklists of firewalls using IP address of the computers under the use of real or suspected network crackers. NIDS consist of documentation (DISA) that utilizes ‘NID’ as a terminology with a target of distinguishing IDS that are internal from external. Just like any other IDS, NIDS comprises sensors and management console as its essential components. While management console deals with management and reporting, sensors deal with monitoring of networks. NIDS senses network intrusions through examination of network traffic.
The system has the capability of monitoring multiple hosts. Usually, the access to the network traffic is gained through connection to a hub of networks, port-mirroring configured networks or even through the network taps. The NIDS sensors are situated at checkpoints of networks under monitoring. This are more often than not located in demilitarized areas or at the boarders of the network so as to increase effectiveness. All the network traffic is captured by the sensors before each of the packets’ contents are eventually analyzed for malicious network traffic.
There are various examples of NIDS such as commercial products (such as ISS Realsecure, NFR Network Intrusion Detection System, Sourcefire and Computer Associates e Trust IDS) and freeware products (such as Ethereal, Snort and Tcpdump). Snort is the most common of all. NIDS should be considered as the most appropriate for organization securitybecause it ensures the greatest impact on the security of the network, takes shorter time to deploy compared to HIDS, yet it is relatively cheaper.
Additionally, as long as it is placed on the outside of firewall or demilitarized zones to ensure for effectiveness, NIDS is capable of monitoring all forms of internet traffic and relays immediate feedback on the nature of network security. NIDS is very important to the general internet security. But particularly concerning the network security, NIDS is farther important to organizations in the following ways: first, NIDS has the capability of detecting attacks that HIDS cannot, for instance, fort scan and denial-of-service.
Second, NIDS quickly detects and alerts on incidents of intrusion to avert maximum damage. This is particularly suited t o the demilitarized zones, considering the fact that internet providers usually situated at the zones are major computer attack targets. Third, NIDS is capable of reporting successful as well as unsuccessful attacks which is particularly essential as it offers a chance to better understand the network and hence, a key to network security enhancement. Fourth, NIDS equips organizations with knowledge regarding the environment of their network.
Fifth, but for application of NIDS, it is difficult to identify network hacking. Lastly, NIDS is very important for organizations’ forensic evidence tool (Thiel, 2007). In this regard, it is not easy to tamper with the evidence unless the aggressors interfered with IDS. Launching worms Launching worms is a cybercrime that involves development of worms, also referred to as viruses, then releasing them on the internet domains. The worms slow down the internet connectivity or infect computers to stop them from functioning effectively.
In 2000, FBI suspected incidents of cybercrimes being committed by the Russian citizens namely Alexey Ivanov and VasiliyGorshkov. It sought to track the suspected cyber criminals, luring them to come to United States with a ruse of a job promise (Quinlan, 2012). Activities of concocting worms and launching them on the internet are illegal in some parts of the world. As such, a person found to engage in cybercrime activities that spreads worms is likely to be prosecuted in various courts of countries affected by the worms. In some cases, the prosecution can be consecutive.
However, in practice, few countries are in the position of claiming jurisdictions partly because some assume other countries would have incurred serious damages to consider it a priority to prosecute. These reflect how tricky dealing with cybercrimes across the borders is. Certain actions that are done on the internet may be legal in countries where they are initiated, but illegal in other countries that have access to the internet content. There are various recent incidents that entail virus launching. In October 2012, reports were made that FBI was to shut down a DNS as a way of containing viruses.
Users were required to check their computers for virus and clean them before they could be allowed to access. These steps had been taken following the launching of the internet infestation by the DNS changer virus. The virus had cost the world billions of dollars (Quinlan, 2012). There are various technological approaches to worm problems. The most common approach is through installing anti-virus software. The antivirus software could be installed remotely on the computers, creating the allowance for all the information that streams in to be scanned for viruses.
Malicious files and viruses are either blocked or repaired. Anti-virus could also be installed on the internet to scan the information that is sent over it. Websites, such as Google, are now offering such services. There are various antivirus software products on the market, including Avira, Norton and Kaspersky, which are effective in detecting and blocking malware (Nnap, 2011). Cyber bullying Cyber bullying has been cited as one of the areas that constitute internet security breaches. It entails transferring of abusesor information aimed at intimidating other people.
Cyber bullying has turned out as the newest platform for which the people, especially the youth, are increasingly abusing each other. The more concerning issue is that there are currently no new appropriate techniques that intervene for cyber bullying despite the large numbers of children who have access to information and technologies. Internet and cell phone communications have been cited as tools of cyber bullying. Even more intriguing is that cyber bullying occurs during class time. Various incidents of cyber bullying have been witnessed recently.
One of the cases that conspicuously featured on news headlines was of Alexis Henkel, a high school student. Henkel was charged with posting a number of anonymous and threatening messages on the internet account of one of her former classmates, who she accused of engaging in a flirt with his boyfriend (HazeldenFoundation, 2012). It has been argued that cyber bullying is particularly rampant because most cases are not reported. The most appropriate technological approach to addressing cyber bullying entails the application of safety tools, which facilitates content monitoring, as well as blocking.
Indeed, various social sites now offer safety tools that enable users and administrators to report and block forms of communication that amount to bullying. These go hand-in-hand with the approach of instilling of ethical morals among the users, as well as enlightening the society on online safety, including ways of using online safety tools. Category of internet security Breaches Information leakageIntegrity ViolationDenial of ServiceIllegitimate use Data breaches; information stored in a website is accessed and released without authorityCyber bullying; entails sending abuses and information that undermines the integrity of other people
Worm Launching; worms or viruses block internet access, denying the victims access to the internet. Additionally, some worms infect computers, making them malfunction. This also denies the victims access to computer services1. Internet intrusion and Hacking Hacking enables the perpetrators to access websites and use services illegitimately. 2. Cyber fraud Cyber fraud constitutes the motives of illegitimate use of internet resources