Cyber Crime

Student’s name

University affiliation

Table of Contents

Introduction………………………………………………………………………….……3

Literature review……………………………………………………………………….….4

Methodology ………………………………………………………………………….……8

Limitations………………………………………………………………………………….9

Results………………………………………………………………………………………9

Discussion………………………………………………………………………………….16

Recommendations………………………………………………………………………….22

Conclusion…………………………………………………………………………………22

References………………………………………………………………………………….23

Appendix……………………………………………………………………………………24

Cyber Crime

Introduction

Cyber crime is one common method of blackmailing, threatening and stealing organizations that are increasing at a high rate in the whole world. The crime is affecting confidentiality, availability and integrity of the information technology environment in various organizations. General methodologies in risk analysis may be used in making an entire cyber risk cartography. It is (cartography) important for the progress of business managers as they judge whether the recent cyber mitigation risk measures comply with the organization risk tolerance.

The crime affects the professional, government and customer’s confidence on an organization. Even thought the company’s financial and corporate objectives are not an exact target, they are, however, not a significant risk. Potential risks such as being bankrupt are evident in several organizations. Several preventive measures are used in fighting the cyber crime causes from the cause. On the other hand, the managers working on the business continuity are very much interested in identifying the measures that could be taken in reducing the loss of information technology systems, data and documents in cases of cyber crime (Danny & Marc, 2013).

The society as well as economy is very much dependent on the ICT technologies. The reliance has continued to grow to the extent such that several crucial and critical business processes are done using the web connections and IT systems. Managing these processes in business means that the management team is involved in managing a database that is quite huge which comprise of confidential and critical data with access to confidential documents.

On top of that, several industrial processes are very much controlled, managed and monitored using the ICT. Technologies, equipments and complex systems that are indispensable in the management of industrial processes are connected and in a position to coordinate, communicate, take action and cooperate without the human intervention need. The applications of machine to machine are common in the sectors of critical infrastructure. Thee effectiveness and availability of the complex information technology systems are crucial in operating the critical infrastructures like transport, finance, health sector and water. If the ICT infrastructure for all these sectors is unavailable or is damaged, it could have very significant consequences on organizations, society, individuals and even to the economy at large. It is, therefore, very important for safe internet that is in place for 24 hours in a day, seven days a week to be made available (Danny & Marc, 2013).

Business managers have, therefore, come up with contingency measures that do not make use of ICT systems. The measures are only in a position to guarantee all services that stakeholders and customers require and expect for a short period. The continuity plans for the business that is essential when there are disasters rely on the ICT tools.

The cyber risk, therefore, is not any thing to ignore in a business. The paper, therefore, aims to discuss a research carried out on cyber crime demonstrating the cyber crime originality, general risks and the ways to curb them. The paper also discusses the available evidence for the private expenditure on cyber security. Predictions on ordinary firms such as the online retailers in a competitive market have a chance to investigate the optimal amounts socially in the cyber defense. On the other hand, the strategically important companies in the uncompetitive markets like the public utilities have a likelihood of under investigating.

Literature Review

Cyber is an environment that is man made for network devices. The machines range from CCTV cameras, mobile phones and computer servers. Cyber security is an important aspect in the current world. The chances of attacks are evaluated basing on the perceived threat other than using hard data (Hult & Sivanesan, 2013). The attacks are behavior focused, and individuals are mainly the key targets. Cyber crime is an increasingly common strategy of stealing blackmailing and threatening organizations in the whole world. Some examples are discussed below; several personal computers such as private consumer computers are frozen by viruses such as ransomware that will always demand cash so as to unlock the system. On the other hand, companies also get affected by this cyber blackmailing. For instance, a banking institution was affected by such cyber crime and a financial ransom was claimed from the bank so that the client’s data is not made public.

Several types of online banking attacks have been evident for the last five years. Some of the attacks are based on botnets such as social engineering and phishing web and also the Trojan horses. The botnets which affect the networks and infected computers comprise an infrastructure made use of by the cyber attackers who use it in distributing spam, customer spying, system interruption, server sabotage and executing fraudulent transactions. Destruction can also be done through the attacks such as distributed denial of service (DDOS).

Nowadays, anyone can be involved in cyber crime. It is so easy such that even individuals can operate on their own and become attackers (Hult & Sivanesan, 2013). The tools and knowledge required are easily accessible on the internet. It gives an opportunity for spying, subversion, sabotage, propaganda, military operations in cyber and executing fraudulent transactions. Today’s technology makes individuals be able to hide the identity such that control and subversions by authorities is difficult.

New threats are, on the other hand, coming up as mass hacktivism for ideological and political reasons that are aimed in publishing information that is confidential. Hactivism aims at networking and social media. It is very fast and therefore does not have time for response. The group involved in the crime does not have a formal structure. They however have an advantage of umbrella brand name such as anonymous.

Other developments are cyber spying for political and economic reasons. These spies work to steal patents, strategies and data stocks in huge companies and centralized departments in all the countries. The spying could go for several months without being detected.

Another development in cyber crime is immobilizing or destabilizing essential and critical infrastructure. Certain malwares give way for data and systems to be managed by individuals from outside and even making some industrial facilities be sabotaged. This targets the national authorities.

To reflect on the possible continuity plans in the business for the cyber crimes, attacks and incidents the examples are divided into three cyber crime types which affect the availability of business process.

One, a cyber attack which blocks the access from as well as to the internet cloud, especially the DDoS attacks. All the IT internal systems, applications, database and tools, are in good working condition, though the employees are not in a position to communicate with the world outside. The clients, however, are not able to contact the organization. Second, the cyber attack in a situation where a cyber criminal can penetrate in the IT system as well as being in a position to destroy and erase the necessary aspects of operating tools, databases and applications. Third, the cyber attack in a situation where the criminals involved in the cyber attacks succeed in entering through the IT systems even with no intention to destroy or erase the data. However, they alter or steal the information contained in the databases and documents.

The next aspect involves the continuity plans involved in tackling the cyber crimes include; tools involved in reducing the type one cyber attacks. The tools are involved in blocking wiping or diverting the criminal traffic and also trying to finish the bandwidth completely connecting the IT infrastructure of the organizations with internet. Making use of various network technologies which are different from the internet could also be used.

On the type two cyber crimes, the main BCP will comprise of backups with tools, operating systems, databases, applications and other offline independent support media which is addressed directly by cyber attackers. The backups would be in a format which allows start up from the beginning in a short period of time as compared to MTO of several time critical processes in business.

On the third type, it is thought that the confidentiality and integrity are necessary notions in the risk mitigation and risk analysis measures, plans on business continuity are not required in such cyber attacks due to the availability which is not affected. With the knowledge that it would a long period of time for individuals to detect the type of cyber crime, this means that the attackers have had a long period of time to penetrate deeply the IT environment. This will make the experts of information technology security to maybe suggest that the entire environment of IT is placed fat from the external access with the aim of analyzing a high level of infection and penetration. To make the situation more complex, they are not able to guarantee the required time for disinfection. The process could take several hours, days or weeks depending on the cyber crime complexity.

The network segregation could help because it makes it hard for cyber criminals to join the entire information technology environment. The cleansing, enabling analysis and isolation may be organized in layers. The situation will not suggest the unavailability of the business process during the same period.

Other options though of are reopening of connections to internet for various processes in time critical business during the period when the experts in information technology are not very much convinced that the traces of cyber attacks are cleaned. The situation means one is not in a position to exclude a possibility that, for instance, malware is going to restart the operation to reinfect the information technology environment.

Methodology

The case study aimed at investigating claims of fraud by several victims. In order to examine each subject within the population, the researcher used an interview to analysis each subject, the interview was used as the most applicable tool of data collection since it was able to obtain the in depth information required by the study. In addition, the study employed the use of case study design as it was able to exhaust all the subjects in the population in terms of data collection. The research further noted that the interview method did go hand in hand with the case study since most of them gave room for probing of each item in the questionnaire. The study also involved review of documents, information analysis and dialogues with perpetrators.

The researcher identified a population; a sample was then obtained and used as a representative of the population. In order to avoid bias opinions of the subjects (perpetrators), the subjects were made to understand the nature of the data required and its intended use at the start of the interview session (Silverman, 1997; 1). On the other hand, the population characteristics consisted of individuals who have fallen as victims for a specified period of time and was perceived to posses the information required. The study believed that sample used had similar characteristics with the population and such was considered a true representative of the fraudsters and victims.

To convert the data obtained from the field into useful information, data was analyzed by use of simple statistical measures of tendency such as standard deviation as well as computer programmes like statistical package for social scientist (SPSS). After the information was obtained, it was interpreted and presented in form of charts, graphs, and percentages, the research believed that the above highlighted method of analysis better suited the research objectives (Silverman, 1997; 1). In addition, the use of the presentation methods employed was of high frequency and the most used in many research studies.

Limitations

When picking the individuals to interview, several people wanted to participate and we had to convince them that we only wanted a sample of ten individuals. However, language was a problem and we had to be very keen to hear what the participants were saying. Sometimes we had to get someone to interpret for us. Time was also a limiting factor. If we had more time, the research could have been more extensive.

Results

Research showed that a large scale cyber attach in Russia would target the privately held infrastructures which are critical, for instance the telecommunication carriers, power companies, banks among others whose compromise causes a wide spread harm. 85% of the America’s infrastructure owned by private companies face intrusions constantly. The defenses on private sector are said to be inadequate. These companies are on their own in aspects of protecting the computer systems from the cyber crime. The research continues to show that the poor state of cyber defenses in America is to some extent due to the incomplete analytical framework that helps in explaining the situation. The policy and law of cyber security is under theorized. All the approaches of legal scholarship cyber security from criminal law standpoint or armed conflict law. With these analytical commitments, the situation is inevitable for the lawmakers and academics to favor the military solutions and law enforcement to the problems of cyber security.

Efficient cyber security level

The national security depends on the critical infrastructure security. Cyber attack on the assets some of which are private companies could be very much devastating. Few keystrokes and the adversaries hack onto the banks to corrupt the data for customers, control the power plants so as to get rid of electricity grid, take offline the telecommunications network, open the dams floodgates among others. Despite the threat magnitude, the conventional wisdom is described in a manner that private sector is not very much protecting itself (Alexander, 2013).

When asked whether individual companies as well as the entire society are investing on the cyber defense, participants mentioned that the companies are under investing. They ate far away from what could be said to be the right cyber defense. One participant mentioned like previous research which says that the response of private sector is like ‘unmitigated failure’ there is little empirical data made available but a consensus view is one of the anecdotal support. Studies done by McAfee in 2009-2011 in a computer security company showed low levels of cyber defense investment. The studies revealed that several companies view the cyber security as a small case or the last thing they could think of. They also neglect the security because they tend to think it is very expensive. McAfee noted that the companies comprise of a weak authentication requirement tool which is able to verify when an individual is accessing the system, his identity and whether he or she is authorized or not. Some have systems able to monitor network activity to identify any anomalies.

Other studies showed that other companies have poor defenses and they are not able to identify when they are attacked. Verizon also noted that 75% of intrusions investigated studied were noted by people and not victims. 66% of victims never knew of the intrusion that happened on the system. A study done in 2011 by Ponemon Institute noted that 73% of the surveyed companies were hacked, however, 88% of there spend extra cash on coffee as compared to securing the web applications (Alexander, 2013).

Whether the company is able to make socially optimal investment on the security of cyber as well as related issues of who are supposed to pay for the cyber defense company is a question that many should ask themselves. First it is important to understand what a company is defending and who the anticipated attacker is. The x-axis shown in fig 1. shows companies which could be subject to the cyber crime. A strategically significant company can be said to be one whose compromise can lead to substantial social harm. For instance, when insignificant companies which are in a competitive market where several companies provide same services or goods whereby the consumers who are disappointed defect from one company to another. For instance, online retailers such as Amazon .com. towards the right side are financial institutions which have a high rate of strategic significant scale. Former national intelligence director predicted a situation where an attack on one bank could cause a greater magnitude on order of magnitude which would have an impact on the global economy. The banks however are in a fair and competitive market and the consumers are able to take their accounts from one company to another.

A step to the right one finds the Internet Service Providers (ISPs) together with telecommunications carriers (Alexander, 2013). These are very much significant. When Russia was involved in crippling the Georgia’s communication system in the 2008 war, the citizens were not able to connect to any news from informed outside sources. They could also not be in a position to send an email to other countries. The markets in this case are not competitive and therefore the consumers only have few internet providers as well as telephone companies which they can chose from. On the far right, there are public utilities and power companies. The companies rate very high when it comes to the strategic scale. A cyber crime on the power grid could cause a catastrophe. The SCADA or industrial control system which the utilities and power plant are internet connected. The hackers could be in a position to exploit the connectivity in disrupting the power generation leaving the millions of individuals an in dark for several months. They could on the other hand destroy all the key systems such as turbines.

In the year 2009, the most sophisticated cyber weapon ‘Stuxnet worm’ which had ever been deployed caused the same physical damage in the nuclear program in Iran. The utility markets on the other hand are seen to be uncompetitive (Alexander, 2013).

They axis, however, shows the assailants which could commit a cyber attack. These are arranged starting from the bottom to the top following the order of increasing sophistication. The so-called sophisticated attacker can compromise the very secure systems. On the other hand, the unsophisticated attackers are in a position to compromise the unsecured systems. Activists on the other hand are above this. They are little more skilled hackers who make use of cyber intrusion to improve a official agenda. They do not keep themselves in groups of formal organizations. For instance, the ‘Anonymous’ loose association which launched the DDOS attacks in 2010 on financial institutions which did not allow the customers to use WikiLeaks in sending money. Others include the organized syndicate crimes like the one working out of Russia. These are involved in cyber intrusions which are structured organizations for financial gain. The international terrorists could also be placed in this category even if they have demonstrated little enthusiasm and aptitude for the cyber attacks hence its far.

The curve predicts the combination of the attackers and victims who have high chances of occurring. The fourth quadrant comprise of low severity and high frequency attacks. The retailers as well as other insignificant firms are targeted fairly by the recreational hackers who are comparatively unsophisticated. They could also be targeted by sophisticated activists. The second quadrant has attacks which are high severity and low frequency (Alexander, 2013). The most strategically significant companies such as public utilities and ISPs face attacks from very intelligent services and sophisticated militaries as well as organized syndicate crimes where they first seek an extract blackmail. Quadrant 3 has the hacktivists and recreational hackers probably launching the attacks towards the utilities as well as significant enterprises. The targets however are less attractive as they are to the intelligence services and foreign militaries. Quadrant 1 is where the foreign governments having low chances of targeting insignificant companies like the retailers. The reason is that they do not gain much by compromising the firms even if the organized crime could however do this for the purpose of blackmailing.

Research showed that cyber crime is the criminal activity which involves computer network as the tool or place where crime takes place. The worst experience with the damaging electronic virus which corrupted all the documents such that they could not access them. Some participants identified the denial of service attack which made the system to deny all the authorized users a chance to access the system.

The government is doing all what they can to control the cyber crime. There are emergency call numbers such as 111 where people should report whenever there is a crime. Police will come and assist where they can. They also pointed out that the International Criminal Court should exercise their mandate on the issue of electronic crime so as to reduce the electronic crime. Once an individual is caught and there is enough evidence, he or she should be jailed. Some of the criminals serve for months and even years in jail. The cyber crime has made people avoid using the internet for various transactions as they fear crimes such as fraud, forgery among others (Alexander, 2013).

Research shows that cyber crime is also an antitrust problem. The main goal of antitrust is to promote the consumers welfare. This is achievable when the business is restrained from being involved in anticompetitive conduct. The law on antitrust therefore is involved with the possibility which the companies will take to coordinate actions which undermine the competition or an agreement which divides the market. The antitrust is, on the other hand, apprehensive on the sharing of information with competitors like exchanges which is feared as it would cause unilateral oligopolistic behavior or anticompetitive collusion. In the context of cyber security, several information and coordination sharing could assist the companies to defend themselves on intrusions. This would prevent the consumer from making losses. Companies in a certain industry could decide to exchange the information on threat. An ISP which discovers that it was victimized by a malware could then alert others so as to be keen for similar threats. On the other hand, the company could share information which is vulnerable. A power plant which could compromise a SCADA system could be compromised by certain intrusion types which would tell the other firms of the vulnerability. The companies also could share also the countermeasure information. A company could especially discover a better way to defend itself on the DDOS attack. However, it could also inform others so that they make use of the same method. Towards the end, the industry could agree to come up with uniform cyber security set standards. The standards could be together with enforcement and monitoring mechanisms to make sure all the members implement the measures agreed upon. They could as well form a cartel (Alexander, 2013).

Research further showed that this could cause a great problem as coordinating the cyber defense could cause anti-trust liability. The companies could therefore be reluctant to adopt common standards of security or share information. The fears of liability are widespread as another research done in year 2002 showed that in the private sector, the main concern on the total communicating cyber vulnerabilities it the antitrust action which is against the cooperating companies. In the report on year 2009, the American Bar Association recounted concerns on various firms where it was reported that the laws on antitrust created a barrier on forms of cybersecurity information sharing (Alexander, 2013).

Research also showed that cyber security is a problem on cyber liability. The law is ready to compensate all the consumers who are injured by products which were not able to perform as per the expectations. On the other hand, the products liability law makes use of risk of money damages on the incentive companies to have reasonable precautions especially when manufacturing and designing products. In the case of design defect, the theory is simply that the design which is intended for a product line is very much inadequate and very much dangerous. The court is able to detect and determine whether it is the manufacturer who had fault when producing a certain product which is found to have defects by using the risk utility test. This compares the product’s risk as it is designed over the cost used in making safe the product. Goods and which are internet related have been found to have design defects which are vulnerable to the so called cyber attacks. For instance, the Microsoft Windows. The software for the Operating system which is known to account for 90% of PC market is full of vulnerabilities. The Microsoft services are produced in millions and therefore it is inevitable that the programmers could make several mistakes which are not easily detected for repair (Alexander, 2013).

Discussion

In this part, we highlight aspects on the security vulnerabilities, potential attacks countermeasures, In-depth analysis of security risks and regulating cyber security.

.

Security vulnerabilities

Attackers use methods in order to be able to utilize the vulnerabilities in achieving the goal. The vulnerabilities can be defined as the loopholes or weak points in security that the attackers make use of to access a network and resource. Some of these weak points are;

Passwords. These will continue to be contentious until the users make a point of selecting one. The issue here is to remember the correct password from several that the user is supposed to remember. Due to this reason the users decide to choose a common password so that they do not have problems with remembering them. The users will tend to use their birth dates, names of their loved ones and also the date of marriage. This becomes vulnerability in that other people are given the opportunity to guess the password and use the account(Cleveland, 2006).

Protocol designs. These communication protocols also have weak points. For example, the TCP/IP has weak points that give access to spoofing of IP address and request attacks of TCP connection. The attackers will make use of them to obtain information hence obtain access to the systems.

Telnet protocol. This is mainly used in administering the systems that run UNIX and MS Windows 2000. If the user is utilizing the telnet client in connecting from a UNIX system to Microsoft or the other way round, the passwords and usernames are transmitted.

File Transfer Protocol. Is abbreviated as FTP. When the user wants to retrieve or send information from a certain location which is secure, the passwords and usernames are transmitted as clear text just like in the Telnet protocol (Cleveland, 2006).

The commands that reveal the information of the user. It is possible to come across the interoperability of UNIX versions and the Microsoft products. The commands that reveal the system and command information is a big threat in that cracker could be able to use the information in breaking onto the system. Some of the ways that can be used are; one, the finger client on Windows 2000 and MS Windows NT may be used in connecting a finger daemon running on a computer using systems based on UNIX. This may show the information concerning the user. The information about the user who had logged in is displayed in the system when finger program is running without arguments. The other one is Rexec. This is a utility that is provided as a client on Windows 2000 and MS Windows NT. The client utility paves way for the UNIX system remote execution running with rexecd service. The user sends a message that specifies the password and username as well as the command name to execute. The program is prone to abuse as it may be used in probing a system with names of valid accounts.

Asynchronous transfer mode. IS abbreviated as ATM. This is compromised by “manhole manipulation.” This is a situation where individuals are using has direct access with connections and network cables in parking garages underground and in elevator shafts. The Frame relay is also similar to the ATM.

Device is administration. The routes and switches are managed easily by the command line or HTTP interface. When the passwords are weak, the system allows individuals with little technical knowledge to access the device.

Modems these have currently been a common feature on the desktop computers. Unauthorized modems are a very serious concern to security. Individuals nowadays use them not only to access the internet but to have a connection with their office and maybe work while still at home. The main danger with the modem is that it is a method used to bypass ‘firewall” which offers protection to intruders. However if a hacker uses war dialer to obtain telephone number of the modem or uses password cracker to destroy or break the passwords that are weak, he or she will access the system. As a result of the computer networking nature, if a hacker can connect to a computer, it becomes easy to do the same to the others which are in that network (Bishop, 2003).

Potential attacks

We are in an era where technology is inevitable. The work we do is using technology. The system of computer forms the very main part in the technology. This is because all the technical work is done using the computers. Most of the data for example in bank, post office, army and others have all been digitized. This requires much security in the systems.

There are many types of attacks to a system of a computer. They are divided into two. These are active and passive attacks. The active attacks for example the virus, cause damage or harm in the system. It has codes which infects programs by attaching itself to them and replicating. When the program that is infected becomes executed, the code of the viral also becomes executed. This code can be uploaded to another person and the code randomly selects files and looks into whet