The Future Challenges of CyberSecurity

Introduction

The Internet has brought the world closer than ever, especially, with the ease in sharing information. A post online from Alpine, Texas can be accessible almost immediately by someone in Accra, Ghana and at the same time with the person in Bangalore, India. As much as there is access to the Internet, authorized users can access information/data irrespective of their location. Business activities are now performed globally and efficiently in comfort; buyers and sellers do business without any constraints. Business supporting activities such as paying and receiving of cash, shipping of goods, and other related activities have now been automated in the cyberspace. The most reliable resource vault or knowledge center accessible by all is the Internet; it could even be referred to as one of mankind’s greatest achievement. The Internet [Information Technology] revolution became dominant around early 1990’s and here are the key areas impacted.

- Trading – Foreign exchange transactions, Forex trading, NASDAQ.
- Marketing – Online Popups, bulk email, and several online marketing dynamics.
- Education – Online degrees, online certification trading, online class registration.
- Entertainment – Music [iTunes, Tidal, YouTube, Spotify], movies and TV shows [Netflix], TV-shows, sports [ESPN online live stream].
- Communication – VOIP, Instant messages, video conferencing and video calls.
- Banking and Transaction – Wire transfers, online transfers, online payment, online banking, EBay, Amazon.

Cyber security assessment

In reality, the Internet or cyberspace as the case maybe has become so attractive, infect, it is now part of our life that we cannot live without. However, it has also made all users including governments, corporate institutions and business entities exposed and vulnerable to numerous cyber crimes. The risk of loosing personal data or theft of an important data like customer data from an organization by cyber criminals has become very high. Cyber security remains the biggest challenge faced by all especially governments and organizations. One of the techniques used in taming cyber crime activities is by tracking and tracing the source of an attack or threat using the IP [Internet Protocol]. The IP and TCP [Transmission Control Protocol] are used to facilitate connection from the source to the destination. They are also classified as source and destination IP’s as the case maybe. On a cyber security standpoint, when an IP is successfully tracked, it can help reveal the location of a user [cyber criminal] by displaying the source and destination of the data. Unfortunately, tracking of IP/TCP is no longer effective as they can be changed or manipulated such that it does not reveal their exact location. It is also often used when downloading illegal digital contents like movies. The table below illustrates how a computer network IP-TCP can be hidden/changed, a basic trick commonly used by hackers and users who are about to perform malicious activities online.

Abbildung in dieser Leseprobe nicht enthalten

Source: http://www.coolhackingtrick.com/2011/11/change-your-ip-in-less-then-1-minute.html

IP/TCP tracking is still a major form of monitoring online activities; however, one can see that it can be maneuvered and misdirected. A visible IP/TCP from a user may not actually be theirs, especially when they are planning to or already committing some sought of cybercrime.

Individuals, institutions, and governments are faced with the problem of securing their cyberspace, network and information technology infrastructures. Cyber attacks are classified like, from Individuals (online fraudsters and hackers) to other Individuals and institutions attacking other institution to steal data or denial of service. A government can attack another government for political or economic reasons known as state attacks; institutions can do it to one another also. Below examples illustrates recent cyber attacks in different scenarios that made global news headlines.

- Sony Hacking Attack: Incident occurred on 16th of December 2015. Hackers leaked Sony’s internal data including that of their employees; the stolen data are categorized as, emails, details of their executive’s salaries, and master copies of unreleased movies. The attackers described themselves as GOP [Guardians of Peace]; they stated that their motive is to prevent Sony from releasing the new movie titled “The Interview”, which was basically a mockery of North Korean leader “Kim Jong-un”. Further investigation on the hacking technique and system used in the attack by the U.S. government showed that it was sponsored by the North Korean Leader allegedly which has also been denied. This even followed a threat by the GOP to lynch terrorist attack on the U.S. soil; however, the movie was released and there was to terror attack till date. Sony’s biggest challenge at the time was to stop distribution of hacked materials, they threatened legal actions. Sony succeeded in preventing media organizations and social media platforms like twitter from sharing the hacked material, broadcasting and promoting the incident. According to Los Angeles Time, Sony Corp. has spent an estimated amount of $15 million on post activities from the hacking incident.
- U.S. Federal Workers Cyber Attack: The incident was announced on June 14, 2015. The U.S. agency in charge of records, Office of the Personnel Management (OPM) was hacked. According to Reuters, personal data of about four million U.S. government’s current and former federal workers were likely to have been comprised. Law enforcement claimed that all attacks are related to the breach in Anthem and Premera Blue Cross attacks that recently occurred in the U.S (Reuters). It has also been agued by many that the OPM cyber attacks is a means of threatening U.S. foreign policy, national security or economic stability (Reuters). The source of the attack has been alleged to be from China but the Chinese government has maintained innocence and denied all accusations. On July 9, 2015, the OPM confirmed that about 21.5 million people’s data have been stolen and comprised from the hacking attack (Reuters). The impact of this incident has not yet been determined as questions regarding the purpose of the attack and what was left behind like malwares in OPM’s system are unanswered. This has even led to the resignation of OPM’s boss Katherine Archuleta.
- EBay Cyber-Attack: The incident occurred between February and March of 2014 as reported. EBay disclosed that hackers gained access to their internal network thereby might have gained unauthorized access to about 145 million user accounts potentially. The popular e-commerce site reported that there database containing customers’ name, telephone numbers, home addresses, date of births, and passwords were hacked. There was major out cry or complaints by customers about the incident because EBay reacted swiftly by asking customers to quickly change their passwords and login details. However, the company’s shares still went down 1.73 percent. They also observed reduction in user activity. PayPal, an online payment solution company, which was owned by EBay, was later sold in 2014. This may have been as a result of the attack or a measure to secure their business.

[...]