Home > Information technology essays > Cyber security, cyberwarfare and cyber attacks

Essay: Cyber security, cyberwarfare and cyber attacks

by

Essay details and download:

  • Subject area(s): Information technology essays
  • Reading time: 8 minutes
  • Price: Free download
  • Published: 5 September 2022*
  • Last Modified: 31 July 2024
  • File format: Text
  • Words: 2,224 (approx)
  • Number of pages: 9 (approx)

Text preview of this essay:

This page of the essay has 2,224 words.

Cyber security consists of technologies, processes and controls designed to protect systems, networks and data from cyberattacks (ano, n.y.). And also cyber security can reduce the risk of cyber-attacks and builds safety against the unauthorised exploitation of systems, networks and technologies.

Security involves two parts: cybersecurity and physical security.

Assurance in cybersecurity requires coordinated efforts throughout the information system. The cyber security elements include:

  • Application security focuses on keeping software and devices free of threats. A compromised application could provide access to the data its designed to protect. Successful security begins in the design stage, well before a program or device is deployed. There are specialised tools for mobile apps, for network based apps and for firewalls designed especially for web applications.
  • Information security protect the integrity and privacy of data, both in storage and in transit. As examples, pass cards or codes for access to buildings, user ids and passwords for network login and finger print or retinal scanners when security must be state of the art.
  • Network security is the practice of securing a computer network from intruders, whether targeted attackers or opportunistic malware. Anti-virus software and VPN’s are some of the software tools used to add additional protection for any network.
  • Operational security includes the processes and decisions for handling and protecting data assets. The permissions users have when accessing a network and the procedures that determine how and where data may be stored or shared all fall under this umbrella. For instance, overarching security policy, acceptable use policy, mobile device policy and disaster recovery policy.
  • End user education addresses the most unpredictable cyber-security factor: people. Anyone can accidentally introduce a virus to an otherwise secure system by failing to follow good security practices. Teaching users to delete suspicious email attachments, not plug in unidentified USB drives, and various other important lessons is vital for the security of any organization. The end users who support or maintain the product, such as system administrators, database administrators and information technology. For example, end users for data entry software will be data entry staff, whereas the software administrators would be considered power users.
  • Disaster recovery and business continuity define how an organization responds to a cyber-security incident or any other event that causes the loss of operations or data. Disaster recovery policies dictate how the organization restores its operations and information to return to the same operating capacity as before the event. Business continuity is the plan the organization falls back on while trying to operate without certain resources. Lack of completeness can result in overlooking secondary effects, such as when vastly increased work-at-home overloads incoming recovery site telecommunications capacity, and the bi-weekly payroll that was not critical within the first 48 hours is now causing perceived problems in ever recovering, complicated by governmental and possibly union reaction

Security Intelligence is the ability to capture, correlate, visualise, and analyse forensic data in order to develop actionable insight to detect and mitigate threats that pose real harm to the organisation, and to build a more proactive defence for the future.

Greater levels of Security Intelligence will enable adopters to shorten their Mean Time to Detect and Mean Time to Respond, extend the value of current security tools, and discover previously unseen threats through advanced machine analytics.

The Intelligence Lifecycle is a process first developed by the CIA, following five steps: direction, collection, processing, analysis, production and dissemination (RFSID, 2018). The completion of a cycle is followed by feedback and assessment of the last cycle’s success or failure, which is then iterated upon.

  • Direction: First, by an authoritative figure, the objective of this intelligence cycle must be defined. Objectives are identified base on certain essential elements of information needed to make timely and accurate decisions. Those EEIs might include things like the nature of the attack, the actors involved, the space where an attack will happen, and so on.
  • Collection: Next, in response to the criteria laid out in the EEIs, data is gathered from multiple sources, including human intelligence, imagery, electronic sources, intercepted signals, or publicly available sources.
  • Processing: after data is gathered, it must be processed into a comprehensible form. That can include translating it from a foreign language, decrypting it, or sorting data based on how reliable or relevant it is.
  • Analysis and Production: The processed data must then be converted into a coherent whole. Contradictory data must be evaluated against each other, and the patterns and implications of inconclusive or insufficient data must be considered. The products of this stage are assessments and reports that summarize the data for decision makers. This takes an expert touch — good analysts will not be replaced by automated systems any time soon.
  • Dissemination: The finished product of this process must get to the right hands to be effective, so the intelligence cycle must loop back upon itself. These reports and assessments are delivered to clients or the leadership who commissioned the cycle in the first place.
  • Feedback: After review of this new intelligence, authority figures will take action, including issuing new directions to gather further intelligence. The process is refined with the aim of producing more accurate, relevant, and timely assessments based on the success of previous intelligence.

Cyberwarfare refers to the use of technology to launch attacks on nations, governments and citizens, causing comparable harm to actual warfare using weaponry. And also is to prepare for military operations in accordance with the principles of information. A cyber war is a disruption, if not a complete destruction, in the information and communication systems that the enemy relies on to knowing, who he is, where it is, what time it can be done, the reason of fighting, the priority threats.

In cyber war it will be tried to know everything about the enemy and at the same time let him know nothing. In other words, the main goal in the cyber war is to disrupt the balance of information and knowledge in favour of its own benefit, especially if there is no balance of battle power, so in the cyber war, it is possible to use the superior knowledge to compensate for the weakness of capital and fewer people and achieve victory.

A cyber-attack is any type of offensive action that targets computer information systems, infrastructures, computer networks or personal computer devices, using various methods to steal, alter or destroy data or information systems (Jeff Melnick,2018). For instance, malware attack, birthday attack and password attack are the most common cyber-attack types.

Malware attack: In fact, malware is a piece of code written by programmers to infect it without the permission of the owner of the system and to do something unwanted or destructive. This term is commonly used to refer to all malicious code and programs, and in general any kind of code that effects on system and performs an unwanted operation as a malware. Malware can infect on the phones, tablet and computers. One of the most common types of malware is a Trojans or a Trojan horse is a program that hides in a useful program and usually has a malicious function. A major difference between viruses and Trojans is that Trojans do not self-replicate. In addition to launching attacks on a system, a Trojan can establish a back door that can be exploited by attackers. For example, a Trojan can be programmed to open a high numbered port so the hacker can use it to listen and then perform an attack.

Birthday attack: Birthday attacks are made against hash algorithms that are used to verify the integrity of a message, software or digital signature. A message processed by a hash function produces a message digest of fixed length, independent of the length of the input message; this MD uniquely characterizes the message. The birthday attack refers to the probability of finding two random messages that generate the same MD when processed by a hash function. If an attacker calculates same MD for his message as the user has, he can safely replace the user’s message with his, and the receiver will not be able to detect the replacement even if he compares MDs.

Password attack: Because passwords are the most commonly used mechanism to authenticate users to an information system, obtaining passwords is a common and effective attack approach. Access to a person’s password can be obtained by looking around the person’s desk, ‘‘sniffing’’ the connection to the network to acquire unencrypted passwords, using social engineering, gaining access to a password database or outright guessing. The last approach can be done in either a random or systematic manner:

  • Brute-force password guessing means using a random approach by trying different passwords and hoping that one works Some logic can be applied by trying passwords related to the person’s name, job title, hobbies or similar items.
  • In a dictionary attack, a dictionary of common passwords is used to attempt to gain access to a user’s computer and network. One approach is to copy an encrypted file that contains the passwords, apply the same encryption to a dictionary of commonly used passwords, and compare the results.

Cyber threats and attacks are becoming more common, sophisticated and damaging. The Alliance is faced with an evolving complex threat environment. In recent events, cyber-attacks have been part of hybrid warfare. NATO and its Allies rely on strong and resilient cyber defences to fulfil the Alliance’s core tasks of collective defence, crisis management and cooperative security. NATO needs to be prepared to defend its networks and operations against the growing sophistication of the cyber threats and attacks it faces (ano, 2018). Today’s, people they have got this ability to protect their life from very common cyber-attacks.

Instead of Passwords, use Passphrases for different websites:

Use different user ID/password combinations for different accounts and avoid writing them down. User can create more complicated passwords by combining letters, numbers, special characters (minimum 8 characters in total) and changed them on a regular basis. Using pass-phrases is a wonderful idea, sentences such as ILoveFacebookSoMuch are very hard to crack!

Secure your computer/laptop physically and by activating your firewall:

A Firewall works exactly as the name suggests. it monitors all the incoming and outgoing traffic towards your computer. If your antivirus doesn’t include a firewall, make sure you have windows firewall ‘Activated’.

Using Anti-Virus/Anti-Malware software

Prevent viruses from infecting your computer by installing and regularly updating Licensed anti-virus software. New research from Microsoft shows that nearly 10% of Windows 8 users are running expired AV software on their systems, making them four times more likely to get infected. To ensure maximum cyber security, most of the antivirus software’s protects from virus, malwares and rootkits, so you may not have to install multiple software’s.

Computer forensics is the application of investigation and analysis techniques to gather and preserve evidence from a particular computing device in a way that is suitable for presentation in a court of law. The goal of computer forensics is to perform a structured investigation while maintaining a documented chain of evidence to find out exactly what happened on a computing device and who was responsible for it. Forensic investigators typically follow a standard set of procedures: After physically isolating the device in question to make sure it cannot be accidentally contaminated; investigators make a digital copy of the device’s storage media. Once the original media has been copied, it is locked in a safe or other secure facility to maintain its pristine condition. All investigation is done on the digital copy. Investigators use a variety of techniques and proprietary software forensic applications to examine the copy, searching hidden folders and unallocated disk space for copies of deleted, encrypted, or damaged files. Any evidence found on the digital copy is carefully documented in a “finding report” and verified with the original in preparation for legal proceedings that involve discovery, depositions, or actual litigation. Computer forensics has become its own area of scientific expertise, with accompanying coursework and certification (Margaret Rouse, n.y.).

The cyber security of any organisation can only ever be as strong as its weakest link. The biggest vulnerabilities of a system are not necessarily found within hardware or software, but rather with the people who use it.

IBM’s 2015 Cyber Security Intelligence Index reports that 95% of cyber security breaches are due to human error. To complicate matters, more than half of all security attacks are caused by individuals who had insider access to organisations’ IT systems. Organisations can be responsible for hundreds or thousands of employees, each with their own unique set of behaviours, motives and working practices. Detection technology and security packages, no matter how sophisticated, will always be limited by this human factor.

If a file or script can be uploaded direct to a computer inside the organisation, then it can effectively bypass all of the existing protection software without detection. Sometimes this ‘personal touch’ can manifest itself in the form of baiting. A creatively named USB drive (e.g. ‘Upper Management Bonus Scheme 2016’) or CD that is left in the coffee room can exploit human curiosity, and provides a simple and effective means of introducing malware to a target computer or system. To complicate matters, IBM’s 2015 Cyber Security Intelligence Index reported that 31.5% of all attacks recorded in 2014 were performed by malicious insiders.

2019-4-26-1556302675

About this essay:

If you use part of this page in your own work, you need to provide a citation, as follows:

Essay Sauce, Cyber security, cyberwarfare and cyber attacks. Available from:<https://www.essaysauce.com/information-technology-essays/cyber-security-cyberwarfare-and-cyber-attacks/> [Accessed 16-04-26].

These Information technology essays have been submitted to us by students in order to help you with your studies.

* This essay may have been previously published on EssaySauce.com and/or Essay.uk.com at an earlier date than indicated.