State of Cybersecurity
Requirements:
1. You need to provide a thorough review of the current state of cyber security highlighting recent cyber attacks and the sophisticated cyber warfare used by different Nations.
Follow Rubrics for Case Studies. Present the case study on a cyberattack/cyber warfare that will highlight your review. (Available at the bottom of this page)
TIPS TO PREPARE YOUR REVIEW
1. Search the Internet using appropriate keywords and find relevant articles and publications. You may use Google Scholar (http://scholar.google.com) to conduct your search. Or you may use IEEE Explore
(http://ieeexplore.ieee.org/Xplore/home.jsp) or ACM Digital Library
(http://dl.acm.org/). Please note that some of the papers may not be available for download.
2. Identify the background of the article, the main idea and the supporting facts.
• Briefly summarize the issues presented in the article (motivation, current situation, what is the problem or the reasons why the problem exists).
• What is the difference between a cyberattacks and cyber exploitation?
• What are the advantages of offensive cyberattacks?
• What are the disadvantages?
3. Identify at least three (3) main concerns.
• What is the current US policy on offensive cyber attacks and cyber warfare What are the issues?
• What principles should shape US policy regarding offensive cyber attacks and cyber warfare?
4. Identify at least three (3) interesting findings.
Report Rubric
Section Possible points Earned points Comments
Front Page
In-text Citation
Work Cited
Summary Background
Main Concerns
Interesting Findings
Additional Information
State of Cyber-security
Currently, United States is going through cyber-attacks against the government and related organizations which is affecting the United States security system. Over the years, the United States cyber systems have changed especially the election system currently considered as a national concern (Thomas, Jason, page 1-23). Most attacks carried out are ransom ware cyber-attacks where cybercriminals compromise the organization’s critical data, offering an encryption key to decrypt the files in exchange for a certain amount of fee. According to 2020 statistics, most organizations will spend one hundred and thirty-three billion in cyber security by 2022. The paper is a research on the current state of cyber security.
Capitol one breach is the top recent cyber-attack, considered extensive and scary. The data breach took place in July 2019, hacking the online banking system data. Capitol one breach compromised hundreds of thousands of user’s credit cards, containing personal identification information such as social security numbers, addresses, and birthdates according to (Lu and Jack). Luckily the data breach did not expose the user’s bank accounts numbers although the offense was scary to many. Most of the time, hackers compromise data and takes to dark webs, but in this case, it was different. Paige Thompson stole Capitol one data through the company’s server recognition.
Capitol one cyber security incident occurred due to the vulnerability of the AWS server, which attracted cybercriminals due to misconfiguration according to (Lu and jack). Thompson stealing Capitol data was a personal security research project, where the motive was to conduct a study but not profit from data collected. Thompson was caught after posting a list of capitol one breached information where the arrest was quite tricky because the federal authority could not understand the motive behind the breach. Thompson’s intentions were confusing because the alleged went ahead and posted the technique used on twitter.
Thompson went ahead and declared the data collected as encrypted, and therefore no information would be released to the public. Thompson was later charged for stealing the data regardless of the motives or lack of understanding about laws. The affected account users of capitol received notifications of the breach and whose security numbers got disclosed (O’Brien, Alexa, and Luis E. Rodriguez, page 1-26). Capitol one offered free credit monitoring to enhance the protection of the affected users. The affected customers received emails where about a million of social insurance numbers got stolen during the hack. According to the FBI, the data collected got recovered as well as the investigations show no lousy motive or use of data for fraud.
Cyber-attacks and cyber exploitation are different where cyber-attacks is any act that destroys or disrupts information on information technology systems such as a computer and related networks. For instance, terrorists may disrupt military communication through manipulation of data in the computer systems. Cyber exploitation, on the other hand, is an act that involves monitoring and spying on activities carried out in a computer system or copying of data for commercial or personal use. Unlike cyber-attacks, cyber exploitation does not affect the normal functioning of a computer system but steals information such as credit card numbers such as the case of capital one online bank versus Thompson. Both incidents are part of cybersecurity legal implications.
The Stuxnet operation is an example of an offensive cyber-attack where the offensive attacks can either be for defensive reasons or offensive reasons. The advantages of an offensive attack include; provide warning signs and information for the adversary cyber-attacks, which enhance early preparation (Huskaj, Gazmend, page 660-667). During the attack, the offensive cyber-attack disrupts or destroys the attacking digital gadgets such as computers. After the attack, the offensive attack carries out forensic investigations that prepare the team for future attacks.
Offensive cyber-attacks are disadvantageous through the creation of unnecessary vulnerabilities. Giving offensive cyber-attacks a priority brings about suspicion, for instance, stockpiling information about the information instead of publicizing the situation to get the required Helpance. Prioritizing a nasty cyber-attack increases vulnerabilities and bring about instabilities. Additionally, the advantage of offensive cyber-attack in increasing organizational capabilities in managing sophisticated technology; however, it is a disadvantage where encase of complexity reduction the cyber operations tend to grow.
Offensive cyber-attacks are expensive, especially in assessing the kinetic effect and, for instance, destroying the machinery and other resources in use than to mend and prevent sabotage (Huskaj, Gazmend, page 660-667). Sometimes the offensive operation appears to be aggressive in that the process can interfere with computer commands and controls as well as the adversary weapons can be destroyed, for instance, the machinery. Most of the time, the offensive cyber-attack does not always favor the offense.
According to the United States white house cyber policies as well as the department of defense cyber strategy, the United States vows never to act defensive when targeted for cyber-attacks. The United States promises to respond to any cyber-attack or exploitation defensively as well as offensively. The Obama administration is different from the current administration, where the previous administration required a lengthy strategy and legal policies before approving for any offensive cyber-attack operation.
According to Donald triumph authority, the United States defense department, intelligence team, as well as aggressive cyber operation authority, are held together by the new policy in declaring cyber threat warfare (Carroll, Jami, page 77-83). The system deals with any motives and careless behavior that puts the country as well as citizens at risk. The president announces the availability of the necessary resources, such as the kinetic and cyber military group ready to deal with cyber threats and attacks in the United States.
The defense forward policy is primarily concerned with dealing with cyber threats before reaching the target as well as dealing with the network systems and source of information of attackers (Carroll, Jami, page 77-83). The United States warfare is motivated by the Russian previous cyber threats to attack the election body of the United States as well as China extraction of critical information from the United States institutions. The United States’ current policies on cyber threats and attacks encourage the country to go beyond the offensive cyber operations to decrease cyber incidents rather than increase cyber conflicts.
Refining the United States policies on offensive cyber operations will enhance certainty and develop critical methods against cyber threats and exploitation (Carroll, Jami, and page 77-83). The new system classifies security issues based on the target, actor, and the effect of the attack. Compared to the previous policies, the current plans are more transparent on the goals and mission of cyber warfare.
The United States uses several principles to shape the policies regarding offensive cyber-attacks as well as cyber warfare. Laws act as countermeasures, for instance, protection of federal networks and information for cybercriminals, secure critical infrastructure, enhance incident reporting, and mitigate cybercrimes. The United States national networks involves the information systems as well as the national security systems.
Protecting the network systems protects the country from cyber vulnerabilities as well as attacks from other countries. Safeguarding the network system involves various factors such as alignment of risk management and information technology, ensure the information systems meet the ethics and standards of cybersecurity best practices (O’Brien, Alexa, and Luis Rodriguez, page 1-26). For the defense forward policy to prevail, the United States should secure infrastructure and enhance reporting and curbing cybercrimes.
The application of both defensive and offensive methods requires a reliable foundation with the ability to handle identified social risks. Critical infrastructure involves the development of secure information communication technology providers with the ability to identify, prevent, and curb cybersecurity risks. The government, however, prioritizes upgrading the national infrastructure and enhancing resilience to handle and deal with cyber-attacks warfare. Nevertheless, the United States should strengthen its partnership with other nations to reduce cybercrimes as well as effectively carry out offensive operations. Modernization of surveillance infrastructure is critical, for instance, computer crime laws which reduces cases of hackers as well as other cyber-attacks.
Interesting findings on cybersecurity involves the fact that cybersecurity professionals increase alongside with the increased rates of cyber-attacks. The shortage of cybersecurity skills has led to more incidences, where ninety-nine percent of employers complain of the inadequacy of cybersecurity risks (O’Brien, Alexa, and Luis Rodriguez, page 1-26). Cybersecurity investments and expenditures are on the rise as most organizations and countries realize the impact of cybercrimes. The United States has spent billions on cybersecurity to safeguard the government and the American citizens, especially with the new Donald triumph policies on offensive and warfare cyber-attacks. Recently organizations risk not protecting critical information if severe primarily through the general data protection regulation (GDPR) as well as the HIPAA compliance rules in health care facilities.
Organizations all over the world are going through cybersecurity issues, including the United States public and private organizations. Most cybercriminals and attacks target the United States election department as well as the economy. Capitol one incident of cybersecurity is among the current cybersecurity incidents compromising massive information from the online banking company. Cybersecurity incidents include the exploitation attacks as well as cyber-attacks, where both lie under offensive cyber-attacks. Offensive cyber-attacks can be advantageous, as well as a disadvantage.
Offensive cyber-attacks prepares the organization technically for the -attack as well as reduces damage intended. Nevertheless, information about the attack can cause more harm as well as cause damage to the machinery for the adversary attack. The united states have vowed to include both offensive and defensive operations to combat cybersecurity threats and exploitation, according to Donald triumph. For the effectiveness of the underlying policies, the united states need to apply various principles such as safeguarding the national security infrastructure, mitigating cybercrimes as well as protection of national network and information systems.
Work cited
Carroll, Jami. “Offensive and Defensive Cyberspace Operations Training: Are we there yet?” European Conference on Cyber Warfare and Security. Academic Conferences International Limited, 2018. 77-86
Huskaj, Gazmend. “The Current State of Research in Offensive Cyberspace Operations.” 18th European Conference on Cyber Warfare and Security (ECCWS 2019), 4-5 July 2019, Coimbra, Portugal. Academic Conferences and Publishing International Limited, 2019: 660-667
Lu, Jack. “Assessing the Cost, Legal Fallout of Capital One Data Breach.” Legal Fallout of Capital One Data Breach (August 15, 2019) (2019).
O’Brien, Alexa, and Luis E. Rodriguez. “By the Numbers: Former US Intelligence Officials Discuss Personal Opinion versus Professional Obligation.” International Journal of Intelligence and Counterintelligence (2020): 1-26.
Thomas, Jason. “Individual cyber security: Empowering employees to resist spear phishing to prevent identity theft and ransom ware attacks.” Thomas, JE (2018). Individual cyber security: Empowering employees to resist spear phishing to prevent identity theft and ransom ware attacks. International Journal of Business Management 12.3 (2018): 1-23.
Trump, Donald. “National cyber strategy of the United States of America.” Washington, DC (2018).