Is your money as safe as you think?
So tell me... Would you switch banks if yours was hacked into by a cyber group?
Wednesday, November 20, 2013
If your bank was hacked, would you move your money?
Effect of Cyberterrorism on Business
Cyberterrorism and it's Effects on Business.
After doing a fair amount of research on the topic of cyberterrorism, it seems to me that what has the most potential for damage or destruction due to cyberterrorism is the business sector. For example, during a DDoS attack, a corporations entire website could be shut down for a relatively long period of time. This can have disastrous effects on the business, and potentially drive away many customers since it seems the company is weak or has insufficient protection.
One great example of how cyberterrorism has had a strong impact on the private sector is when a cyber group hacked into the twitter account of the Associated Press. The group posted a message saying that the white house had been bombed and Barack Obama was injured. This was only on twitter for two minutes but guess what happened... The stock market plummeted and $150 million in equity vanished momentarily. Luckily, twitter was able to regain control over the AP's account in such a short amount of time, otherwise who knows if it would have made such a swift and complete recovery.
Of all of the potential different ways that cyberterrorism can effect us, I believe it has the potential to have the greatest impact on business.
Respond by telling me if you agree with this, and if not, what is it that you think is the most vulnerable.
After doing a fair amount of research on the topic of cyberterrorism, it seems to me that what has the most potential for damage or destruction due to cyberterrorism is the business sector. For example, during a DDoS attack, a corporations entire website could be shut down for a relatively long period of time. This can have disastrous effects on the business, and potentially drive away many customers since it seems the company is weak or has insufficient protection.
One great example of how cyberterrorism has had a strong impact on the private sector is when a cyber group hacked into the twitter account of the Associated Press. The group posted a message saying that the white house had been bombed and Barack Obama was injured. This was only on twitter for two minutes but guess what happened... The stock market plummeted and $150 million in equity vanished momentarily. Luckily, twitter was able to regain control over the AP's account in such a short amount of time, otherwise who knows if it would have made such a swift and complete recovery.
Of all of the potential different ways that cyberterrorism can effect us, I believe it has the potential to have the greatest impact on business.
Respond by telling me if you agree with this, and if not, what is it that you think is the most vulnerable.
Monday, November 18, 2013
DDoS Attacks: Cyberterror or Cyber Warfare?
On of the most common types of cyber attacks occurring today is known as a distributed denial of service attack, or DDoS. Distributed Denial-Of-Service is a form of electronic attack involving multiple computers, which send repeated HTTP requests or pings to a server to load it down and render it inaccessible for a period of time. The purpose of DDoS attacks are typically most comparable to street protests, so these types of attacks are usually seen as such. An example of a large DDoS attack was Operation Titstorm, which were a series of denial-of-service attacks conducted by the Anonymous online community against the Australian government in response to proposed web censorship regulations.
Now let me define both cyberterrorism and cyber warfare.
Cyberterrorism: “A criminal act perpetrated through computers resulting in violence, death and/or destruction, and creating terror for the purpose of coercing a government to change its policies.” (Wilson, 2003)
Cyber Warfare: "Refers to politically motivated hacking to conduct sabotage and espionage."
At first glance, I would say this is an easy one... a DDoS attack is an example of Cyber Warfare. However, if a successful DDoS attack shuts down a major server in say China, then wouldn't that constitute a form of destruction? Also, the last part of the definition that says "creating terror for the purpose of coercing a government to change its policies" sounds an awful lot like the purpose of a street protest, which is regularly compared to it's virtual version known as DDoS.
Sources:
http://resources.infosecinstitute.com/cyberterrorism-distinct-from-cybercrime/
http://en.wikipedia.org/wiki/Denial-of-service_attack
Now let me define both cyberterrorism and cyber warfare.
Cyberterrorism: “A criminal act perpetrated through computers resulting in violence, death and/or destruction, and creating terror for the purpose of coercing a government to change its policies.” (Wilson, 2003)
Cyber Warfare: "Refers to politically motivated hacking to conduct sabotage and espionage."
At first glance, I would say this is an easy one... a DDoS attack is an example of Cyber Warfare. However, if a successful DDoS attack shuts down a major server in say China, then wouldn't that constitute a form of destruction? Also, the last part of the definition that says "creating terror for the purpose of coercing a government to change its policies" sounds an awful lot like the purpose of a street protest, which is regularly compared to it's virtual version known as DDoS.
Sources:
http://resources.infosecinstitute.com/cyberterrorism-distinct-from-cybercrime/
http://en.wikipedia.org/wiki/Denial-of-service_attack
Cyberterrorism vs. Traditional Terrorism: Who is more threatening?
Our government continues to try and reach out to congress about the threat of cyber attacks in the future. I feel like every few articles online speak about how we need to prepare for this new threat.
On November 14, FBI director James Comey testified to Congress that the threat of traditional terrorist attacks on our nation continues to decrease, while the threat of cyber attacks and cyberterrorism continues to rise at a rapid rate. Three national officials all agreed that within the next decade, cyber attacks would be the nations number one domestic threat.
On November 14, FBI director James Comey testified to Congress that the threat of traditional terrorist attacks on our nation continues to decrease, while the threat of cyber attacks and cyberterrorism continues to rise at a rapid rate. Three national officials all agreed that within the next decade, cyber attacks would be the nations number one domestic threat.
Of the two types of terrorism mentioned, which one do you feel more threatened by? I'll be honest, because cyberterrorism can be a difficult concept to grasp, and the effects of it can be hard to visualize, I still personally feel more threatened by the thought of traditional terrorism. That isn't to say that one is more dangerous than the other, but it is just my gut reaction to the terms.
Tell me which one you feel the most threatened by and why. For me, old fashioned bombings and hijackings are what really gets my pulse going.
Prosecution?
An interesting thought popped into my head today as I sat back and thought about the various cyberterrorist attacks that have taken place over the last few years. Do you think the FBI should attempt to track down anonymous cyberterrorist groups and put a few of the members in jail? Most of these groups act anonymously and lure in hundreds of random citizens to help execute these events, but there has to be a few select leaders in these groups. Are there even specific laws these people are breaking? Do we need to evaluate the laws regarding this topic and potentially pass new ones?
If the FBI tracked down the top dogs of some of these groups, surely it would hinder their ability to pull of future attacks, and also scare others enough to keep them from joining in on these attacks as helpers. Some people may not even feel most of the cyber attacks are worthy of prosecution, that these groups are just using technology as a way of protesting or getting their message out into the world effectively. Where does it cross the line though, that after an attack is executed, somebody needs to go to jail. Should it be if it causes stress to others? Harm to others? Financial loss for others?
If the FBI tracked down the top dogs of some of these groups, surely it would hinder their ability to pull of future attacks, and also scare others enough to keep them from joining in on these attacks as helpers. Some people may not even feel most of the cyber attacks are worthy of prosecution, that these groups are just using technology as a way of protesting or getting their message out into the world effectively. Where does it cross the line though, that after an attack is executed, somebody needs to go to jail. Should it be if it causes stress to others? Harm to others? Financial loss for others?
I say we need to locate a few of these groups and try to put them away!
Sunday, November 10, 2013
Operation: Titstorm
The cybergroup known as Anonymous conducted a series of attacks in February of 2010 in response to the Australian governments proposed web censorship regulations. Operation Titstorm was the name given to the cyber attacks by the attackers. The attack began as a protest responding to a plan by Australian Telecommunications Minister Stephen Conroy that would require internet service providers to block Australian users from accessing illegal and what the government deemed as "unwanted" content. Websites to be blocked feature pornography showing rape, bestiality, child sex abuse, small-breasted women (who may appear under the legal age), and female ejaculation. The proposed filter also includes gambling sites along with others showing drug use. Anonymous conducted a DDoS attack, or Distributed Denial of Service attack that resulted in lapses of access to government websites on the 10th and 11th of February, 2010. This was accompanied by emails, faxes, and phone calls harassing government offices. The actual size of the attack and number of perpetrators involved is unknown but it was estimated that the number of systems involved ranged from the hundreds to the thousands. The amount of traffic caused disruption on multiple government websites.
Do you feel this is a viable form of protest? Would you participate in this form of protesting? Do you think this would be effective?
Sources:
http://en.wikipedia.org/wiki/February_2010_Australian_cyberattacks
"Pure" Cyberterrorism
There is another aspect of cyberterrorism out there that many people aren't familiar with. The concept of "pure" cyberterrorism. Pure cyberterrorism is accomplished by utilizing computer technology and the internet to inflict destruction or damage on tangible property, and even death or injury to individuals. It is this pure cyberterrorism that most writers mean when they discuss the dangers posed by the cyberterrorist. This separation of the various types of cyberterrorism poses a significant impact on our ability to protect ourselves.
I have yet to find any solid examples where pure cyberterrorism has had any real existence. Most of the cyber attacks happening now create fear and panic, but do not cause damage to tangible property.
Are you more concerned with the fear and panic that cyberterrorism can create, or the possibility of this "pure cyberterrorism" where actual tangible damage can occur as a result? Do you feel that pure cyberterrorism is even possible?
If you can demonstrate any evidence of pure cyberterrorism occurring in the past (physical property damaged or lives lost), please list below...
Sources:
http://resources.infosecinstitute.com/cyberterrorism-distinct-from-cybercrime/
I have yet to find any solid examples where pure cyberterrorism has had any real existence. Most of the cyber attacks happening now create fear and panic, but do not cause damage to tangible property.
Are you more concerned with the fear and panic that cyberterrorism can create, or the possibility of this "pure cyberterrorism" where actual tangible damage can occur as a result? Do you feel that pure cyberterrorism is even possible?
If you can demonstrate any evidence of pure cyberterrorism occurring in the past (physical property damaged or lives lost), please list below...
Sources:
http://resources.infosecinstitute.com/cyberterrorism-distinct-from-cybercrime/
Subscribe to:
Posts (Atom)