In many businesses, these days, there is use of technology in information sharing, advertisements, banking services and purchasing among others. The use of cyberspace is exponentially increasing; thus criminal activities are likewise exponentially on the rise. The major explanation for the rise in cyber threats is the fact that since the world web is intercepted, various web applications are getting popularity for data sharing as well as data storing regardless of the user. As time passes these web applications became more complex as a result of the increase in their faults in design. This creates a situation where surfing on the internet is no longer safe.
Research shows that over ninety percent (90%) of the applications of the web have at least a slip-up in either the blueprint or the development. It is these faults that criminals take advantage of so as to gain access to information which they are not authorized to have. These criminals majorly target the individual privacy, online connectivity (such as banks), social networks and mobile devices that are internet connected among others. There is good news, however, that various technologically advanced tools have been created to help reduce the cyber threats that are currently on the rise.
Research shows that businesses and individuals have accrued several losses as a result of criminal activities that take place in the cyberspace. Also, various governments as well as defense organization have not been left as they have experienced cyber-attack. The cyber-attack on the government and defense organizations has led to great amount of losses and disruptions. The government claims that the system is hacked almost six-million times a day. Cyber threat occurs in a totally different environment compared to the real environment that we live in. This can be explained well with the fact that some of those people who pose these threats can even be under aged children who lie about their age and access restricted sites. It may not possible for a person to gain access in the real environment we live in.
This paper discusses the cyber threat which has been seen to be on the rise. The threats increase as the amount of data circulating in the cyberspace becomes bigger. The article talks about the various example of cyber threats and the reasons as to why these threats arise. There are various methodologies and technologies that have been developed to help prevent and stop cyber threat. The article will outline and discuss these solutions to cyber threat. The discussions in this article will all be aimed at answering the question: Is cyber threat a major issue that should be addressed?
What is Cyber Threat?
Cyber threat has been defined by various scholars to be the broad range of potentially illegal actions that are done on the internet. Cyber threat is divided into two major classes. The classes are; crimes targeting or that harm devices and computer networks directly (e.g. Malware) and crimes that are facilitated by devices and computer networks (e.g. Fraud, phishing scams and identity theft). (McMahon, 2000) Cybercrimes are of three types; crimes against the government, crimes against persons and crimes against property.
Crimes against the government are composed of terrorist activities that hack websites maintained by the government or the military. Child pornography, violation of a person’s privacy and email harassment among others, are examples of crimes against persons. Computer and the other device vandalism, transmission of harmful viruses and malware and use of spyware to steal, for example, secrets of the corporate are examples of cybercrimes against property. (Blakemore & Awan, 2012)These are not all the examples of cyber threats that are currently presenting themselves; there are still so many other examples of cyber threats.
Examples of Cyber Threats
- Cyber theft
This is the most common threat in the cyber space. Cyber theft is commonly referred to as hacking. This type of threat involves the use of a computer to access information illegally or to steal assets. It can also involve illegal access of a computer system by cracking the system using malicious script. The access is done without the user’s knowledge or consent. The major victims of this threat have been Yahoo, Amazon, banks and Microsoft. It has been obtained that these criminals use certain tactics like piracy, DNS cache poisoning and embezzlement.
- Cyber Vandalism
This is a unique type of cyber threat; it entails the destruction and damaging of data in the cyberspace as opposed to stealing. Cyber vandalism can also include circumstances where services of the network are disrupted or stopped. These actions deprive the user, who is authorized, for accessing the data contained in the said network. (McMahon, 2000)
- Web Jacking
This type of cyber threat entails the forceful control of the server. This is done by gaining control and access over the web site of another different web site. Hackers mostly will manipulate the data that is contained in these sites. (McMahon, 2000)
- Credit card information Theft
This is currently on the rise, going by the study conducted by various research organizations. People are losing money from this kind of activity in a high rate. Credit card information can be stolen by breaking into the server of the e-commerce. Once someone gains access to the e-commerce server (illegally), he/she can go ahead and misuse this information to benefit him/her.
- Software piracy
The number of software being developed is rapidly increasing, due to this there is the illegal distribution of software. Criminals also produce pirated copies of software and sell them. Software piracy also entails the unauthorized downloading of computer software. Software piracy has resulted to realization of losses by the developers of the said software. (Blakemore & Awan, 2012)
- Cyber terrorism
This is defined as the use of internet technology to commit violence deliberately. Cyber terrorism in most cases is politically motivated.
- Cyber trespass
This is a unique example of cyber threat. Cyber trespass entails the illegal access of network or a computer, but instead there is no alteration, misuse or even destruction of data contained in these computers or on the network. Cyber trespass includes; access of information that is private without disturbing the user. This type of cyber threat presents itself in the email sites.
Almost everyone is familiar with this example of cyber threat. People currently are violating the SPAM act, by transmitting spam by sending of illegal marketing emails and immoral mails without any authorization. Most of these immoral contents are from dating sites, and they usually have disturbing pictures that are attached to them. There is a SPAM Act that controls what is a spam, and also determines what not spam is. (Blakemore & Awan, 2012)
Reasons for Cyber Threat
- Easier Access
The computer system is a very complex and heterogeneous system, as such it is vulnerable to unauthorized access and system breach. The access is possible since there are those secretly implanted logic bombs as well as loggers that can illegally obtain the access codes. Due to technological advancement, there are certain devices such as retinal images and voice recorders that can be used to cheat the biometric system. Once the systems are fooled, the firewall can be bypassed. The access of the system then becomes easier. No matter how much we advance technology in trying to make data secure, there are those people who develop different systems that will breach the developed technology.
- Ability to store data or information in a small space
The ability of a computer to store large amount of data in a small space has always been looked at to be an advantage. However, the large amount of data stored in a small space makes it possible to easily remove the stored information both physically, and through the use of a virtual medium. A single computer can store large amount of data, and it is for this reason that the computer becomes susceptible to attack. (McMahon, 2000)
- Complexity of the code
Computer system is driven by an operating system made up of a million of codes. These codes in one way or another may not be one hundred percent (100%) secure. The lapses of security of these codes are usually exploited by the criminals, who use the laps to get access into the computer system. No matter how complex the codes of a computer system are, there are those criminals who understand these codes and know their various lapses in security. Such criminals are the high tech ones who understand the system of the computer like the back of their hands.
- Some of the tools used to prevent the attacks are inferior
Most businesses, small and big, have implemented very inferior technologies to combat the cyber threats. Most of the technologies that have been implemented by these businesses rely mostly on URL blacklisting and signatures. These approaches, however much they have proved effective, cannot prevent the various dynamic attacks. Since the attacks are dynamic, their nature is not known and as such they are not easy to prevent. (Blakemore & Awan, 2012)
- Ignorance and negligence
There are several advancement in technology; however, the people who use the develop technology are mostly ignorant about these technologies. Some are also lazy, and thus neglect certain procedures that are aimed at protecting them from attack. It is these points of weakness that cyber criminals take advantage of.
Solutions to Cyber Threat
There are certain methodologies and technologies that have been developed to address the various cyber threats. These include;
- Intrusion detection System (ISD)
This software has been designed to detect the various unauthorized access to the resources of the system. Some like the signature-based intrusion detection system can detect the signatures of attacks that are known. The system can apply the patterns for matching algorithms for attack detection. Systems that are anomaly-based can analyze the input stream and classify all the abnormal behaviors as malicious. Systems that are ontology-based can classify intrusion by location, genesis and means. (Blakemore & Awan, 2012)
- Vulnerability scanners
The vulnerability scanners are automated and can crawl any web application. As they crawl web applications, they check the web pages and determine whether the application is susceptible to attack. It does this by generating probes for inputs after which it checks responses of the application against the inputs.
- Intrusion Prevention System
These systems can multi-task. The systems can detect unauthorized access and also prevent intrusion by unauthorized persons. These systems can prevent many types of intrusions that are currently being used by system hackers.
The above solutions are just but a few examples of solutions that can be used to prevent cyber threats. However, they do not prevent all cyber threats. They should be incorporated with other methodologies so that they work together to ensure maximum prevention against cyber threats.
In conclusion, as the market changes, most organizations and business are getting online so as to remain relevant to their customers. However, the business must take must ensure that their customers’ and the business’ information is properly protected. Since the cyber threats keep on changing with time, it is necessary for these businesses to implement those techniques that are dynamic, and which will be able to protect against the emerging cyber threats. It is necessary for a business to first understand the cyber threats before trying to protect against. (McMahon, 2000) In summary, it has been obtained that cyber security is a crucial issue that keeps on changing with time and needs to be addressed properly. If not addressed, businesses will make great losses, and also the government will be susceptible to attack
Brian Blakemore, Imran Awan, (2012). Policing Cyber Hate, Cyber Threat and Cyber Terrorism, Ashgate Publishing.
David McMahon, (2000). Cyber Threat: International Security for Home and Business. Warwick Publishing.
Guffey, M (2008). Business communication: Process and product. CengageLearning.
Kshetri, N, (2010) The global cybercrime industry: economic, institutional and strategic perspectives Springer.