Conley !

1
Lauren Conley
Bradley
US Government
November 2016
Mock Congress Research Paper: Cybersecurity
The world of technology and connectivity through cyberspace is advancing and is more
available than ever before. Large corporations and individuals depend on cyberspace to secure
financial, business, and private information. The connection between information technology and
physical infrastructure poses a new threat on cyberspace security. This framework allows hackers
to take advantage of this increasing technology, from anywhere in the world. As a result of
vulnerability to cyber attacks, these tech savvy criminals target individuals and large
corporations. These individuals and large corporations must cooperate with federal agencies, and
law enforcement programs in order to effectively secure cyberspace. This Bill shall enhance
further protection by reducing the number of cyber-related crimes, educating large corporations
and promoting the awareness of individuals, and creating an effective nationwide software.
The advancement of technology and connectivity has contributed to the significant
increase in cyber-related crime. Cyber-related crimes are at their peak as the annual percentages
continue to escalate nationwide. Identity theft is now the fastest growing crime in
America (FACT SHEET: Cybersecurity National Action Plan). The increase in crimes such as
spear phishing, banking and social security fraud, theft, and security breaches have affected the
daily lives of millions of Americans, as well as the economy. An astounding 7 percent of U.S.
organizations lost $1 million or more due to cybercrime in 2013; 19 percent of U.S. entities have

Conley !2
claimed losses between $50,000 and $1 million over the same span (Bremmer, Heres What
You Need to Know About Cyberwar). Cyber-related crimes expose secure, private information
of individuals and corporations. Security experts believe that the focus should be on detecting
security breaches as quickly as possible and then responding in order to minimize the harm
hackers do (Rubens, Cybersecurity: Defending unpreventable Cyber Attacks). Cyber-related
crimes are an ongoing issue and may not ever be put to a stop. However, preventative measures
can be taken to identify and obstruct the methods of malicious cyber activity, to minimize the
increase in cybercrime.
The growth of technology is only a minor cause of the significant increase in cyberrelated crimes. Rather, the careless use of this technology allows hackers to execute cyberattacks
through extreme, complex methods. Large corporations and individuals are becoming more
susceptible to intrusions because they are unaware of the consequences of cyberattacks and how
to prevent them. ...more than 91% of high vulnerable board members said they cant read a
cybersecurity report and are not prepared to handle a major attack (Levine, Cybersecurity
Threats Are Real: You and Your Organization Could Be In Danger). As a result of vulnerability,
the majority of cyberattacks are left unreported and undetected by large corporations. In 2005,
among 7,818 businesses did not report cyber attacks to law enforcement agencies (Bureau of
Justice Statistics (BJS) - Cybercrime). The result of human error and vulnerability are the
leading causes of cyberattacks. Large corporations fail to report data breaches, allowing these
hackers to get away with stealing company information. According to an FBI survey, 90% of
respondents have detected security breaches in the past year, but only 34% of those breaches
were reported (Esterbrook, Many Hack Attacks Go Unreported). The education regarding

Conley !3
cyber attacks would allow large corporations to make more knowledgeable and efficient
decisions regarding cyber management. This Bill includes training to promote employee
awareness by recognizing and responding to cyberattacks, and provides efficient software that is
available nationwide.
Before reporting a cyber attack, the first step is to detect it. Technology and more
advanced software is a necessary precautionary measure to the prevention of cyber attacks.
According to Gabel, Liard, and Orzechowski, Protecting the networks that carry the
communications that control these services is vital (Cyber Risk: Why Cyber Security Is
Important). This software should be trusted, and should clearly alert employees and individuals
when they are under a cyber attack. According to Singer and Friedman, ...engineers must make
fast decisions about network incursions (212). Large corporations and individuals should be
prepared with efficient technology in order to quickly respond. Large corporations should hire
engineers who specialize in technology to keep a vigilant eye against cyber attacks, and to stay
on top of the changing methods that hackers use. Ransomware attacks are not only proliferating,
theyre becoming more sophisticatedransomware was normally delivered through spam emails, but because e-mail systems got better at filtering out spam, cyber criminals turned to spear
phishing e-mails targeting specific individuals. And in newer instances of ransomware, some
cyber criminals arent using e-mails at allthey can bypass the need for an individual to click on
a link by seeding legitimate websites with malicious code, taking advantage of unpatched
software on end-user computers (Cyber Crime - FBI). The sophistication of cybercriminals is
increasing, and hackers methods are becoming increasingly difficult to identify. Trusted and

Conley !4
detective software that includes Firewalls and more secure password protection is a necessary
component in the prevention of cyber attacks.
The cost of cybercrime prevention can be argued, as well as the success in prosecution in
cyber-related crimes. Some companies believe that the economic efforts in tightening
cybersecurity would not be beneficial. So why don't corporations plug the gaps, improve their
practices and safeguard sensitive consumer data? these measures would prevent potential
financial loss and identity theftThe losses involved are so small compared to the revenue that
it's easier to take a chance and write off any losses should they occur...In short, don't expect large
companies to tighten down everywhere possible to keep your data beyond reach. The effort is
just too expensive (Sherman, The Reason Companies Don't Fix Cybersecurity). A
counterargument that supports this evidence is that the amount of money that is contributed to
prevent cyberattacks and tighten cybersecurity equalizes the amount of money spent after a
company undergoes a cyberattack. Strong and enforceable security policies, data governance
controls and a security-aware culture also rein in costs. Cost savings for companies deploying
good security governance practices is estimated at $1.5 million on average, according to the
study (Westervelt, Defending Against Cybercrime Just Got A Lot More Expensive). Another
counterargument would be that government agencies and cyber security experts cannot keep up
with the changing trends in cybercrime methods. In the past, cyber crime was committed mainly
by individuals or small groups. Today, we are seeing highly complex cybercriminal networks
bring together individuals from across the globe in real time to commit crimes on an
unprecedented scale (Cybercrime). The majority of cyberattacks are launched internationally
in countries such as China, Russia, Africa, and more. One example is Operation

Conley !5
Trident Breach, in which the FBI worked with international law enforcement agencies to arrest a
gang of hackers targeting international financial transactions. After an investigation conducted
with the United Kingdom and the Ukraine, Henry said, more than 90 people were arrested in
connection with the hacking scheme (Kenyon, FBI Goes International to Fight Cyber
Criminals On Their Home Turf). Cyber attacks are now trending beyond the border, and take a
tremendous amount of effort to reduce the increase in cyber-related crimes. One might argue that
the traditional efforts to keep up with the changing nature of cybercrime is ineffective, and is no
match for the complex methods of malicious insiders.
This Bill shall promote efforts to disrupt the increasing number of cyber-related crimes,
educate large corporations and individuals, and create an effective nationwide software. The
harmful impact of cyber-related crime on large corporations and individuals is increasing. The
effects of cybercrimes are beginning to have an impact on large businesses profit margins
because they have to allocate funds to act on cyberattacks. Cyber-related crimes have proven to
be detrimental to not only large businesses but also to our national economy. This Bill will
increase communication between large corporations and federal and state law enforcement
agencies to act on these preventative measures.

Conley !6
Works Cited
Bremmer, Ian. These 5 Facts Explain the Threat of Cyber Warfare. Time. Time, 19 June. 2015.
Web. 29 Sept. 2016.
http://time.com/3928086/these-5-facts-explain-the-threat-of-cyber-warfare/
"Bureau of Justice Statistics (BJS) - Cybercrime." Bureau of Justice Statistics (BJS) Cybercrime. N.p., n.d. Web. 17 Oct. 2016. <http://www.bjs.gov/index.cfm?ty=tp&tid=41.
"Cybercrime." / / Crime Areas / Internet / Home. Interpol 2016, n.d. Web. 16 Oct. 2016.
http://www.interpol.int/Crime-areas/Cybercrime/Cybercrime.
"Cyber Crime - FBI." FBI. FBI, n.d. Web. 17 Oct. 2016. https://www.fbi.gov/investigate/cyber.
Esterbrook, John. Many Hack Attacks Go Unreported. CBS News. CBS Interactive, 7 Apr.
2002. Web. 06 Sept. 2016.
http://www.cbsnews.com/news/many-hack-attacks-go-unreported/
FACT SHEET: Cybersecurity National Action Plan. The White House. The White House, 09
Feb. 2016. Web. 17 Sept. 2016.
https://www.whitehouse.gov/the-press-office/2016/02/09/fact-sheet-cybersecurity-nation
al-action-plan
Gabel, Detlev, Dr., Bertrand Liard, and Daren Orzechowski. Cyber Risk: Why Cyber Security
Is Important. White & Case LLP International Law Firm, Global Law Practice. 2015
White & Case LLP, 1 July 2015. Web. 07 Sept. 2016.
Henry Kenyon. "FBI Goes International to Fight Cyber Criminals On Their Home Turf." GCN.
N.p., 12 Dec. 2011. Web. 17 Oct. 2016.
https://gcn.com/articles/2011/12/12/fbi-international-cyber-crime-partnerships.aspx.

Conley !7
Levine, Stuart R. "Cybersecurity Threats Are Real: You And Your Organization Could Be In
Danger." Forbes. Forbes Magazine, 25 Apr. 2016. Web. 09 Oct. 2016.
http://www.forbes.com/sites/forbesinsights/2016/04/25/cybersecurity-threats-are-real-you
-and-your-organization-are-in-danger/#5411abfd70ee.
Rubens, Paul. Cybersecurity: Defending unpreventable Cyber Attacks. BBC News. 2016
BBC, 3 Feb. 2015. Web. 17 Sept. 2016. http://www.bbc.com/news/business-31048811
Sherman, Erik. "The Main Reason Companies Don't Fix Cybersecurity." CBSNews. CBS
Interactive, 12 Mar. 2015. Web. 16 Oct. 2016.
http://www.cbsnews.com/news/the-reason-companies-dont-fix-cybersecurity/.
Singer, P. W., and Allan Friedman. Cybersecurity and Cyberwar: What Everyone Needs To
Know. Madison Avenue, New York: Oxford UP, 2014. Print.
Westervelt, Robert. "Defending Against Cybercrime Just Got A Lot More Expensive." CRN. The
Channel Company, 9 Oct. 2013. Web. 17 Oct. 2016.
http://www.crn.com/news/security/240162439/defending-against-cybercrime-just-got-a-l
ot-more-expensive.htm.