Professional Documents
Culture Documents
corporate IT networks
Their connection with the global Internet as
the backbone of their sales, sourcing,
operating, and financial systems.
However, the convenience of global
connectivity comes at a cost—the
vulnerability of network infrastructures and
systems to the malicious actions of cyber
criminals.
An attempt to undermine or compromise the
function of a computer-based system,
OR; An attempt to track the online
movements of individuals without their
permission.
Differentiation of C3:
Cybercrime is, essentially, using computer
technology to commit unlawful acts, or crimes.
Cyberterrorism essentially consists of using
computer technology to engage in terrorism.
Terrorism consists of acts that are committed for
political, versus economic, motives. Much of
crime is committed for economic reasons.
Cyberwarfare is using computer technology to wage
war. The distinguishing characteristic of war is that
it is a struggle between nation-states; it is, like all
human activity, physically carried out by individuals,
but those individuals are acting for a particular
nation-state.
“Wars in the 21st century will increasingly require all
elements of national power – not just the military.
They will require that economic, diplomatic, financial,
law enforcement and intelligence capabilities work
together.”
Donald Rumsfeld
National Security
Reduce the country ability to protect its interests
Public Psyche
Erode confidence in critical services and the
government
Economic impact
Damage economic systems
Enhancement of Physical Attacks
Physical damage/distraction efforts
Asymmetric Warfare
Lack of attribution, low cost/high potential impact
Botnets
compromised computers combined into networks
that can be directed to deliver distributed denial of
service or phishing attacks.
Spam – any unsolicited email
Usually considered a costly nuisance, spam now often
contains malware. Malware is a class of malicious
software—viruses, worms, trojans, and spyware—that
is designed to infect computers and systems and steal
critical information, delete applications, drives and
files, or convert computers into an asset for an
outsider or attacker.
Phishing
a form of Internet fraud that aims to steal valuable
information such as credit cards, social security
numbers, user IDS and passwords by creating a
website similar to that of a legitimate
organization, then directing email traffic to the
fake site to harvest what should be private
information for financial or political gain.
Denial of service attack
Malicious code that blocks service for users of a
targeted system. The flood of incoming messages
essentially forces the targeted system to shut down,
thereby denying use by legitimate users.
Virus
a form of malware that infects computers or other
electronic devices, making them unusable.
Patches
programs designed to fix software security flaws,
often installed automatically to reduce end-user
participation and increase ease of use.
Most cyber attacks can be put in one of the
following categories:
Natural or Inadvertent attack – including things like
include accidents originating from natural disaster
like fire, floods, windstorms, lightening and
earthquakes, and they usually occur very quickly
without warning, and are beyond human capacity,
often causing serious damage
Human blunders, errors, and omissions – including
things like unintentional human actions
Intentional threats like illegal or criminal acts from
either insiders or outsiders, recreational hackers, and
criminal
Types of e-attacks:
Penetration Attack Type -involves breaking into a
system using known security vulnerabilities to
gain access to any cyberspace resource –
▪ There is steady growth of these attacks – see the CERT
Report below.
Number of Incidents
12000
10000
8000
6000
4000
2000
0 1988
1989
1990
1991
1992
1993
1994
1995
1996
1997
1998
2000
Years
– Denial of Service Attacks – they affect the system
through diminishing the system’s ability to function;
hence, they are capable of bringing a system down
without destroying its resources
Topography of Attacks
One-to-One
One-to-Many
Many-to-One
Many-to-Many
IMPLICATION OF CYBER ATTACK
ECONOMICS COUNTRY
CYBER
ATTACK
SOCIAL POLITICS
Economic
When information fails to circulate, whole sectors
of the economy are vulnerable. Finance,
wholesale and retail trade, transportation, much
of manufacturing, and many service industries
would slow to a crawl without computers.
A company that have been a victims of cyber
attack will lost their secret data or their secret
data will be receive by another side and it will be
used to make their own profit.
Virus attack also is a kind of cyber attack, we can
take an example if the company face the viruses
attack , the important data of the company can be
sabotage or being stolen by any the hackers. So ,
to covered the stolen file they the company need
to earned a lot of money to get it back. It will be
affect to the company economics.(Costs of
forensics for recovery and litigation)
In theory, the price of a company’s stock is
primarily determined by the present discounted
value of the cash flows expected to result from
that firm’s output. That cash flow is what
contributes to the wealth of the stockholders,
either in the form of dividends or in the
expansion of the firm’s stock of productive
capital. Any event that changes investors’
expectations about that future stream of income
is likely to affect the price of the stock.
Example:
……recently terrorists used a computer in
Delray Beach, Florida to make their travel
plans and purchase tickets, as well as using
public library computers in the same town
(Holland, 2001)……
Symantec Security Response
By by Sarah Gordon Senior Research Fellow
Symantec Security Response and Richard Ford, Ph.D.
Independent Consultant
Country
hacking of a computer system and then deleting
the useful and valuable country information of the
rival competitor is a part and parcel of cyber
terrorism.
The information technology can be misused for
appropriating the valuable Government secrets
and data of private individuals and the
Government and its agencies.
The same can be targeted by the
terrorists to facilitate their activities,
including destruction of property.
Will give an danger effect to country
also if the infrastructure and defense
strategies systems of a country have
dispersed to the other hand (enemies).
EXAMPLE OF CYBER ATTACK…….
Copyright
Communications and Multimedia Act Act
Proposed Laws Penal Code
Computer Crimes Act
Personal Data Protection Bill (draft) Internal Security Act
Digital Signature Act E-Govt Activities (draft bill) Official Secrets Act
Evidence Act
BNM Minimum Guidelines on
Internet Banking in Malaysia
Content Code