Cyber security 1

Cyber Security in relates to Homeland Security and terrorism

Name

Institution

Date
 Cyber security 2

Abstract

This research proposal focuses on cyber security in relates to homeland security and

terrorism. The paper also aims at providing contributions to support the efforts against cyber

terrorism and cyber crime. Previous research identifies the security of most nation’s

infrastructure including America as one of the complex challenges faced by countries. This

paper, therefore, aims at addressing the increasing importance of cyber security in countries such

as the United States as technology and the internet continues to advance leading to greater safety

concerns. Additionally, the research proposal also seeks to examine the issue on national security

by analyzing cybercrime and terrorist networks. Cyber terrorism significantly disrupts cyber

security in cyberspace. Cyber security is a government priority not only to protect consumers and

businesses but also to make critical infrastructure available for the efficient functioning of the

economy. The research proposal begins by an introductory chapter which includes a problem

statement, statement of purpose, research questions, and hypothesis. The literature review section

comes after the opening section, and it includes discussions on homeland security, cybercrime

and the underground economy, modern terrorism and risk management. Additionally, the

literature review section also discusses the types of attacks before delving into relations between

hackers and terrorists and how to monitor malware and cyber threats. The research proposal also

has the methodology part which includes advanced research methods, participants, materials, and

procedure. The next chapter is on expected results after which the researcher provides the

conclusion.
 Cyber security 3

Contents
1.0 Introduction...........................................................................................................................................4
1.1 Problem statement.............................................................................................................................5
1.2 Statement of purpose.........................................................................................................................6
1.3 Research questions............................................................................................................................6
1.4 Hypothesis.........................................................................................................................................7
2.0 Literature review...................................................................................................................................7
2.1 Department of Homeland Security....................................................................................................8
2.2 Cybercrime and the underground economy.....................................................................................10
2.3 Modern Terrorism............................................................................................................................12
2.4 Types of attacks...............................................................................................................................15
2.5 Risk management............................................................................................................................17
2.6 Relations between hackers and terrorists.........................................................................................19
2.7 Monitoring malware and cyber threats............................................................................................20
3.0 Methodology.......................................................................................................................................23
3.1 Proposed research methods..............................................................................................................23
3.2 Research Approach and design........................................................................................................23
3.3 Data collection.................................................................................................................................24
3.3.1 Secondary data..........................................................................................................................24
3.3.2 Primary data..............................................................................................................................24
3.4 Sampling..........................................................................................................................................24
3.4.1 Participants...............................................................................................................................24
3.4.2 Procedures................................................................................................................................25
3.5 Research instruments.......................................................................................................................25
3.5.1 Validity.....................................................................................................................................26
3.5.2 Reliability.................................................................................................................................26
4.0 Expected results...................................................................................................................................26
5.0 Conclusion...........................................................................................................................................28
6.0 References...........................................................................................................................................30
 Cyber security 4

1.0 Introduction

Cyber security refers to the efforts put in place to protect information systems and networks

against natural disasters, human errors, malicious attacks and technical failures. The digital

uprising has led to the empowerment and release of hackers to steal national and economic

security secrets. There also exists some criminal organizations that steal and commit fraud

online with the aim of earning big profits. Terrorist groups also form mainly to plan and execute

attacks on countries such as the United States. The united states therefore established Homeland

Security in November 2002 with the primary aim of protecting America and its citizens.

Homeland Security is a department in the United States that takes necessary steps to protect the

country from attacks such as terrorism and provide coordinated responses to emergencies. Also,

homeland security has a broad range of duties some of which include border security, emergency

control, aviation security and cyber security. Some of the core goals of homeland security

include securing and safeguarding cyberspace and preventing terrorism and improve the safety.

The increasing number and possibility of threats from hackers to the interests of the United

States in the latest years have made the department of homeland security in America to include

cyber terrorism prevention as one of its fundamental aspects. Moreover, the department of

homeland security not only ensures the safety of computer systems in the civilian government

but it also analyzes and distributes cyber threats notices.

Cyber-attacks as a challenge for individuals, states, and companies tend to increase with the

increasing use of digital technologies in governance, personal and business matters. Countries

such as the United States face cyber threats mostly from hired and state-sponsored hackers,

terrorists and international cyber organizations. Cyber threats not only seek the interests and

things of incredible value to a nation but it also harms the economy. One of the primary
 Cyber security 5

facilitators of terrorism is the emerging technology since radical terrorists of several kinds

mainly use networks to distribute propaganda and perform their operations. The internet, for

instance, has a decentralized structure and global connections that facilitate the capabilities of

terrorists. Some of the activities that improve cyber security include constructing bridges to the

private sector, building partnerships and alliance abroad, sharing information and interagency

coordination. Nations should also invest in cyber infrastructure protection and network resiliency

to adequately secure critical infrastructure. The introductory chapter of the research paper will

include a statement of the problem, the purpose of the research proposal, research questions and

hypothesis.

1.1 Problem statement

We live in a modern world where almost everything takes place online for instance order of

goods and services, banking and sending private messages. Research on cyber security in relates

to homeland security and terrorism is, therefore, necessary not only to find ways of securing

personal information but also to prevent stealing of ideas by hackers. The number and forms of

cyber threats currently continue to increase and converge with other dangers in the physical

world, and therefore it is important to investigate cyber security to find best ways to prevent and

respond to the risks associated with cyber threats and terrorism. Cyber-attacks and terrorism

threaten the national, digital and economic security of nations. For example, some of the

challenges that countries such as the United States face include infiltration of computer systems

by hackers with the aim of stealing personal information. Additionally, the hackers also steal

sensitive information and trade secrets, therefore, putting jobs at high risks. The growing

terrorist's groups whose knowledge and experience at cyber intrusions continues to grow requires

investigation on the measures that governments and the private sector should take to secure
 Cyber security 6

personal information and intellectual property. Research on cyber security in relates to homeland

security and terrorism will, therefore, help to determine the activities involved in cyber security.

Cyber threats and attacks also have long-term effects on national security and employment, and

therefore it is important to conduct research on the various ways of preventing cyber-terrorism.

1.2 Statement of purpose

This research proposal aims at exploring cyber security in relates to homeland security and

terrorism. The principal objective of the research project is also to investigate cyber terrorism

and how to prevent it. The research project also examines various terrorist attacks in the past

with the primary purpose of illustrating the need for cyber security and the efforts of homeland

security. The research project bases on the fact that terrorism is a critical issue not only for the

computer industry but also for the society, and therefore it focuses on finding ways of preventing

terrorism in future. The beneficiaries of this research proposal include individuals, governments

and companies mostly in the private sector since the results of the study on cyber security in

relates to homeland security and terrorism will enhance their privacy and help in securing

personal information. This research proposal also benefits the citizens of a nation since cyber

security connects to fundamental values and rights for instance freedom of expression, protection

of data privacy and defense from crime.

1.3 Research questions

This research proposal has the following research questions;

1. How does cyber security relate to homeland security and terrorism?

2. What are the various measures that we can take to prevent and control cyber terrorism?
 Cyber security 7

1.4 Hypothesis

This research proposal bases on the belief that the increasing cyber terrorism around the

world has elevated awareness of the need for reliable prevention and protection to ensure privacy

and data security. For instance, it is impossible for digital privacy to exist without cybersecurity.

Cyber security refers to the practices and technology used to determine the protection delivered

against cyber terrorism. Dealing with the increasing cyber threats today requires the best efforts

of every citizen in a country to advance the interests of the cyber security of the nation. This

research proposal also bases on the hypothesis that advancing technology is developing as one of

the primary sources of international terrorism. The importance of cyber security grows with the

increasing advancement of information and communication technologies. Furthermore, the

complexity of digital technology underpins other systems and services such as health, finance,

transport and energy and therefore cyber-attacks and terrorism disrupts the supply of vital

services in the societies.

2.0 Literature review

Reviewing current literature on cyber security in relates to homeland security and terrorism

will help the reader in understanding the different variables involved in the study. The literature

review presents both past and the current trends relating to the problem under investigation and

therefore making it easier for the researcher to define the objectives and purpose of the research

proposal. For instance, the literature review of this research project will present the past and

future trends relating to cyber-terrorism. Also, review of existing literature helps to connect the

readers with the study by enabling them to understand the formation of the research questions.

Additionally, the literature review will not only demonstrate to the audience how the research

proposal fits with a greater field of study but also help the audience understand the research
 Cyber security 8

problem under investigation. This second chapter of the research project, therefore, involves a

review of scholarly articles and books on literature concerning cyber security in relates to

homeland security and terrorism. This section encompasses discussions on the department of

homeland security, modern terrorism and cybercrime and the underground economy. The

researcher will also review the literature on terrorism networks before delving into types of

attacks and risk management. Also discussed in the literature review section include the relation

between hackers and terrorists and ways of monitoring malware and cyber threats.

2.1 Department of Homeland Security

Terrorists in the modern world can strike anyplace, at any time and with any weapon and

therefore countries such as the United States realized the need to design a new homeland

structure that would adequately protect them against terrorist attacks[Koe07]. Research

conducted by the scholars indicate that the enormous threat faced by the Unites States during the

cold war enabled the country to establish a national security strategy that would defeat and deter

the organized military forces of their enemies[She12]. Additionally, the United States emerged

victorious from the critical period of cold war not only due to their well organized national

security groups but also as a result of their preparedness to meet the threats. However, the United

States is currently facing more threats from new varieties of enemies aiming at employing terror

against innocent citizens to challenge their confidence towards the American institutions. The

united states, therefore, realized the need to prepare themselves for future threats by establishing

a unified and vigorous homeland security structure. The United States developed a department of

homeland security after a careful study of the present structure and the new information and

experience gained from previous enemy fights during wars[Koe07].

 Cyber security 9

The department of homeland security in the United States put efforts to ensure a safe and

secure home which is robust against terrorism and other hazards[Mil12]. The department of

homeland security whose mission is to protect American home has several functions some of

which include securing critical infrastructures, borders, ports, and transportation sector and

offering training and equipment to ensure high-speed responding to attacks. DHS not only strives

to reduce the anticipated risks to the nation but also the less likely hazards. [Koe07] States in his

book that the Department of Homeland Security coordinates communication with local and state

governments, citizens and the private industry about threats and preparedness. Moreover,

homeland security also coordinates efforts to protect the American citizens against mass

destruction. Some of the recent events that highlight the importance of DHS include data breach

of the office of personnel management and recent terrorist attacks such as mass shootings in

Paris and downing of Metrojet. Some of the priorities of the DHS include terrorism prevention

and security enhancement, Securing cyberspace, border management and safety and enforcement

of immigration laws. According to research, the department of homeland security disrupts the

operations of terrorists by influencing information sharing, intelligence, and policy-making to

ensure cohesiveness and a coordinated posture[Nat10].

The department of homeland security consists of an active and transparent organizational

structure with four major divisions to enable better alignment of programs to the goals and

strategic missions of DHS[Had14]. The categories contained in the department of homeland

security include emergency attentiveness and response, transportation and border security,

infrastructure protection and information analysis. Moreover, the department of homeland

security also consists of Biological, Chemical, Nuclear and Radiological Countermeasures. The

division of transportation and border security aims at unifying the authority over the operations
 Cyber security 10

related to transportation systems, the borders, and local waters. The distribution of emergency

preparedness and response, on the other hand, oversees federal-state support by training first

responders and ensuring they get adequately prepared. Also, the department confirms that all

response personnel has the capability and equipment that would enable important

communication with each other[Koe07]. DHS also helps the federal government to prepare for

and respond to the increasing terrorist threats that involve weapons and mass destruction.

According to conducted research, the department of homeland security makes the US safer by

removing obstructions to effective border security, protecting the critical infrastructure of the

country, ensuring efficient communication with the American citizens and distributing essential

pharmaceuticals[Phi15].

2.2 Cybercrime and the underground economy

Increasing internet security threats such as theft of instant messages and banking

information has enabled the public to put more attention on the safety of personal information. In

their book, [Rev15] explain that cybercrime on the internet has progressively transformed into

crimes that generate profits. [Jah10] Adds that international cyber criminals use internet based

communication networks to create trade relations and finish fraudulent transactions. Also, there

exists an underground economy that has multiple divisions that manage several cybercriminal

activities. Some of the criminal operations administered by the complex underground economy

include internet financial crimes, online services attack, identity theft, and distribution of

apprehensive services. Research also indicates that a reliable networking infrastructure supports

the illegal activities performed by the underground economy, for instance, the existence of a

virtual private network that supports bulletproof hosting to enable the cyber criminals to have a

quality management and control for their wicked operations[Sei13]. Additionally, cyber
 Cyber security 11

criminals manage the underground economy by establishing distinct groups to administer

technical and economic aspects of the malicious delivery of services through professional roles

such as malware authors. The groups set up by the underground economy commit consumer

required criminal activities by providing fee-based services on behalf of third party clients.

[Jah10] Also, explain in their book that the underground forums provide secure communication

networks between the providers of malicious services and customers. Moreover, cyber criminals

coordinate themselves and communicate with each other using online communication systems

such as web forums, instant messaging, chat rooms and email[Lav15]. Cyber criminals in most

cases commit the illegal acts with the assistance of botnets. A botnet refers to a group of infected

computers with internet connections used by cyber criminals to commit cyber crimes. A bot

herder which controls the botnet can update, execute and download malicious binaries on

infected computer systems[Sei13].

According to [Ksh13], cyber crime and cyber security occupy a strategic and critical role

in global relations. Underground economy involves exchanging of goods and services hidden

from authorized view. Furthermore, underground economy provides an economic environment

for criminals to organize cyber crime, for instance, it makes market available for stolen products.

Cyber criminals carry out transfers using commercial agents or money mules who make bank

accounts available for transferring proceeds of crime. Not all money mules know that they

participate in criminal enterprises. [Breer] Proposes that the community of network security

should consider new approaches to cyber security both defensive and offensive. Economic crime

is an essential activity of arranged crime organizations while information and communication

technology facilitates new types of fraud[Fis081]. According to conducted research, cyber crime

only needs few personal contacts and relationships grounded on the execution of discipline and
 Cyber security 12

trust[Rey17]. The internet and ICT provide cyber criminals with the opportunities to control a

global marketplace at a lower cost and risk whereas criminal justice authorities must operate

within limited resources and skills. Today, most cyber-crimes aims at generating economic

benefits. Further research shows that strategies against cybercrime should focus on confiscation,

search and seizure of proceeds. Successful strategies against cyber crime are only achievable

through enhanced of financial investigation agencies, ant cybercrime, and ICT industries across

the globe and at all levels[Kra12].

2.3 Modern Terrorism

Conducted research indicate that terrorism refers to a deliberate strategy and tactic of killing

government administrators or citizens as well as the destruction of a country’s infrastructure by

organizations in search of political power[Saw17]. Terrorism as a political tool destroys not only

the function of a government or society but also the economic system. According to research,

some terrorist attacks receive support from the government while others get tacit approval from

the state in open or secret operations against the rivals and enemies. [Rub15] In their book

classifies terrorists into two primary groups which include nationalist terrorism and radical social

terrorism. [Rub15] Further, defines Nationalist terrorism as the efforts put in place by religious or

ethnic communities to gain independence from a government or take over a state. Social

revolutionary terrorism, on the other hand, aims at changing a given society on some ideological

plans. Research conducted by scholars show that terrorism is growing as a major concern for

most communities and governments[Saw17]. Some of the enabling factors for terrorism include

government sponsorships and poverty. Additionally, according to studies, rapid modernization,

failed governments and corrupt states can lead to terrorism. Other preconditions for terrorism
 Cyber security 13

include corrupt regimes from powerful external actors and lack of civil rights, the rule of law and

democracy[Kro15].

In his book,[Mil13] explains that modern terrorism is a genre of political violence which

differs from other genres such as war and ethnic cleansing in several ways. For instance, modern

terrorism includes repeated acts of viciousness that create insecurity, mistrust, and fear in the

civilian society. Furthermore, modern terrorism involves dynamic interactions between

organizations and individuals in both community and state to achieve specific objectives in

politics. Modern terrorism responds to contestation over legitimate authority in a national county

state during political susceptibility. Terrorism, for instance, entered the politics of modern Europe

during the period of French Revolution which involved ordinary civilians claiming the right to

rule. Research indicates that the upheaval of French Revolution altered the traditional notion of

government legitimacy[Kro15]. In his book,[Mil13] also states that terrorism also includes the

adoption of a language, idiom and a collective identity with the aim of expressing words that the

individuals involved cannot communicate directly for security purposes. In their journal article,

explains that some employees in business organizations act in non-violent ways with the aim of

achieving their ends by encouraging fear in other individuals within the industry[Van06].

Additionally, there also exists secret organizations that employ extremely motivated operators

who can kill and die for their cause. Further research also shows that there exist new techniques

of modern terrorism such as suicide bombings. Additionally, some business and nonprofit

organizations also accommodate internal terrorists within their institutions[Bra15].

Recent research on modern terrorism shows that terrorism is unpredictable and therefore

frightening since terrorist violence can take place anywhere and anytime[Gei10]. The

unpredictable nature of modern terrorism is not only a psychologically damaging factor, but it
 Cyber security 14

also causes severe distress among citizens of a given country. Peer reviewed articles also indicate

that terrorist always chooses symbolic targets, for instance, they select specific places due to

their similarity with something they would like to attack[Har13]. Victims of terrorist attacks can

have either personal or representative symbolism attached to them. Research conducted also

divide the causes of terrorism into cultural, political and technological factors[Gei10]. Some of

the cultural factors include religious cults and Islamic radicalism. For instance in cultist

devotion, a particular leader makes the followers unable to make their own moral decisions.

Several cultural features among the global terrorist groups provide threats to the civilized world.

For example, some terrorist conceptualizes killing as healing while others view total social

destruction as a necessity for final purification. Additionally, globalization has not only provided

motivations for modern terrorism, but it has also facilitated the methods for terrorist

attacks[Maz16].

Gross inequalities in standards of living and economic resources also promote viciousness of

modern terrorists according to research[Phi14]. An example of a political factor that causes

modern terrorism includes a political collapse in failed nations. Another explanation for modern

terrorism involves the free market globalization which has intruded the western institutions and

values into the Islamic world. Globalization which includes political, technological, cultural and

economic lessening of boundaries between nations internationally has not only deteriorated the

power of the state but also enabled the terrorists to reach their targets more quickly due to

increased exposure of their target victims in more places[Phi14]. Globalization has also caused

global political changes and improvements in organizational practices have enhanced terrorism

since as companies evolve, terrorists’ organizations also evolve from hierarchical to more

horizontal and less commanded. Technology has also advanced in a way that provides
 Cyber security 15

opportunities for terrorists. Additionally, advancing technology has also increased terrorists’

ability to carry out mass casualty attacks[Coi08]. Modern terrorism has not only become

bloodier, but the terrorists have also advanced new financial resources to avoid dependence on

state sponsors[Pow08]. Terrorists have also come up with new organizational models, and they

also exploit the new communication technologies.

2.4 Types of attacks

Attacks take place when unauthorized individuals attempt to access, modify and damage

the systems or environment of an organization[Sin17]. Attacks occur in many forms and for

different reasons even though they have similar goals. Some attackers include criminals with

stealing intentions while others aim at making political statements or committing terrorism.

According to recent research, most types of attacks designed to breaching the privacy of

information [Lay12]. Attacks can occur both externally and internally and when the attackers can

access physical information. [Dul11] Identifies three types of attacks which include access

attacks, modification and repudiation attacks and denial of service attacks. The book further

explains access attacks as attempts to get information that the attackers should not have.

Additionally, the standard types of access attacks include snooping, eavesdropping, interception

and dumpster diving[And10]. Eavesdropping involves listening to or overhearing a conversation.

Hearing a discussion in most cases result from the carelessness of the conversing parties.

Snooping, on the other hand, takes place when an individual goes through another person’s

electronic or paper files hoping to discover something interesting. Physical snooping involves

people inspecting other peoples’ recycle bin, dumpsters or file cabinets while computer snooping

includes searching through the electronic files to find interesting things. Interception occurs in

both active and passive processes. An active interception, for instance, might involve putting
 Cyber security 16

computer system between the receiver and sender to capture the complete information while

passive blocking includes, for example, an individual monitoring network traffic

routinely[And10].

Modification attacks refer to the deleting, altering and inserting information in an

unlawful manner intended to look sincere to the user[Lay12]. Additionally, it is challenging for

individuals or organizations to detect modification attacks. Changing web pages in malicious

manners is an example of a modification attack. Some of the motives behind modification

attacks may include planting information, altering records in credit cards fraudulently or even

changing class grades. Repudiation attack is a variation of modification attack, and it includes

making data appear misleading or invalid. Denial attacks not only cause irreplaceable harm but

also cause embarrassments to an organization. Denial attack might, for instance, include a client

putting claims of not receiving a service for which an organization billed them[And10].

Moreover, in such a case, the reported institution remains with the burden of proving the

accuracy of the data used to generate the invoice. Denial of service attacks, on the other hand,

refers to the prevention of authorized users from accessing certain resources. For instance, an

attacker may try to bring down a website with the aim of preventing usage by legitimate

customers. Other types of attacks include password guessing attacks, a man in the middle

attacks, replay attacks and spoofing attacks [Lay12]. Password guessing attacks take place when

an account is repeatedly attacked through the use of password crackers to send possible

passwords to the account systematically. Replay attacks occur when an attacker captures

information over a network. Spoofing attacks involve attempts by a person to pretend as another

individual[Dul11].
 Cyber security 17

2.5 Risk management

Governments face a range of risks that can have impacts not only on their activities and

resources but also on the results of their operations[Par16]. Hazard risks, for instance, inhibit

what institutions seek to achieve while opportunity risks enhance their aim. Control risks might

also create uncertainty about the outcomes of a given operation. Additionally, conducted research

indicate that external risks can result from changes in the economy and dangers arising in legal,

demographics, political, technological environments[Fir17]. External risks are in most cases

beyond the control of many organizations even though such institutions can use time-honored

ways to prepare and protect themselves. Internal risks, on the other hand, includes fraud, system

failure, human error and disrupted production. Institutions of all kinds, therefore, need reliable

and robust systems to help in controlling the increasing risks. Risk Management provides

integrated approaches the assessment, monitoring, and control of risks. Risks may also develop

over time since the public or citizens of a given country might change their perception on

practices. Some of the risk management tools include insurance, capital market strategies,

blending financial and creative risk financing solutions. Money market tools that institutions can

use during risk management include disaster bonds, weather derivatives, collateralized debt

obligations, risk exchange swaps and options[Hop12].

Conducted research indicates that most organizations primarily business institutions view

risks as threats[Hon12]. Moreover, such organizations categorize risks into five groups namely;

opportunities, killer risks, cross-functional hazards, business risks and other perils[WuD08].

Opportunities include occasions that provide a promising combination of circumstances that

present chances for beneficial activities. Pursuing opportunities enables the modification of

enterprise strategies for easy management of the involved risks. However, if organizations do not
 Cyber security 18

take advantage of the possibilities, competitors might increase which may, in turn, lead to

increased risks. Killer risks refer to those occasions that present uncomplimentary combination

of circumstances and in turn causing significant losses, hazards or damages that permanently

terminates operations. Organizations should, therefore, ensure continuous risk treatment and

report for enterprise survival. Further research shows that other perils as a type of risk require

sufficient analysis to evaluate ownership, residual risk, and treatment[Hop12]. Cross-functional

risks can cause potential loss of reputation while business risks take place within a particular

process for instance removal of a product for quality purposes. Examples of business risks

include competitors and customer expectations[WuD08].

Some of the benefits of risk management as provided by scholars include efficient

operations, assurance, decision making and compliance[Emb101]. Compliance includes the

activities in risk management that ensure an institution complies with regulatory and legal

requirements. Boards of most organizations always need assurance that of identification of

significant risks and application of appropriate control methods. Accurate business decisions

require risk management activities that give more structured information to help in making

effective business decisions. Risk management also enhances the effectiveness of operations

within an institution. The outcomes of risk management activities ensure an organization

achieves active strategies, effective services, and efficient processes. In their book, [Hop12]

explains that early and continuous identification of risks enables an institution to identify options

and implement actions before serious threatening of systems. Risk management programs also

allow individuals to map the risk events into a work breakdown structure of a project.

Additionally, risk management programs assist the managers of an institution to efficiently

allocate limited resources to the most severe risks on a project. The steps involved in risk
 Cyber security 19

management include identification of risks, evaluation of risk impact or consequence, risk

prioritization and mitigation planning. Organizations in most cases prioritize risks based on their

probability of occurrence and consequences[Gar08].

2.6 Relations between hackers and terrorists

Today we live in a world that highly depends on information technology. Despite delivering

some benefits, technology also creates vulnerabilities that individuals with necessary technical

skills for instance hackers can exploit[Ron13]. Hackers, therefore, represent a threat to computer

and they are responsible for high degrees of damages and disruption of information systems.

According to conducted research, hackers refer to those individuals who intentionally attempt to

gain illegal access to computer systems. However, hackers are not the only criminal elements

since terrorists also use technology as a tool for their organizations[Bal15]. Hackers and

terrorists have direct relationships whereby terrorist groups coax hackers to join them in

conducting cyber-attacks, other psychological operations, and propaganda. Both hackers and

terrorists utilize and need a collection of methods to breach the security of the targeted systems.

Terrorists, however, differ from hackers from a motivational perspective since cyber terrorists

operate with a particular ideological or political agenda to support their operations[Ron13].

Terrorists are members of an organized group and therefore have available funds to support their

activities. It is, therefore, possible that terrorists higher individual hackers to conduct attacks on

behalf of the terrorist groups. Additionally, hackers may not believe in the cause of the terrorism

but only carry out the attacks for the purpose of financial gain. Terrorists in most cases establish

their organizations using the internet for the purpose of propaganda, fundraising, secure

communications and information dissemination[Bal15].

 Cyber security 20

2.7 Monitoring malware and cyber threats

Most organizations face risks such as online scams, identity theft, malware, fraud, viruses

and web-based attacks. Cyber criminals in most cases try to interfere with critical business

information such as employee data, customer records and banking information[DuX16].

Moreover, access to the relevant business information by cyber criminals can cause extensive

damages to an organization. Cyber security monitoring enables organizations to detect threats

and employ corrective measures despite the presence of limited security staff. Some of the

security capabilities significant for monitoring malware and cyber threats include behavioral

monitoring, asset discovery, threat detection, vulnerability evaluation and security intelligence.

Institutions ensure that cyber threats and malware monitoring becomes their priority and take

necessary precautions to avoid becoming a victim of vulnerability. Research conducted indicates

that monitoring malware and cyber threats are critical not only to preserve valuable data and

ensure privacy but also because cyber criminals in most cases take the path of smallest

resistance[Sin17]. Additionally, the modern cyber-attacks are very compelling and sophisticated,

and therefore monitoring provides the resources needed to manage threats and compliance.

Institutions need effective cyber security software that can quickly detect and communicate

malware infections and also to enable constant monitoring of risks[Qua16].

Research conducted by scholars indicate that network operators make use of several security

methods and tools to monitor the cyberspace[Gri16]. The increasing dependence of human

beings on social media and networks has encouraged the development of techniques to monitor

malware and cyber threats. Monitoring information sharing among internet devices is possible

through building network management tools and security control systems. Trap-based control

systems aim at catching online adversaries. The primary purpose of cyber security control
 Cyber security 21

systems involves collecting insights on attack activities and ideas such as scanning for

susceptible services, malware downloads, worm propagation and other control activities

including execution of cyber-attacks using a botnet. Moreover, network operators deploy a trap

monitoring sensor in the space of internet address to attract malicious users. The trap also attracts

enemies by running susceptible services. Eight explains in their book that once the malicious

users connect to the trap monitoring sensor, all their activities get forwarded to the control

systems for more analysis[Bai16]. Some of the threats usually detected by the trap monitoring

sensors include scanning, exploit, distributed reflection denial of service and botnet. Scanning

involves the activities run by the adversaries to infer internet vulnerabilities. The attackers,

therefore, try to control and affect system hosts according to the assumed weakness. A botnet is a

platform for adversaries used by attackers to monitor and command cooperated machines.

Distributed denial of service as a threat involves explicit prevention of the legal use of services.

Exploit on the other hand includes software that tackles glitches, bugs, and vulnerabilities in a

system with the primary aim of performing malicious practices, for instance, infecting exposed

machines[DuX16].

The steps involved in monitoring cyber threats and malware according to conducted

research include detection, verification, containment, preservation, analysis, eradication and

reporting[Qua16]. Detection which is the first process in creating best practices to gain new

security insight comes as a result of constant monitoring by security analysts. After detection, the

security analysts verify the validity of the notification received. Additionally, verification is a

very crucial process since wrong identification of incidents consume resources which result to

wastage if the events are not valid[Sin17]. Containment which is the third process involves

informing the head of the department of the suspected owner of the device about the incident
 Cyber security 22

using a regular email. Preservation requires accurate rendering of the authenticated content over

time. Analysis refers to the technical examination of any article found in a computer system.

Moreover, analysis involves not only identification of the file type and the structure of the

artifact but also a comparison of a new object against existing ones. Security analysts also

eradicate the threat with the aim of destroying or removing the threat. Reporting is the final

process in monitoring malware and cyber threats, and it involves the production of a formal

report for the top administration. Decision makers within organizations should also consider

authentication, accounting, and authorization when designing control measures against cyber

threats[Bai16].

3.0 Methodology

The primary objective of the research proposal includes investigating cyber security in relates

to homeland security and terrorism. This chapter, therefore, outlines the methods and procedures

that the researcher will use during data collection and analysis with the primary aim of answering

the research questions. Methodology not only convinces the reader that the overall research

methods and design will accurately address the research problem, but it also makes it easier for

the audience to interpret the results of the study. This section on methodology will include

proposed research methods and design, participants, procedures, research instruments, data

processing, and analysis.

3.1 Proposed research methods

The study seeks to collect contextual data on cyber security in relates to homeland

security and terrorism, and therefore qualitative research method will deem ideal for the

research. The researcher will use qualitative research to make inferences based on participants’

perspective on cyber terrorism and its preventive ways. Additionally, the researchers will also
 Cyber security 23

design interview questions and questionnaires to generate the views of members concerning

cyber security.

3.2 Research Approach and design

The research will involve the use of descriptive design method to collect data about cyber

terrorism and ways of preventing it and also to depict the various participants in an accurate way.

Using descriptive research design, the researcher will conduct surveys by issuing questionnaires

and interviewing the participants on cyber terrorism and its preventive ways. Surveys more time

than observations and conducting experiments. The proposed research will also base on the

accumulation of secondary data. The researcher will use an effective strategy to accumulate data

from several sources. For instance, the researcher will go through already existing data on cyber

security and terrorism from books, articles, and journals.

3.3 Data collection

3.3.1 Secondary data

The researcher will use appropriate peer-reviewed articles, books, and journals as the

primary sources of secondary data. The researcher will include all the referenced sources of

secondary information in the bibliography section. Additionally, the researcher has in the text

cited all the secondary sources that he will use during the research to enable the reader in

understanding the relevant point for using each source.

3.3.2 Primary data

The main approaches that the researcher will use to collect primary data include

interviews and questionnaires. The researcher will conduct interviews with several cyber security

professionals, cyber managers and employees and customers with cyber service experiences. The
 Cyber security 24

researcher will also design surveys by formulating questions that will capture perceptions from

the research participants’ viewpoint concerning cyber terrorism and its preventive measures.

3.4 Sampling

3.4.1 Participants

The study will employ subject selection whereby the researcher will select participants

who can best provide information that will answer the research questions and enhance

understanding of research phenomenon. The participants of the study will include adult males

and females of any ethnicity with sufficient knowledge and experiences on cyber terrorism and

cyber security. The number of participants will depend on data saturation, for instance,

sufficiency in sample size will occur when additional interviews do not provide new concepts.

Additionally, the participants will have to include cyber café owners and cyber café visitors.

Cyber café guests visit the cyber cafes for reasons such as playing games, online buying and

payments, software usage and social networking.

3.4.2 Procedures

The researcher will conduct interviews with the cyber security professionals and another

participant in the identified cyber business organizations. The researcher will begin by explaining

the purpose of the interview and its format. The researcher will then conduct the interviews and

record or take notes of the answers received. The interview process will take approximately five

to ten minutes per participant. The researcher will distribute the questionnaires to cyber café

owners and visitors. The entire process will take around ten minutes per respondent.

3.5 Research instruments

The researcher will use questionnaires and interviews as the instruments of

collecting data. The study, therefore, will require respondents to answer the interview questions
 Cyber security 25

and fill the open ended and close questions concerning cyber terrorism and its preventive

measures. The researcher will design the questionnaire into two separate sections which include

respondents’ demographic profile and their perception concerning cyber terrorism and cyber

security. The interview questions that the researcher will direct to cyber professionals include;

1. What does information security within an organization entail?

2. What are the significant software security aspects currently affecting businesses?
3. What is the importance of cyber security monitoring?
4. What are the common defenses against cyber threats and vulnerabilities?
5. What are the steps followed when securing a server?
6. How do you access your cyber security news?
7. How best can you keep individuals on board with system software security?

3.5.1 Validity

Validity refers to the extent by which an instrument measures its intended measurements.

The primary factor in this research proposal will include content validity which entails random

choosing of participants to represent the required information in all areas accurately. This

research project will need the interviews and questionnaire to note all the aspects of cyber

terrorism and cyber security to indicate content validity[Hel17].

3.5.2 Reliability

Reliability refers to the degree to which the instruments used during the study produces

similar outcomes in repeated trials. The proposed research will use alternative form method of

reliability whereby the researcher will carry out tests with the same individuals. Additionally, the

researcher will use two different tests that measure the same aspect and doesn’t differ

systematically[Hel17].
 Cyber security 26

4.0 Expected results

The expected results of this study are for the readers to have the ability to describe in detail

cyber security in relates to homeland security and terrorism. Additionally, the researcher also

expects the findings to answer the research questions which includes how cyber security relates

to homeland security and terrorism and the various measures that can prevent and control cyber

terrorism. The findings of the proposed research are anticipated to refine, revise and extend

existing knowledge on cyber security as a result of the reviewed literature concerning current

knowledge and developing trends on cyber safety in relates to homeland security and terrorism.

Some of the relevant trends to the research topic discussed in the literature review section

include the department of homeland security, cybercrime and the underground economy, modern

terrorism and risk management. Other aspects related to the research problem discussed in the

second chapter include types of attacks, the relationship between hackers and terrorist and

monitoring malware and cyber threats[Coi08].

The results of this research proposal are also expected to underpin the hypothesis that

increasing cyber terrorism around the world has elevated awareness of the need for reliable

prevention and protection to ensure privacy and data security. Additionally, the outcomes of the

proposed study should also base on the hypothesis that advancing technology is developing as

one of the primary sources of international terrorism. The expected results of this research

proposal should also enable employees of the U.S government to understand the importance of

homeland security department, for instance, the ability of the DHS to secure critical

infrastructures in the natural settings of their workplaces. The expected outcomes of the research

proposal will influence the methods, programs, and forms of intervention in cyber security.

Additionally, the findings will also contribute to the solutions of economic, social and other types
 Cyber security 27

of problems related to cyber terrorism, for instance, untaxed financial operations and hacker

attacks[Bai16].

Expected results of the proposed study will influence policy decisions by revealing more

aspects of cyber terrorism and cyber security which will require the policy makers to be more

critical in their decision making. The proposed research on cyber safety in relates to homeland

security and terrorism will ensure improvement in the measures taken by cyber owners to

prevent and control cyber terrorism. The primary and secondary data collected during research

will provide the cyber security professional with more tips on how to identify and monitor cyber

threats. Data gathered from the interviews and questionnaires will change the perception of

readers towards cyber terrorism since they will realize that cyber terrorism continues to increase

in the world today. The proposed research will also reveal to the readers the types of attacks and

terrorism networks and therefore enable them to appreciate the importance of cyber security and

the efforts put in place by Homeland Security to deal with cyber threats. The researchers can

implement the results of cyber terrorism research study by giving a presentation at a faculty

meeting, including a blog post on the internet or by integrating the results into training for other

stakeholders for educational purposes. The innovations that will result from the research findings

include improved educational practices and development of more projects for further research

concerning cyber security and other related fields[She12].

5.0 Conclusion

In conclusion, cyber security as discussed above entails protection of information systems

such as computers and networks against threats and attacks using appropriate technological and

procedural measures. This research proposal on cybersecurity in relates to homeland security and

terrorism, therefore, has several advantages as discussed above. For instance, data collected from
 Cyber security 28

secondary sources concerning the department of homeland security enables the citizens of the

U.S government to understand and appreciate the importance of the DHS in securing their

nation. Additionally, the expected research outcomes, for example, the security countermeasures

will encourage the availability, integrity, and confidentiality of information systems by

preventing loss of assets from cyber security attacks. The research question which includes cyber

terrorism requires investigation due to the increasing evolution of information and

communication technology in the world today and the fact that cybersecurity is one of the

biggest challenges affecting application domains and overlapping many areas. The research

proposal on cybersecurity is unique because it provides solutions to deal with cyber criminals.

Moreover, the proposed research should advance existing knowledge by enabling identification

of best techniques that would help in the protection of the information systems and the networks

involved[Har13].

Researchers should carry out a study on cyber security to find ways of dealing with the

increasing cyber threats and terrorism. The purpose of the research proposal includes

investigating cyber terrorism and its preventive measures. Additionally, the research questions

include how cyber security relates to homeland security and terrorism and what various actions

can prevent and control cyber terrorism. The researcher chose qualitative research method since

it will not only try to avoid prejudgments but it also provides an in-depth and detailed

investigation of phenomena. Furthermore, qualitative research methods are also not restricted to

rigidly definable variables. As mentioned earlier, the researcher proposed surveys as a descriptive

design method over observational and experimental designs since it will save more time as

compared to other methods. The proposed study fits within the broader scholarship about cyber

terrorism as it attempts to build the understanding of cyber security by the current youth.
 Cyber security 29

Additionally, the proposed research will not only enable the information technology sector to get

more profound and securely skilled professionals but also enhance the communication and

compatibility skills of the managers and staffs[Rub15].

 Cyber security 30

6.0 References

Anderson, B., & Anderson, B. (2010). Seven Deadliest USB Attacks. Philadelphia: Syngress.
Bain, L., Dayanim, B., & Comizio, V. (2016). Cybersecurity as a global concern in need of
global solutions: an overview of financial regulatory developments in 2015. Journal of
Investment Compliance, 101-111.
Balasubramaniyan, V. (2015). Understanding the costing decisions behind terror attacks – an
analytical study. Journal of Money Laundering Control, 475-487.
Bradley, C. (2015). Terrorism and Genocide. Sociology of Crime, Law and Deviance, 47 - 65.
Brewster, B., & Akhgar, B. (Springer). Combatting Cybercrime and Cyberterrorism: Challenges,
Trends and Priorities. Berlin, Germany: Springer.
Coissard, S., & Intriligator, M. (2008). The economics of terrorism. Contributions to Conflict
Management, Peace Economics and Development, 161 - 172.
Du, X., & Dua, S. (2016). Data Mining and Machine Learning in Cybersecurity. Boca Raton,
Florida, United States: CRC Press.
Dulaney, E. (2011). CompTIA Security+ Deluxe Study Guide: SY0-201. Hoboken, New Jersey,
United States: John Wiley & Sons.
Emblemsvag, J. (2010). The augmented subjective risk management process. Management
Decision, 248-259.
Firmenich, J. (2017). Customisable framework for project risk management. Construction
Innovation, 68-89.
Fisher, J. (2008). The UK's faster payment project: avoiding a bonanza for cybercrime fraudsters.
Journal of Financial Crime, 155-164.
Garvey, P. (2008). Analytical Methods for Risk Management: A Systems Engineering
Perspective. Boca Raton, Florida, United States: CRC Press.
Geifman, A. (2010). Death Orders: The Vanguard of Modern Terrorism in Revolutionary Russia.
Santa Barbara, California, United States: ABC-CLIO.
Gritzalis, D., Mitrou, L., Apostolopoulos, T., & Pipyros, K. (2016). Cyberoperations and
international humanitarian law: A review of obstacles in applying international law rules
in cyber warfare. Information & Computer Security, 38-52.
Haddock-Bigwarfe, A., & Getha-Taylor, H. (2014). Public service motivation and willingness to
collaborate: An examination in the context of homeland security. Evidence-based HRM:
a Global Forum for Empirical Scholarship, 80-95.
Hartman-Carverly, S. (2013). Encyclopedia of Terrorism. Reference Reviews, 20-21.
 Cyber security 31

Helvoort, J., Brand-Gruwel, S., Sjoer, E., & Huysmans, F. (2017). Reliability and validity test of
a Scoring Rubric for Information Literacy. Journal of Documentation, 305-316.
Hong, P., & Park, Y. W. (2012). Project managers for risk management: case for Japan.
Benchmarking: An International Journal, 532-547.
Hopkin, P., & Paul Hopkin, Institute of Risk Management. (2012). Fundamentals of Risk
Management: Understanding, Evaluating and Implementing Effective Risk Management.
London, United Kingdom: Kogan Page Publishers.
Jahnke, M., & Kreibich, C. (2010). Detection of Intrusions and Malware, and Vulnerability
Assessment. Berlin, Germany: Springer.
Koestler-Grack, R. (2007). The Department of Homeland Security. New York City, New York,
United States: Infobase Publishing.
Kratcoski, P., Edelbacher, M., & Theil, M. (2012). Financial Crimes: A Threat to Global
Security. Boca Raton, Florida, United States: CRC Press.
Kron, T., Braun, A., & Heinke, E.-M. (2015). Terrok: A Hybrid Perpetrator in Individualized
Terrorism Warfare. Sociology of Crime, Law and Deviance, 131 - 149.
Kshetri, N. (2013). Cybercrime and Cybersecurity in the Global South. Berlin, Germany:
Springer.
Lavorgna, A. (2015). Organised crime goes online: realities and challenges. Journal of Money
Laundering Control, 153-168.
Layton,, R., McCombie, S., & Watters, P. (2012). Characterising and predicting cyber attacks
using the Cyber Attacker Model Profile (CAMP). Journal of Money Laundering Control,
430-441.
Mazhar, U. (2016). Do remotely piloted aerial vehicles make terrorism more costly for
terrorists?: Empirical evidence from Pakistan. International Journal of Conflict
Management, 470-486.
Miller, B. (2012). Homeland Security Digital Library. Reference Reviews, 18-19.
Miller, M. (2013). The Foundations of Modern Terrorism: State, Society and the Dynamics of
Political Violence. Cambridge, United Kingdom: Cambridge University Press.
National Research Council. (2010). Review of the Department of Homeland Security's Approach
to Risk Analysis. Washington, D.C., United States: National Academies Press.
Parida, V., & Sjödin, D. R. (2016). Risk management for product-service system operation.
International Journal of Operations & Production Management, 665-686.
Phillips, P. (2014). The economic analysis of lone wolf terrorism. Contributions to Conflict
Management, Peace Economics and Development, 159 - 191.
Philpott, D. (2015). Understanding the Department of Homeland Security. Lanham, Md: Bernan
Press.
 Cyber security 32

Powers, M. (2008). Lanchester resurgent? The mathematics of terrorism risk. The Journal of
Risk Finance, 225-231.
Quaresma, R., Guerreiro, A., & Silva, P. (2016). 10th European Conference on Information
Systems Management: ECISM 2016. UK: Academic Conferences and publishing limited.
Reveron, D., Cheung, T., & Lindsay, J. (2015). China and Cybersecurity: Espionage, Strategy,
and Politics in the Digital Domain. Oxford, United Kingdom: Oxford University Press.
Reynolds, P., & Irwin, A. (2017). Tracking digital footprints: anonymity within the bitcoin
system. Journal of Money Laundering Control, 172-189.
Ronel, N., & Jaishankar, K. (2013). Global Criminology: Crime and Victimization in a
Globalized Era. Boca Raton, Florida, United States: CRC Press.
Rubin, J. C., & Rubin, B. (2015). Chronologies of Modern Terrorism. Abingdon, United
Kingdom: Routledge.
Sawalha, I. H. (2017). A context-centred, root cause analysis of contemporary terrorism",
Disaster Prevention and Management. An International Journal, 183-202.
Seigfried-Spellar, K., & Rogers, M. (2013). Digital Forensics and Cyber Crime. Berlin,
Germany: Springer.
Sherif, J., & Kapoor, B. (2012). Managing homeland security: deployment, vigilance and
persistence. Kybernetes, 1072-1086.
Singla, R. K., Kumar, H., Ketti, R. R., & Singh, R. (2017). Internet attacks and intrusion
detection system: A review of the literature. Online Information Review, 171-184.
Van Fleet, E., & David D., V. (2006). Internal terrorists: the terrorists inside organizations.
Journal of Managerial Psychology, 763-774.
Van Fleet, E., & Van Fleet, D. (2010). The Violence Volcano: Reducing the Threat of Workplace
Violence. Poojappura, Thiruvananthapuram: IAP.
Wu, D. D., & Olson, D. L. (2008). Enterprise Risk Management. Singapore : World Scientific.