Computer networks and the internet have radically altered the way we live and conduct business. Integrated information systems based on vast networks make up the center of operation for current business environments and governmental operations. Governments such as the United States and Canada hold sensitive information about its citizens in such computer networks. Businesses rely on networks in order to perform business transactions that use electronic transfer of money in a new business paradigm referred to as E-commerce. However, as these systems are efficient and effective in management, they present the most vulnerable systems to security breaches.
Unlike physical storage of data, intruders can access data in computer networks from thousands of miles away. This has hampered operations of several businesses while exposing confidential information to unauthorized users. Additionally, terrorists and criminal gangs are now targeting these networks in order to advance their illegal activities as well as attack citizens. A very famous hacker in Canada commonly referred to as Mafiaboy, on several incidences, attacked the cyberspace in North America and prompted several policy issues within the cyber industry. This paper evaluates the instances of cyber attacks by the Mafiaboy and reviews the methods that were used in these attacks. The paper further reviews the policies and methods that would be adopted in order to improve the state of cyber security.
Mafiaboy; Early life and Instances of Attacks
The young Canadian who later became one of the most revered hackers of modern times is called Michael Demon Calce. Michael was born in Montreal, Quebec and when he was about five, his parents separated. Thus he lived with his mother for most of his early life. Young Michael was able to use a computer by the age of six after his father bought him a computer as a gift. He was to be obsessed with the functioning of the computer and wanted to predict what the computer would do next. He grew up attempting to control systems and wanted to have worldwide feel of the computer networks. By age of 15 Michael managed to perform one of the greatest incidences of cyber attack in history.
On February 7, 2000, young Michael, under the alias Mafiaboy initiated a project called Rivolta, an Italian word for revolt . This project was meant to attack Yahoo! perhaps the busiest servers in the world at the time. In this particular attack, Mafiaboy was able to implement a Denial of Service (DoS) attacks on Yahoo! servers by having the servers respond to an infinite set of requests. In this case all Yahoo servers were busy responding to nonexistent responses infinitely. Eventually, the servers could not keep up with the requests that they shut down for over an hour. In this kind of attack, hackers simply plant a worm in the system that loops in infinite sets of requests that servers are meant to respond in the client server model of computing. In his confession, Mafiaboy insists that it was a peer competition between himself and his group of hackers referred to as TNT in a bid to create total cyber dominance . Once that had managed to shut down the world’s busiest search engine at the time, they moved on to shut down other sites such as eBay, CNN, Dell and Amazon. In these attacks they also used Denial of Service attacks in which users were not able to access servers. This was the greatest kind of attacks in the new millennium and none of the companies knew of the attacks and simply thought that it was system failure.
Such intrusions in which unauthorized parties to have access and shut down systems brought the issue of cyber security to the fold. On the business side, hackers always look to steal financial information such as credits card numbers and transaction information in order to use such information for criminal activities . The case of Mafiaboy was rather simple and not very criminal oriented in the attack. Instead, the young hacker was simply involved in dominance among the internet gurus circle. Werner (2012), argues that such hackers may be hired by alien hostile parties who may be looking to cause harm to businesses or governments. In a recent Defense News article, the United States reported hacking incidence on two important satellites. The two satellites, Landsat 7 and Terra were reportedly hacked in 2007 and 2008 by unknown parties believed to have been form somewhere in the East . While they may not have caused any substantial damage to the multimillion US government investments, the incidents bought to the fold vulnerabilities of such satellite systems. Whereas the hackers may not have been identified, these cases suggest that hackers are now able to control extremely important cyber tools such as satellites. To this end, targets to the attacks have been increasing in multitude scales. These cases are real and have adverse effects on both the social and business spectrum.
Impacts of the Mafiaboy Attacks
Financial impacts
The attacks by Mafiaboy on several sites and servers were said to have adversely impacted the affected business. The Yahoo website was down for more than an hour and financial losses due to this were simply immense. Due to this incident, Yahoo and eBay said that the each company stock values reduced between 017 and 23% percent . Additionally, revenue from these websites amounting to hundreds of millions of dollars was lost. EBay for instance is exclusively an online trading company, shutting down the system even for an hour means that revenue were instantly lost.
Dell, one of the companies also attacked had its site down for nearly an hour and the said company said that it lost revenues from online business amounting to millions of dollars. Other businesses such as the Microsoft network had its site spanning from North America to manila in Philippines shut down. During the hearing of the case in a district court in Montreal, the prosecutor presented a damage cost of more than a billion dollars .
Social impact
The case of the Rivolta project has brought about one of the most controversial cases of social aspects of cyber crime. Several people in the society argue that big multinational corporations invade other countries and impose their cultures on others. In order to sabotage their businesses, activists against these multinational corporations have turned to activisms in new methods referred to as hacktivism. These activists have now turned to computer systems in attempting to spread their influence by using virtual sit-ins and blockades; viruses and worms; Web hacks and computer break-ins and automated e-mail bombs . This kind of civil disobedience is based on some curious citizens who employ their technological ingenuity to pass some social aspect that affect the society. Hackers are now politically concerned about the happenings around them use their knowledge to impact their values.
The exploits by Mafiaboy have been associated with hacktivism activities due to his anti-corporate stance. His attack of multinational ecommerce businesses such as ebay, Microsoft, yahoo and CNN seems to be in tandem with the common method used by such activist. Additionally, the method used by Mafiaboy lack ill intent as it simply is a Denial Of service of attack without criminal incursions .
This kind of attacks has been employed in the recent past by a few hackers in passing activist messages. In the recent uprising experienced in the Middle East, hacker able to pass their messages through hacking national websites in order to have visitors of the site get their massage. A very particular instance was when hacker were able to disable Syria’s main government websites an instead remarks from the revolutionaries was posted on the front page of the site .
Technological impacts
The case of Mafiaboy has been used by web developers and security experts to review the methods of intrusion used by hackers. In the Mafiaboy incidence, young Michael was able to embed a worm into the system that made the servers respond to infinite requests, thereby overloading the servers. This kind of attack referred to as Denial of Service has been used in the past by several hackers. However, hackers have been able to improve their methods to have a wider reach in their attacks.
Studies into other cases of cyber attacks outside the Mafiaboy incident provide insights into technological advances that hackers now use. Evidence has found that information security may be curtailed by technical issues in the design of a computer network system . However, ardently reviewing individual incidents and frequent targets discloses a more in-depth analysis of the methods used by hackers and the motives behind such attacks. A database has been developed called the Web Hacking Incidents Database (WHID) which helps keep a record of hacking incidences and has since revealed a common trend taking root among internet hackers.
In 2009 the database recorded several instances of cyber attacks and it was revealed that social websites were the most commonly attacked websites in the world . Personal information was effortlessly available through such social websites and for this reason most victims found most of their information misused. However, it is the methods that these hackers used in gaining admission into the system that was most interesting. The method used by these hackers was Standard Query Language (SQL) injection into a website code.
This injection of code not only allowed hackers to access the social websites of the users, but also allowed the hackers to access other files within the network of the user . In this sense, a hacker is able to access the local area network used by the user, be it government networks or privately owned network. This method was found to accounts for nearly 20 percent of all internet intrusions. Social websites such as Facebook and Twitter were found to be the most vulnerable sites for attacks . This simple kind of intrusion was found to be a security weakness by the websites developers who do not protect the websites against malicious intrusion of codes. Developers are more concerned about having interesting features on the websites instead of developing secure websites. The results are websites that can be easily intruded.
A separate method used is known as cross-site scripting (XSS) worms, which is malicious code written in JavaScript in form of a broadcast that is injected on an ordinary websites. The code broadcasts itself on several websites and if a user accesses such websites, the worm would lodge itself on the user computer and access the credentials of the new host computer. Without proper security protocols on the personals computers and company owned devices, such worms allow hackers to access device credentials. That way they are able to mirror operations on these devices. The failure for these systems was found to be based poor security protocols on personal devices and computers. Companies allow their employees to be connected to the internal networks while they work from home. Additionally, cloud computing has allowed employees to work from remote locations and thus access to these personal computer through the internet is rather easy. Without adequate security protocols on these personal devices may subject the entire company computer systems to security intrusions.
In different incidences, more divergent methods were in use. Such methods make use of the vulnerabilities in the automation codes used to change log-in credentials. Hackers keep watch of these systems and keep a log if its activity. They do this by simply peeping into the servers that perform these activities and wait for when the automation system is activated in order to activate fresh log-in credential. This kind of system is common for secure systems such as bank and insurance firms that employ such devices for their vaults. A separate example of such an attack occurred at the Twitter Admin Account Password Reset Tool. ‘Twitter Admin Passwords are made to reset at arbitrary intervals’ . This Twitter Admin Password is meant to protect a few high profile Twitter accounts of very important persons in the world including that of the President Obama’s. The hackers managed to attack this admin system due to the flaws innate in the automated reset tool. The repercussion of such possible high-ended attack underscores the point that hackers are able to attack nearly every secure computer network.
Security Policies
After understanding the implication of cyber crime, it is upon businesses and governments to come with policies and security measures that would provide guidelines towards detecting, preventing and recovering from such attacks. Detecting an incidence cyber attack is equally important for the business in order to correct the state of the system. One of the most common methods used by companies is having a detection of all data traffic and keep log of all users . One way of ensuring this is having a system that provides users with digital security certificates in order to access the system. In this kind of security breach detection method, non authorized entry into the system will spike some warning system of some sought. Additionally, companies could invest in other security measures that completely lock out user without appropriate security clearance in the system. Thus a good policy must require that the company employs such detection mechanism.
Prevention
One of the most implement kinds of security measure is deploying a set security mechanisms as a whole. Here, a business organization could employ a policy that directly targets personal computers and the kind of security measures used on these personal devices. Such security mechanisms could employ the use of firewalls and antivirus software. Firewalls is a security system that simply qualifies all incoming data and uses its rules to either allow or disallows the data. Antivirus on the other hand blocks any unauthorized application from entering the device
However, according to Rowlingson (2011), it is not enough to have firewall software and antivirus in the system. There are other measures that businesses could employ to ensure that their computer network is not breached. One of the most appropriate methods that experts suggest is using the latest operation system software in the market. These operating systems can be deployed to both servers and personal computers. This is due to the common fact that with time operating system software companies such as Apple and Microsoft continually improve security features in their systems. One of the latest host windows operating system, Windows 7, has been acclaimed by several experts to be relatively secure . Default security features in Windows 7 such as a strong firewall and tough log-in credentials make this system more secure as compared to Windows XP and Windows Vista. Similarly, security measures found on new Mac OS X system allows updates of new security features.
Another security policy that businesses could employ is where employees learn to store work information in company servers. This is so because most organizations have much stronger security measures as compared to individual users. Rowlingson (2011) suggests that employees should develop the culture of saving sensitive information in the organization integrated information system. Forwarding such content through the organization email system ensures that work related data is in the hands of the employer.
With regard to the new technology referred to as cloud computing, more advanced security measures might need to be employed. This kind of technology allows users to use secure applications through networks of servers owned by private firms. This technology also allows end users to save sensitive information in the cloud saving model of the technology. Rowlingson (2011), emphasizes that cloud computing is one of the safest methods of saving personal information such as webmail and financial information. This is so because, cloud computing is governed by privacy policies and rules that are implemented at federal government level that have advanced security requirements. Thus polices would have it that a company ensures that most of its important applications are held in the cloud computing system. Additionally, cloud computing has the advantage that hackers cannot disable all servers in the cloud. Thus should one server go down, the other server step in and provide the same services.
Conclusion
Cyber security is now one of the greatest concerns that governments, organizations and individuals have to contend with. The case of Mafiaboy is simply the tip of a huge iceberg in which we do not know what is been accessed illegally. Today cyber security poses one of the greatest dangers to businesses and social security. Organizations and individual have to learn secure methods of using the internet and other networks in order to minimize vulnerability to intruders.
Reference List
Ballad, B., Ballad, T., & Banks, E. (2008). Access Control, Authentication, and Public Key Infrastructure. Boston: Jones & Bartlett Publishers.
Barnett, R. (2010, Feb 17). The State of Web Security. Retrieved April 16, 2012, from networkworld.com: http://www.networkworld.com/news/tech/2010/100217-techupdate.html
FitzGerald, J., & Dennis, A. (2008). Business Data Communications and Networking. New York: John Wiley and Sons.
Garfinkel, S., & Spafford, G. (2002). Web security, privacy and commerce. O'Reilly Media, Inc .
Grady, M. F., & Parisi, F. (2006). The law and economics of cybersecurity. Cambridge University Press: Cambridge.
Rowlingson, R. R. (2011). The Essential Guide to Computer Security: For Your Home and Small Office. Boston: BCS, The Chartered Institute,.
Werner, D. (2012, Jan 23). Cover Story: Hacking Cases Draw Attention To Satcom Vulnerabilities. Retrieved March 26, 2012, from defensenews.com: http://www.defensenews.com/article/20120123/C4ISR02/301230010/Cover-Story-Hacking-Cases-Draw-Attention-Satcom-Vulnerabilities
Westby, J. R. (2004). International guide to cyber security. Washington: American Bar Association.
