ABSTRACT
This research paper is based on cyber-terrorism. Cyber-terrorism is committed by terrorists who perform acts of violence to influence the behavior of those who have different opinions from their own, with the use of computer based systems. The US government has been targeted by various terrorist groups though cyber-attacks. The nature of organizations which employ the use of Data-Controlled Systems enables such threats to have a great impact on organizations. Cyber threats in organizations arise from processes, staff and infrastructure. There is the need for organizations to come up with preventive measures and response systems to cyber-attacks. Inventory management, disaster recovery and incident response are key aspects when dealing with cyber terrorism.
INTRODUCTION
This project is a survey on the recruitment of terrorism. Terrorism has become a global concern. Terrorism is the use of violence with the aim to intimidate others based on ideology, politics or religion, without regard for the safety of the public. Terrorists are resorting to acts of violence in order to get back at authorities whom they feel have wronged them or those whom they feel are going contrary to their beliefs. Many terrorist groups have emerged with the most notorious being al Qaeda and Islamic States, which have done recruitments all over the world. Recruits are being lured in with the use of monetary incentives while others are black mailed into these groups. Due to the growth in technology, terrorists have also devised more digital ways of carrying out their attacks . A digitalized mode of terrorism known as cyber-terrorism has been devised. Cyber-terrorism is performed to destroy a computerized network system. These attacks target major corporations causing adverse effects on the corporation and all its stakeholders. Recruitment by terrorists targets the staff at these corporations who have access to these networks. These recruits assist the terrorists to carry out their cyber-attacks by allowing terrorists access into the organization’s network. It is therefore important for organizations to seal all the possible barriers through which organizations become infiltrated by terrorists. These loopholes are likely to present themselves through infrastructure, staff and processes. Organizations should also be in a position to mitigate the effects of cyber-attacks in the event that these organizations are incapable of preventing them from happening. I will research the topic of Cyber Incident Response Procedures and Guidelines. My goal is to develop a document, which can be used to perform a self-audit in order to measure a company’s readiness to respond to a cyber-attack.Based on our research, there are a wide variety of techniques for this topic.
Our research questions are: (1) “What are the gaps in infrastructure, processes and staff that can negatively impact our ability to respond to a cyber-threat?”(2) “How can I leverage these findings to implement corrective measures that will mitigate risks?”
Literature review
Organizations have become the target of terrorism with organizations falling victim to cyber-attacks. These attacks by hackers have led to the loss of large sums of money as well as exposure of records that are considered confidential. The benefits that are associated with these cyber-attacks are a major factor considered by terrorists when they are choosing their target organizations. Cyber-attacks are a major issue since they can easily go undetected for a while and the damages can prove hard to estimate. Damages related to cyber-attacks have both long term and short term effects. In the case of exposure of personal information such as patient information, the invasion of privacy might lead to stigma, depression and in extreme cases, suicide. Corporations suffer large losses and their reputation is also dragged along. Most of cyber-attacks are inside jobs which are sponsored by states and terrorist groups.
A survey done over the email to access the response of IT security personnel shows that the response by most practitioners is an average of 4.3% . Response to cyber-attack needs to be improved across the globe since the terrorists have no reservations. Cyber-attacks can also go undetected for a while since the impact of such attacks is reflected on the company after a long period of time. Surveys have revealed that most organizations are of the view that they have the adequate system to deal with cyber-attacks. Staff and budget have been named by most organizations as the leading cause for poor security against cyber-attacks. People associated with an organization are the most affected by cyber-attacks. Access to personal data is a major reason why cyber-attacks are performed causing imminent danger to people around organization which store personal data as well as the organization itself. Detection and response following a cyber-attack is a major challenge with most organizations focusing on prevention and neglecting incident and disaster recovery. Infrastructure, personnel and infrastructure are the leading loopholes for cyber-attacks in most organizations.
There is the lack of proper and efficient strategies to enable an organization remain steady during a cyber-attack. Cyber-attacks are effected through malware and automated systems which can be hacked and tampered with, and then controlled remotely with the use of IT systems and data control systems. These attacks affect multiple systems at the same time, crippling the entire organization. Staff pose a threat to cyber-attacks, and this includes former, dissatisfied and current employees. Current employees might be inexperienced in their field of operations increasing an organizations vulnerability to cyber-attacks. Most organizations apply the same hardware and software in order to deal with cyber-threats, while terrorists keep changing their tactics and applying the use of highly technologically advanced equipment and knowledge. This predictability by most organization increases their vulnerability to cyber-attacks. Terrorist commit cyber-attacks with the aim of destroying the infrastructure including those that are needed in order to deal with emergencies as well as steal information.
Staff as a threat
Most organizations fall victim to cyber-attacks due to certain misconceptions, such as the assumptions that all the employees at an organization are loyal to the organization. Most organizations are likely to ignore the possibility of an inside threat. Organizations ought to conduct regular and thorough reviews of their employees. Walk through inspections is also important for all the personnel at the organization. Organizational response should be made possible at all management levels of an organization. The IT personnel should be accessed regularly in order to come up with the preparedness of the personnel against cyber-attacks.
Methodology
Various surveys and statistics have been analyzed in order to complete this research.
Survey projects
ISIL is currently using cyber-attacks in order to continue their terrorist attacks across the world. Although the cyber-attacks by ISIL are limited, one of their recruits a Kosovo native, managed to hack into the USA military data base and gain access to personal information belonging to 1351 military personnel . This information included email addresses, phone numbers, passwords and locations. The US military was however able to track the person who received the information in Syria . The terrorist groups are targeting the tech generation in their current recruitment. Terrorists are now more sophisticated and are providing their users with manuals on how to shield their communication systems from being tracked . They are using encrypted chat networks such as signal which is difficult to track with the use of a fake phone. Cyber-attacks have become easier to carry out since they are initiated with the use of a virus which corrupts the network system.
Cyber-attacks have the potential of bringing harm to a lot of people. This is possible if the hackers are able to gain control of systems to crucial organizations such as power stations, hospitals and the national grid. Countries such as the UK are aware of this threat and are looking to expand resources into the protection of their citizens against cyber threats which are on the rise. The estimated monetary fund directed towards response against cyber-attacks by the UK is estimated to reach 20 billion USD by the year 2030 .
A study conducted by the NSA in 1997 which involved a group of 30 people who were required to hack into the NSA system revealed that hacking into systems was not as difficult as most organizations would like to assume. The hackers were only allowed to use tools readily available over the internet. The internet is currently flooded with millions of hacking tools which are readily available on the numerous hacking websites . At the end of the study, most of the respondents had gained access to the pentagon networks by encrypting passwords with the use of password detecting software, or calling authorized personnel as fake IT personnel, in order to get passwords. They later used these passwords to create numerous accounts on these organizations. They were also able to close accounts belonging to authorized personnel at the organization. The results of the study shows that a small team had the capacity to cripple the US military system with the use of readily available tools.
Data collected by Riptech Inc. on cyber-attacks and target organizations, reveals that energy plants are attacked by hackers twice to three times as much as compared to other industries, with 12.5 % of these attacks being severe. The leading cause of these vulnerabilities to cyber-attacks is the online business practice which uses links to connect the consumer to the organizations. Loopholes leading to an increase in the vulnerability to cyber-attacks increased by 80% in 2002 .
In 2002 a group in Tokyo was able to create a software that was able to track over 150 police vehicles. Before they went rook, the group had engineered software for ten local agencies as well as 8 Japanese firm in Tokyo. The same individuals who engineer network systems are in a position to turn these software around in order to use them for malicious purposes. The effects would be devastating if such individuals engineered software for military forces.
Descriptive studies
Governments and other organizations have expresses concerns that they are incapable of dealing with cyber-threats. 49% of the IT personnel questioned during a survey by Ipsos public affairs admitted that a cyber-attack was likely to take place against the US government, while 55% of the personnel had enough reason to believe that the possibility of a cyber-attack had increased tremendously after the US bombing of 2011. 84 % of IT personnel believe that there is a huge gap between the nation’s ability to defend itself against cyber-attacks, and the potential risk of a cyber-threat . 96 % of the IT personnel emphasized the importance of increasing the security around sensitive information. 74% of the IT personnel also suggested that big banks such as wall-street and other major financial institutions, were more likely to be targeted by cyber-terrorism.
Demonstrations projects
Cyber intelligence is one of the means by which these organization can mitigate the risk of cyber-attacks. Cyber intelligence involves a clear understanding of the environment of the organization, both internal and external. This will include all the factors surrounding the organization, which might increase its vulnerability to cyber threats. This will involve data gathering, and analyzing possible technical threats to cyber-attacks . The software that we have designed should be capable of detecting threats such as email phising and malwares. The software will then come up with suggestion on how to increase security against such threats. The IT personnel should be quick to respond by coming up with upgraded software which will increase the networks security against the cyber-threats. To increase security around the network, it is also important that the system be disclosed to as few people as possible. Only those who have a certain influence on the networks cyber security should be involved. This will assist in increasing the cyber security around the organizations network.
It is important to note that cyber intelligence is different from cyber security. While cyber security is built around protecting the system, cyber intelligence entails itself with gathering adequate information on the vulnerability of a network towards a cyber-threat. Cyber threats cannot be mitigated if they are handled without the technical knowledge involved in cyber-attacks . Decision makers should be knowledgeable on issues concerning both cyber-attacks and cyber threats. Organizations should only share relevant information and they should never disclose too much information, which is likely to increase an organizations vulnerability to cyber threats.
Cyber security can also be achieved through various strategies in security readiness. These strategies will enable organizations to prevent cyber-attacks from happening, while at the same time ensuring that the response is effective in the event of a cyber-attack . These practices will be incorporated into an organization’s daily practices. These strategies include audit, incident response, network security, disaster recovery, and application security.
Audit should be carried out regularly on both staff and software applied at the organization. The personnel at the organization should receive adequate and regular training concerning the networks security at the organization. Software at the organization should also be checked to ensure that they are up to date. Simple software such as antivirus programs can save a company a lot resources. Computers viruses keep improving, and therefore it is important that software used by organizations is upgraded on a regular basis .
Network security can also be stepped up with the application of daily practices such as the limited access to the internet. Cyber-attacks are made possible through the internet and social media networks. Malwares and viruses can easily be sent through the email which will enable the hacker to gain control of the entire system . By allowing a limited number of employees access to the internet at work, the organization will limit the amount of risk to cyber threats. Securing networks from unauthorized personnel will also reduce the number of cyber threats.
Application security
Application security can be made possible through procedures such as software updates, encryption methods, and email handling. Automatic updating of files attracts certain malwares to the computer. Organizations should refrain from automatic updates, and instead opt for the manual updates of files . Encryption methods enable the user to verify the aunthenticity of sources of messages especially over the internet. By so doing, organizations will be able to detect potential threats, for instance those imbedded in emails. Emails from strangers should never be opened as they could turn out to be potential cyber threats.
Incident response
Potential cyber threats should be reported to the authorities . Cyber-attack is a criminal offense and if not stopped, the perpetrators of such crimes could be successful in the future. Hacking is also illegal and if such skills were to fall into the hands of terrorists, the results would be devastating. In case of an attack, the organization should change its network security and find an upgrade. New strategies should be devised in order to close the loopholes through which perpetrators gained access to the organization’s network. Software and staff should be reviewed after a successful or an attempted cyber-attack on an organization.
Disaster recovery
Disaster recovery can be achieved through the use of data restoration. This can only be made possible if organizations have backed up data. Cyber-attacks are aimed at the destruction of data pertinent to an organization, which can cause the organization great harm . Disaster recovery involves devising new strategies and reviewing the entire network system. It is important that the management and the IT department conduct and in-depth investigation into the cyber-attack in order to find the perpetrators of the attack, as well as seal all the possible loopholes. This will involve an inspection of the staff and all the systems involved in the organization.
Discussion
Most organizations have the capacity to handle cyber threats, but communication barriers have caused them not to come up with proper response systems. Most decision makers and stakeholders in organizations do not have the technical knowledge that is necessary to deal with cyber threats. As a result, most decisions are made by people with limited technical knowledge on cyber-attacks. Information sharing between various organizations is missing, and as a result, most organizations are often caught unawares. Information sharing poses a risk to others since it involves sharing pertinent information such as security systems and software, but it also has its own share of advantages. Through information sharing, organizations are able to share ideas and invent newer and better ideas for cyber security systems . Through sharing of ideas, organizations and other stakeholders will come up with better response systems to mitigate the risk of cyber-attacks.
Conclusion
In conclusion, cyber security is a pertinent issue that should be addressed by all the stakeholders in the society. Loopholes to cyber threats present themselves through processes, staff and infrastructure. Energy plants are targeted more by terrorists since a control of their systems will have great impact and damage. Other organizations with increased vulnerability include hospitals, military systems, financial systems and the national grid. Most organizations are also under the impression that their employees are loyal to them. This misconception has caused terrorists to recruit staff at various organizations, so as to gain access to their network systems. Employees can also have malicious intent for their organizations, especially those who are dissatisfied with their employers. Terrorist groups have been known to infiltrate these organizations through staff. The internet has also made tools for hacking processes readily available over the internet increasing the vulnerability of organizations to cyber threats. Most organizations are also using data control systems, which increase the vulnerability of these organizations to cyber-attacks. Hacking is also made possible by simple software such as malwares and viruses, which can be sent to an organizations system through a legitimate email. Terrorist groups are also recruiting the technology generation into their systems in order to gain access to their technological expertise. The lack of technological knowledge by people in top management has caused a communication gap between the IT department responsible for securing networks from cyber threats and the decision makers. There is the need to break the communication barrier between the IT department and the decision makers in order to come up with more effective cyber-response systems.
References
