Task 2. Answer the following questions.
UNIT V. CYBER SECURITY
LEAD-IN
1. Make a mind-map outlining associations with Cyber Security and give your own definition of the concept.
2. How have cyber threats got enhanced within the latest decade?
3. What common and different features do cyber threats have in comparison with other types of threats?
4. What makes Cyber Security different from other kinds of national security (economic, environment, personal, social, public, political)?
TEXT FOCUS
Task 1. Read the text carefully paying special attention to the words and word combinations in bold.
CYBER SECURITY IN THE MODERN WORLD:
THREATS, CHALLENGES, OPPORTUNITIES
Since the late 20th Century, the world has irreversibly experienced revolutionary transformations.All kinds of “things” or physical objects, from personal computers, home electric appliances, automobiles, to robots and smart meters, have begun to be connected to networks, benefitting from advanced hardware, the widespread of affordable and high-speed Internet, and the advancement of Big Data analytics technologies, and more. Along with the increasing connectivity, physical objects and people in real space have become interconnected in a multi-layered manner without physical constraints, by harnessing the free flow of information and accurate data communications in cyberspace. Due to such linkages, there is an emergence of an “interconnected and converged information society” where physical space and cyberspace have become highly integrated.
While cyberspace, which anyone can utilize without geographic and time constraints, has brought significant benefits to our lives, malicious activities to harm these benefits are increasing. The growing dependency of socioeconomic activities on cyberspace and the evolution of organized and highly sophisticated methods of cyber attacks have caused grave damages and exerted negative impacts on the people’s daily lives and socio-economic activities, and consequently, threats against national security have become more serious year after year. Stealing personal, business, and organizational information and assets has been increasingly persistent. There are also growing threats against national safety and security; governmental bodies and business operators, which provide mission-critical infrastructure necessary for the people’s daily lives and economic activities, have been exposed to cyber attacks that would risk their business operations and continuity.
|
|
|
Cyberwarfare
The emergence of cyberspace adds an additional dimension to warfare. Cyberwarfare is any virtual conflict often defined as major disruptions to critical infrastructure accompanied by collateral global damage. No nation-including both public and private infrastructure - is immune from attack.Waged via the Internet, these attacks disable financial and organizational systems by stealing or altering classified data to undermine networks, websites and services. The reliance of modern society on complex computer systems for core functions of government and the economy, and the interconnectedness between both these systems and the functions they support, mean that a hostile cyber event can produce cascading consequences that affect essential activities across a range of sectors and jurisdictions. A country or group does not need a strong military or economy to wage warfare against industrial powers. Sreeram Chaulia writes in Cyber warfare is the new threat to the global order,"Cyber war capacities are not the domain of only big guns like China and the U.S. They are spreading horizontally to middle and even minor powers". Anyone with the right tools and legal/political environment can launch attacks against large or small targets, regardless of how many guns and tanks the objective has.
In light of such malicious activities, it is a real challenge to know how to best counter these threats to ensure and maintain the free flow of information, the safe and secure living environment of the people, economic and social prosperity, and peace, while protecting intellectual properties. Understanding the threat landscape (the types of attackers, their motivations and their technical capabilities) as well as the main types of cyber attacks and stages of their implementation can help manage the most common cyber risks and reduce the impact of an attack once it is carried out.
Cyber threat landscape
Cyber threats to states may be defined as strategic behaviour and capability to exploit cyberspace in order to harm life, information, operations, the environment and/or property. The cyber threat landscape is not necessarily revolutionary. The activities that actors posing a threat can undertake are the same asthose in the real world: crime, intelligence gathering and espionage, ideological activism and ‘warfare’. These threats emanate from a range of sources: from disgruntled insiders to organised crime, identity thieves and terrorist or activist groups to hostile states and their proxies.
|
|
|
Threat actor typology
| Type | Sub-type | Goal |
| Individuals | Grey hats Black hats | Mayhem, joyride, minor vandalism |
| Coordinated sub- or pan-national groups or networks | Criminal groups | Money, power |
| Terrorists (political) | Gaining support for and deterring opposition to a cause | |
| Hacktivist (anarchistic/millennial) | Protest, fear, pain, disruption | |
| Insurgent groups | Overthrow of a government orseparation of a province | |
| Commercial organization | Industrial espionage, sale of information | |
| States | Rogue state | Deterring, defeating or raising thecost of a state’s involvement in regional dispute |
| Peer competitor | Deterring or deferring a country ina major confrontation, espionage,economic advantage |
For years, relatively inexpensive tools have enabled almost anyone with a little computer knowledge to circumvent prevention controls, given enough time. Many tools, used by both white hat and black hat hackers, are free. Others, like Metasploit, are intended for the professional cybercriminal and penetration tester. Finally, nation-sponsored intrusions often make use of proprietary tools and techniques designed specifically for a planned or ongoing attack. A common perception of a hacker is that of a teenage geek who fools breaks into computer systems for fun. While this perception was perhaps once true, modern cyberwarfare involves well trained, well funded professionals backed by nation states. Examples, such as the Stuxnet virus, are given by some experts to demonstrate that much more is happening behind the scenes, and that the front lines in future wars will be digital.
Types of cyber attacks
|
|
|
If you openly demonstrate weaknesses in your approach to cyber security by failing to do the basics, you will experience some form of cyber attack.Vulnerabilities, or weaknesses in an IT system, provide the opportunities for attackers to gain access to your systems anddeliver a successful attack. Generally speaking, attacks may fall into two categories.
A) Un-targeted attacks
In un-targeted attacks, attackers indiscriminately target as many devices, services or users as possible. They do not care about who the victim is as there will be a number of machines or services with vulnerabilities. To do this, they use techniques that take advantage of the openness of the Internet, which include:
phishing - sending emails to large numbers of people asking for sensitive information (such as bank details) or encouraging them to visit a fake website
water holing - setting up a fake website or compromising a legitimate one in order to exploit visiting users
ransomware - which could include disseminating disk encrypting extortion malware
scanning- attacking wide swathes of the Internet at random
B) Targeted attacks
In a targeted attack, some organisation is singled out because the attacker has a specific interest in this business, or has been paid to target it. The groundwork for the attack could take months so that they can find the best route to deliver their exploit directly to these systems (or users). A targeted attack is often more damaging than an un-targeted one because it has been specifically tailored to attack concrete systems, processes or personnel.
Targeted attacks may include:
spear-phishing - sending emails to targeted individuals that could contain an attachment with malicious software, or a link that downloads malicious software
deploying a botnet - to deliver a DDOS (Distributed Denial of Service) attack
subverting the supply chain - to attack equipment or software being delivered to the organization
Stages of cyber attacks
A simplified model describing the four main stages present in most cyber attacks is as follows:
Survey - investigating and analysing available information about the target in order to identify potential vulnerabilities
|
|
|
Delivery - getting to the point in a system where a vulnerability can be exploited. Examples include:
attempting to access an organisation’s online services
sending an email containing a link to a malicious website or an attachment which contains malicious code
creating a false website in the hope that a user will visit
Breach - exploiting the vulnerability/vulnerabilities to gain some form of unauthorised access. The harm will depend on the nature of the vulnerability and the exploitation method. It may allow them to:
- make changes that affect the system’s operation;
- gain access to online accounts;
- achieve full control of a user’s computer, tablet or smartphone/
Affect - carrying out activities within a system that achieve the attacker’s goal. Depending on their motivation, the attacker may seek to explore your systems, expand their access and establish a persistent presence (a process sometimes called ‘consolidation’).
Reducing cyber threats
Fortunately, there are effective and affordable ways to reduce exposure to common types of cyber attack on systems. They are related to physical, logical, and administrative security and include prevention, detection, and response elements:
boundary firewalls and internet gateways - establish network perimeter defences, particularly web proxy, web filtering, content checking, and firewall policies to detect and block executable downloads, block access to known malicious domains and prevent users’ computers from communicating directly with the Internet
malware protection - establish and maintain malware defences to detect and respond to known attack code
patch management - patch known vulnerabilities with the latest version of the software, to prevent attacks which exploit software bugs
whitelisting and execution control - prevent unknown software from being able to run or install itself, including AutoRun on USB and CD drives
secure configuration - restrict the functionality of every device, operating system and application to the minimum needed for business to function
password policy - ensure that an appropriate password policy is in place and followed
user access control - include limiting normal users’ execution permissions and enforcing the principle of least privilege (applying only those privileges to a user account that are essential to that user's work)
security monitoring - to identify any unexpected or suspicious activity
user training education and awareness - staff should understand their role in keeping your organisation secure and report any unusual activity
security incident management - put plans in place to deal with an attack as an effective response will reduce the impact on your business
Conclusion
Defending networks isn't a new concept. We've known how to implement prevention, detection, and response controls for years. This isn't the problem. The challenge we face is the absence of any multilateral agreement at the level of the United Nations to moderate and set limits on cyber war, regulating the murky business of hacking and destroying the Internet assets of adversaries. Governing cyber weaponry is one of the cutting-edge problems facing the international community, on a par with emerging issues like weaponisation of outer space and unmanned aerial attack drones.
The future of security and prosperity rests on digital foundations. The challenge of our generation is to build a flourishing digital society that is both resilient to cyber threats, and equipped with the knowledge and capabilities required to maximise opportunities and manage risks. We are critically dependent on the Internet. However, it is inherently insecure and there will always be attempts to exploit weaknesses to launch cyber attacks. This threat cannot be eliminated completely, but the risk can be greatly reduced to a level that allows society to continue to prosper, and benefit from the huge opportunities that digital technology brings.
(based on :
http://www.rand.org/pubs/research_reports/RR235.html
https://www.ncsc.gov.uk/white-papers/common-cyber-attacks-reducing-impact
https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/567242/national_cyber_security_strategy_2016.pdf
http://www.nisc.go.jp/eng/pdf/cs-strategy-en.pdf
http://www.nationmultimedia.com/news/opinion/aec/30203813
https://www.techopedia.com/definition/13600/cyberwarfare)
GLOSSARY
Big Data analytics technologies - Big data analytics examines large amounts of data to uncover hidden patterns, correlations and other insights. With today’s technology, it’s possible to analyze your data and get answers from it almost immediately – an effort that’s slower and less efficient with more traditional business intelligence solutions.
Sreeram Chaulia - Professor and Dean, Executive Director,Centre for Global Governance and Policy, Jindal School of International Affairs, B.A. Hons. (Delhi), B.A. (Oxford), M.Sc. (LSE), M.A. and Ph.D. (Syracuse). Research interests: diplomacy, foreign policy, comparative politics, international political economy, international organisations, armed conflict, humanitarian practices, and contemporary world history
White/black/gray hat hackers (also spelled grey hat hacker) - Many people see the world of IT security as a black-and-white world. However, gray hat hacking does play a role in the security environment. Gray hat hackers represent the middle ground between white hat hackers, who operate on behalf of those maintaining secure systems, and black hat hackers who act maliciously to exploit vulnerabilities in systems. A gray hacker is someone who may violate ethical standards or principles, but without the malicious intent ascribed to black hat hackers. Gray hat hackers may engage in practices that seem less than completely above board, but are often operating for the common good.
Metasploit - Penetration testing software which helps a company use attackers’ own weapons against them. Utilizing an ever-growing database of exploits, a company can safely simulate real-world attacks on its network to train a company security team to spot and stop the real thing.
Stuxnet virus - as it came to be known, was unlike any other virus or worm that came before. Rather than simply hijacking targeted computers or stealing information from them, it escaped the digital realm to wreak physical destruction on equipment the computers controlled.
Task 2. Answer the following questions.
1. How have cyber threats evolved since the late 20th century?
2. What are special characteristics of cyber threats today?
3. What makes cyber threats a matter of national security?
4. What actors does the cyber threat landscape consist of? Give a short description of each.
5. Give a comprehensive description of un-targeted cyber attacks.
6. Give a comprehensive description of targeted cyber attacks.
7. What are the stages of cyber attacks and what is characteristic of each of them?
8. What are the most effective and affordable ways to reduce exposure to common types of cyber attack on systems? Comment shortly on each of them.
LANGUAGE FOCUS
Task 1. Skim the text again and find all possible word combinations with the following words:
attack cyber threat security Internet
Task 2. Look up the collocations with the words “attack/to attack”, “cyber”, “threat(en)”, “security”, “computer”, “Internet” in the dictionary, find collocations with them in the above text and fill in the table. “Information” - has been done as an example.
Дата добавления: 2019-02-12; просмотров: 1036; Мы поможем в написании вашей работы! |
Мы поможем в написании ваших работ!