Cyber-attacks are very common in the U.S. and around the world. However, From mid-2009 and through December 2009. One of the most sophisticated cyber-attacks was lunched against Google and 20 other companies (McAfee , 2013). McAfee researchers dubbed the attack Operation Aurora. The cyber-attack was first publicly disclosed by Google on January 12, 2010. A group named "Hidden Lynx” out of China is believed to be responsible. McAfee dubbed the Cyber-attack “Operation Aurora”. According to the anti-virus firm McAfee, the hackers were seeking source codes to Google, Adobe, Yahoo, and dozens of other high-profile companies (Zetter, 2010). McAfee firm reported the tactics used in the attack were unprecedented and used combined encryption and stealth programming to find an unknown backdoor into Microsoft internet explorer. Because of this vulnerability this allowed an access breach and allowed the hackers to steal intellectual property from Google and gain access to user’s accounts. McAfee researchers believe in detail hackers of Operation Aurora invisibly infiltrated different systems without any visible signs of malicious intent or actions in a couple of steps. The attack started with sending a link in an email or instant message from a “trusted” source directed to the targeted company or user. Since the link was believed to be trusted by the user. The user would click on the link a website that contains a malicious JavaScript payload. Due to the nature of an executable file, the browser will download the malicious JavaScript. The script will include a zero-day Internet Explorer exploit that will download a binary pretending to be Taiwan servers that will execute the payload. This Trojan will open a backdoor that is encrypted and ...
... middle of paper ...
...the system for the latest threats.
• Adhere to either the FISMA or NSA hardening guidelines and house the SCM on a single-use system.
• Have a good network forensics system that will store and log all traffic for offline analysis (McAfee Labs and McAfee Foundstone Professional Services 11-12).
Although cyber-attacks are quite common in the defense industry, Operation Aurora illuminated that even the once immune commercial sectors are no longer safe from cyber hacking. The world of cybercrime is quickly changing its focus to intellectual property repositories. With vulnerabilities out there, consumers will always be at risk for future attacks. Therefore, it is critical to protect their systems with latest updates and security protection programs such as McAfee. Countermeasures should be taken seriously to ensure system optimal against all threats malicious or not.
This project must meet the requirements of DoD security policies and standards for delivery of the technology services. The first requirement we are to discuss is Federal Information Security Management Act (FISMA) which is a United States legislation that defines a comprehensive framework to protect government information, operations and assets against natural or man-made threats. FISMA assigned the National Institute of Standards and Technology (NIST), the responsibility of defining standards and security procedures to be followed and must be complied. There are nine processes NIST outlines to be in compliance with FISMA:
Multi-platform computer worms are a tool that computer hackers use to infect computers to gain control access. Computer worms are a dangerous virus because they are self-replicating, meaning that they multiply themselves and spread onto other computer networks seeking a lapse in internet security. Computer worms do not need to attach themselves onto an existing computer program to gain access to the victim computer files. The computer worm was created on accident by a Cornell student named Robert Morris; he was seeking a way of managing the internet in 1988. “Morris had no malicious intent, but a bug in his program caused many of the computers the worm landed on to crash. … but worms had come of age and have since evolved into an effective way of attacking systems connected to the internet” (Barwise). Today, hackers use the Morris worm to infect computers. “Five men believed to be responsible for spreading a notorious computer worm on Facebook and other social networks — and pocketing several million dollars from online schemes — are hiding in plain sight in St. Petersburg, Russia …” (Richmond). Since the good intended creation of the worm it has only been used maliciously as a computer virus by money seeking computer hackers such as the Koobface gang in Russia.
Imagine this; you are sitting at your desk looking at a bunch of pictures. Just a normal scene, what could go wrong? Suddenly, you’re attacked by deadly things that are trying to steal your personal information like your credit card numbers, email address, all your passwords, everything. Could this be the work of ninjas? No (bet that is what you first thought though). What about the FBI? No. Then what was it? It was a virus. If you hadn’t figured it out by now, you were looking at pictures online using Google images (for all you Bing fans, I’m sorry but Google is much better). You were downloading pictures from Google and one of them happened to contain a virus and it was downloaded with one of the pictures. How do I know this is a virus? The answer is that I don’t. I didn’t give enough symptoms to diagnose this. To the pros at hacking and security, you may know that viruses are not the only threat. If you are new to the world of computers, you might not. The three types of malware that will try to harm your PC or your data in any way are Trojans, worms, and the most famous, viruses. These three are very different and all are terrible for you and your PC.
Poison Ivy is the name given to a family of malicious remote administration Trojans first developed in 2005 and still being utilized for cyber attacks today. As a type of remote administration software, once a computer becomes infected the attacker has complete control of the computer. The most recently documented large-scale utilization of the software was during the “Nitro” attacks from July 2011 through September 2011 that targeted both chemical and defense companies for the purpose of industrial espionage (Fisher). The information security firm McAfee stated that five multinational natural gas and oil companies were successfully targeted by the Poison Ivy malware, as well as 29 other companies identified by Symantec (Finkle). These organizations lost proprietary information to the attackers, including confidential bidding plans (for the energy companies) and details on manufacturing processes and formulas (for several chemical companies).
Implement a system Intrusion Detection/Prevention System (IDS/IPS): - Make the investment in an IDS/IPS to distinguish and prevent potential system dangers. sensors ought to be circulated all through the system, with a specific focus on general society untrusted section. Take alerts very seriously.
It is reported that Platform Networks observed the first breach within a period of forty-eight hours. Platform Networks then duplicated and quarantined the affected computers so that the cyber-attacker will not detect that he was being monitored closely (Rehn & Australian Associated Press, 2011). Platform Networks states that the attack began in 2010 as a misbehaving domain name server. Platform Networks continued observing the quarantined computers which were being illegally accessed for a period of seven months. The quarantining approach allowed the AFP to be able to gather all the necessary data to enable them to apprehend the person who was behind the illegal access and illegal modification of Platform Networks data (Rehn & Australian Associated Press,
As electronic commerce, online business-to-business operations, and global connectivity have become vital components of a successful business strategy, enterprises have adopted security processes and practices to protect information assets. But if you look at today's computing environments, system security is a horrible game of numbers: there are currently over 9,223 publicly released vulnerabilities covering known security holes in a massive range of applications from popular Operating Systems through to obscure and relatively unknown web applications. [01] Over 300 new vulnerabilities are being discovered and released each month. Most companies work diligently to maintain an efficient, effective security policy, implementing the latest products and services to prevent fraud, vandalism, sabotage, and denial of service attacks. But the fact is you have to patch every hole of your system, but an attacker need find only one to get into your environment. Whilst many organisations subscribe to major vendor's security alerts, these are just the tip of the security iceberg and even these are often ignored. For example, the patch for the Code Red worm was available some weeks before the worm was released. [02]
Waterman, Shaun. "Obama Hits Pause on U.S. Action in Face of Crippling Cyber Strikes from Syria, Iran." Washington Times 28 Aug. 2013. Print. (Source B)
The ability to conduct warfare through technological methods has increased information security awareness and the need to protect an entities infrastructure. Subsequently, cyber warfare produces increased risk to security practitioners that employ technology and other methods to mitigate risks to information and the various systems that hold or transmit data. A significant risk to information lies in the conduct of electronic commerce, hereinafter called e-commerce. E-commerce is the purchasing or selling of goods and/or services through the internet or other electronic means (Liu, Chen, Huang, & Yang, 2013). In this article, the researcher will discuss cyber warfare risks, present an evaluation on established security measures, identify potential victims of identity theft, and present an examina...
The history of cybercrime goes back to 1971 and the first computer virus called the Creeper which was created by Bob H. Thomas, who was a BBN engineer (Dalakov, Meltzer, and Phillips). BBN which stands for Bolt, Beranek and Newman, is now Raytheon BBN Technologies (“About”, Dalakov). A computer virus is a program that is created to cause damage to a computer or perform other malicious acts (204). The Creeper virus was designed to infect the ARPANET network. The ARPANET, which stands for Advance Research Projects Agency was set up by the U.S. Government as an agency in 1969 to provide a network of computers that would connect various academic and research organizations; it was the predecessor of the Internet (“Internet”, Morley, and Parker).
In this globalized arena, with the proliferating computer users as well as computer networks, risks associated like Malware attacks are also multiplying. As the proverb
A cyber crime called 'Bot Networks', wherein spamsters and other perpetrators of cyber crimes remotely take control of computers without the users realizing it, is increasing at an alarming rate. Computers get linked to Bot Networks when users unknowingly download malicious codes such as Trojan horse sent as e-mail attachments. Such affected computers, known as zombies, can work together whenever the malicious code within them get activated, and those who are behind the Bot Networks attacks get the computing powers of thousands of systems at their disposal.
Malicious code is a real danger to modern systems. Most systems nowadays do not work in isolation; they are more likely to be connected to other systems and sometimes they can even be dependent on them. Therefore an attack on one of the systems in the network is a potential attacking attempt to any other systems, with which it is interacting. Therefore, it is inevitable for any networked or Internet-connected computers to deal with malicious code attacks at some point. Businesses lose billions of dollars each year because of malicious code attacks. Responding to the attack and restoring all the data on the computers is a time-consuming and expensive task. It is a much better practice to try preventing it through organizing and maintaining effective defenses. However, it is important to keep in mind that there is no one general solution that can help to prevent all the attacks. Attackers are constantly looking for new ways to take advantage of systems’ vulnerabilities and find new ones. That’s why organizations have to not only defend themselves against existing attack methods, but also try to predict and prevent new attacking techniques. It means that computer and network security is a never-ending challenge and expense.
The world is in another cold war, except this time countries are battling for cyber supremacy. Cyberspace is a massive land of ever-changing technology and personal interaction (McGuffin and Mitchell 1). Cyberspace is not only a place where people post pictures and update their profile, but it also plays an enormous role in running a country. Advanced countries use computers to guide their military, keep track of citizens, run their power grids, and hold plans for nuclear devices and nuclear power. Risks to commercial and government concerns are now being noticed and many countries are taking actions to prevent such threats (McGuffin and Mitchell 1).
The Defense Department made an admission of the first major cyber attack upon its systems in August 2010. It was revealed that the attack actually took place in 2008 and was accomplished byplacing a malicious code into the flash drive of a U.S. military laptop. “The code spread undetected on both classified and unclassified systems, establishing what amounted to a digital breachhead.” (2) This quote , attributed to then Deputy Defense Secretary William J. Lynn III , is just part of the shocking revelations that were disclosed in his speech made on July 14, 2011. Lynn said that...