Cyber Security
By: Emily Hellums, Alex Riley, Gideon Grafe, and Nathan L
Cyber Attack Risks to your Personal Computer
Part of the problem facing America today is the high risk of cyber-attacks that can steal personal information and install malicious software. Almost everyone has a computer that has personal information and important documents on it, but not everyone has the security on their computer that they should. Without sufficient security your documents and personal information could be at risk. Even someone with little technical knowledge could hack into a computer. For example, if you google “how to hack into Gmail” a whole list of tutorials pop up. According to Symantec-Norton, some examples of the most common threats to your computer include hacking, malware, pharming, phishing, ransomware, spam, spoofing, spyware, trojan horses, and viruses. Each of these use different techniques to steal credit card information, usernames, passwords, and other sensitive information. They are also able to delete items from your computer, send email from your email address, turn on your webcam, or spam your computer with uncontrollable pop up ads. Anyone using the internet or checking emails should be very careful to make sure they don’t download a virus. All someone would have to do is download a virus from a fake email or even just visit a compromised website. With the wide variety of ways your computer can be attacked it is not surprising that your information is at risk.
According to TIME, one example of a dangerous computer program is ransomware. Ransomware is an attack that claims to be coming from a legitimate source, like the FBI, but is really just a hacker trying to earn some money off of you. It will lock you out of your documents or lock you out of your computer until you pay the fine they ask for. Ransomware attacks are on the rise because it is easy for hackers to use, difficult to track where it came from, and it does not require a lot of technical knowledge to use. Also, hackers using ransomware earn about $70,000 a month, and the amount of ransomware available on the black market increased by 250% between 2013 and 2014. According to FBI.gov, another dangerous type of cyber-attack is spoofing. The two different types of spoofing are phishing and pharming. Phishing is where a person will receive an email that looks like it is form a legitimate source, but is actually a fake. This email will link someone to a website that also looks like it is a legitimate source, and once you are on this website it will try to steal your credit card information, usernames and password, as well as other personal information. Pharming works the same way except it redirects you to a fake website while trying to reach the real website. Once there it will also try to steal your personal information. A good way to tell if you end up on a fake website is to look at the URL. If the name in the URL is spelled wrong or it says .com instead of .org or .gov you should probably double check to make sure you are on the right website. According to USA Today, cyber attacks can also affect your vehicle. This leads to the new issue where not only your personal information is at risk, but also your life could be at risk as well. These are just a few kinds of cyber-attacks that can affect your computer, if you would like to read more about this please visit Symantec-Norton or FBI.gov.
Emily Hellums
Industrial and National Scale Peril
Cyber attacks threaten us on a grander scale than individual thefts and malices. The community of hackers is growing daily, as is their level of collaboration and organization. They will not be, and indeed already are not, satisfied with small targets.
Organized hacking groups are now prolific. The most famous group, Anonymous, has shut down mid-scale websites permanently, and temporarily taken over some of the biggest, including the FBI website. This talk by Mikko Hypponen describes another now-common entity, the organized criminal industry of hacking.
In 2015, the US government itself, to many minds the central defender of our security, suffered what is known as the OPM Breach. Hackers took from OPM, the Office of Personnel Management, millions of personnel files. Many believe it was the Chinese government who implemented the OPM Breach. Of course, for years before the breach, the US government had access to millions or billions of personal devices and accounts, which were monitored by the NSA. That surveillance also extended to hacking other governments’, including the email of Mexican president Felipe Calderon.
One the most significant incidences of government-to-government cyber attack is known as Stuxnet. Stuxnet, a groundbreaking computer worm virus, spread throughout an Iranian nuclear facility undetected, and then proceeded to wreak havoc. For a more thorough account of Stuxnet, see this link.A cyber weapon seeks not only to infiltrate and steal information, but to destroy. A cyber weapon could also be the weapon of choice for causing destruction on the level of bombings, even invasions, inflicted on our lives and economy with the very resources we use and rely on for our safety and prosperity. A strong cyber weapon could disable our power grid by disabling its computers, perhaps even manipulate the grid to physically destroy itself.
This is an example of one among hundreds of potential vulnerabilities that could shake our nation, and leave us both damaged and more vulnerable to other kinds of attacks. Two other particularly fearful examples are the transportation system and the nuclear arsenal. Planes normally run on autopilot, and cars are well on their way to doing the same. With access to an airplane computer or a network of cars, an enemy could kill hundreds with as many keystrokes. And if an enemy gained deep access to our nuclear arsenal… We do not have the protection of Mutually Assured Destruction if the attacker is an anonymous hacker and the weapons are our own.
These threats, for the most part, have not fully entered our present reality. But the danger increases each day in two dimensions. First, by all appearances, the hackers are winning.
Gideon Grafe
What can we do?
Unfortunately, here is no single, obvious solution to combat the growing danger; however increased investment in the field of cybersecurity and encouraging it as a college degree can help bring more professionals into the field. Beyond this, there are measures that you yourself can take to reduce the risk of becoming the next victim.
Firstly, be aware that there is a universally increasing demand for security specialist, shown by the steep and continual yearly increase in jobs for cybersecurity majors noted by BurningGlass, a company that specializes in matching employees to jobs and is the world leader in its field. Also, in the wake of the November 2014 cyberattack against Sony Pictures Entertainment, the US is fighting to improve the US securities markets in order to counter attacks like these in as observed by Roland Trope in Business Source Complete. However, even with all this, there is still a massive shortage of cybersecurity personnel in both the government and private sector. As seen above, this leads to extremely compromised safety.
This is all well and good for helping protect us in the future and build a safer digital world for the next generations, but what can people do now to protect themselves?
Studies conducted by the International Journal of Human-Computer Interaction indicate that most individuals have many unsafe habits when it comes to technology use, frequently and unknowingly exposing themselves to risk. However, online programs such as SecureComics help improve general understanding and motivate positive changes in security management for individuals who participate. To stay safe, one should take the time to research good user habits so that when presented with a security threat they will recognize it and know how to respond.
To wrap up the discussion, I would like to add a few tips on how to stay safe on a computer. Some suggestions from the Times and Forbes are to avoid suspicious emails omand insecure sites, to keep you operating system up to date with the latest security updates, treat free wifi hotspots with caution, and backup your important data to another device, a USB, or Dropbox. Doing all these things may not guarantee that you do not get hacked, but it will significantly reduce the chances of you losing control of your computer or valuable files. A more comprehensive list of ways you can protect your personal device can be found here
Nathan Leake
What does the future of cyber security look like?
It’s clear that cyber security is an immediate threat, but because it may not have affected everyone on a personal level it can be hard to imagine the future of cyber threats. The growing threat of cyber security will become more of a threat in the future due to our increased dependence on the internet of things, and the hackers perseverance, but a vision of the future of cyber security exists today. In the next few paragraphs I will address how these cyber threats may affect our society on a personal and national level then I will give us all the reassurance of cyber security from forward thinking individuals and companies.
Cyber attacks will begin targeting individuals on a large scale basis by gaining access to our increasing information that’s available on the internet, but also cyber security and insurance may be a threat on our pocket books. Hacker’s inlets to our personal life is about to get an upgrade thanks to our growing dependence on the internet. While it currently sucks to have your facebook hacked, imagine if your browsing history was made public knowledge. This was somewhat the case when the adulture’s facebook “Ashley Madison” was hacked in 2015 according to NBC news. Additionally, it’s clear that more than our social lives are becoming connected to the internet with the increase of the internet of things, which will increase the things prone to attack in the future. What’s more cyber security companies are charging a premium for their uphill battles in the uphill battle against cyber threats. As stated in a CIO article, the work of the cybersecurity companies are alluded it to the Sisyphean boulder pushing suggesting that as the push continues the prices will increase. So long as our cybersecurity remains in the hands of private firms we can expect an increase in the price of their product.
As addressed earlier in this flyer, the cyber security threat is not limited to personal attacks, and the future may look grim for national cyber security. Companies and governments responsible for the personal information of the individuals it represents will become a larger target to cyber attacks while not improving security at a greater rate than the threat. On a national level the risk is more critical with sensitive government information being updated on internet connected sites. Companies with inadequate security become targets for extortion, when hackers gain access to sensitive information within companies. And the threat becomes worse if the hackers are profiting from their endeavours. Additionally, as Gideon mentioned earlier, the transportation industry is going to be increasingly at risk putting lives at risk on a large scale. Hacktivism, according to Wired magazine, has become a growing outlet for individuals to attack personal web pages and media outlets. These hacktivists may seem harmless while they are attacking on “just” causes, but what will be the outcome if their ideology differs from the public's?
But a positive vision of the future with more sophisticated cyber security promises hope in protecting our virtual world. According to a Motherboard article, the future of cyber security is located in the israeli desert. The cyber park powerhouse in Beersheba employs 20,000 coders to work proactively against the cyber threat. With such a force backing our team, cyber terrorists are kept at bay, for the moment. For this level of protection at home we need to implement government policy. As was mentioned in a Patriot article, president Obama is aware of the looming cyber threat and has made cyber security a priority. If increasingly protective plans are enacted the future of cyberware may remain in the hands of those who create it. As suggested in the Patriot article, a new cyber security department may be the answer to the future of cyber security.
Alexander Riley
FAQ
A: I see several ways. First, most governments and major companies could simply decide that the internet is too dangerous, take the safe route, and send us back the age before the internet. Second, our security could improve dramatically, and we could continue to operate in a similar but more secure way to how things are currently done. Lastly, and I think most likely, a sort of cyber-version of Mutually Assured Destruction will develop. In this scenario, hackers essentially have free reign, but any major cyber attack would be met with fierce retaliation in kind. This would be similar to the Cold War, which, though terrifying, involved little actual combat. Unfortunately, there would be thousands of players, much higher potential for anonymous attacks that circumvent the deterrent, and potentially very little protection for ordinary, non-cyber expert civilians.
Gideon Grafe
Works Cited
Adams, Dwayne. "15 Predictions for the Future of Cyber Security - Patriot Technologies, Inc." Patriot Technologies, Inc. Patriot Technologies, Inc., 18 Aug. 2014. Web. 27 Apr. 2016.
Boulton, Clint. "5 Biggest Cybersecurity Concerns Facing CIOs, CISOs in 2016." CIO. CXO Media Inc., 18 Jan. 2016. Web. 27 Apr. 2016.
Diallo, Amadou. "Ways to Protect Yourself from Hackers." Forbes. Forbes, 6 Aug. 2014. Web 27 Apr. 2016
Edwards, Haley Sweetland. "A Devastating Type of Hack Is Costing People Big Money." TIME. TIME, 21 Apr. 2016. Web. 28 Apr. 2016.
Glusing, Poitras, Rosenbach, Stark, “Fresh Leak on US Spying: NSA Accessed Mexican
President’s Email”, Spiegel Online International, World. n. pag. (October 2013). Web. 27 April 2016
Hypponen, Mikko, “Fighting Viruses, Defending the Net”, TED X, TEDGlobal 2011. n. pag.
(July 2011). Web. 27 April 2016, <http://www.ted.com/talks/mikko_hypponen_fighting_viruses_defending_the_net/transcript?language=en>
Kelley, Michael, “The Stuxnet Attack on Iran’s Nuclear Plant Was ‘Far More Dangerous’ Than
Previously Thought”, Business Insider, Military & Defense. n. pag. (November 2013). Web. 27 April 2016,
<http://www.businessinsider.com/stuxnet-was-far-more-dangerous-than-previous-thought-2013-11>
Lee, Timothy, “The Next Frontier of Hacking: Your Car”, Vox.com, Internet Security. n. pag.
(January, 2015). Web. 27 April 2016,
<http://www.vox.com/2015/1/18/7629603/car-hacking-dangers>
Pagliery, Jose, “OPM Hack’s Unprecedented Haul: 1.1 Million Fingerprints”, CNN Money,
Cyber-Safe. n. pag. (July 2015). Web. 27 April 2016, <http://money.cnn.com/2015/07/10/technology/opm-hack-fingerprints/>
"Ransomware Is Costing People Big Money." Time. Time, 24 Apr. 2016. Web. 26 Apr. 2016.Trope, Roland L., and Lixian Loong Hantover. "Significant Developments In Cybersecurity." Business Lawyer 71.1 (2015):
257-270. Business Source Complete. Web. 27 Apr. 2016.
"The Growth of Cybersecurity Jobs". BurningGlass, PWC, n.d. Web Mar 2014, Retrieved 25 April 2016
"Norton by Symantec Registered Partner." Norton Security Center. N.p., n.d. Web. 28 Apr. 2016.
Stuart, Hunter. "The Future of Cybersecurity Is Being Written in the Israeli Desert." Motherboard. Vice Media LLC, 1 Feb. 2016. Web. 27 Apr. 2016.
"The 11 Most Common Computer Security Threats… And What You Can Do to Protect Yourself from Them." Symantec-Norton. N.p., n.d. Web. 28 Apr. 2016.
Wattie, Chris. "Hack to the Future: Experts Make 2016 Cybersecurity Predictions." NBC News. NBC News, 21 July 2015. Web. 27 Apr. 2016.
Woodyard, Chris. "FBI, NHTSA Warn about Car Hacking." USA Today. Gannett, 19 Mar. 2016. Web. 28 Apr. 2016.
Westman, Shelley. “Hacking Contests Drive Millennials to Cybersecurity” SecurityIntelligence, 12 Nov. 2015.
Web 25 Apr. 2016
Zetter, Kim. "The Biggest Security Threats We’ll Face in 2016." Wired.com. Conde Nast Digital, 1 Jan. 2016. Web. 27 Apr. 2016.
Zhang-Kennedy, Leah, Sonia Chiasson, and Robert Biddle. "The Role Of Instructional Design In Persuasion: A Comics Approach For Improving Cybersecurity." International Journal Of Human-Computer Interaction 32.3 (2016): 215
257. Business Source Complete. Web. 26 Apr. 2016.