Sign Up Now
Get instant access to over 1 million+ study documents
OR
Already registered? click here to login
By creating your account, you agree to our terms of service, privacy policy and student honor code.
CYBER CRIME AND CORPORATE SECURITY
Abstract
In the past, various businesses have lost huge sums of money to cybercriminals, while others have experienced severe service disruptions. This has been the case as cyber criminals execute schemes meant to advance certain agendas. For this reason, cybercrime is increasingly being seen as one of the most serious challenges that business enterprises (as well as government agencies) face today. Various surveys conducted in the past indicate that the problem could be worsening. The problem is aided by the emergence of what could be deemed as cybercrime facilitating factors such as crypto currencies. The dynamic nature of cybercrime, i.e. in relation to variations in the methodology and conduct of attacks, also makes it difficult for this particular challenge to be effectively dealt with. It is with this in mind that various interventions have been floated in the past to reign in this particular challenge. However, to a large extent, the success of such interventions has hugely varied. For this reason, there may be need for the formulation as well as implementation of a coherent cybercrime policy intervention. Such an intervention would ideally bring together various stakeholders and seek to incorporate certain theoretical perspectives so as to maximize chances of success.
Cyber Crime and Corporate Security
Introduction
There are many challenges that organizations and agencies operating in todays world face. One such challenge happens to be cybercrime. Over the last few years, the number of organizations that have suffered at the hands of cyber criminals has gone up drastically. This is particularly the case as businesses increase their reliance upon computers and the World Wide Web to not only enhance efficiency and productivity, but to also pursue a competitive advantage. To a large extent, cybercrime could be conceptualized as the utilization of a computer system as the primary tool in the commission of an offense. In basic terms, such an offense could range from mere access to unauthorized data or information to theft of hundreds of millions of dollars. Multiple organizations within the country have fallen victim to cybercrime over the last one decade. While some of these organizations only ended up experiencing minor disruptions, others lost huge sums of money at the hand of cybercriminals. Still, others had their reputations irreparably tarnished as a consequence of data breach. It is likely that going forward, there will be marked increase in cybercrime rates as technology advances and as more businesses scale down their brick and mortar locations and take their operations online. It is likely that criminals will continue to deploy even more sophisticated approaches in an attempt to exploit vulnerabilities across various platforms.
It would be prudent to note that there are various kinds of specific cyber security threats and challenges that corporations or enterprises grapple with today. This text will concern itself with four such challenges. More specifically, the challenges that will be addressed on this front are: ransomware, denial of service attacks (also referred to as DoS attacks), data breaches/theft, and hacktivism. With cybercrime being a growing concern, the relevance of deploying effective interventions to reign in the vice cannot be overstated. Many interventions have been proposed by various practitioners and commentators in the past. These are inclusive of the deployment of the creation of robust mechanisms for IT security. In this write up, prevention efforts will be assessed from the perspective of policy interventions.
Discussion
Theoretical Background
In seeking to develop better understanding of this particular phenomena i.e. in relation to its nature and conduct - there will be need to deploy one of the major crime and deviance theories. The theory that will be deployed in in this case is the social strain theory. It should be noted that there is no standard definition for this particular theory. This is more so the case given that various definitions to the same have been floated in the past. According to Moon, Blurton, McCluskey (2007), this particular theory makes an observation to the effect that persons could be pressurized to engage in criminal behavior by social structures. This is to say that an individual could be pressured into committing crime, including computer hacking and system intrusion, by societal structures. As Moon, Blurton, McCluskey (2007) further observe, the theory was first proposed by Robert K Merton in 1938. This theory appears to be the most ideal in the context of this discussion. We could speculate that those who engage in computer hacking, system intrusion, cyber terrorism and other formats of cybercrime usually cave in to social pressures to deploy their skills and capabilities to make money or pursue other non-profit agenda. To a large extent, most Hollywood movies and cinemas glorify such a course of action and routinely project characters who brilliantly hack into systems as heroes. This is the very same perspective that has gained considerable acceptance in the public domain especially when it comes to some formats of cybercrime such as hacktivism (Alexopoulou and Pavli, 2021). Continued engagement in cybercrime could, on the other hand, be explained in terms of the formation of communities with shared values. This is more so the case given that as Soderberg and Maxigas (2021) point out, there are three key pillars upon which the hacker community autonomy is founded. One of these pillars happens to be shared values. It would be prudent to note that as the authors in this case further observe, there are various formats under which the cultivation of shared values occurs. One such format happens to be regular online mass interactions. The said interactions could occur in a wide range of settings including, but not limited to; chat rooms and mailing lists. Shared values could also be cultivated via the embrace of symbolic signs and emblems. With this in mind, we could argue that individuals who engage in deviant beavior, and in this case in cybercrime, are motivated to do so by the societys embrace of this kind of behavior as a mark of brilliance, and subscription to the hacker culture. It would be prudent to note that familiarity with this school of thought could come in handy in efforts to deploy the most effective interventions to reign in the problem.
Overview of Issues
As has been pointed out in the introductory section of this text, some of the key cybersecurity challenges that businesses enterprises grapple with today are inclusive of ransomware, denial of service attacks, data breaches/theft, and hacktivism. Ransomware could simply be defined as a computer program designed to encrypt data effectively making the said data inaccessible to those who need it with the sole intention of demanding some form of payment so as to decrypt the affected data. It is for this reason that the term ransom is used, as in essence, there is a demand for the payment of money for the release (decryption) of data which is in this case the asset held captive. On the other hand, denial of service attacks (otherwise referred to as DoS attacks) happen to be malicious attacks on a network, service, or server with the intention of making such counters unavailable. The objective in making such counters unavailable is to ensure that users are unable to access crucial data, information, services, or execute certain commands.
Third, we have data breaches/theft. As the name suggests, data theft happens to be the stealing of data which could in this case be available in a wide range of formats, i.e. in form of reports, statements, statistics, figures, or even simple document profile. In this realm, the said theft of data happens to take place via the utilization of computer systems and is perpetrated with malicious intent. One such intent could be gaining access to information that would otherwise be unavailable to unauthorized third parties (i.e. confidential competitor information). Further, the intention could be utilization of stolen confidential info as a bargaining chip for some form of payment with the threat of release of such information to the general public if the payment is not made.
Lastly, yet another cybercrime concern that ought to be taken into consideration is hacktivism. It is important to note that hacktivism happens to be a relatively new phenomenon in the cyber security realm. To a large extent, unlike the other cybercrime concerns I have highlighted above, hacktivism is not necessarily profit-oriented. Instead, it is a kind of cybercrime activity meant to advance a certain political or social agenda. This does not make it any less of a criminal offense. For instance, a cybercriminal could break into a website of a political party and post statements loaded with a certain social or political agenda. The subsequent sections of this text will discuss the highlighted cyber security issues in greater detail. This is more so the case in relation to their execution and the impact that they have on business enterprises.
Synthesis of Literature Review
i. Ransomware
Ransomware happens to be one of the various kinds of malwares. According to Faruki et al., (2014), the other kinds of malware are inclusive of, but they are not limited to; spyware and virus. To a large extent, this happens to be one of the most frequent cybersecurity concern affecting businesses (Reshmi, 2021). This is more so the case given that that the deployment of the said malware happens to be rather lucrative. Reshmi (2021) indicates that of all the malware attacks that businesses encounter, most enterprises deem ransomware as being the most damaging or demanding from a financial perspective. Businesses that find themselves on the receiving end of ransomware often find themselves between a rock and a hard place with the choices in this case being either the loss of critical data or the payment of the sum demanded. It is important to note that to a large extent, crypto-currencies have enabled and/or facilitated ransomware attacks. This is more so the case given that thanks to crypto-currencies, cyber criminals can demand and receive ransom and leave no trace of their location or identity (Reshmi, 2021). According to the author, this makes it difficult to trace the said criminals. In addition to crypto-currencies, offenders also actively make use of platforms that are anonyimized to cover their tracks (Connolly and Wall, 2019). Also, as Connolly and Wall (2019) indicate,...…monetary losses, businesses have in the past suffered damaged reputation and lost productivity as a consequence of successful cyber-attacks. Romanosky (2016) indicates that multiple authors, agencies, as well as commentators have indicated that one of the greatest threats facing the country is cyber threats. Indeed, the White House (as cited in Romanosky, 2016) has in the past indicated that one of the most significant national security threats that the country faces today is cyber threats. Further, according to Comey (as cited in Romanosky, 2016) cyber threats happen to be of serious concern and could grow exponentially going forward. There are a number of policy interventions that have been deployed in the past in an attempt to reign in the challenge of cybercrime. One such intervention was the 2013 executive order signed by the president to ensure that the critical infrastructure of the nation was secured from these kinds of attacks. This particular executive order, as Romanosky (2016) indicates also called upon the National Institute of Standards and Technology (NIST) to come up with the relevant systems and structures to promote information security best practices. The all important question on this front remains; has significant progress been made in efforts to reduce instances of cybercrime? As has been indicated elsewhere in this text, available data indicates that instances of cybercrime, across all counters, have been on an upward trend over the last few years. This effectively means that there is need for more robust measures, on the policy front, to address this exponentially growing threat.
In my opinion, the government and its various agencies happens to be a crucial stakeholder in efforts to protect businesses and citizens from cybersecurity risks. Thus, the role of government is not only limited to securing critical infrastructure from the said threats. Any policy intervention to secure the nation ought to be anchored in cyber security laws that are substantive and robust.
There would also be need to weave the social strain theory into efforts to combat cyber threats via various policy measures. Interventions n this case ought to cognizant of the role that social pressures play in motivating persons to engage in cybercrime. As has been indicated elsewhere in this discussion, persons who engage in cybercrime are likely to have caved in to the expectations of peers, i.e. in as far as the deployment of their skills and capabilities in hacking activities is concerned. To a large extent, such behavior is in some scenarios considered pleasant and encouraged. With continued engagement in cybercrime, perpetrators of the said kinds of activities end up being held hostage by the shared values of hacking communities. There would be need to, thus, incorporate sensitization/education initiatives and rehabilitative factors into policy interventions meant to reign in this particular challenge. In as far as sensitization/education is concerned, learning institutions and various youth forums could be roped in to offer instruction on the nature, conduct, and harms of cybercrime. On the other hand, rehabilitative factors could seek to offer to reform those who have been engaged in various cybercrime activities, i.e. by inviting them into collaborative forums to explore ways to end the vice.
A policy initiative also ought to cognizant of the dynamic nature of technology. This is to say that it should factor in the fact that technology changes on a constant basis. Thus, provisions should be made for interventions to be refreshed from time to time so as to ensure that new formats of cybercrime are captured.
In the final analysis, there is also need for governments to embrace a collaborative format in their efforts to not only craft, but also deploy national cybersecurity defense strategies. Other key stakeholders with whom to collaborate are inclusive of, but they are not limited to, cyber security experts, businesses and enterprises, other governments, etc. This is especially given that as has been indicated elsewhere in this text, cybercrime is largely indiscriminative in its conduct. Further, it is transnational in nature. Collaboration would thus be instrumental in efforts to not only share intelligence on emerging threats, but also in knowledge-exchange about best approaches in efforts to combat the challenge.
Conclusion
Cybercrime has in this text been described as one of the key issues that organizations face today. It is clear from the discussion above that organizations continue to suffer from the actions of cybercriminals who have been keen to exploit various vulnerabilities so as to advance their nefarious agendas. Available evidence indicates that the situation could be getting worse. This is more so the case given that cybercrime has been on an upward trend across all the counters highlighted in this text. The counters that have been extensively discussed in this write-up are; ransomware, denial of service attacks (DoS attacks), data breaches/theft, and hacktivism. For this reason, the relevance of deploying strategies meant to reign in the challenge cannot be overstated. The need for robust policy interventions has been restated in this write-up. It is also clear from the discussion above that no policy interventions can succeed outside of a collaborative framework. Towards this end, the suggestion is made that all stakeholders be roped in at both the design…
References
Alexopoulou, S. & Pavli, A. (2021). ‘Beneath This Mask There is More Than Flesh, Beneath This Mask There is an Idea’: Anonymous as the (Super) heroes of the Internet? International Journal for the Semiotics Law, 34, 237-264.
Connolly, L.Y. & Wall, D.S. (2019). The rise of crypto-ransomware in a changing cybercrime landscape: Taxonomising countermeasures. Computer & Security, 87, 14-16.
Dolezel, D. & McLeod, A. (2019). Cyber-Analytics: Identifying Discriminants of Data Breaches. Perspectives Health Inf. Manag., 16(1a), 55-59.
Faruki, P., Bharmal, A., Laxmi, V., Ganmoor, V., Gaur, M.S., Conti, M. & Rajarajan, M. (2014). Android security: A survey of issues, malware penetration, and defenses. IEEE Communications Surveys & Tutorials, 17(2), 998-1022.
Galeano-Brajones, J., Carmona-Murillo, J., Valenzuela-Valdes, J.F. and Luna-Valero, F. (2020). Detection and Mitigation of DoS and DDoS Attacks in IoT-Based Stateful SDN: An Experimental Approach. Sensors, 20(3), 8-16.
Kumar, G. (2016). Denial of service attacks – an updated perspective. Systems Science & Control Engineering, 4(1), 285-294.
Monteith, S., Bauer, M., Alda, M., Geddes, J., Whybrow, P.C. & Glenn, T. (2021). Increasing Cybercrime Since the Pandemic: Concerns for Psychiatry. Curr Psychiatry Rep., 23(4), 18.
Moon, B., Blurton, D. & McCluskey, J.D. (2007). General Strain Theory and Delinquency: Focusing on the Influences of Key Strain Characteristics on Delinquency. Crime and Delinquency, 54(4), 582-613.
Khan, N., Yaqoob, I., Hashem, I.A., Inayat, Z., Ali, W.K., Alam, M., Shiraz, M. & Gani, A. (2014). Big Data: Survey, Technologies, Opportunities, and Challenges. Scientific World Journal, 24(6), 66-71.
Reshmi, T.R. (2021). Information security breaches due to ransomware attacks - a systematic literature review. International Journal of Information Management Data Insights, 1(2), 211-218.
Romanosky, S. (2016). Examining the costs and causes of cyber incidents. Journal of Cybersecurity 2(2), 121-135.
Sorell, T. (2015). Human Rights and Hacktivism: The Cases of Wikileaks and Anonymous. Journal of Human Rights Practice, 7(3), 391-410.
Soderberg, J. & Maxigas (2021). The Three Pillars of Functional Autonomy of Hackers. NanoEthics, 15, 43-56.
Willing, M., Dresen, C., Gerlitz, E., Haering, M., Smith, M., Binnewies, C., Guess, T., Heverkamp, U. & Schinzel, S. (2021). Behavioral responses to a cyber-attack in a hospital environment. Scientific Reports, 11(9), 78-83.
Cybercrime Modern Scam: A Summary of the Seven Most Threatening Scams of our Generation Intended Audience Cybercrime: Cybercrime is a serious threat to continued use and reliance on the internet. From bank accounts, to e-mail addresses and a myriad of password, if one is not careful, identity theft, account break-in, and other such cybercrimes can happen very quickly, and with incredibly negative repercussions. This paper will aim to summarize the study "The Seven Scam Types:
Cyber Crime Malicious activities like identity theft, harassment and phishing activities are conducted by the cyber criminals by making use of the anonymous context of the cyber world to their advantage. Phishing scams are conducted in such a manner by the scammers that websites are created by them and emails are sent out in order to trick the account holders into revealing sensitive information like passwords and account numbers. These crimes
Most of these systems should be programmed to prompt for username and password in order grant access. This is therefore a way of providing verification to the user. The passwords should be changed regularly in order to make the system more secure. The password should comprise of very hard- to- guess alpha numeric characters Organizational techniques of prevention In order to combat cyber crime, various governments and organizations should come up with special
In this scenario, "if a bad guy wants to take over an account, he'll have someone else speak in a different language in a different location, and that's all they do. Their expertise is calling financial institutions for social engineering" (Piazza 2006). According to Piazza (2006), cybercrime consists of any crime a person commits by using a computer or computer technology. He classifies various types of cybercrime into four
Cyber Crime Task Force "Are computer vulnerabilities growing faster than measures to reduce them? Carelessness in protecting oneself, tolerance of bug-filled software, vendors selling inadequately tested products, or the unappreciated complexity of network connectivity has led to…abuse…" (Lukasik, 2011). The evidence is overwhelming that cyber crimes are not only increasing each year, but the sophistication of the attacks is greater each year and the impacts of attacks are more severe each year
Part of the problem is that America's national crime reporting systems, such as the National Incident-Based Crime Reporting System and the Uniform Crime Report Program managed by the Federal Bureau of Investigation (FBI) in cooperation with thousands of U.S. law enforcement agencies, do not specifically identify or distinguish between many forms of online crimes. Nor do they effectively distinguish between traditional in-person forms of crime that are substantially facilitated