Online activities have been increasing exponentially from more people and organizations using various Internet platforms to store / retrieve information. This has lead to a sharp rise in the number of individuals, groups and governments who are seeking to steal sensitive data. The long term effects are that it is changing the way everyone interacts with each other. This has the potential to have negative implications on society and the world as we know it. To deal with these kinds of challenges, a new approach must be utilized that can adjust with the new threats and effectively mitigate them. The cyber firewall is a tool that can improve our ability to prevent these incidents and ensure that all information is safeguarded. To fully understand the scope of the problem requires examining different threats, the tools used and how cyber firewalls are an integral part of dealing with these challenges over the long term. Once this takes place, is when we show how this type of protocol will assist individuals and organizations in comprehending / preventing the numerous threats they are facing.
Cyber Firewalls
Online activities have been increasing exponentially from more people and organizations using various Internet platforms to store / retrieve information. This has lead to a sharp rise in the number of individuals, groups and governments who are seeking to steal sensitive data. The long-term effects are that it is changing the way everyone interacts with each other. This has the potential to have negative implications on society and the world as we know it. To deal with these kinds of challenges, a new approach must be utilized that can adjust with the new threats and effectively mitigate them.
The cyber firewall is a tool that can improve our ability to prevent these incidents and ensure that all information is safeguarded. To fully understand the scope of the problem requires examining different threats, the tools used and how cyber firewalls are an integral part of dealing with these challenges over the long-term. Once this takes place, is when we show how this type of protocol will assist individuals and organizations in comprehending / preventing the numerous threats they are facing.
Introduction
Over the last several years, the Internet has become an increasingly dangerous place for storing information. This is because large criminal enterprises have developed which are designed to steal information and utilize this for their own benefit. According to Interpol, these activities have become so common that this accounts for $1 trillion in lost data and information. That can be used by these groups for conducting a number of activities including: identity theft, obtaining access to bank accounts and making erroneous charges on someone's credit cards. (Glass, 2013)
To make matters worse, many organizations and individuals have begun to utilize cloud computing as way to store and access their information. This is a basic model that allows someone to retrieve their data utilizing the Internet vs. traditional servers or software packages. These platforms are becoming increasingly popular as way to store larger amounts of information at a fraction of the costs. In 2014, it is estimated that 60% of firms and individuals will be using this to access, store and recover their most critical information. ("Definition of Cloud Computing," 2013) (Ingthorsson, 2011) (Glass, 2013)
For criminal organizations, this is providing them with the opportunity to be able to quickly access this data and continue to utilize it for their own benefit. This is because they can easily break into these virtual servers and have numerous pieces of sensitive information available to them. To deal with these kinds of threats, requires adjusting the tools that are utilized to protect individuals and organizations against these kinds of attacks. This means using a new strategy that can address these issues and effectively mitigate the problem. (Glass, 2013)
The best approach is to use what is known as a cyber firewall. This is a firewall that is extended to the Internet, in order to prevent rouge elements from accessing any kind of personal or delicate information. To fully understand how this can be applied and the way it will enhance security in the future requires examining the overall scope of the problem, the mechanisms that are used and the best strategies for addressing these kinds of challenges. Together, these elements will highlight the most effective approaches for utilizing these tools to increase safeguards. ("Cyber Security," 2012)
The Overall Scope of Cyber Attacks
Cyber attacks will occur on different levels. This is because various individuals and groups will have contrasting objectives they are seeking to achieve from these activities. In some cases, this means that they will steal personal information such as: bank accounts, social security numbers and credit information. This is used by these groups to quietly launder money from unsuspecting individuals and organizations. Once they realize what happened, is when it is too late to do anything. This will result in them taking some kind of loss which is impacting their lives or the organization itself. As it will require months of sorting out what happened and contacting different creditors about these issues. (Ackerman, 2013)
Another objective of cyber attacks is to directly go after organizations or individuals in order to steal the intellectual property they possess. These groups can use this information to give them or someone they are working for a strategic advantage. That is helping to address their critical needs and become the first to introduce new ideas on various products / services. (Ackerman, 2013)
The third area where cyber attacks are taking place is through different countries seeking to steal information which is critical to national security interests. This is because they want to understand vulnerabilities and utilize them at some point to take advantage of new conflicts. A good example of this can be seen in a recent report from the Pentagon about how China is responsible for nearly 90% of all cyber attacks directed at U.S. government facilities and contractors. In it, military officials claim how the Chinese government has created various teams. That is involved in these activities and who are focused on seeking out a variety of information against American interests. (Ackerman, 2013)
Evidence of this can be seen with the report saying. "In 2012, numerous computer systems around the world, including those owned by the U.S. government, continued to be targeted for intrusions, some of which appear to be attributable directly to the Chinese government and military. China's primary goal is stealing industrial technology, but many intrusions also seemed aimed at obtaining insights into American policy makers' thinking. The same information-gathering could easily be used for building a picture of U.S. network defense networks, logistics and related military capabilities which could be exploited during a crisis. China has now leapt into the first ranks of offensive cyber technologies. It is investing in electronic warfare capabilities in an effort to blind American satellites and other space assets, and hopes to use electronic and traditional weapons systems to gradually push the United States military presence into the mid-Pacific nearly 2,000 miles from its coast." (Sanger, 2013)
This is illustrating how a number of governments are actively involved in stealing information. That can be used to support their national security interests. At the heart of their strategy, is to create cyber teams which will purloin sensitive data and give them insights about various capabilities. When this happens, they can utilize it to gain a greater understanding of vulnerabilities and exploit them for their own benefit. (Ackerman, 2013) (Sanger, 2013)
The general population should be concerned about the overall scope of these threats for a variety of reasons. First of all, the increase in cyber related attacks means that personal information has the possibility of it being compromised from an individual or group stealing it directly. They can use this data to for conducting identity theft, running up lines of credit or taking money out of bank accounts unknowingly. Second, various intellectual ideas can be stolen. This will impact commerce and the various legal protections of critical information which are in place (such as: patents). Third, these issues will potentially affect the balance of power in different regions. As rouge nations can use this to challenge Western interests around the world and increase the odds of major conflicts erupting. (Ackerman, 2013) (Sanger, 2013)
The Mechanisms that are Used
There is a large black market which is used for purchasing the necessary tools in conducting a cyber attack. The most notable include: zero day and Zeus. Zero day is when hackers will use this program to access a variety of vulnerabilities inside different computer systems through malware. This is a program that can disrupt the operating files and trick the computer into thinking that everything is normal. (Magnuson, 2013)
However, it actually allows hackers to quietly infect a system with a virus and conduct their operations anonymously. These kinds of tools were used by the U.S. To attack an Iranian nuclear facility in 2009. In this case, the objectives were to create confusion by allowing them to think that they were processing uranium in the centrifuges. Yet in reality, they were not working properly and making the facility in capable of achieving these objectives. These same kinds of tools are now available to hackers and criminal organizations. In these kinds of situations, they are concentrating on utilizing them to quietly gain access to various industrial targets and have access to sensitive information of unsuspecting individuals or organizations. (Magnuson, 2013)
This is having a significant impact on society and the systems they are using to conduct a number of routine activities. The problem is that most people are unaware about what is happening and will often discover these issues after it is too late. To make matters worse, many organizations are utilizing these tools to quietly steal information from various institutions such as banks. This enables them to take personal data and large denominations of currency without anyone realizing what is happening. (Magnuson, 2013)
In the future, this can be used by terrorists or rogue stakes to attack vulnerabilities without having a physical presence inside a particular location. This is problematic, as these kinds of issues could lead to wide spread disruptions with no one knowing or understanding where it came from. For example, if a terrorist group was able to master this tool, they could utilize it to attack Western power grids. (Magnuson, 2013)
This would create significant amounts of disruptions without having anyone being able to trace what is happening directly. When this occurs, there is a realistic possibility that they could shutdown the economy and disrupt trade for significant amounts of time. These kinds of scenarios are becoming more realistic with this tool being readily available over the Internet. (Magnuson, 2013)
In other cases, this application could be used to attack a cloud network and gain access to large amounts of data. This information will help criminal groups to obtain entire profiles on people and organizations. They have the option of going to various institutions and laundering money over long periods of time. Once this is detected, no one will know or have any idea about what is happening until it is too late. (Magnuson, 2013)
Zeus is another tool which is used to speed up the vulnerabilities of web sites, servers and other infrastructure to attack. The way it works is this program allows someone to launch prewritten assaults against computer networks without the sophistication of experienced it professionals. Instead, it is basically a self-help guide, which can create code that mirrors those utilized by firms and other organizations. ("Cyber Attack Tool Kits," 2011)
It tricks the system into thinking that this is a legitimate user who is trying to access it. Once they are in, is the point when these vulnerabilities are exploited with them uploading a malware or Trojan horse. Hackers can then have unlimited access to different files and will circumvent various firewalls (without having to worry about anyone knowing or realizing what they are up to). ("Cyber Attack Tool Kits," 2011)
In the past, this has been used by many to conduct different kinds of cyber attacks by making it appear as if someone from the organization is trying to log in. However, once they are given access, is the point they will use these vulnerabilities for their own benefit. Over the last three years, this tool has been one of the primary factors behind a number of high profile breaches inside various organizations. ("Cyber Attack Tool Kits," 2011)
For instance, in one particular case, hackers were able to access the records of two different financial institutions. Zeus allowed them to trick the system into thinking that they were legitimate individuals from these firms. However, once inside, is when they were able to steal over $70 million dollars without anyone knowing. This is problematic, in showing the overall scope of the vulnerabilities and the potential threats on others. ("Cyber Attack Tool Kits," 2011)
The likely impact this will have on society is to create a shift in how security procedures are utilized and the kinds of countermeasure which are in place. This means that more safeguards and checks must be used in conjunction with additional amounts of monitoring. If this can occur, organizations will not be as vulnerable to these kinds of threats. ("Cyber Attack Tool Kits," 2011)
You’re 82% through this paper. Sign up to read the full paper.
Sign Up Now — Instant Access Already a member? Log inAlways verify citation format against your institution’s current style guide requirements.