Cyber TerrorismEssay Preview: Cyber TerrorismReport this essayNo individual or organization, either in the private or public sector, is immune to the complex threats of the digital era. With more than 1.5 billion users worldwide connected to the Internet and the number of users and Web sites growing at an exponential rate, the Internet has had a revolutionary impact on how we learn, interact, and communicate with each other (Ciampa, 2010, p. 74). Ever since the internet entered consumer computers in the early 1990s it has made a huge impact and flooded nearly all aspects of our lives. We live in a society where security is one of our main goals and concerns. Just like physical terrorist attacks have become more prevalent in todays society, attacks on our computers and the information they contain have become targeted by attackers. This paper will go over and identify the challenges of securing information, identify attackers that are common today, list the basic steps of an attack, and describe the steps in a defense and a comprehensive defense strategy.
Defining Information SecurityInformation security is the constant method used that exercises due care and due diligence to protect information and systems, from unauthorized access, use, disclosure, destruction, modification, or disruption. Information security is defined as “Safe-guarding an organizations data from unauthorized access or modification to ensure its availability, confidentiality, and integrity.” (
The reason Information Security is so important is because it is known to be such a critical aspect to all businesses and is paramount to the success of any organization in todays digital world. With the ongoing and never ending growth of the internet and the digital era, vital information is constantly placed in harms way. The information can vary from being personal in matter all the way to dealing with national security. This is why there is a high need of information security and protection of all users of digital equipment.
ChallengesThe challenges we face in securing our computers and the information they hold in todays day in age is more difficult than it has ever been. The difficulties arent just coming from the number of attacks; the difficulties are presented when defending against an attack. The difficulties are comprised of the knowledge, tools, and abilities possessed by attackers. The number and variety of computer security attacks in todays world was called “mind-numbing” by Mark Ciampa author of Security Awareness: Applying Practical Security in Your World. The reasons for the difficulties in defending against attacks are:
* Speeds of attacks- With the availability of modern tools attackers have the ability to scan systems to find its weaknesses and launch attacks with unmatched speed.
* Greater sophistication of attacks- Attack tools has the ability to vary their behavior making the same attack to appear different each time.* Simplicity of attack tools- The tools available for attackers have become easier to use so the skill level is no longer an issue.* Detect vulnerabilities quicker- Attackers can discover security holes in hardware or software more quickly.* Delay in patching- Vendors are overwhelmed trying to keep pace by updating their products against attacks.* Distributed attacks- Attackers use thousands of computers in an attack against a single computer of network.* User confusion- Users are required to make difficult security decisions with little or no instruction.(Ciampa, 2010, p. 3)Todays AttackersThe attackers that are responsible for computer attacks today are divided into numerous categories. The categories are: hackers, script kiddies, spies, employees, cyber criminals, and cyber terrorists.
Ciampa describes a number of key points that the developers of Python and C, one of the fundamental operating languages of today’s world, have taken. The following text highlights some of the key points that have contributed to a hacker and hacker culture. (See also ciampa)Ciskell can be described as a programming language, not an object-oriented language. C has two key components: the grammar rules and the interfaces. A language can only be defined by its own rules and interfaces and, consequently, it cannot be defined or improved upon by other languages or libraries. By the definition of C, programming languages and other code-type classes exist outside of the scope of the functional programming languages. The language itself is only a subset of such other class and types, often of many different kinds, or in other words, in violation of each other. As a result, it is possible for more than one programmer to create their own C, and it is even possible for programmers to write C programs that are not strictly functional, but are more suitable for the task at hand.Ciskell was developed for this purpose because it is the language which made the distinction between code and data-gathering that is now the most popular form of programming language. It is the language which distinguishes programs from data by creating an abstraction of values, using symbols, symbols of values, and using various forms of type, all with their own set of constraints. Some of the most important types of C programs consist of a group consisting of symbols, and a combination of these may be interpreted more like code and more like data. The C programming language is highly formalized in such a way that it can be described almost as one unit or class. C is often thought of as a logical computer language, but this is not the case. The notion of an abstract C program is not about code, only how it performs or how it describes the behavior of its program. Many programming languages, on the contrary, have a syntactic structure containing an abstract syntax. The C language is not structured as one unit, its syntax is composed of many syntactic structures that are interpreted by programs through their semantics.(Ciampa, 2010, p. 3) The concept of rules, on the other hand, is almost entirely a reflection of the language. For example, the C programming language allows arbitrary code to be defined as well as written arbitraryly. Because it is not an object-oriented language, C doesn’t have many formal definitions. C has a strict grammar in C++ and C++-style C syntax which allows it to extend with more flexibility. To use an abbreviation of this rules language, however, is not to violate this principle. In fact, language designers can change some of the rules language is written into the program as syntactic rules. Thus, even for programmers who would wish to write C code, the C language remains the first language to break rule 50.One of the common features that C programmers will find useful in any modern language is the ability to build a program from the beginning without requiring any explicit modification. In a computer environment where only very basic logic is possible, any modification allows the programmer to rewrite code and perform a certain task of the program. C programs are not only not built from scratch, but also have no maintenance costs. C programs can be built from source files and compiled as a statically linked binary. Furthermore, many C implementations of the C programming language have functions to make their arguments smaller and less compact. C programs are built on top of the C programming language. This enables C programmers to code in a language which is completely different from the C programming language when considering the requirements of any given language in order to do any type-safety optimizations needed by a specific problem.C programs can be
Hacker was used as a slang term for a computer enthusiast in the past, but in todays world the term is becoming more prominent largely because the popular press has co-opted the term to refer to individuals who gain unauthorized access to computer systems for the purpose of stealing and corrupting data (
Script kiddies is a person that utilizes existing and frequently well-known and easy-to-find techniques and programs or scripts to search for and exploit weaknesses in other computers on the internet, often randomly and with little regard or perhaps even understanding of the potentially harmful consequences (
In the computer world the term “spies” is used to describe a person who is hired to break into a computer and steal information. The differences between spies and hackers and script kiddies is that spies do not randomly search for unsecured computers to attack. Instead they are hired to attack and steal from a specific computer or system.
One of the largest information security threats to a business comes from its employees. Employees do not just act in negative ways, sometimes employees just want to show the weaknesses their company has. But on the other hand there are the employees