Beginning in the 1970s, the exploration of then-emerging
telecommunications technology began. The first modern day hackers appeared as
they attempted to sidestep the system by making free phone calls, a practice
that was defined as "phreaking”, pioneered by John Draper, a.k.a. Captain
Crunch. Draper was later arrested and convicted on charges related to his
nefarious phreaking activities multiple times. By 1986, malware, in the form of
the first virus, "Brain", took shape, the same year that the Computer
Fraud and Abuse Act was instituted. It prohibits unauthorized access or damage
of protected computers. Two years later, the Morris worm followed, named after
Robert Morris. The virus was so severe and spread so rapidly that it
successfully shut down much of the internet. The Morris worm was a landmark
incident as the first widespread instance of a denial-of-service (DoS),
cybersecurity attack. Fortunately, due to the infancy of the internet at the
time, the impact was not as devastating as it would have been today. But it
paved the way for the numerous kinds of security issues that have emerged in the
decades since. A computer hacker and fugitive named Kevin Poulsen, was featured
on America's Most Wanted, and was arrested in 1991. However, since his release
from prison, he reinvented himself as a journalist and contributed to the online
computer security news portal SecurityFocus. In the years to follow, viruses and
attacks such as backdoors, denial-of-service attacks, direct-access attacks,
eavesdropping, spoofing, tampering, privilege escalation, phishing, clickjacking,
and social engineering all emerged.
The first decade of the 21st Century saw malicious Internet
activity become a major criminal enterprise, as adware and spyware emerged with
programs such as Conducent, TimeSink, Aureate/Radiate and Comet Cursor. Malware
also appeared, with big-name threats such as Code Red, Nimda, Welchia, Slammer
and Conficker all wreaking havoc on unprotected machines. AOL suffered through
the first real phishing attacks, with fraudsters stealing users' credentials.
Today, phishing attacks have become increasingly mainstream, with online banking
and social networking sites. Zero day attacks, ransomware, rogue antispyware,
clickfraud, government attacks, and other attacks have all made their mainstream
debut in the current decade.
The Morris worm and other early nuisance attacks ultimately
led to the development of the security industry including the establishment of
CERTs (Computer Emergency Response Teams) for coordinating responses to these
kinds of emergencies, and preventative and detective security products. There
has also been further development of antivirus technology in order to spot the
signature of the virus and prevent it from executing. These threats have played
an integral role in driving the awareness of computer users of the risks of
reading emails from untrusted and unreliable sources and opening their
attachments (which lead to the establishment of spam). Companies began to
realize that if viruses were to spread from corporate email accounts, questions
about the security and integrity of that company would likely be brought into
the public eye.
Importance
of Cybersecurity
Cybersecurity is one of the most urgent issues of today,
with computer networks always being targeted by criminals. The danger of cyber
security breaches will only increase as these networks expand. The necessity of
strong cybersecurity measures is self-evident. In recent years, there has been a
proliferation of cyberattacks that have wreaked havoc on companies, governments
and individuals. One of the most problematic and insidious elements of
cybersecurity is the quickly and constantly evolving nature of security risks.
Cyber risk has been established at the top of the international agenda, as
high-profile breaches (i.e. WikiLeaks) have raised fears that hack attacks and
other security failings could endanger the global economy.
The U.S. federal government has allotted over $13 billion
annually to cyber security since late 2010. The Global Risks 2015 report stated
that 90 percent of companies worldwide recognize they are insufficiently
prepared to protect themselves against cyber attacks. Cyber crime (explained in
further detail in Chapter 3) costs the global economy over US$400 billion per
year, according to the Center for Strategic and International Studies.
Furthermore, in 2013, approximately 3,000 companies in the United States had
their systems compromised by criminals. High-profile US retailers Target and
Home Depot were among many organizations that has lost customer data and credit
card information. In other companies, money from accounts have been stolen,
industrial espionage has occurred, and in some cases, the cyber thieves even
took over company systems and demanded ransom money to unlock them.
Governments and businesses around the world are constantly
searching for better cyber defense strategies. For instance, the European
Network and Information Security Agency held a cyber security exercise in
October 2014, involving 29 countries and more than 200 organizations. This
included government bodies, telecoms companies, energy suppliers, financial
institutions and Internet service providers. Other sensible precautions can be
taken by organizations to minimize losses from cyber criminals. With proper
levels of preparation and specialist assistance, it is possible to control
damages, as well as recover from a cyber breach and its consequences. Due to
growth and impact of social media and other technological innovations, we live
in an increasingly networked world, from personal banking to government
infrastructure. Cyber threats constantly take aim at secret, political,
military, or infrastructural assets of a nation, or its people. Therefore,
cybersecurity is a critical part of any governments’ security strategy;
protecting these networks is paramount.
The combination of technical factors, increased human
activity, and notable events (such as our recent presidential election) have
provided a critical moment in efforts for cybersecurity. The field is growing
rapidly in importance due to increasing reliance on computer systems and the
Internet in most societies, wireless networks (i.e. Bluetooth and Wi-Fi ), and
the growth of "smart" devices (smartphones, televisions, tablets,
etc.) To secure a computer system, it is important to understand the attacks
that can be made against it, and these threats can be classified into numerous
categories.
Much needed information
ReplyDelete