Cyber Security Update
Cyber Security Update

Cyber Security Update.

As a formality, let’s start out with a definition of “hacking”.

Hacking is when an individual uses an electronic device, usually a computer, to obtain unauthorized access to information or data.

Although hack attacks are always upsetting, not all cause irreparable harm. It’s true some hack attacks are meant to hurt and destroy, but others are plain acts of impishness. Outside of the virtual world, the latter must feel like having burglars break into your home and re-arrange your furniture but not actually steal anything, which makes the intrusion all the more puzzling. If you’ve experienced a hack attack that wounded only your sense of pride and privacy, your reaction was probably to wonder, why? What is the motivation behind hacking? What should I do to prevent this from happening again?

There are many different motivations for individuals to hack into other systems. Here is a list we’ve come up with to explain a hacker’s motivations, ranging from petty to criminal:

Love – suspicious of infidelity? Many individuals will hack into their partner’s personal computer or cellphone to find any incriminating information. The most common examples would be the infiltration of a partner’s social media page, e-mail, and text messages.

Reputation – hackers known as “Script Kiddies,” are individuals who want to gain or impress fellow hackers. Generally, they will deface websites to make a name for themselves.

Freedom – activists (also referred to as “Hacktivists”) who believe that all information should be accessible to everyone. They’re motivated by the belief that information should be monitored by the people in order to prevent wrongdoing from government and large corporate entities. WikiLeaks is a prime example of hacking into national security information, obtaining the information, and releasing it to an open source for all to view.

Monetary – hack into computer systems like ATM machines, banking systems, company systems, and personal computers to steal credit card and banking information with the expectation of obtaining monetary compensation.

Corporate – hackers that were hired by corporations to penetrate the competition’s systems and steal information like trade secrets, upcoming projects, and client lists. This is a sub-category of monetary motivation because the hacker’s interest is to serve their customer and get paid for their services.

Political – usually taking the form of cyber-terrorism, these hackers are motivated by their political ideals to make a point by disrupting operations and infrastructures. The hacking of entertainment giant Sony over the controversial film The Interview is a prime example. Hackers gained unauthorized access into the company’s system, and stole private company and employee information.

Preventive measures

Assess and evaluate – always assess and evaluate system, program, and network securities and the level of Internet exposure.

Surveillance – actively monitor all electronic systems. Report any suspicious behavior.

Enforcement – all companies and individuals should enforce account lockout and password complexity. Make sure to implement norms for account lockout after a certain amount of login fails to prevent the testing of thousands of possible password combinations.

Configuration of all systems – configure all software and operating systems to increase security.

Patch up all systems – sometimes systems have vulnerabilities or holes and it is necessary to keep track of and update all security “patches.”

Firewall – make sure there is a firewall in place for all systems, programs, and network to all the scanning, detection, and blocking of suspicious activities. At a minimum, have a filtering firewall to enforce security over the internet.

Encryption – always try to encrypt connections.

Security solutions plan – every company (and individual!) needs to have in place a plan for particular situations. This includes setting up a security solutions plan when accounts have been already hacked into. Some components that should be addressed in this plan: steps that need to be take once there has been a hacking, recovery method, contact information of web provider, and available resources.

Resources

Here are a few resources we recommend:

  1. Computer Crime Statutes (2014). NCSL: National Conference of State Legislatures. Retrieved January 29, 2015 from http://www.ncsl.org/research/telecommunications-and-information-technology/computer-hacking-and-unauthorized-access-laws.aspx
  2. How to protect your computer. (n.d.). Scams and Safety. FBI: Federal Bureau of Investigation. Retrieved January 29, 2015, from https://thebestvpn.com/internet-safety-guide/
  3. Library of Resources for Industrial Control System Cyber Security (2015). SCADAhacker. Retrieved January 29, 2015 from https://scadahacker.com/library/
  4. Fact sheet 36: Securing your computer to maintain your privacy. (2014). Privacy Rights Clearinghouse. Retrieved January 29, 2015 from https://www.privacyrights.org/securing-your-computer-maintain-your-privacy
  5. Sophos Threatsaurus: The a-z of computer and data security threats. (2012). Sophos and Sophos Anti-Virus. Sophos Limited and Sophos Group. Retrieved January 29, 2015, from http://www.sophos.com/medialibrary/PDFs/marketing%20material/sophosthreatsaurusazen.pdf

References

  1. Hacking attacks – Prevention. (n.d.). Crucial Paradigm. Retrieved January 29, 2015, from http://www.crucialp.com/resources/tutorials/website-web-page-site-optimization/hacking-attacks-prevention/
  2. Rose, J. (2014). Defensive hacking: How to prevent a brute force attack. One Month: A blog on accelerated learning. Retrieved January 29, 2015, from https://onemonth.com/defensive-hacking-how-to-prevent-a-brute-force-attack
  3. Sherweb. (2010). What motivates hackers? Hacking the hacker’s mind. SherWeb. Retrieved January 29, 2015, from http://www.sherweb.com/blog/what-makes-hackers-hack-hacking-the-hackers-mind/
  4. Siciliano, R. (2011). 7 Types of hacker motivations. MacAfee: Blog Central. Retrieved January 29, 2015, from https://blogs.mcafee.com/consumer/family-safety/7-types-of-hacker-motivations

Leave a Comment