How Serious Are Cyber-Security Threats - Coursework Example

How Serious Are Cyber-Security Threats? 1.0 Introduction As cybersecurity threats represent the foundational aspect of this exploration, it is important to clarify the term. Von Solms and Van Niekerk (2013) advise the term is also referred to as information technology security that consists of the techniques used to protect computers, computer networks, programs along with data from attacks or unauthorised access that can be utilised for the exploitation of varied types. Threats in this context can emanate from a number of sources. These can consist of governments, terrorists, employees that are disgruntled, organised crime, industrial spies as well as intruders with none of these affiliations (Gupta et al, 2016). This exploration will delve into varied facets of cyber security and threats to bring forth the impact of this area concerning governmental and non-governmental areas, how these affect government relations internationally, varied cybersecurity breaches and analytical evaluation of breaches and their repercussions. 2.0 Cybersecurity threats and how they relate to nongovernment organisations as well as governments 2.1 Cybersecurity Non-governmental /Government Sector Threat Overview Instances regarding cybersecurity threats have broad-ranging impacts. The following table provides a look at governmental and non-governmental examples; Table 1 - General Government and Non-government Threat Table Classifications (1 of 2) Table 1 - General Government and Non-government Threat Table Classifications (2 of 2) (Government Accountability Office, 2010, p. 5) In the private sector, cybersecurity threats can be aimed at the financial sector. There is also industrial espionage and other instances. In the private sector, the most common threats represent compiling individual account information for identity theft as well as attacks on banks (Choo, 2011). The types of private sector cybersecurity threats are varied, with financial gain representing the prevalent type, however, industrial espionage is also a highly active area. From the standpoint of comparison, cybersecurity breaches and intrusions in the governmental and non-governmental sectors have similar undercurrents, to obtain access to data that can be used for intelligence, information and competitive gains (Pawlak and Wendling, 2013). 2.2 The Diverse and Complex Government Cybersecurity Arena In terms of governments, the reasons are more complex and diverse. Broadhurst et al (2014), as well as Abomhara (2015) and other sources, state there is a broad range of reasons why governments engage in cybersecurity intrusion. Abomhara (2015) advises that gaining access to the systems of other governments can represent a source of national security. This examination does not make a distinction in terms of sides (the United States, European, Chinese, Russian, Iran, etc.) since this is not a political analysis. As an example, the United States Intelligence Community represents a federation of sixteen separate government agencies that undertake intelligence activities in support of national security and foreign policy (Richelson, 2015). The Federal Security Service of the Russian Federation is the US counterpart that conducts counterintelligence, surveillance, state policy and allied activities (Taylor, 2011). In China it is the Ministry of State Security (Lu, 2018), the Ministry of Intelligence in Iran is another example (Nader, 2010), and in the UK it is MI5 as well as the Office for Security and Counter-Terrorism along with other agencies (Miller and Sabir, 2012). Every government has these types of agencies. Some, as can be deduced, are larger and better financed than others. These agencies conduct varied activities that are shielded from public scrutiny since there are varied threats such as military secrets, information gathering and other areas that are useful in gaining an intelligence advantage (Wilensky, 2015). As a result, governments (US, Russia, China, UK, Japan, etc.) have always carried out activities to collect information (Amoroso, 2012). This can represent military weapons, spy activities, the status of their information gathering activities (Sigholm and Bank, 2013), as well as potential currency manipulation such as China’s activities as reported in Forbes Magazine that represents billions in trade advantages due to pricing (Mauldin, 2017). 3.0 How this affects international relations between governments 3.1 The Broad Spheres of Involvement As brought forth in the prior segment, there are varied reasons why governments engage in cybersecurity activities. Global international relations, geopolitical aspects, industrial competitiveness and its importance to national economies, regional natural resources, terrorism and other areas represent segments of a very broad sphere of involvement (Marsh and Mackensteirn, 2014). A key example represents the activities of U.S. citizen Edward Snowden, a computer professional who had worked for the Central Intelligence Agency and who also was a former contractor to varied agencies (Lucas, 2014). He copied and leaked varied highly classified documents on U.S. cybersecurity programmes that revealed widespread surveillance activities on the part of the United States that included the UK, Canada and Australia (Lucas, 2014). China and Russia offered Snowden asylum as his disclosure that brought forth U.S. complicity in terms of government cyberspying (Lucas, 2014). The above is not an isolated incident as China has initiated cyber attacks on all sectors of the U.S. economy that included Google, Lockheed Martin, varied government agencies and the military (Windrem, 2015). A report by the U.S. National Security Agency (NSA) revealed the extent of these attacks exceeded over 700 incidents (Windrem, 2015). In another example, Russia was accused by the US and the UK for cyber attacks against these countries and on a global scale (MacAskill, 2018). This ranged from intelligence intrusions, espionage, and network attacks that went undetected for months (MacAskill, 2018). 2.2 International Implications These examples represent a few of a very broad range of incidents that has been ongoing for decades (Kshetri, 2014). The World Conference on International Telecommunications (WCIT-12) adopted in 1988 and was amended in 2012 is an international example of the tensions between governments over cybersecurity threats (Fidler, 2013). The Treaty amendment sought to provide controls over the oversight of cyberspace that the U.S. Australia, Canada, Japan, India and some countries in the European Union and fifty-five other countries opposed (Fidler, 2013). Eighty-nine countries that included Russia, China, Iran, and Argentina signed this revised Treaty (Fidler, 2013). This provides insight concerning the extent of tensions in this area on a global scale. Cybersecurity and attacks represent the new cold war where information represents a means to obtain highly important information that can have implications on economies, military activities, finance, and other areas (Molander et al, 2018). The new global landscape represents one where finance and information are the new powers. The Snowden incident is seen by some as a U.S. response to this escalating information battleground that is a behind the scenes activity despite denials from governments regarding their involvement. It has become a source of escalating geopolitical tensions where governments seek to deny involvement in the face of proof as well as suspicions that threaten international cooperation (Rid and Buchanan, 2015). 4.0 Specific instances of cybersecurity breaches of critical infrastructure, eg: STUXNET virus, British healthcare system, Equifax etc. 4.1 Broad Reaching Implications In a report by The Organisation of American States (2015), it announced “the OAS adopted the “Declaration on the Protection of Critical Infrastructure from Emerging Threats”. It stated, “These instruments are critical for the promotion of cybersecurity policies to improve cybersecurity in critical infrastructure in the Americas” (The Organisation of American States, 2015, p. 1). In a broader assessment, The Ponemon Institute (2018), a globally recognised cybersecurity firm, reported 70% of surveyed critical infrastructure companies had undergone a security breach (infosecurity, 2014). 4.2 STUXNET Virus Intrusions An example of an important security breach is the STUXNET virus that was thought to be developed in 2005 and used in 2009 against Iran’s nuclear program (Kushner, 2013). The virus targets the programmable logic controllers in electromechanical processes used in machinery (Kushner, 2013). In the Iran instance, these electromechanical processes represented the centrifuges that are used to separate nuclear material (Kushner, 2013). The STUXNET virus sped up the centrifuges that resulted in them tearing themselves apart (Kushner, 2013). The virus was installed using infected USB drives that were used by the service companies working on the Iranian nuclear programme (Kushner, 2013). There are other instances of this virus at varied German firms and at U.S. Chevron (Kushner, 2013). 4.3 British NHS Ransomware Attack In 2017, the British healthcare system, NHS, was crippled in a cyber attack that affected almost 100 counties in the country (Bodkin et al, 2017). The reason for the attack was to collect ransom to restore the system (Bodkin et al, 2017). It was claimed that a hacker group known as Shadow Brokers that has connections to Russia stole the cyber tools of Microsoft from the U.S. National Security Agency to develop the ransomware (Bodkin et al, 2017). 4.4 The Equifax Breach and Private Sector Examples The widely published Equifax credit card firm in the US was breached in 2017 and this attack compromised an estimated 143 American credit card holders (O’Brien, 2017). These records contained sensitive information on the financial activities and identifying information of these accounts that was one of the largest of this type (O’Brien, 2017). Most private sector cyber attacks are aimed at obtaining personal account information that permits criminal organisations to access credit card and bank accounts (O’Brien, 2017). A review of the largest private sector attacks provides a perspective on their reasons: Table 2 - Largest Private Sector Cyber Breaches (Forbes, 2015) The above are selected examples that indicate the vulnerability of information security. 5.0 Constructing an analytical evaluation of cybersecurity breaches and the repercussions that resulted 5.1 Understanding General Cybersecurity Parametres In terms of cybersecurity breaches, Purdy (2010) advises that in general, a systematic cyber security analysis consists of three steps comprised of the identification of scenarios, the likelihood of an attack, and effect analysis. Abdo et al (2018, p. 176) state that “In general, safety is associated with accidental risks caused by component failures, human errors or any non-deliberate source of hazard, while security is related to deliberate risks originating from malicious attacks which can be accomplished physically or by cyber means.” 5.1 Understanding the STUXNET Intrusion STUXNET is thought to be the cooperative work of U.S. and Israeli experts to destroy and delay Iranian nuclear enrichment efforts that were threatening stability in the region (Kushner, 2013). It represents an approach to potential terrorist policies by using sophisticated intrusions to circumvent threats (Kushner, 2013). Access to Iran’s nuclear programme used inflected pen drives that technicians from contractor companies brought with them to perform varied tasks (Kushner, 2013). The breach destroyed Iran’s centrifuges and whilst (at the time), it was not known who was behind the attack, the repercussions impacted Iran more than the U.S. and Israel since Iran’s ambitions were severely delayed. 5.2 Danger of Outmoded Operating Systems - The British NHS The UK NHS healthcare attack exposed the consequences of using older Windows-based operating software (in this case XP), whose code was stolen from the U.S. National Security Agency (KMPG, 2017). The weakness was the use of outdated Microsoft operating software and not rotating system access codes to the database (KMPG, 2017). This permitted hackers to write a code that enabled them to shut down the NHS system as well as access patient accounts. The repercussions in this instance was a loss of public trust in the government’s ability to handle cybersecurity risks, an exposure of system vulnerability that could and did compromise patient records and the ability of doctors to access vital records (KMPG, 2017). More importantly, it indicated that the UK government was not prepared to deal with system intrusions that exposed its laxity in terms of security protocols. 5.3 Repercussions of Poor Design – The Equifax Breach The Equifax breach has been deemed in the post-evaluation phase as one that could have been avoided (O’Brien, 2017). It was found that access to the system was gained through a poorly designed web application that lacked proper firewall protections (O’Brien, 2017). The repercussions were and still are enormous since it is not known how access to data is being used. This incident has severely damaged the reputation of Equifax, however, the most intriguing aspect is that those affected (meaning consumers) have no way to protect themselves in the post-attack environment as the damage has already been done. The true extent in terms of the financial damage may never be fully known since it is difficult to ascertain how the data will be used or combined with other sources. 6.0 Conclusion This exploration of the seriousness of cybersecurity threats uncovered that the information age and the reliance on computer programmes have created a situation where sensitive information can be accessed or breached in a number of ways. This can entail remote access measures or direct incursions as demonstrated by the use of pen drives to install the STUXNET virus. In terms of the private as well as the government sector and companies, they are both exposed to varied attacks that represent obtaining classified information which can result in a business competitive edge or national security exposure. The research has found that industrial espionage, financial data incursions, and national security are all critical concerns as any of these areas can represent dangers to a nation’s national security. Whilst the extent and degree of these attacks in the private and government sectors are denied by governments that have not been exposed, it is difficult to conceive how countries can avoid involvement in information gathering as a means to protect their interests. The above might seem to indicate that the ends justify the means. Considering the impact of billions in financial accounts that suffer from intrusions, the activities of governments to gain national security advantages, denial has become the operative measure. In terms of tensions, research indicates that this is a war of words to point the finger at intrusions that have been discovered rather than indignation at efforts which governments themselves are secretly using themselves. References Abdo, H., Kaoukm M., Flau, J., Masse, F. (2018) A safety/security risk analysis approach of Industrial Control Systems: A cyber bowtie – combining new version of attack tree with bowtie analysis. Computers and Security. 72(3), pp. 175-195. Abomhara, M. (2015) Cyber Security and the Internet of Things: Vulnerabilities, Threats, Intruders and Attacks. Journal of Cyber Security and Mobility. 4(1), pp. 65-88. Amoroso, E. (2012) Cyber attacks: protecting national infrastructure. Boston: Elsevier. Bodkin, H., Henderson, B., Donnelly, L., Mendick, R., Farmer, B. (2017) Government under pressure after NHS crippled in global cyber attack as weekend of chaos looms. (online) Available at (Accessed on 7 June 2018) Broadhurst, R., Grabosky, P., Alazab, M., Bouhours, B., Chon, S. (2014) An Analysis of the Nature of Groups engaged in Cyber Crime. International Journal of Cyber Criminology. 8(1), pp.1-20. Choo, K. (2011) The cyber threat landscape: Challenges and future research directions. Computers and Security. 30(8), pp. 719-731. Fidler, D. (2013) Internet governance and international law: the controversy concerning revision of the international telecommunication regulations. (online) Available at (Accessed on 7 June 2018) Forbes (2015) The Top 10 Security Breaches Of 2015. (online) Available at (Accessed on 7 June 2018) Government Accountability Office (2010) Critical Infrastructure Protection. (online) Available at (Accessed on 7 June 2018) Gupta, B., Agrawal, D., Yamaguchi, S. (2016) Handbook of research on modern cryptographic solutions for computer and cyber security. Hershey: Information Science Reference Series. Infosecurity (2014) 70% of Critical Infrastructure Organizations Suffered Breaches in the Last Year. (online) Available at (Accessed on 7 June 2018) KMPG (2017) Healthcare and Cyber Security. (online) Available at (Accessed on 7 June 2018) Kshetri, N. (2014) Cybersecurity and International Relations: The U.S. Engagement with China and Russia. (online) Available at (Accessed on 7 June 2018) Kushner, D. (2013) The real story of stuxnet. (online) Available at (Accessed on 7 June 2018) Lu, N. (2018) The dynamics of foreign-policy decisionmaking in China. New York: Routledge. Lucas, G. (2014) NSA management directive# 424: Secrecy and privacy in the aftermath of Edward Snowden. Ethics and International Affairs. 28(1), pp. 29-38. MacAskill, E. (2018) US and UK blame Russia for 'malicious' cyber-offensive. The Guardian. 16 April. pp. 4-6. Marsh, S., Mackensteirn, H. (2014) The International Relations of the EU. London: Routledge. Mauldin, J. (2017) Chinese Currency Manipulation Could Become A Global Problem in 2017. (online) Available at (Accessed on 7 June 2018) Miller, D., Sabir, R. (2012) Counter-terrorism as counterinsurgency in the UK 'war on terror'. In Poynting, S., Whyte, D. Counter-Terrorism and State Political Violence: The 'war on Terror' as Terror. London: Routledge. Molander, R., Riddile, A., Wilson, P. (2018) Strategic Information Warfare: A New Face of War. (online) Available at (Accessed on 7 June 2018) Nader, A. (2010) The Revolutionary Guards. (online) Available at (Accessed on 7 June 2018) O’Brien, S. (2017) Giant Equifax data breach: 143 million people could be affected. (online) Available at < http://money.cnn.com/2017/09/07/technology/business/equifax-data-breach/index.html > (Accessed on 7 June 2018) Pawlak, P., Wendling, C. (2013) Trends in cyberspace: can governments keep up? Environment Systems and Decisions. 33(4), pp. 536-543. Ponemon Institute (2018) Home Page. (online) Available at (Accessed on 7 June 2018) Purdy, G. (2010) Iso 31000: 2009setting a new standard for risk management. Risk Analysis. 30(6), pp., 881-886. Richelson, J. (2015) The US intelligence community. Boulder: Westview Press. Rid, T., Buchanan, B. (2015) Attributing cyber attacks. Journal of Strategic Studies. 38(2), pp. 4-37. Sigholm, J., Bank, M. (2013) Towards offensive cyber counterintelligence: Adopting a target-centric view on advanced persistent threats. (online) Available at (Accessed on 7 June 2018) Taylor, B. (2011) State building in Putin's Russia: Policing and coercion after communism. Cambridge: Cambridge University Press. The Organisation of American States (2015) Report on Cybersecurity and Critical Infrastructure in the Americas. (online) Available at (Accessed on 7 June 2018) Von Solms, R., Van Niekerk, J. (2013) From information security to cyber security. Computers and Security. 38(4), pp. 97-102. Wilensky, H. (2015) Organizational intelligence: Knowledge and policy in government and industry. New Orleans: Quid Pro Books. Windrem, R. (2015) Exclusive: Secret NSA Map Shows China Cyber Attacks on U.S. Targets. (online) Available at (Accessed on 7 June 2018) Read More