Ethical Hacking and Hacking Attacks - PDF
10 Pages3309 Words57 Views
Added on 2021-06-18
Ethical Hacking and Hacking Attacks - PDF
Added on 2021-06-18
ShareRelated Documents
Microsoft Office User
[COMPANY NAME] [Company address]
[DOCUMENT TITLE]
[COMPANY NAME] [Company address]
[DOCUMENT TITLE]
Table of Contents
Introduction.................................................................................. 1
Background..................................................................................1
Threat Landscape............................................................................2
Arguments of both sides...................................................................... 2
Arguments supporting ‘hack-back’...............................................................2
Arguments against ‘Hack-back’..................................................................4
Recommendations............................................................................ 6
Conclusion...................................................................................7
Introduction
Every single nation over the globe is encountering some or different type of threat. Any kind
of task that involves securing the web tends to be a daunting job even for the specialist and
experts. There does not go by a single week where instances of virus infection, phishing
related scams, hacking attempts among others are not reported. Individuals, governments and
organizations all are at risk of these cyber borne threats. Irrespective of the type and extent of
security measures employed, there would still be substantial security risks. A lot of these
threats are caused by threat agents that are motivated by means of causing destruction,
espionage, theft and personal gains. Each year, 100s of billions are lost due to cyber threats.
In 2012, cybercrime cost 1 trillion USD (Kharat, 2017). In 2021, it is expected to rise 6
trillion. Cybersecurity spending is also going to rise up to 1 trillion USD (Horowitz and
Lucero, 2016). Keeping this in mind, many groups around the world are voicing their support
for ‘hacking back’ i.e., attacking the attackers, hoping that this would effective demotivate
them in carrying out cybercrimes. This paper will provide a brief about the cyber threat
landscape and then explore both sides of the conversation to effectively provide a set of
general recommendations
Background
Since the last two decades, companies around the world had been victimized over the attacks
on their computing systems. Hackers tend to attack these corporation’s websites, disrupt their
Introduction.................................................................................. 1
Background..................................................................................1
Threat Landscape............................................................................2
Arguments of both sides...................................................................... 2
Arguments supporting ‘hack-back’...............................................................2
Arguments against ‘Hack-back’..................................................................4
Recommendations............................................................................ 6
Conclusion...................................................................................7
Introduction
Every single nation over the globe is encountering some or different type of threat. Any kind
of task that involves securing the web tends to be a daunting job even for the specialist and
experts. There does not go by a single week where instances of virus infection, phishing
related scams, hacking attempts among others are not reported. Individuals, governments and
organizations all are at risk of these cyber borne threats. Irrespective of the type and extent of
security measures employed, there would still be substantial security risks. A lot of these
threats are caused by threat agents that are motivated by means of causing destruction,
espionage, theft and personal gains. Each year, 100s of billions are lost due to cyber threats.
In 2012, cybercrime cost 1 trillion USD (Kharat, 2017). In 2021, it is expected to rise 6
trillion. Cybersecurity spending is also going to rise up to 1 trillion USD (Horowitz and
Lucero, 2016). Keeping this in mind, many groups around the world are voicing their support
for ‘hacking back’ i.e., attacking the attackers, hoping that this would effective demotivate
them in carrying out cybercrimes. This paper will provide a brief about the cyber threat
landscape and then explore both sides of the conversation to effectively provide a set of
general recommendations
Background
Since the last two decades, companies around the world had been victimized over the attacks
on their computing systems. Hackers tend to attack these corporation’s websites, disrupt their
communication systems and most importantly, steal their data. NSA Director, General
Alexander, has termed these cyber-frauds as the ‘greatest transfer of wealth in the world
history’ (Rabkin and Rabkin, 2016).
Despite having invested billions in cyber-security infrastructure, some of the most clever
hacking organizations still tend to work around their way into heaviest cyber-defences in the
world. These determined attackers, who spend a great deal of time in working around their
way into these heavily guarded defences, are termed as ‘advanced persistent threats’ (A. and
Ghani, 2016). A lot of these cybercriminals operate typically from foreign countries beyond
the reach of the host countries.
Owing to these increasing and persistent cyber threats, many frustrated computer security
experts have been voicing their opinions about having retaliatory measures so that they can
essentially conduct ‘hack-back operations’. As a result, there had been many such dialogues
that has happened throughout the world and also an exploration of risks that involves with it.
As such, all these conversations have just generated talks without any action plans. This is
because, in the United States alone, the Computer Fraud and Abuse Act (or CFAA) prohibits
private organizations and individuals to attack or damage computer systems even if they are
being attacked by an external party (Goldman, 2012).
Threat Landscape
The emerging threats of today’s world tend to be extremely destructive as they now focus
more on intellectual government property, critical industries and financial corporations that
are essentially the fabric of any nation. Based on this scenario, one can deduce that threat
actors are ‘elements that help or cause in attaining a digital incident’ (Verizon, 2014).
Modern day threat is widespread and target advanced computing system, industrial
infrastructure, public infrastructures such as traffic signals, dams, electricity and even
common consumer grade products such as smartphones, app-stores and desktop computers.
Threats come in variety of shapes and forms. They range from threats such as Malware,
Trojans and viruses that affect systems worldwide and cause destruction, theft or disruption,
to threats of an insider attack, phishing scams or even ransomwares. For instance, Wannacry,
a ransomware released in 2017 affected nearly 300,000 systems around the world before
being subdued owing to a fortunate discovery of the third day of its attack (Popli and Girdhar,
2017). However, it managed to affect hundreds of thousands of systems around the world.
The threat agents are hacktivists, criminals, terrorists and even some-times state-sponsored
groups.
Alexander, has termed these cyber-frauds as the ‘greatest transfer of wealth in the world
history’ (Rabkin and Rabkin, 2016).
Despite having invested billions in cyber-security infrastructure, some of the most clever
hacking organizations still tend to work around their way into heaviest cyber-defences in the
world. These determined attackers, who spend a great deal of time in working around their
way into these heavily guarded defences, are termed as ‘advanced persistent threats’ (A. and
Ghani, 2016). A lot of these cybercriminals operate typically from foreign countries beyond
the reach of the host countries.
Owing to these increasing and persistent cyber threats, many frustrated computer security
experts have been voicing their opinions about having retaliatory measures so that they can
essentially conduct ‘hack-back operations’. As a result, there had been many such dialogues
that has happened throughout the world and also an exploration of risks that involves with it.
As such, all these conversations have just generated talks without any action plans. This is
because, in the United States alone, the Computer Fraud and Abuse Act (or CFAA) prohibits
private organizations and individuals to attack or damage computer systems even if they are
being attacked by an external party (Goldman, 2012).
Threat Landscape
The emerging threats of today’s world tend to be extremely destructive as they now focus
more on intellectual government property, critical industries and financial corporations that
are essentially the fabric of any nation. Based on this scenario, one can deduce that threat
actors are ‘elements that help or cause in attaining a digital incident’ (Verizon, 2014).
Modern day threat is widespread and target advanced computing system, industrial
infrastructure, public infrastructures such as traffic signals, dams, electricity and even
common consumer grade products such as smartphones, app-stores and desktop computers.
Threats come in variety of shapes and forms. They range from threats such as Malware,
Trojans and viruses that affect systems worldwide and cause destruction, theft or disruption,
to threats of an insider attack, phishing scams or even ransomwares. For instance, Wannacry,
a ransomware released in 2017 affected nearly 300,000 systems around the world before
being subdued owing to a fortunate discovery of the third day of its attack (Popli and Girdhar,
2017). However, it managed to affect hundreds of thousands of systems around the world.
The threat agents are hacktivists, criminals, terrorists and even some-times state-sponsored
groups.
End of preview
Want to access all the pages? Upload your documents or become a member.