Prevention of Cyber Attacks - PDF

Verified

Added on  2021/06/18

|11
|3273
|153
AI Summary

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.
Document Page
Student Name: Student ID:
Cyber Security
Student Name
Institution
1

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
Student Name: Student ID:
Table of Contents
INTRODUCTION...........................................................................................................................................2
DISADVANTAGES OF HACKBACK................................................................................................................3
Cyber attackers should be identified......................................................................................................3
The law should be obeyed......................................................................................................................3
Encourages the hackers..........................................................................................................................4
Does not solve the problem...................................................................................................................4
Collateral damage...................................................................................................................................4
Nonstate Actors......................................................................................................................................4
Attacker Uses Victim Country.................................................................................................................5
PREVENTION OF CYBER ATTACKS...............................................................................................................5
Preforming a risk assessment.................................................................................................................5
Undertaking training on cybersecurity...................................................................................................5
Staying up to date with threats..............................................................................................................5
Mitigating Targeted Intrusions...............................................................................................................6
Honey Pot/Honey Net............................................................................................................................6
Active Defense Tools...............................................................................................................................6
Denial and Deception.............................................................................................................................6
ACTIONS TAKEN INCASE OF AN ATTACK....................................................................................................6
Notify the incidence team......................................................................................................................7
Notify the relevant authorities and law enforcement...........................................................................7
Do an analysis to know the extent of the damage.................................................................................7
IT systems should be secured.................................................................................................................7
Implement your backup plan..................................................................................................................7
RECOMMENDATIONS.................................................................................................................................8
CONCLUSION...............................................................................................................................................8
INTRODUCTION
2
Document Page
Student Name: Student ID:
Cyber-attacks have become increasingly high as technology continues to grow. There is a need to
effectively combat cybercrimes in the world over. Various technologies and software have come up in
tackling the issues related to cyber-attacks. The processes and technologies designed to protect systems,
networks and data are what make up cyber security. The attacks are aimed to cause harm by changing
or destroying data. Therefore, cybersecurity is important because it helps not only organizations and
companies but also individual people from the harm that may be caused by a cyber-attack. Some of the
threats associated with cybersecurity include: ransomware, malware, social engineering, phishing
among others. Some of the technologies designed to effectively deal with cyber attacks include
In recent years, IT professionals in companies and organizations want laws to be made to allow them
retaliate against cyber attacks rather than wait for the appropriate authorities to take action. They argue
that it would minimize the number of times the company is attacked. (Hutchinson, 2013).
In my report, I argue that retaliation is not the best solution in combating cyber attacks. The “hack back”
notion should be avoided. “The best defense is a strong offence”, this is a term used by most people but
that’s not the reality when it comes to cyber attacks. In fact, the only defense in cyberspace is a strong
defense. My report shows that there are better ways in combating cyber attacks rather than retaliation.
It advocates for better defensive strategies to handle cyber attacks
DISADVANTAGES OF HACKBACK
The following is a discussion on why retaliation or hack back is a wring response to fighting cyber
attacks.
Cyber attackers should be identified
By the use of retaliation or hack back, it nearly impossible to find the real culprit behind the attack.
Great hackers usually mask their attacks and it becomes difficult to identify and to tell who it is and the
main reason behind the attack. Therefore, the attacker will not be brought to justice and they may end
up coming back to attack again. Therefore, in case of an attack the organization should let the
appropriate authorities investigate and find the culprits behind the hacks. It is of great importance to
bring the attackers to justice so that they may not repeat the same again.
The law should be obeyed
By use of retaliation, the company or organization may find themselves breaking the law so as to get
back at the attacker. Most hackers don’t value the law and so by doing that they break most laws when
attacking a company. For an organization to hack the hacker they may also need to go around some laws
so as to harm the attacker. This is morally and unlawful because it is not accepted to intentionally harm
3
Document Page
Student Name: Student ID:
others in a cyber-attack. In the US the Computer Fraud and Abuse Act of 1986 (CFAA) has been
interpreted broadly enough that unauthorized access to almost any computer is seen as illegal (Sullivan,
2016).
Encourages the hackers
When some hackers notice that you want to hack them back, they get encouraged and determined to
continue executing the hack. Some may even start using dangerous and harmful techniques. Also, a
company or an organization may not realize that the attackers may have more resources than them and
this may cause the company to fight a loosing battle. The attack could be more severe than the first
attack before the counter attack.
Does not solve the problem
Hacking back does not solve the problem. It doesn’t assure you that the threats to you company or
organization have ended. After identifying the vulnerability in your systems or network, it is important
to ensure that you handle the vulnerability to ensure that no one else hacks into the system.
Collateral damage
Cyber wars may lead to unintended harm to the company’s asset. It may lead also to the damage of a
third party. This may cause the third party to seek legal assistance which may be damaging to the
company (Maybury, 2018). Also, as the cyber wars or retaliation happens unintentional spread of the
malware to the internet may occur. The effects felt may be unintentional but that’s what happens when
a cyber weapon is used. The malware interacts with the already vulnerable Information system and the
effects caused cannot be underestimated or overlooked.
Nonstate Actors.
Countries with limited or minimal government and legal restrictions are a good place for cyber attackers,
terrorist groups and hacktivists to operate in. Example, when some Russian hacktivists decided to issue a
DOS attack on the country of Estonia in 2007, Estonia requested for support and assistance from
Moscow to track the attackers but Moscow refused to assist them hence their requests were denied.
This is because the hacktivists had support from kremlin. (Jensen, 2012).
Had Estonia decided to retaliate against the hacktivist group, it risked the possibility of escalating the
crisis further between the two nations. Another instance of a scenario like this involves a third-party
country which is no allies or friend to the country that has been attacked. If the victim country retaliates
against the third-party state it would be intruding on the sovereignty of the third country. Retaliation on
the third-party state even if it’s a success, it would not have achieved anything or made an effect
4

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
Student Name: Student ID:
(Messmer, 2011). If we were to assume that extradition is unlikely to happen and the perpetrator is
essentially shielded by the laws of the host country the attacker would not be deterred to act in the
future. Tactical success (hacking back, destroying the computer, etc.) would not translate into strategic
victory.
Attacker Uses Victim Country
The attacker may use the target country to issue their attack. The attack may be routed through various
different hops and location before it reaches the intended target. Because the origin of the attack is not
known, uncooperative governments failure of intelligence security services where the attack was routed
to may interfere with the investigations. This is because they may delay release of important
information. Because of the long period of time taken for the countries to reach an understanding or
resolve the conflict, the likelihood of the attacker or hacktivist to relocate to another country to resume
their operations is very high.
PREVENTION OF CYBER ATTACKS
From the above discussion we can see that the disadvantages of hacking back are many and the damage
that they can cause are huge (Wolff, 2017). The following are ways in which organizations can mitigate
the risks that are associated with cyber attacks. Also, it proposes the best way to deal with cyber attacks
and also help prevent them. “The best defense in cyberspace is a strong defense”.
Preforming a risk assessment
This is a process that should be done regularly to identify the risks and vulnerabilities involved.
Organizations should gather and evaluate potential risks in their organization. This helps them to
become prepared if anything should happen. It also helps them be aware of the potential risk that their
systems may have.
Undertaking training on cybersecurity
Trainings should be done regularly so as to ensure that employees are up to date with the latest
technological trends and security information. These trainings should also include practical training of
some of the security threats that an organization may face. E.g. phishing emails. This enables employees
to become extra cautious and vigilant when handling information from the internet.
Staying up to date with threats
When organizations and companys keep up to date with the security threats surrounding cyber security,
they ensure that they come up with the best ways to deal with them. There are some organizations that
5
Document Page
Student Name: Student ID:
share information about cyber threats in real time. This information goes a long way in prioritizing
security measures.
Mitigating Targeted Intrusions.
Organizations and companies should make it difficult for attackers to hack into their systems. This
discourages most attackers because most of them look for targets that are easier to exploit the
vulnerabilities. This is because of the sophistication that will be there in accessing the systems. This will
also assist in attributing attackers who have that level of skill to hack into complex systems.
Honey Pot/Honey Net.
Organizations and companies should create a network that mirrors their network and systems which can
be monitored by defenders who can in turn use these strategies to defend the organizations and
company. Example, a fake water utility supervisory control and data acquisition system was created by a
Trend Micro researcher. The researchers used the system to observe and monitor the movements of
Chines agents known as “Comment Crew,” who had gained access to the “honeypot” via an infected MS
Word document. (Saarinen, 2013.)
Active Defense Tools.
These include tools that are able to automatically identify and blacklist attackers by opening trigger
ports on hosts. Other tools include softwares that are able to identify IP addresses which are real of an
attacker even if they are using a proxy to hide themselves. Some also pinpoint the exact geographical
position of the attacker. Finally, there are tools which detect an intrusion and the feed the attacker fake
information. (Higgins, 2013).
Denial and Deception.
Organizations and companies may use techniques that can mislead attackers. These techniques include
implementing an OS that’s deletes the files e.g. rootkit for installation, when it notices that an attacker is
downloading them. Also, the organizations can create websites which have data files and the websites
can compile data randomly from the actual files (Snyder, White and Mann, 2015). This causes confusion
to the attackers because they see connections which actually don’t exist and this makes it really difficult
for them to make the actual connections. File transfer utilities which pretend to crush or imitate the
same way a compromised system would behave when it detects or identifies signatures that are
commonly used by attackers. This is very useful in protecting the system.
6
Document Page
Student Name: Student ID:
ACTIONS TAKEN INCASE OF AN ATTACK
Incase the breach has occurred here are some of the ways to deal with a breach so as to mitigate the
risks
Notify the incidence team
This involve all the experts in the organization that are tasked with handling a cyber attack. They will
identify the threat, protect the data and also ensure that they minimize the effects or damage caused by
the attack (Tripwire, 2015) this team must always be on standby to ensure the continuity of the business
and securing the data that has not been affected by the attack.
Notify the relevant authorities and law enforcement
By notifying the law enforcements it makes them start investigating the matter to find the people who
are responsible for the attack. Also, law enforcement may know similar attacks that may have occurred
and this makes it easier for them to piece together information so as to capture the culprits.
Do an analysis to know the extent of the damage
This is important because it can be used later as evidence when the attacker is apprehended. Also, it
also makes the organization to know what part of their system or network has been affected and the
possible effects that this may have in the operations of the business.
IT systems should be secured
To ensure the data is protected and also minimizing the damage done by the attack, the systems should
be secured effectively. Businesses make a mistake of removing the malware or taking the system offline.
This makes the hackers know that they have been identified and therefore stop their activities hence
making it difficult to capture or identify them. Some of the actions you can take include changing of
passwords and the access control list.
After a machine has been attacked it is best that you leave it online but block it from accessing the
internet. You can also isolate it in a VLAN or by use of a firewall so that it can’t communicate to the
outside world. This method helps by preventing the machine from doing any damage to the company’s
network and also it ensures that the business continues with its operations.
Implement your backup plan
Each business and organizations must have a back up to ensure the continuity of a business. Data should
be backed up regularly so as to ensure you capture everything. This ensures that you can restore
everything back when an attack has occurred. You should use the backups when the business data
becomes severely compromised or damaged.
7

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
Student Name: Student ID:
RECOMMENDATIONS
Based on the above discussions there are some of the issues highlighted and recommendations made to
resolve the issues. These recommendations help in preventing hacking back as this will not resolve the
hacking problems. Some of the recommendations made for this concept are as listed below.
i. Funding should be put into coming up with security softwares and strategies to deal with cyber
attacks
ii. Appropriate laws should be put into place for organizations that want to retaliate against attackers.
This should be done in a contained environment to prevent damages
iii. Organizations should have a department specifically to deal with cyber attacks.
iv. There should be an organization where information can be shared between organizations about
the recent cyber attacks and how to deal with them
v. Cyber laws should be very harsh to people who are found to engage themselves in cyber crimes.
E.g. life imprisonment.
CONCLUSION
From the above discussions we can see that the best ways and method in fighting cyber-attacks. The use
of retaliation and hacking back will lead to more damage than good. Retaliation cannot deal with most
cyber-attacks that are out there. Also, retaliation may cause cyberwars that may have catastrophic effect
the cyber world. Therefore, it is essential for organizations and companies to continue increasing efforts
in creating better defenses against cyber-attacks. The phrase “the best defense is a good offence” should
be the last resort and not as a first choice. As for now, the only defense in cyberspace is a strong
defense.
8
Document Page
Student Name: Student ID:
REFERENCES
Altushost (2018). 4 Critical Steps for Responding to a Cyber Attack. [online] AltusHost. Available at:
https://www.altushost.com/4-critical-steps-for-responding-to-a-cyber-attack [Accessed 22 May
2018].
Bradbury, D. (2015). Should we hack the hackers?. [online] the Guardian. Available at:
https://www.theguardian.com/technology/2015/mar/09/cybercrime-should-we-hack-the-hackers
[Accessed 22 May 2018].
Cobb, S. (2015). 5 reasons not to "hack back". [online] WeLiveSecurity. Available at:
https://www.welivesecurity.com/2015/01/07/5-reasons-not-to-hack-back/ [Accessed 22 May
2018].
Eric Talbot Jensen, (2012) “Cyber Deterrence,” Emory International Law Journal, 26: 805.
Francis, R. (2017). How to respond to a cyber attack. [online] CSO Online. Available at:
https://www.csoonline.com/article/3175635/cyber-attacks-espionage/how-to-respond-to-a-cyber-
attack.html#slide11 [Accessed 22 May 2018].
HT (2014). Actions to Prevent Cyber Attacks and Minimize Damage. [online] Hospitality Technology.
Available at: https://hospitalitytech.com/actions-prevent-cyber-attacks-and-minimize-damage
[Accessed 22 May 2018].
Hutchinson, J. (2013). Companies should ‘hack back’ at cyber attackers: security experts. [online]
Financial Review. Available at: http://www.afr.com/technology/enterprise-it/companies-should-
hack-back-at-cyber-attackers-security-experts-20130527-j0rqm [Accessed 22 May 2018].
Hathaway, O. A., Crootof, R., Levitz, P., Nix, H., Nowlan, A., Perdue, W., & Spiegel, J. (2012). The law of
cyber-attack. California Law Review, pg 817-885.
Juha Saarinen, ( 2013) “Chinese Hackers Take Over Fake Water Utility,” ITNews.
Kelly Jackson Higgins, (2013) “Free Active Defense Tools Emerge,” Dark Reading.
9
Document Page
Student Name: Student ID:
Maybury, R. (2018). How do I deal with cyber attacks?. [online] Telegraph.co.uk. Available at:
https://www.telegraph.co.uk/technology/advice/10420248/How-do-I-deal-with-cyber-attacks.html
[Accessed 22 May 2018].
Messmer, E. (2011). Is retaliation the answer to cyber attacks?. [online] Network World. Available at:
https://www.networkworld.com/article/2199010/malware-cybercrime/is-retaliation-the-answer-
to-cyber-attacks-.html [Accessed 22 May 2018].
Rossi, B. (2015). 6 critical steps for responding to a cyber attack. [online] Information Age. Available at:
http://www.information-age.com/6-critical-steps-responding-cyber-attack-123459644/ [Accessed
22 May 2018].
Snyder, P., White, R. and Mann, S. (2015). Pros and Cons of Hacking Back | Crossroads Blog. [online]
Blog.cybersecuritylaw.us. Available at: https://blog.cybersecuritylaw.us/2015/03/09/pros-and-
cons-of-hacking-back [Accessed 22 May 2018].
Sullivan, P. (2016). Hacking back: A viable strategy or a major risk?. [online] SearchSecurity. Available at:
https://searchsecurity.techtarget.com/tip/Hacking-back-A-viable-strategy-or-a-major-risk
[Accessed 22 May 2018].
Tripwire, I. (2015). Should Companies Strike Back at Hackers?. [online] The State of Security. Available at:
https://www.tripwire.com/state-of-security/security-data-protection/should-companies-strike-
back-at-hackers/ [Accessed 22 May 2018].
Wolff, J. (2017). Oh Good, the Worst Idea in Cybersecurity Is Back Again. [online] Slate Magazine.
Available at:
http://www.slate.com/articles/technology/future_tense/2017/10/hacking_back_the_worst_idea_i
n_cybersecurity_rises_again.html [Accessed 22 May 2018].
10

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
Student Name: Student ID:
11
1 out of 11
circle_padding
hide_on_mobile
zoom_out_icon
[object Object]

Your All-in-One AI-Powered Toolkit for Academic Success.

Available 24*7 on WhatsApp / Email

[object Object]