Student Name:Student ID: Table of Contents INTRODUCTION...........................................................................................................................................2 DISADVANTAGES OF HACKBACK................................................................................................................3 Cyber attackers should be identified......................................................................................................3 The law should be obeyed......................................................................................................................3 Encourages the hackers..........................................................................................................................4 Does not solve the problem...................................................................................................................4 Collateral damage...................................................................................................................................4 Nonstate Actors......................................................................................................................................4 Attacker Uses Victim Country.................................................................................................................5 PREVENTION OF CYBER ATTACKS...............................................................................................................5 Preforming a risk assessment.................................................................................................................5 Undertaking training on cybersecurity...................................................................................................5 Staying up to date with threats..............................................................................................................5 Mitigating Targeted Intrusions...............................................................................................................6 Honey Pot/Honey Net............................................................................................................................6 Active Defense Tools...............................................................................................................................6 Denial and Deception.............................................................................................................................6 ACTIONS TAKEN INCASE OF AN ATTACK....................................................................................................6 Notify the incidence team......................................................................................................................7 Notify the relevant authorities and law enforcement...........................................................................7 Do an analysis to know the extent of the damage.................................................................................7 IT systems should be secured.................................................................................................................7 Implement your backup plan..................................................................................................................7 RECOMMENDATIONS.................................................................................................................................8 CONCLUSION...............................................................................................................................................8 INTRODUCTION 2
Student Name:Student ID: Cyber-attacks have become increasingly high as technology continues to grow. There is a need to effectively combat cybercrimes in the world over. Various technologies and software have come up in tackling the issues related to cyber-attacks. The processes and technologies designed to protect systems, networks and data are what make up cyber security. The attacks are aimed to cause harm by changing or destroying data. Therefore, cybersecurity is important because it helps not only organizations and companies but also individual people from the harm that may be caused by a cyber-attack. Some of the threats associated with cybersecurity include: ransomware, malware, social engineering, phishing among others. Some of the technologies designed to effectively deal with cyber attacks include In recent years, IT professionals in companies and organizations want laws to be made to allow them retaliate against cyber attacks rather than wait for the appropriate authorities to take action. They argue that it would minimize the number of times the company is attacked. (Hutchinson, 2013). In my report, I argue that retaliation is not the best solution in combating cyber attacks. The “hack back” notion should be avoided. “The best defense is a strong offence”, this is a term used by most people but that’s not the reality when it comes to cyber attacks. In fact, the only defense in cyberspace is a strong defense. My report shows that there are better ways in combating cyber attacks rather than retaliation. It advocates for better defensive strategies to handle cyber attacks DISADVANTAGES OF HACKBACK The following is a discussion on why retaliation or hack back is a wring response to fighting cyber attacks. Cyber attackers should be identified By the use of retaliation or hack back, it nearly impossible to find the real culprit behind the attack. Great hackers usually mask their attacks and it becomes difficult to identify and to tell who it is and the main reason behind the attack. Therefore, the attacker will not be brought to justice and they may end up coming back to attack again. Therefore, in case of an attack the organization should let the appropriate authorities investigate and find the culprits behind the hacks. It is of great importance to bring the attackers to justice so that they may not repeat the same again. The law should be obeyed By use of retaliation, the company or organization may find themselves breaking the law so as to get back at the attacker. Most hackers don’t value the law and so by doing that they break most laws when attacking a company. For an organization to hack the hacker they may also need to go around some laws so as to harm the attacker. This is morally and unlawful because it is not accepted to intentionally harm 3
Student Name:Student ID: others in a cyber-attack. In the US the Computer Fraud and Abuse Act of 1986 (CFAA) has been interpreted broadly enough that unauthorized access to almost any computer is seen as illegal(Sullivan, 2016). Encourages the hackers When some hackers notice that you want to hack them back, they get encouraged and determined to continue executing the hack. Some may even start using dangerous and harmful techniques. Also, a company or an organization may not realize that the attackers may have more resources than them and this may cause the company to fight a loosing battle. The attack could be more severe than the first attack before the counter attack. Does not solve the problem Hacking back does not solve the problem. It doesn’t assure you that the threats to you company or organization have ended. After identifying the vulnerability in your systems or network, it is important to ensure that you handle the vulnerability to ensure that no one else hacks into the system. Collateral damage Cyber wars may lead to unintended harm to the company’s asset. It may lead also to the damage of a third party. This may cause the third party to seek legal assistance which may be damaging to the company(Maybury, 2018). Also, as the cyber wars or retaliation happens unintentional spread of the malware to the internet may occur. The effects felt may be unintentional but that’s what happens when a cyber weapon is used. The malware interacts with the already vulnerable Information system and the effects caused cannot be underestimated or overlooked. Nonstate Actors. Countries with limited or minimal government and legal restrictions are a good place for cyber attackers, terrorist groups and hacktivists to operate in. Example, when some Russian hacktivists decided to issue a DOS attack on the country of Estonia in 2007, Estonia requested for support and assistance from Moscow to track the attackers but Moscow refused to assist them hence their requests were denied. This is because the hacktivists had support from kremlin. (Jensen, 2012). Had Estonia decided to retaliate against the hacktivist group, it risked the possibility of escalating the crisis further between the two nations. Another instance of a scenario like this involves a third-party country which is no allies or friend to the country that has been attacked. If the victim country retaliates against the third-party state it would be intruding on the sovereignty of the third country. Retaliation on the third-party state even if it’s a success, it would not have achieved anything or made an effect 4
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Student Name:Student ID: (Messmer, 2011). If we were to assume that extradition is unlikely to happen and the perpetrator is essentially shielded by the laws of the host country the attacker would not be deterred to act in the future. Tactical success (hacking back, destroying the computer, etc.) would not translate into strategic victory. Attacker Uses Victim Country The attacker may use the target country to issue their attack. The attack may be routed through various different hops and location before it reaches the intended target. Because the origin of the attack is not known, uncooperative governments failure of intelligence security services where the attack was routed to may interfere with the investigations. This is because they may delay release of important information. Because of the long period of time taken for the countries to reach an understanding or resolve the conflict, the likelihood of the attacker or hacktivist to relocate to another country to resume their operations is very high. PREVENTION OF CYBER ATTACKS From the above discussion we can see that the disadvantages of hacking back are many and the damage that they can cause are huge(Wolff, 2017). The following are ways in which organizations can mitigate the risks that are associated with cyber attacks. Also, it proposes the best way to deal with cyber attacks and also help prevent them. “The best defense in cyberspace is a strong defense”. Preforming a risk assessment This is a process that should be done regularly to identify the risks and vulnerabilities involved. Organizations should gather and evaluate potential risks in their organization. This helps them to become prepared if anything should happen. It also helps them be aware of the potential risk that their systems may have. Undertaking training on cybersecurity Trainings should be done regularly so as to ensure that employees are up to date with the latest technological trends and security information. These trainings should also include practical training of some of the security threats that an organization may face. E.g. phishing emails. This enables employees to become extra cautious and vigilant when handling information from the internet. Staying up to date with threats When organizations and companys keep up to date with the security threats surrounding cyber security, they ensure that they come up with the best ways to deal with them. There are some organizations that 5
Student Name:Student ID: share information about cyber threats in real time. This information goes a long way in prioritizing security measures. Mitigating Targeted Intrusions. Organizations and companies should make it difficult for attackers to hack into their systems. This discourages most attackers because most of them look for targets that are easier to exploit the vulnerabilities. This is because of the sophistication that will be there in accessing the systems. This will also assist in attributing attackers who have that level of skill to hack into complex systems. Honey Pot/Honey Net. Organizations and companies should create a network that mirrors their network and systems which can be monitored by defenders who can in turn use these strategies to defend the organizations and company. Example, a fake water utility supervisory control and data acquisition system was created by a Trend Micro researcher. The researchers used the system to observe and monitor the movements of Chines agents known as “Comment Crew,” who had gained access to the “honeypot” via an infected MS Word document. (Saarinen, 2013.) Active Defense Tools. These include tools that are able to automatically identify and blacklist attackers by opening trigger ports on hosts. Other tools include softwares that are able to identify IP addresses which are real of an attacker even if they are using a proxy to hide themselves. Some also pinpoint the exact geographical position of the attacker. Finally, there are tools which detect an intrusion and the feed the attacker fake information. (Higgins, 2013). Denial and Deception. Organizations and companies may use techniques that can mislead attackers. These techniques include implementing an OS that’s deletes the files e.g. rootkit for installation, when it notices that an attacker is downloading them. Also, the organizations can create websites which have data files and the websites can compile data randomly from the actual files(Snyder, White and Mann, 2015). This causes confusion to the attackers because they see connections which actually don’t exist and this makes it really difficult for them to make the actual connections. File transfer utilities which pretend to crush or imitate the same way a compromised system would behave when it detects or identifies signatures that are commonly used by attackers. This is very useful in protecting the system. 6
Student Name:Student ID: ACTIONS TAKEN INCASE OF AN ATTACK Incase the breach has occurred here are some of the ways to deal with a breach so as to mitigate the risks Notify the incidence team This involve all the experts in the organization that are tasked with handling a cyber attack. They will identify the threat, protect the data and also ensure that they minimize the effects or damage caused by the attack(Tripwire, 2015)this team must always be on standby to ensure the continuity of the business and securing the data that has not been affected by the attack. Notify the relevant authorities and law enforcement By notifying the law enforcements it makes them start investigating the matter to find the people who are responsible for the attack. Also, law enforcement may know similar attacks that may have occurred and this makes it easier for them to piece together information so as to capture the culprits. Do an analysis to know the extent of the damage This is important because it can be used later as evidence when the attacker is apprehended. Also, it also makes the organization to know what part of their system or network has been affected and the possible effects that this may have in the operations of the business. IT systems should be secured To ensure the data is protected and also minimizing the damage done by the attack, the systems should be secured effectively. Businesses make a mistake of removing the malware or taking the system offline. This makes the hackers know that they have been identified and therefore stop their activities hence making it difficult to capture or identify them. Some of the actions you can take include changing of passwords and the access control list. After a machine has been attacked it is best that you leave it online but block it from accessing the internet. You can also isolate it in a VLAN or by use of a firewall so that it can’tcommunicate to the outside world. This method helps by preventing the machine from doing any damage to the company’s network and also it ensures that the business continues with its operations. Implement your backup plan Each business and organizations must have a back up to ensure the continuity of a business. Data should be backed up regularly so as to ensure you capture everything. This ensures that you can restore everything back when an attack has occurred. You should use the backups when the business data becomes severely compromised or damaged. 7
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Student Name:Student ID: RECOMMENDATIONS Based on the above discussions there are some of the issues highlighted and recommendations made to resolve the issues. These recommendations help in preventing hacking back as this will not resolve the hacking problems. Some of the recommendations made for this concept are as listed below. i.Funding should be put into coming up with security softwares and strategies to deal with cyber attacks ii.Appropriate laws should be put into place for organizations that want to retaliate against attackers. This should be done in a contained environment to prevent damages iii.Organizations should have a department specifically to deal with cyber attacks. iv.There should be an organization where information can be shared between organizations about the recent cyber attacks and how to deal with them v.Cyber laws should be very harsh to people who are found to engage themselves in cyber crimes. E.g. life imprisonment. CONCLUSION From the above discussions we can see that the best ways and method in fighting cyber-attacks. The use of retaliation and hacking back will lead to more damage than good. Retaliation cannot deal with most cyber-attacks that are out there. Also, retaliation may cause cyberwars that may have catastrophic effect the cyber world. Therefore, it is essential for organizations and companies to continue increasing efforts in creating better defenses against cyber-attacks. The phrase “the best defense is a good offence” should be the last resort and not as a first choice. As for now, the only defense in cyberspace is a strong defense. 8
Student Name:Student ID: REFERENCES Altushost (2018).4 Critical Steps for Responding to a Cyber Attack. [online] AltusHost. Available at: https://www.altushost.com/4-critical-steps-for-responding-to-a-cyber-attack[Accessed22May 2018]. Bradbury,D.(2015).Shouldwehackthehackers?.[online]theGuardian.Availableat: https://www.theguardian.com/technology/2015/mar/09/cybercrime-should-we-hack-the-hackers [Accessed 22 May 2018]. Cobb,S.(2015).5reasonsnotto"hackback".[online]WeLiveSecurity.Availableat: https://www.welivesecurity.com/2015/01/07/5-reasons-not-to-hack-back/[Accessed22May 2018]. Eric Talbot Jensen, (2012) “Cyber Deterrence,”Emory International Law Journal, 26: 805. Francis,R.(2017).Howtorespondtoacyberattack.[online]CSOOnline.Availableat: https://www.csoonline.com/article/3175635/cyber-attacks-espionage/how-to-respond-to-a-cyber- attack.html#slide11 [Accessed 22 May 2018]. HT (2014).Actions to Prevent Cyber Attacks and Minimize Damage. [online] Hospitality Technology. Availableat:https://hospitalitytech.com/actions-prevent-cyber-attacks-and-minimize-damage [Accessed 22 May 2018]. Hutchinson, J. (2013).Companies should ‘hack back’ at cyber attackers: security experts. [online] Financial Review. Available at: http://www.afr.com/technology/enterprise-it/companies-should- hack-back-at-cyber-attackers-security-experts-20130527-j0rqm [Accessed 22 May 2018]. Hathaway, O. A., Crootof, R., Levitz, P., Nix, H., Nowlan, A., Perdue, W., & Spiegel, J. (2012). The law of cyber-attack.California Law Review, pg 817-885. Juha Saarinen, ( 2013) “Chinese Hackers Take Over Fake Water Utility,”ITNews. Kelly Jackson Higgins, (2013) “Free Active Defense Tools Emerge,”Dark Reading. 9
Student Name:Student ID: Maybury,R.(2018).HowdoIdealwithcyberattacks?.[online]Telegraph.co.uk.Availableat: https://www.telegraph.co.uk/technology/advice/10420248/How-do-I-deal-with-cyber-attacks.html [Accessed 22 May 2018]. Messmer, E. (2011).Is retaliation the answer to cyber attacks?. [online] Network World. Available at: https://www.networkworld.com/article/2199010/malware-cybercrime/is-retaliation-the-answer- to-cyber-attacks-.html [Accessed 22 May 2018]. Rossi, B. (2015).6 critical steps for responding to a cyber attack. [online] Information Age. Available at: http://www.information-age.com/6-critical-steps-responding-cyber-attack-123459644/[Accessed 22 May 2018]. Snyder, P., White, R. and Mann, S. (2015).Pros and Cons of Hacking Back | Crossroads Blog. [online] Blog.cybersecuritylaw.us.Availableat:https://blog.cybersecuritylaw.us/2015/03/09/pros-and- cons-of-hacking-back [Accessed 22 May 2018]. Sullivan, P. (2016).Hacking back: A viable strategy or a major risk?. [online] SearchSecurity. Available at: https://searchsecurity.techtarget.com/tip/Hacking-back-A-viable-strategy-or-a-major-risk [Accessed 22 May 2018]. Tripwire, I. (2015).Should Companies Strike Back at Hackers?. [online] The State of Security. Available at: https://www.tripwire.com/state-of-security/security-data-protection/should-companies-strike- back-at-hackers/ [Accessed 22 May 2018]. Wolff, J. (2017).Oh Good, the Worst Idea in Cybersecurity Is Back Again. [online] Slate Magazine. Availableat: http://www.slate.com/articles/technology/future_tense/2017/10/hacking_back_the_worst_idea_i n_cybersecurity_rises_again.html [Accessed 22 May 2018]. 10
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser