Literature Review: Cyber Security Threats and Business Challenges

Verified

Added on 2021/06/16

AI Summary

This report provides a comprehensive literature review on the challenges businesses face due to increasing cyber security threats. It explores the impact of the internet and online services on business operations, highlighting the vulnerabilities associated with cyber threats. The report delves into various cyber-attack methods, including those targeting mobile banking, social media, and online transactions, and discusses the rise of ransomware, hacktivism, and insider threats. It examines the reasons behind these attacks, such as poor network infrastructure, lack of digital literacy, and inadequate security measures. The research also addresses the increasing use of IoT devices and the challenges they pose to cyber security. The report concludes by emphasizing the need for businesses to invest in robust security measures, including advanced infrastructure and employee training, to mitigate risks and protect against data breaches and financial losses. The report is contributed by a student to be published on the website Desklib, a platform which provides all the necessary AI based study tools for students.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

BUSINESS RESEARCH

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

1
Contents
INTRODUCTION......................................................................................................................2
Project Objective....................................................................................................................2
Project Scope..........................................................................................................................2
Literature Review.......................................................................................................................2
CONCLUSION..........................................................................................................................6
REFERENCES...........................................................................................................................7
INTRODUCTION
Internet in the modern days has become one of the most essential elements of our day to day
life. This has not only benefited the individuals but has also made work process easier for the
organisations. Almost each and every industry has adopted the facilities of cyber world so as

2
to conduct their operations. Connecting with such a large network there are many challenges
faced by the organisations. All these challenges had negative effect on the operations of the
companies. With the development of smart devices the popularity of the cyber connected
business has enhanced. Cybercrime has been noticed in the many fields which are posing
greater threats to the business. Companies are trying hard to safeguard their businesses from
such crimes. This is declined towards the challenges that are faced by the business in the
cyber security.
Project Objective
The prime objective of this work is to conduct a literature review on various challenges that is
faced by the business because of the increasing cyber security threats. This research will
address the cyber-attacks and the mediums that have been chosen for such attacks. Its
secondary objective includes recommendations about safeguarding from challenges that are
faced by the firms.
Project Scope
This research will evaluate the impact of online web services and internet facilities on the
working of the firm. It also helps in acknowledging the functionality changes in order to
analyse their vulnerability linked with cyber threats. This research will give focus towards
various threats related to cyber security. Many professional advice and theories is showcased
in this research.
Literature Review
According to Choo, (2011) Internet has penetrated deep into the lives of the people. This has
forced the firms to make their business online. The dependence of firms on the online
business for their growth has increased at much faster speed. Several smaller and bigger firms
are present all around the world which runs their business totally on online mediums for
doing business. This is probably because a larger number of target sections are present on
these sites. Internet has empowered the firms to reach to larger section of the society with
minimum efforts. Cyber business has become extremely crucial for the smaller firms which
are facing huge competition from the larger firms. Dunn Cavelty, (2013) has a point of view
that internet facilitated business to make a long term relationship with the clients by
continuously connecting with them. It has benefited the firm as they can make stronger

3
connect with the clients by continuously taking feedbacks from them. Such a large network
brings many challenges with it.
Katal, Wazid and Goudar, (2013) believes that the cases of cyber-attacks have increased in
past few years. This increase in the frequency has proved as a major challenge for the global
firms. This has not only affected the businesses of the firm but has also impacted on the lives
of the stakeholders. This is due to the reason that there are many people who have the
targeted through the cyber-attacks. It is due to the reason that many kind of private data that
are highly sensitive are stored on the cyber mediums. All these data gets highly vulnerable to
the cyber-attacks. Because of the poor security measures used by the firms, they are highly
easily targeted in the cyber-attacks. It is seen that individuals who have the poor knowledge
about the cyber security are often gets attacked by the hackers.
In the views of Parmar, (2017) hackers try to find loop holes in any network. They utilise
these loop holes for attack. A hacker generally does this for their personal benefit or to make
some heavy loses to others. With the number of devices increasing in the internet mediums,
the probability of attack has increased. Among the large numbers of reasons because of
which cyber-attacks happens, the poor infrastructure of the network is the biggest one.
On the contrary Reddy and Reddy, (2014) believes that there are larger numbers of platforms
using which attacks on systems are taking place. With the expansion of mobile technology in
every hand, cyber-attacks through mobile internet have increased at much faster speed. Many
businesses today have adopted mobile mediums for their operations. This can be easily seen
in the case of banking sector. The most common attacks in the past decade have been in the
mobile banking solutions (Jing, et al., 2014). For example the App related business has faced
many kinds of Cyber-attacks. These Apps are the major sources of data leaks and most of
them are carried out the company itself. In the mobile business solutions, phishing has been
one of the most common forms of attack. This is a serious threat to both business and the
individuals that are attached with it. Since the number of mobile phone users are increasing at
much faster rate. This has become one of the biggest challenges for the companies. On the
contrary Sadeghi, Wachsmann and Waidner, (2015) suggests that mobile transaction shave
become the common area on which attacks have been conducted. The services like Pay Pal
have further increased the threat. Financial data present with the online mediums if gets
leaked into the hands of unauthorised individuals can lead to huge monetary loses. Hackers
usually attacks at the targets which has so many faults.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

4
In the views of Zhu, Joseph and Sastry, (2011) online ways of doing business are most prone
to cyber-attacks. Most of the frauds done by hackers are through the online mediums. Many
types of operations apart from transactions are performed through these sites are at the treats
of such attacks. In the case of JP Morgan the attack was only done to steal the crucial
information associated with 83 million consumers. Apart from this the attack on the Tesco
Bank was done by the hackers for stealing approximately 2 million dollars from their clients’
accounts. In both the cases it was seen that major reason for these attacks is due to poor
security measures adopted by them. The poor infrastructure of the network acts as a major
reason for the conduction of such attacks. In order to save money companies usually do not
spend on Cyber-attacks. Firms needs to spend a lot on the filling the loop holes as hackers
easily break down the whole network capitalising on these loop holes. A research suggested
that 19 out of the 20 banks present in U.S. have adopted “C” grade security measures.
Companies usually neglect the advanced security infrastructure because of higher
maintenance and infrastructure adoption cost.
On the other hand Shackelford, (2014) believes that the major sources of attacks are through
social media. The major form of attack that is done on social media sites is of stealing the
private data. With approximately 3 billion social media users, it proves to a wonderful place
where company can market its products. Advertisements are posted on such sites as well as
the feedbacks can be easily taken through this medium. Since these sites have minimum
security standards hence attacks usually take place at these sites. Data theft has been major
form of attack. It has also been highlighted that Facebook Inc. has itself made many data
theft.
Rid and Buchanan, (2015) has a point of view that these attacks are common because of the
lack of digital literacy in the common masses. Individuals make the companies prone to
attacks due to their faults. They usually do not follow the ways in which the attacks can
possibly be avoided. Few years back the attack on the Apple Inc. has resulted in stealing of
data related to the celebrities. Its result was seen as posting of 500 personal photos of
celebrity on the internet mediums. Since data has become the most valuable tool of modern
day business hence safeguarding it is a major challenge for the company.
Musman, et al., (2011) suggests that Distributed Denial of Service (DDoS) on servers have
increased the traffic of servers which limits them from performing several task. Hackers
attack on the node or systems that are most vulnerable and through it they get control of the

5
whole networks and elements present in it. Many a time attacks gets possible due to excessive
traffic load on the network. This is possible because access load results in a node failure in
the network, this situation is capitalised by the hackers to have control on the network. Use of
the tools like mails, Spams, advertisements and form of viruses are used for increasing the
traffic load. Most common DDoS example was the attack on BBC, Five Russian bank, Rio
Olympics, DYN, Presidential election of America in which Donald Trump’s campaign was
attacked.
On the contrary Amoroso, (2012) suggest that the technology developments like IOT has
empowered the growth of cyber focused business. But the IOT has brought many kinds of
challenges for the cyber security of the firm. In the research done by McAfee, it was
suggested that by start of 2020 there will be around 1.8 billion devices gets connected to
internet. IOT is smarter connection of devices where they can easily share information easily
hence it is considered as the future of the modern day business. Since the number of nodes
connected with IOT is in very high quantity hence the probability of attacks has enhanced.
Due to availability of huge amount of sensors, there is a huge chance that the devices can get
hacked. With the control over these sensors one can access the environment of that place
which can give them indirect control over the operations of the firm. Since all the devices are
interlinked with each other hence the challenge for the firms gets bigger.
Apart from this Gandhi, et al., (2011) suggests that smartphone Malware has proved out to be
one of the greatest challenge for the business. As smart phones have huge amount of personal
data hence if it gets hacked then it might lead to huge losses to the individuals. These data
can be used for the personal vendetta. Malwares of mobile like ‘Plankton’ can steal the data.
Apart from this mobile malware of similar affect is ‘DroneKungFu’.
Gonsalves, et al., (2011) stated that Hacktivism is the biggest challenge to business’s cyber
security. Attacks have increased in past few decade, the number of hackers who have
emerged is in large number. They have the motive to collect data for their personal Vendetta.
It results in failure of business for the firms especially in terms of financial disability. For
example an unidentified hacking organisation attacks on Sony Corporation because of their
PlayStation Lawsuit. The same was the case with Bank of America so as to expose the illegal
work that the bank was conducting. Another example was Panama paper leak where tax
evasion scandal’s information associated with bigger personalities got out.

6
Watkins, (2014) considers Ransomware as another kind of Malware that attacks systems
within the organisation and does not let the have control over their own data. They also start
having control over the business operations. This is extremely bad for the image of the firm.
For giving back the access hackers demand of Ransom in some or the other monetary ways.
Some examples of Ransomware are Cryptolocker, Locky, WannaCry. FedEx and Nissan
motors have faced this attack in the past. This is very dangerous as it is not sure that hackers
will give back the control over the system hence this is a serious problem for the firms.
Usually the ransom amount is very large and can cost the firm heavy lose.
Spyridopoulos, et al., (2013) suggest that the greater challenge to cyber-security lies from
within. Insider threats were the reason for around 60% of the cyber-attacks which took place
in the year 2016. Employees intentionally or unintentionally had given access to hackers
which result in some kind of data breach. Edward Snowden and Jun Xie are the examples of
such threats.
In the views of Sood and Enbody, (2013) many changes needs to be done in order to ensure
that number of attacks get reduced. Data Encryption can be one of the most effective methods
for safeguarding data. In the connected networks like IOT, this is a highly effective method.
This allows the data to get transferred and received between two distinctive points without
getting hacked. It improves usability of device as additional security layer is attached with it.
Firms neglect this method as additional time is required for data processing.
Taylor, Fritsch and Liederbach, (2014) believes in the idea that physical safeguarding of
servers and systems is essential for ensuring secured data within organisation. Use of security
cameras, locks working on biometrics can help in protection against insider threats. Manual
checking of employees helps in safeguarding against leakage of data with the use of
removable devices.
Khorshed, Ali and Wasimi, (2011) believes that a company should not resist them from
investing into security software as it helps in protection against the threats. An extra budget
should be utilised for upgrading technology which would help in increasing security against
cyber-attacks. Utilisation of antivirus, security software and firewalls can reduce the potential
risk. Regular research needs to be done on upgrading technology so as to safeguard data
against any potential threats. This is required because the challenges are getting more
complex in terms of cyber-security. It will reduce the chances of any kind of reputational
failures to organisation.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

7
In the views of Jajodia, et al., (2011) taking use of authentication tools like OTP or password
protected systems can be beneficial in the case of attacks like phishing. Taking use of strong
passwords is highly beneficial. It is necessary for the business organisations to regularly
upgrade their passwords so as to make sure that it gets safeguarded in a proper manner.
Credible data loss can be avoided by adopting this method. Apart from this firm can establish
a culture where the security and data privacy has been given greater importance. A cyber
security training having a formal structure needs to be provided so that data leaks because of
human errors can be avoided. A check and balance measures should be adopted where
employees fault can be corrected by some other employees. This culture will helps in
ensuring that unintentional fault may not occur in an organisation.
CONCLUSION
A conclusion can be derived from above research it can be suggested that the use of internet
mediums and computers for doing business have enhanced. It has helped the company in
many ways but with this it has also resulted in many types of threats like data theft, hacking
of sites etc. All these can result in huge loses. Use of the technologies like IOT, Mobile
banking have enhanced the problems related with cyber security. There are various forms of
cyber threats like DDoS, Hacktivism, IOT, ransomware, mobile malware etc. There are
several examples in the past Sony, DYN, FedEx, BBC, Bank of America and several others.
A company has to make sure that they have effective protection measures that could help in
facing the cyber-security challenges posed by the hackers. With the increasing number of
hackers in the world security concern have sharply risen. Effective security infrastructure,
enhancing budget for security measures as well as password protection systems can be highly
beneficial. Data encryption can also be one of the best ways in which attacks can be avoided.
Organisational culture where data privacy has been higher importance needs to be installed.

8
REFERENCES
Amoroso, E.G., (2012) Cyber attacks: protecting national infrastructure. Elsevier.
Choo, K.K.R., (2011) The cyber threat landscape: Challenges and future research
directions. Computers & Security, 30(8), pp.719-731.
Dunn Cavelty, M., (2013) From cyber-bombs to political fallout: Threat representations with
an impact in the cyber-security discourse. International Studies Review, 15(1), pp.105-122.
Gandhi, R., Sharma, A., Mahoney, W., Sousan, W., Zhu, Q. and Laplante, P., (2011)
Dimensions of cyber-attacks: Cultural, social, economic, and political. IEEE Technology and
Society Magazine, 30(1), pp.28-38.
Gonsalves, P.G., Call, C.D., Ho, S. and Lapsley, D., Charles River Analytics Inc,
(2011) Security system for and method of detecting and responding to cyber attacks on large
network systems. U.S. Patent 7,930,256.
Jajodia, S., Ghosh, A.K., Swarup, V., Wang, C. and Wang, X.S. eds., (2011) Moving target
defense: creating asymmetric uncertainty for cyber threats (Vol. 54). Springer Science &
Business Media.
Jing, Q., Vasilakos, A.V., Wan, J., Lu, J. and Qiu, D., (2014) Security of the Internet of
Things: perspectives and challenges. Wireless Networks, 20(8), pp.2481-2501.
Katal, A., Wazid, M. and Goudar, R.H., (2013) August. Big data: issues, challenges, tools
and good practices. In Contemporary Computing (IC3), 2013 Sixth International Conference
on (pp. 404-409). IEEE.
Khorshed, M.T., Ali, A.S. and Wasimi, S.A., (2011) December. Trust issues that create
threats for cyber attacks in cloud computing. In Parallel and Distributed Systems (ICPADS),
2011 IEEE 17th International Conference on (pp. 900-905). IEEE.
Musman, S., Tanner, M., Temin, A., Elsaesser, E. and Loren, L., (2011) April. Computing
the impact of cyber attacks on complex missions. In Systems Conference (SysCon), 2011
IEEE International (pp. 46-51). IEEE.
Parmar, H., (2017) The top 10 cyber security challenges for businesses. [Online]. Available
at: . [Accessed on: 28rd April 2018].

9
Reddy, G.N. and Reddy, G.J., (2014) A Study of Cyber Security Challenges and its emerging
trends on latest technologies. arXiv preprint arXiv:1402.1842.
Rid, T. and Buchanan, B., (2015) Attributing cyber attacks. Journal of Strategic
Studies, 38(1-2), pp.4-37.
Sadeghi, A.R., Wachsmann, C. and Waidner, M., (2015) June. Security and privacy
challenges in industrial internet of things. In Proceedings of the 52nd annual design
automation conference (p. 54). ACM.
Shackelford, S.J., (2014) Managing cyber attacks in international law, business, and
relations: In search of cyber peace. Cambridge University Press.
Sood, A.K. and Enbody, R.J., (2013) Targeted cyberattacks: a superset of advanced persistent
threats. IEEE security & privacy, 11(1), pp.54-61.
Spyridopoulos, T., Karanikas, G., Tryfonas, T. and Oikonomou, G., (2013) A game theoretic
defence framework against DoS/DDoS cyber attacks. Computers & Security, 38, pp.39-50.
Taylor, R.W., Fritsch, E.J. and Liederbach, J., (2014) Digital crime and digital terrorism.
Prentice Hall Press.
Watkins, B., (2014) The impact of cyber attacks on the private sector. Briefing Paper,
Association for International Affair, p.12.
Zhu, B., Joseph, A. and Sastry, S., (2011) October. A taxonomy of cyber attacks on SCADA
systems. In Internet of things (iThings/CPSCom), 2011 international conference on and 4th
international conference on cyber, physical and social computing (pp. 380-388). IEEE.