Cyber Security Essay Example for Free

Cyber Security EssayPresident Obama has declared that the cyber threat is cardinal of the most serious e fiddleomic and national certificate challenges we face as a nation Americas economic prosperity in the 21st century give depend on cyber security. So why is it that so many people still tiret know virtually of the basic ways that evoke cyber threats? The purpose of this paper is to name almost of the more than basic cyber threats. fifty-fifty though it is just the beginning to the hazards you can obtain, they are highly effective beca mathematical function of the tour of people that still allow these kinds of breaches. First and foremost are data processor viruses. According to cknow.com, There were over 50,000 computer viruses in 2000 and that number was then and still is development rapidly. Sophos, in a print ad in June 2005 claims over 103,000 viruses. And, Symantec, in April 2008 is reported to have claimed the number is over one million. With so many divers(p renominal) viruses out on that point, how do you know what to look for and how to protect your cyber world from viruses? Some of the most common viruses that effect people are Trojans and Net Bots.PCmag.com defines a Trojan as A program that appears legitimate, solely performs some illicit activity when it is run. It may be used to locate password information or mold the system more vulnerable to future entry or simply destroy programs or data on the hard disk. A Trojan is homogeneous to a virus, except that it does not replicate itself. It stays in the computer doing its damage or allowing somebody from a remote site to take check into of the computer. Trojans often sneak in attached to a free game or other utility. To add to their definition, it can also be affixed to an e-mail attachment or the email itself. So now that you know what it is youre probably thinking so what can I do to protect myself from obtaining this virus? The best thing to do would be to trail yourself v irtually this threat. acknowledge what they look want and common clearsites they reside. The next thing that to do is to be reliable to always have an up to date WELL KNOWN antivirus such as Sophos, McAfee, or Norton.The well known part is rattling important because some of the smaller antivirus companies are part of the reason there are so many Trojans out there. Once you get some antivirus software you need to be sure to keep it up to date. Also, dont open emails from senders that you dont recognize. Several of the Trojans out there that get circulated by email pose from people opening emails from unknown senders. The next one is botnets. http//searchsecurity.techtarget.com says A botnet (also known as a zombie army) is a number of Internet computers that, although their owners are oblivious(predicate) of it, have been set up to forward transmissions (including spam or viruses) to other computers on the Internet. Any such computer is referred to as a zombie in effect, a co mputer robot or bot that serves the wishes of some master spam or virus originator. Most computers compromised in this way are home-based. According to a report from Russian-based Kaspersky Labs, botnets not spam, viruses, or worms currently pose the biggest threat to the Internet. Trojans are the major way that you can get one of these viruses.So it is important that you once again get antivirus software, keep it up to date, and dont open emails from unknown senders. However, with this virus you can get it just from going to a questionable web site. So how do you know what ones are good and what ones are questionable? Well that you can for the most part guess using these deciding factors argon there several java applications on the web page? Is there a lot of download able content? Are there turn up up advertisements that come up on the page? Then you probably should do your best to stay away from the page. In case you are unsure, some antivirus software are now including a tru sted and untrusted feature so when you search a site it will let you know if the page is pr yettative or proceed at your own risk. If your antivirus does not have such a feature then there are some applications out there that will do the same thing just to name one would be WOT or Web of Trust. The next issue is a comminuted more targeted to the business world.It deals more with their emails and correspondence but can also be directed to an average internet user. It is phishing. Webroot.com expounds Email Phishing scams are carried out online by tech-savvy con artists and identity theft criminals. They use spam, fake websites constructed to look identical to a real sites, email and instant messages to trick you into divulging sensitive information, like bank taradiddle passwords and credit card numbers. Once you take the phishers bait, they can use the information to create fake accounts in your name, ruin your credit, and steal your money or even your identity. This is a serious issue that takes some skill to recognize to evade taking the phishers bait. First and foremost is to educate yourself on phishing attacks or scams. Know what it looks like. There are many resources that you have available to you on the internet to learn how to spot a phishing attack and a legitimist email. The Department of Defense offers a great course on how to spot a phishing email at http//iase.disa.mil/eta/phishing/Phishing/launchPage.htm. A more specific attack is whaling. B records.iss.net explains The adoption of the term Whaling within phishing is fairly new and may have been derived from the use of Whales within gambling to refer to big-time gamblers and high rollers, but most likely come from the colloquialism for big tilt.Regardless, Whaling describes the most focused type of phishing currently encountered by businesses or government targeted attacks against groups of high-level executives within a single organization, or executive positions common to dual organizat ions (e.g. the CTO or CFO). In a whaling attack, the phisher focuses upon a very small group of senior personnel within an organization and tries to steal their credentials preferably through with(predicate) the installation of malware that provides back-door functionality and key logging. By focusing upon this small group, the phisher can invest more time in the attack and finely tune his message to come across the highest likelihood of success. Note that these messages need not be limited to email. Some scams have relied upon regular postage systems to deliver infected media for example, a CD purportedly containing evaluation software from a known supplier to the CIO, but containing a hidden malware installer.So if youre not a high level employee, youre probably wondering how this is important to you. How phishers go about their scam is by obtaining little bits of what some would consider being harmless information from other employees about level executives and projects goin g on in the company. They start at the bottom to get more information at the top. So in all actuality it very much concerns everyone in the company. This leads me in to my last but important area of cyber security insider threat. Frankly, that is you. Every employee is potentially an insider threat. So let me define it a little better with some help from searchsecurity.techtarget.com. An insider threat is a malicious hacker (also called a cracker or a black hat) who is an employee or officer of a business, institution, or agency. The term can also apply to an outside person who poses as an employee or officer by obtaining false credentials. The cracker obtains access to the computer systems or networks of the enterprise, and then conducts activities intended to cause harm to the enterprise.Insider threats are often disgruntled employees or ex-employees who believe that the business, institution, or agency has done them wrong and rule justified in gaining revenge. The malicious acti vity usually occurs in four steps or phases. First, the cracker gains entry to the system or network. Secondly, the cracker investigates the spirit of the system or network in order to learn where the vulnerable points are and where the most damage can be caused with the least effort. Thirdly, the cracker sets up a workstation from which the nefarious activity can be conducted. Finally, the actual destructive activity takes place. The damage caused by an insider threat can take many forms, including the founding of viruses, worms, or Trojan horses the theft of information or corporate secrets the theft of money the corruption or deletion of data the altering of data to promote inconvenience or false criminal evidence and the theft of the identities of specific individuals in the enterprise.Protection against the insider threat involves measures similar to those recommended for Internet users, such as the use of multiple spyware scanning programs, anti-virus programs, firewalls, a nd a rigorous data backup and archiving routine. It could also be an employee giving away what you would consider to be harmless information like an email address, a project you are working on at work, how many people you work with, or even where you work and the location of the building. Even with some of the best antivirus software, a stellar knowledge of phishing, and an elite cyber security system, an insider threat can penetrate that because they most the time have the credentials to log it to the system and pull resources ligitimently so it would go unnoticed. So how can you help protect you network or your companys network from an insider threat? Simply, dont be one. Always be sure to only give information that the other person is on the same level to receive.Secondly is to educate yourself on insider threat prevention. There is a plethora of resources to do just that. A helpful one is http//www.ussecurityawareness.org/highres/insider-threat.html. Also watch for signs of curi ous activity with co workers. Report any evidence or suspicions to your supervisor. So in conclusion, prevention starts with you. Buy up to date antivirus software. avoid risky sites, educate yourself on what a phishing attack looks like, know what a legitimate email is, dont be an insider threat and educate yourself about things to look for from other co workers. Cyber security is a serious threat and is a major issue that needs to be taken seriously. It is not just something for the IT department to worry about but starts with every one making sure to take the appropriate security measures to make the cyber world more secure.