Example Of Essay On Cyber Warfare: Two Essays

Essay 1

Introduction
With the unimaginable advancements in the technology over the last few decades, the telecommunications, financial, electrical, and medical networks have become very effective in meeting the needs of end users. However, the same technology coupled with unethical cyber behavior often increases the vulnerabilities of these networks making them prone to cyber attacks. This paper will explore the potential vulnerabilities associated with the telecommunications, financial, electrical, and medical networks and the possible consequences of such vulnerabilities.

Vulnerabilities

According to Traynor, McDaniel, and Port, potential vulnerabilities associated with the telecommunication networks include “the collapse of proprietary cryptographic algorithms, the lack of authenticated messages between elements in the network core, and the growing pool of smart phone-based malware”. It is identified that cellular providers and equipment manufacturers often fail to provide proper authentication and confidentiality in their networks as they use weak cryptographic algorithms. This vulnerability may even affect the confidentiality of voice calls through cellular networks, and hence, third parties may intercept users’ sensitive personal information. In-band signaling in the network appears to be another potential vulnerability associated with telecommunication networks. Experts indicate that an in-band audio attack may disable even modern legal wire-tapping equipments. If those vulnerabilities are exploited, it would lead to a breakdown of systems and interruption of communication. In addition, the smart-phone based malware causes the telecommunication networks to compromise security and confidentiality of conversations. In this circumstance, third parties can gain access to others’ personal information, and this situation in turn would lead to a series of security threats.
Today most of the financial networks are web-based, and the situation increases the network’s exposure to serious cyber attacks. Failure in using a network-based intrusion detection system is a potential vulnerability that may result in poor monitoring of network traffic and detection of suspicious network activities. Hence, early detection of a network compromise would become difficult. Failure to utilize a host-based intrusion detection system represents another potential vulnerability. Here, monitoring the behavior of host/computer systems and identifying abnormal network activities becomes impossible. The major risk impact is that unauthorized access by a user or malware would remain undetected. In addition, improperly segmented network environment may lead to compromising of payment card account security. Previous experiences show that poorly configured ingress and egress firewall rules can appear to be a key potential vulnerability. Finally, lack of input validation checks, un-patched web servers, and poorly configured database servers increase the financial networks’ vulnerability to SQL injection attacks. Through successful SQL injection, a cyber attacker may obtain access to users’ confidential financial information. In short, all the vulnerabilities discussed above would put the network users at the risk of losing account/card details and confronting financial loss.
The vulnerabilities in the electrical networks create opportunities for cyber warriors to intrude into the network and to disrupt critical services, including electrical power. An increased number of entry points and paths in the network constitute a potential vulnerability because adversaries and other unauthorized users may exploit them. In addition, the increased use of new systems and network technologies may place electrical networks at the greater risk of cyber attacks. Enhanced connectivity is another potential vulnerability identified with electrical networks as it would widen the access to systems and networks. The increased amount of customer information transmitted through this network also increases the possibility of the cyber attacks. In addition to disrupting crucial services, exploitation of potential vulnerabilities in the electrical networks may lead to unauthorized disclosure and use of private information. Such vulnerabilities could pose serious threats to control system networks and devices connected to that network.
According to the U.S Food and Drug Administration (FDA), there are several potential vulnerabilities present in the medical networks. The FDA states that malware infections on network-connected medical devices, computers, smartphones, and tablets used to access patient data seem to be a potential vulnerability as they would lead to compromising the confidentiality of patient data. Unsecured or uncontrolled distribution of passwords is another major potential vulnerability identified with medical networks as password protection is the primary and most important security measure to enhance cyber security. The FDA reflects that absence of timely security software updates and patches for medical networks and devices constitutes a key vulnerability. As a result of this negligence, medical networks may fail to prevent latest malwares or security threats. The “security vulnerabilities in off-the-shelf software designed to prevent unauthorized access to the device or network” can pose serious threats to the security of medical networks. The vulnerabilities in the medical networks would compromise the security of patient health records, and there will be likely unauthorized use and disclosure of patient data. Hence, these vulnerabilities may hurt fundamental patient rights and cause disruption of medical services.
Conclusion

Bibliography

FDA. “The FDA takes steps to strengthen cybersecurity of medical devices”. Updated October 1, 2014. Accessed January 31 2015. http://www.fda.gov/NewsEvents/Newsroom/PressAnnouncements/ucm416809.htm
GAO. “CYBERSECURITY Challenges in Securing the Electricity Grid”. Testimony Before the Committee on Energy and Natural Resources, U.S. Senate. Updated July 17, 2012. Accessed January 31, 2015. http://www.gao.gov/assets/600/592508.pdf
Traynor, Patrick., McDaniel, Patrick and Porta, Thomas La. Security for Telecommunications Networks. US: Springer Science & Business Media, 2008.
VISA. “Visa Data Security Alert Potential Network Vulnerabilities for Financial Institutions”. Last modified January 25, 2008. Accessed January 31, 2015. http://usa.visa.com/download/merchants/20080125_datasecurity_network_vulnerabilities.pdf
Essay 2
Introduction
People today increasingly rely on social networking sites in order to keep connected with their friends and relatives to express their views and opinions; to respond to others’ views and social issues; and to seek entertainment. Considering the openness of interactions through social websites, it seems that a cyber attacker can use social networks to intrude into the privacy of individuals. This paper will discuss how a cyber warrior can use a social networking site to gain information.
Vulnerability of social networking sites
Today social warriors focus increasingly on social media to gain users’ personal and sensitive information to intrude into their privacy. According to Elayne Starkey, the FOIA coordinator for the state’s Department of Technology and Information, it is unfortunate to see that people feel a false sense of security once they enter their login ID and password. In addition, people feel very comfortable in social websites that they do things that they might not have tried before. Currently Facebook, Twitter, and Instagram are some of the leading social networking sites, and all these websites display personal user information such as address and phone number publicly unless the user changes the privacy setting later. When a new user creates an account in these websites, they would not be informed of the default privacy settings, and hence they may unknowingly agree to make their personal information public. It seems that most of the users would not try to change their privacy setting even after they become aware of the default setting. As a result, information and photos shared by a user with his friends may be accessed by other persons who are not supposed to do so. When a cyber warrior obtains individuals’ personal information such as address, contact number, and job details, he/she can use those information to withdraw money from the user’s bank account or to purchase items on behalf of the users through the application of techniques like smishing and vishing.
Naïve social media users are likely to click targeted ads, and it significantly increases the potential for scammers and hackers. Social media experts indicate that even experienced users are likely to click some ads that are tailored to them, uninformed of who and what is behind the ads. It is dreadful to see that viruses from social networking sites can cause harms to the system in a similar way that an e-mail virus does. More precisely, these viruses may not always attack the user’s system immediately as they are able to lurk for months before any damage is noticeable. Facebook, the world’s most popular social networking site, is prone to cyber attacks as it supports applications made by outside groups or persons. Hence, anyone could create an application that contains malicious links and post it on Facebook. Despite the stronger identification process developed by the Facebook team recently to regulate such applications, this social website is still vulnerable to such attacks.
In developing countries like India and Philippines, the rate of social media use is very high but users are less aware of the proper use of such websites. For instance, a number of Indian teenage girls committed suicide over the past two years when they saw their morphed nude pictures on Facebook. In most cases, the victims themselves had posted their pictures that were morphed by the cyber criminals. Hence, people must be really watchful when they share their photos or family members’ photos in social networking sites. It is observed that social websites like Facebook provide a potential platform for hackers to promote phishing activities. Phishing is an attempt made by hackers to obtain unauthorized access into sensitive information such as usernames, passwords, and credit card details through pretending to be a trustworthy entity in an electronic communication. Hackers post phishing links on social networking sites along with attractive captions, images, or other contents. When a user clicks on that link, he/she will be automatically redirected to a fake webpage created by the hacker or to an authentic website with a small window asking personal account details or other sensitive information. New and inexperienced users who have little knowledge about such security vulnerabilities are likely to try those applications. Currently, social networking sites have no perfect technology to identify whether or not an account is original or fake. Hence, many people pretend to be someone else by creating fake accounts and manage to steal others’ confidential details. Considering the large number of new accounts that are created every day, social websites cannot filter each and every account to ensure its authenticity.
Conclusion
Although the emergence of social networking sites has entirely reshaped the modern communication landscape, it also appears to be a crucial threat to the confidentiality of sensitive private information. Cyber warriors may employ techniques like phishing to steal the personal details of others to commit virtual fraud.
Bibliography
Lund, John. “Social networking websites: the next cyber war zone?”. Medical National Security Zone. April 29, 2010. Accessed January 2015. http://nationalsecurityzone.org/site/social-networking-websites-the-next-cyber-war-zone/
Satapathy, Suresh Chandra., Biswal, Bhabendra Narayan., Udgata, Siba K and Mandal, J. K. (Eds.). Proceedings of the 3rd International Conference on Frontiers of Intelligent Computing: Theory and Applications. US: Springer, 2014.