Literary Review
Cyber-security and other geopolitical risks present unique oversight challenges
Module: Financial Services Risk Management (FIN10109)
Module leader: Mauricio Silva
University: Edinburgh Napier University
Matriculation number: 40182308
Date: October 30, 2014
Table of content
Introduction 3
Cyber-attacks 4
Challenges 4
Business and Governments 5
Other geopolitical risks 6
Conflict in the Middle East 6
Political risk in Europe 6
Conclusion 7
References 9
Introduction
By the year of 2016, investments in online security are expected to reach $86bn (Contu et al, 2012). Although this might seem a large sum of money, it is considered necessary since there is an increase in online risks from all over the world. Professional hackers develop malware on a global scale and on a 24/7 basis. Hackers have five objectives when spreading malware over the Internet: to infect/distribute, to steal, to persist, to control and for intelligence (Morris, 2010).
The purpose of the review is to inform the reader about the possible dangers geopolitical risks might have on the financial industry when the industry does not look after them. I was intrigued by this dark side of modern communication and the effect it has on the safety of the banking sector.
Financial institutions work with a large amount of data, often sensitive information. The computer software banks use are quite complex, which makes them a target for fraud and
Every time we connect to the Internet at home, at school, at work, or on our mobile devices we make decisions that affect not only ourselves, but our neighbors, or colleagues, and our nation. Cybersecurity is a shared responsibility, and each of us has a role to play (Homeland Security 2015). The intended audiences that are most interested, receptive and motivated, in reading this research paper: business owners, teenagers, college students, military, people in IT, computer science, employees and government. Cyber space has become a critical area of national security with the ever increasing amount of information transferred through and contained within digital environments. Attacks over the last couple of years reveal the severity of the threat regarding both the target and the number of the attacks (Braman, Susmann & Vaseashta 2014). If your business is like most in America, Internet is an indispensable modern tool for daily transactions. Online browsing allows connectivity to new customers and business growth. If you do not have a Web site, Instagram, Facebook page or Twitter account, you probably rely on Internet to perform your day-to-day business, as banking, payroll or orders for supplies. Using the internet should be safe. Small businesses may think they are not targeted; but cybercriminals are
Since the onset of the first packet switching event that many believe to be beginning of the internet, no other technology besides the printing press has ever transformed the ability to deliver information. Although the internet is used by a large percentage of the civilized world, few Americans realize how vital cyberspace is to our national infrastructure. Today, we are faced with even more threats although it has been a recognized problem since 2009, when President Barrack Obama said “The cyber threat is one of the most serious economic and national security challenges we face as a nation. It’s also clear that we’re not as prepared as we should be, as a government or as a country (Obama, 2009).” Every industry that operates in the United States is dependent on the internet for some aspect of their business. Commerce, transportation, financial institutions, military, as well as industrial control systems are all interconnected. This interconnectedness has created vulnerabilities within their infrastructure that have increasingly become targets of terrorists, script kiddies, foreign governments and hackers of all types.
Malware, or “malicious software”, has taken different forms and names for years. Spyware and viruses are just a few of the common titles attributed to this devastating means of cyber attack, the main purpose of which is to ultimately compromise a rival's computer infrastructure. State-sponsored attacks have typically been perpetrated by means of malware. Spear-phishing is one particularly popular means of malware, where by a target is fooled into opening a corrupted email or file, only to unwittingly download a compromising piece of malware onto their computer (XX). Once this malware is installed, control of the computer is placed in the hands of the hacker, allowing them to hack other networks while proving impossible to track down (XX18). China has been a prime culprit for spear-phishing attacks, often following current events to target respective dignitaries. For instance, the 2010 G20 Summit saw thousands of spear-phishing campaigns against officials, with email titles labelled in relation to the Summit itself (XX). Countless departments, institutions, and governments have fallen victim to spear-phishing campaigns, at the count of millions of dollars and priceless information
The high profile national and cross-border bank failures in the last few years (including Fortis, Lehman Brothers, Icelandic banks, Anglo Irish Bank and Dexia) revealed serious shortcomings
As malware attacks continue to grow in strength, numbers and complexity, it is critical that organizations are taking measures to prevent attacks and to minimize the damage when attacks do occur. This paper will briefly discuss what malware is, the damage it can cause and how it has evolved over the years. Since malware attacks are constantly changing and adapting, a proactive approach is necessary for an organization to remain secure. A proactive approach to network security involves analyzing current and future malware threats, educating employees, and developing a malware response
A part of this discussion deals with necessary funding for confronting developing treats. Throughout the past decade, cybersecurity budgets and standards have been upgraded to deal with past incidents of developed attacks and the future threats they impose. In addressing this issue, cybersecurity has been the attention of major investments and budget allocations to support both research and its defense fields. For example, North America’s planned IT budget for cyber security was 7.75% in 2006 (Davis) growing tremendously by 2016 and allocating a 35 percent increase from US President’s Fiscal Year investment in overall Federal resources for cybersecurity (The White House). Additionally, in 2012, global defense organizations planned and increased their cybersecurity budgets by 6% over the next year (Defense). These actions are mainly provisions to encounter new vulnerabilities based on previous incidences. Powerful attacks proved vulnerabilities of industrial sized systems and thus showing leads to new forms of local and global terrorism. For example, Stuxnet was a “game changer”, being a first of its kind cyber-attack infecting industrial scaled systems by using sophisticated malware used to exploit machines (Langill). States have placed numerous safeguards to ensure more security in dealing with threats of this nature. In another example, the stealing of 5.6 million user biometric fingerprints created a lifelong identity theft problem which was addressed by the Office of Personnel Management. This has caused behavior analytics to develop standards in determining and protecting your identity (OPM). Overall, the time, energy, and resources allocated for cybersecurity is in proportion to the needs and the seriousness of the threats and as technology advances and the ability to cause damage intensifies, we can forecast a growth in cybersecurity investments for both
Ever since the internet has become a global phenomenon, governments, multinationals, businesses, corporations, institutions, entrepreneurs, and private individuals have been exposed to a number of cyber threats and cyber-attacks. Cyber war, cyber terror, cyber-attacks, or anything cyber has become a buzzword for any crime that occurs via the World Wide Web. Even United States of America (U.S.), the most powerful nation on earth, has not been able to stave off these virtual threats. With just a single click on the internet, unscrupulous hackers could delete or corrupt legions of files via sending malware such as worms, bugs, Trojan horse, and quarantine to their targets. This report aims to provide a trenchant overview on the growing harm of not teaching malware.
In these days, internet is more important than ever, and therefore, having security plans will, at least, make things challengeable for hackers. Dinicu (2014) claims that cyber criminals’ threats to the national security are the most dangerous and most recent ones. Also, she writes, hackers’ main focus is more on democratic countries and multinational organizations than the non-democratic countries (Dincu 2014). Fifty years ago, we would not have to worry about internet security because we would not have so much money and privacy depending on internet. But nowadays, our communication, money, traveling, etc. can be affected by one or more cyber criminals. We work and our money comes to us using direct-deposit; we call our loved ones
Website builders: “As well as cyber-espionage groups looking for commercially sensitive information, intellectual property, and critical vulnerabilities, cyber-criminals target supply chains as a means of targeting the broadest audience for their malware as possible” (Cert-UK, 2015). An efficient use of resources can be a strategic importance in identifying and compromising a substantial quantity of infections.
Malware and protecting assets from malware are extremely important matters of computer security in the ever more dangerous realm of computing. As the Internet continually gets larger, more threats are posed to innocent people that put them and their information at serious risk. To properly analyze what malware is and how to protect personal computers and information from threats , it is seems fit that this paper will begin with a very brief look into the history of malware and viruses. Then, it will take an in-depth look into the concepts of malware and what is being implemented to prevent unwanted access of computers and networks. On top of that, insight will be given into how cyber attackers are capable of using a multitude of ways to affect computers and how essential it is to utilize several security applications to prevent criminals from obtaining information. I talked to my father, who has worked in the IT field for 24 years and is an expert when it comes to matters such as these, in an effort to better grasp what malware is and to understand just how crippling viruses can be to an affected person or device. His insights provided the clarity needed to effectively write about the concepts of malware and to properly analyze the subject matter.
Just like a biological virus, a computer virus is able to infect and ruin lives. This malicious software constitutes more than just simple viruses but also includes other types of software including worms, Trojan horses, and ransomware. Malware has been around since the late 1980’s. Originally, people became hackers to gain notoriety online, but today, it has become more of a business. Cyber attacks originate from all around the world, and it is not just individual people that benefit from it. In two decades, numerous cyber crime syndicates have been created, and states all over the world sponsor hacker groups. Over the past twenty-five years, malware has become less about checking the integrity of computer security and gaining notoriety in the underground cyber society, and it has become more of a chaos creating, money making business that many people and institutions take part in.
The fight against hackers and cyber crime is a global problem and nationally and internationally, the threats they caused have been recognized and acknowledged.
The state of Cyber Security in 2016 is a grim one, every day on the news we hear about another bank or online service getting hacked and consumer information being sold on the darknet, an “invisible” part of the internet where hackers and criminals sell personal information among other items, or a presidential candidates emails being released. Being a part of the IT community, I am more aware of all these occurrences than the average person who just uses the internet for checking email and seeing which family member got married. By attending various seminars throughout the year and following tech news sources, I can stay in the know on the latest threats that we and our country face. In this essay, we’ll take a look at three important cyber occurrences that are happening. Ranging from email leaks to the cyber-attacks that took down many websites the morning of October 21, 2016.
Cybercrime has become a fast growing concern for the 21st century as businesses, institutions and individuals grow into an interconnected web of computer networks. Online business transactions, along with the sharing of personal information, are vulnerable to a host of disasters that can reap economic and social havoc. Some sources say that today, cybercrime costs more than $1.0 trillion to society--Global Industry Analysts, Inc. forecasted the world cyber security market to reach $80 billion by 2017 (Gale, 2011).
Now a days, the greatest security threats are not coming from those script-kiddies and fame-driven hackers who attack communication systems just to impress their peers. In this new era of information, security systems have to be designed and implemented to defend against very sophisticated threats. These sophisticated adversaries include malicious insiders, cybercriminals, cyber terrorists, industrial spies, and in some cases, nation state intelligence agents. Such conflicts are very knowledgeable about the communication technologies and protocols. They are highly systemized, well resourced, and capable of operating across the full spectrum of online attacks. Their goals, most of the time, go beyond minor security failures like crashing a computer or vandalize a webpage. Their motivations are for example to make big monetary gain, cause mass destruction to countries’ infrastructure and economy, steal highly classified document and information, and establish long-term intelligence presence.