Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Abstract
The evaluation of Internet has had a profound impact on the way business, individual’s work and
communicate. Most of the enterprises and organizations are increasingly dependent on web for
online business and applications now-a- days. The importance of electronic information system
is obvious to all participants in the modern economy. While this advancement of technological
issues has added important business functionality, they have also introduced the opportunity for
crime to invisibly inject and propagate malicious code, and thus these crimes are named as
cybercrime. Cybercrime has received significant coverage in recent years, with the media, law
enforcers and government all working to bring the issue to our attention 1. This paper begins by
representing an overview of cybercrime considering the scope and scale of reported incidents.
Leading on from this, also discussed on business of what kind of threats they are faced by cyber
attack, moreover the problem of policing cybercrime is considered. It is concluded that
cybercrime is an inevitable downside of the information society, and that organizations and
individuals consequently have a stake in ensuring their own protection.
Keyword (s): Cyber attack/ breaches, productivity loss, white hat hacker, brand damage, botnet.
Introduction
Over the last fifteen years, the increase in technology and the use of computers in both the
personal and business sector has increased remarkably. This increase has bought changes in all
areas of society including such areas as banking, the stock exchange, air traffic control,
telephones, electric power, health and education. These industries have not only improved but
are now largely dependent on information technology for their operation. This rapid technology
advance has well and truly ensured that the twenty first century is the information age. When
information fails to circulate, whole sectors of the economy are vulnerable. Information security
– the safeguarding of computer systems and integrity, confidentiality, and availability of the data
they contain – has long been recognized as a critical national policy issue. Two current trends
indicate that its importance is growing. First, the integration of computers into more and more
aspects of modern life continues. Second, cyber-attacks, or breaches of information security,
appear to be increasing in frequency, and few observers are willing to ignore the possibility that
future attacks could have much more severe consequences than what has been observed to date 2.
The very concept of cybercrime as a side-effect of the “information revolution” and its most
famous “product” – the internet – is still a very vague notion. Cybercrime is now recognized as a
major international problem, with continual increases in incidents of hacking, viruses, and other
forms of abuse having been reported in recent years.
Cybercrime by Nature
World Wide Web is the primary attack vector for cyber criminals. Cyber crime encompasses any
criminal act dealing with computers and networks (called hacking). Additionally, cyber crime
also includes traditional crimes conducted through the Internet. However, this is obviously a very
broad classification, and in order to define the topic more precisely, it is useful to sub-categorize
the issue. A useful classification is provided by the UK Audit Commission, which has been
conducting computer crime and abuse surveys since the early 1980s. In the most recent version
of their survey, released in September 2001, the Commission suggested the categories and
associated definitions below 3. This is by no means the only classification, and various other
views are possible 4, but this provides a manageable list that does not group too many distinct
issues together.
− Fraud: Private gain or benefit by: altering computer input in an unauthorized way; destroying,
suppressing or stealing output; making unapproved changes to stored information; or amending
or misusing programs (excluding virus infections).
− Theft: Theft of information. Use of unlicensed software: Using unlicensed copies of software.
− Private work: Unauthorized use of the organization’s computer facilities for private gain.
Fig: Different types of cyber crime and its impacts on economy in $ (source: computer security
Institute)
As the classifications in the previous section have discussed, cybercrime can manifest itself in a
number of guises. This section considers some of the most commonly encountered incidents –
namely website defacements, denial of service, and malware – that frequently occur in the
Internet environment.
Denial of Service
The CSI/FBI findings suggest that denial of service (DoS) incidents represent the second most
common form of website attack – with the aforementioned survey indicating that they were
experienced by 55% of the 166 respondents. DoS attacks can range from fairly simple
techniques, such as Ping of Death or SYN flooding, to more advanced distributed methods – all
of which intend to undermine access for legitimate users. A significant example of the
distributed DoS (DDoS) approach was witnessed back in February 2000, with sustained attacks
that targeted Yahoo!, eBay, Amazon and other major sites [6]. A DDoS attack may involve
potentially hundreds of computers, which then bombard other Internet sites with thousands of
requests for information (the attacking systems typically participate unwittingly, with the DDoS
attack code having been installed via stealth methods). The distributed attack is more difficult to
combat, as the malicious traffic comes in from many sources and, in addition, the addresses may
be spoofed, making them even harder to trace. DoS attacks are popular with novice hackers, in
the sense that they do not require any significant skill to implement (indeed, numerous tools are
available to automate such attacks in software), but can nonetheless have dramatic and noticeable
effects. Indeed, it has been conjectured that around 90% of hacking is conducted by people using
such methods [7].
Malicious program/Malware
Although defacements and denial of service represent the most common targeted attacks against
systems, by far the most common form of cybercrime relates to malicious software (or malware),
such as viruses, worms and Trojan Horse programs. For example, 85% of the CSI/FBI
respondents in 2002 had experienced a virus incident [9]. As of February 2003, anti-virus vendor
Sophos was citing over 80,000 known virus strains [11], and the company claimed to have
detected 7,825 new strains in 2002 – suggesting that the problem is far from disappearing.
Related information and tools are now readily available on the Internet, including toolkits that
enable someone with no technical skill whatsoever to create and release their own program. As
with automated DoS and cracking tools, the problem with malware toolkits is that they make the
task of releasing a virus or worm so easy that a complete novice could do it. An example of such
a tool is the VBS Worms Generator, pictured in Fig. 3, which was used to create the so-called
Anna Kournikova worm in February 2001 [9]. Creating a worm using this tool can be as simple
as running the application, giving the worm a name, and selecting a payload for it to execute
when it is triggered. The whole process (including locating, downloading and installing the
application) can be accomplished in less than 5 minutes.
The damage that successful Cyber attacks impose is widespread and long-lasting. Financial
damages, loss of existing customers and difficulties in acquiring new ones; loss of intellectual
property (IP); loss of R&D data, including product designs, road maps; brand name and
corporate image damage; negative impact on competitive position; loss of market share, loss of
productivity due to downtime, investigations, damage control. No organization, company,
enterprise or business with Internet access is safe [6].
Financial Damage
The major damage that caused by cyber crime on business and organizations is – of course –
financial damage. According to the “2007 Annual Survey: Cost of Data Breach”, by the
Ponemon Institute [6], the average cost per data breach incident in 2007 amounted to $6.3M,
while the cost of lost business per incident was estimated at $4.1million. The average cost of a
data breach in the highly regulated financial sector is $239 per compromised record, while the
average cost of a third-party breach (cybercrime attack) amount to $231 per compromised
record.
Financial damage can also have an impact on the bottom line of the company and (if public) its
share price. The cyber attack on the retailer Marshalls and TJ Maxx (part of the TJX Companies)
that was disclosed in January 2007 resulted in the Company recording an after-tax cash charge of
approximately $118 million, or $.25 per share.
Legal Consequences
Data breaches also can have legal consequences for the affected organizations. Several lawsuits
and class actions instigated by victimized customers and clients on last few years. Due to the
increasing amount of successful cybercrime attacks and its financial consequences the no of
affected companies by cyber attack are rising gradually.
Companies and associations that lose the personal data of their customers, employees or
members must stick on to new sets of compliance laws and regulations.
Brand Damage
Once a business or organization is exposed in the media for breaching data, it faces a high
chance of brand damage – especially when the media coverage of the breach includes financial
and legal details.
The Ponemon Institute mentioned in its “2007 Annual Study: U.S. Enterprise Encryption
Trends” that failure to protect customer data and proprietary business information can lead to
serious consequences, including loss of customers or difficulty acquiring new ones as well as
irreparable brand damage.
Reputational damage is also a major concern for information security executives. According to a
global survey [6] by researcher Frost & Sullivan of more than 7,500 security professionals, 71%
of the respondents stated that avoiding harm to brand was their top priority, ahead of other hot
topics they were asked about.
Stolen IP
Cybercriminals targeted the intellectual property (IP) as their prime target. Intellectual properties
are like trademark, patents, copyrights and trade secrets etc. for example source code engineering
documents are the intellectual property of high-tech companies, where as bio-tech and
pharmaceutical companies IP’s are drug recipes and top-secret research. In the same way
confidential business process or financial model is crucial for financial service institutions. From
a report published on 2002 by the Council of Europe show that the total amount of stolen patents
and trademark in a year worth $250 billion or close to 5% of the world trade.
Loss of Productivity
Crimeware infections often also result in productivity loss due to downtime, botnets and lower
utilization of computer resources. The “ISSA / UCD Irish Cybercrime Survey 2006” [8] research
shows that loss of productivity was reported as the most common consequence of cybercrime
and was experienced by 89% of respondents. The loss of productivity is estimated at $30 per lost
record. The strain on IT departments and helpdesk resources for handling compromised data
accumulates to the costs, as well as costs for investigation and damage control.
Personal Accountability
Last but not least, data breaches (whether unintentional or the result of cybercrime) impact
executives personally. They are being held directly accountable for non-compliance of their
company and can therefore face high fines. Data breaches can also impact their career, resulting
in resignation, as illustrated in the case of Paul Gray, chairman of HMRC [7]. He resigned after
the admission that Her Majesty’s Revenue and Customs lost the confidential details of up to 25
million individuals from 7.5 million families claiming child benefits.
Given the problems that cybercrime can cause for organizations and individuals, it is
unsurprising that society has been obliged to respond through lawmaking and policing initiatives.
Many developed countries address the problem of cybercrime and associated activities. An
example is the UK’s Computer Misuse Act 1990, which can be considered reasonably
representative of the issues that other countries have also taken into account when enacting
cybercrime laws. The CMA introduced new three offences [12], as below:
2. “Unauthorised access with intent to commit or facilitate the commission of a further crime”
Conclusion
Trends for cybercrime indicate that computer attacks could increase in number, speed, and
sophistication. Widely reported incidents of computer abuse can do nothing but give the
information society a bad reputation. It would be unrealistic to expect a complete removal of the
criminal element from the information society – within any society there will always be elements
that are unethical or disruptive. As such, we must change our attitudes and give the issue a
similar level of consideration to that which we already afford to other types of crime, such as
theft from our properties. As the technology itself becomes more pervasive, cyberspace will
become a natural environment for criminal opportunities. As the technology itself becomes more
pervasive, cyberspace will become a natural environment for criminal opportunities. So, with the
technologies available or in place, the main ongoing problem is again linked to the attitudes and
awareness of the people involved. Organizations must find a way to configure and maintain their
systems securely. Everyone else must take their share of responsibility too, following good
security practice where possible and ensuring that their own actions do not compromise
protection. The truth is that targeted cyber attacks are used to gain leverage in competitive areas,
such as software development, or simply personal relationships. The more competitive advantage
increase, more frequent such attacks are going to be. Preventing these attacks is more of a matter
of good risk management rather than simply buying a few products to prevent specific well
known attacks. Budgets certainly have their importance in helping prevent targeted attacks
against your company. However, it is more important to have good planning from the
administration’s part to effectively prevent the attack while occurred.
References: