Security Threats

Name

Affiliation
Introduction
Cybercrime is any felony that is committed using a computer or any other computer
related device for example the internet. It spans from cyber fraud activities to a simple act like
downloading a music file from the internet. It also includes activities like creating a program that
will create disturbances to the users of a particular group of computers and also posting text and
pictures on the websites that will corrupt the minds of some individuals. When somebody
information of a company that is supposed to be confidential is also considered as a cybercrime.
There are very many cybercrimes that can be committed using the computer or with the aid of a
computer. The general overview of the above applies to the same threats in the UAE
Ransomware
This is a malware that is built to illegally obtain, track and block the right of a user to get access
to the system. An example of this attack is where someone or an individual try to log on to the
system or a website like an email account but the system or the site fails to authenticate the user.
To prevent this system administrators should establish a mechanism where if the user complaints
of such issue the system should prompt the user by asking some questions relating to the
account. The second attack is backdoor or command/control. These are weapons that give remote
access that are created to divert the functionality of the system. The other attack is SQL injection.
This is a unique attack that targets the web pages of the system application. It cuts down the
communication between the database and the system application interface. This attack is
common in organization where system implementation is taking place. An example is a situation
where an attacker alters the name of the database and hence disconnects it from the user interface
(Middleton, 2017).
Phishing
Another attack that is very rampant is abuse of system access rights. This kind of attack is
mostly executed by the employees in a company in and intention of vengeance or sabotage.
Detecting such issue is cumbersome since the intrusion will be taking place internally and hence
task tracking may be a challenge. The employees use his or her right to access the system to
make alteration and modification of data with the intension of financial gains for example in an
employee in the IT department of a water providing company can reduce the consumption
figures of some specific accounts then liaise with the holders of those accounts for payment.
To combat all frauds that are related to inappropriate billing, the people that are authorized
to enter the company’s data concerning the customers must exercise the professional ethics to the
fullest. Individual that are given this assignment must have the appropriate integrity basing on
the previous records. A body that vets such individual should be established. Such a body should
be external and should randomly do the auditing to ensure that the way the vetted individuals
execute their duties do not deteriorate with time.
Data leakage
Another type of attack that that mostly affects the system users who gives commonly
known username and password as default credential is unauthorized access via default credential.
A good example of this is where the system administrator in an institution put the name of the
college as both username and password. This is very vulnerable to attackers because they
capitalized the idea of using the default credentials that are related to the institution such as
setting the password of accessing the wireless network. Anyone who knows come within the
coverage and has the intention of cracking this password can succeed. To avoid this, the default
credential should be unique as in; it should not be related to the name of the institution or the
company (Wall, 2017).
The other attack is the violation of acceptable system user policies. In some companies,
the system once logged in by the user will remain on till logged out. A user can negligently
abandon the system while logged in and go out, this can give an opportunity to unauthorized
person to access the system and facilitate any harmful event like altering the data with the
intention of causing an embarrassment to the company or the owner. An example of this is where
somebody forgets to log from his email account and another person comes and send abusive or
vulgar mails to some group of people. This can be detriment to the user’s attribute because
everybody believes that the message comes from the rightful owner of the account. To eliminate
this attack, everybody should be careful while using such system by ensuring that the log out
process has been affected anytime you can to quit from using the system.
Conclusion
Moreover, the investigation department that deals specifically with cybercrime should be
established and all the laws and regulation governing the cybercrime must be redefined such that
any sign of cyber related crime is punished (Cross, & Shinder, 2008).
 References
Middleton, B. (2017). Cybercrime investigator's field guide. Auerbach Publications.

Ransome, J., & Rittinghouse, J. (2017). VoIP security. Digital Press.

Rosenberg, R. S. (2016). The social impact of computers. Emerald Group Publishing.

Salomon, D. (2016). Data privacy and security. Springer.

Trevor, J. (2017). Cyber Attack: Improving Prevention and Prosecution" Hearing Before the

Subcommittee on Technology, Terrorism. General Books.

Wiles, J., & Cardwell, K. (2016). The best damn cybercrime and digital forensics book period.

Syngress.