Tuesday, May 5, 2020
Cyber Security Active Defence Samples for Students- Myassignment
Question: Discuss about the " Private Companies and Governments Be Able to Mitigate Cyber Attack By Destructively Counter-Striking Against Attackers". Answer: Introduction It is an unanswered question whether counter attacking the hackers is just another method of ensuring that security hacks are prevented. It is observed that the IT security professionals and the lobby groups are demanding for fresh laws that would give weightage and room for the private entities to fight against the hackers. They are basically wanting to hack back at the states and corporates rather than depending upon the government to react to such attacks. It has been argued by many that the corporates should now undertake an active defence attitude which would help them fight the online security hacks. Although in the legal parlance, the same is yet to be dealt with the law part of it, yet it is construed that the same would not be considered as unethical if these private entities made efforts to halt the various hacks on their IP. It is very crucial to understand the phenomena cyber crime before heading towards safeguarding mechanisms that should be adopted by the private compan ies and the governments. A cyber crime is defined as a heinous crime wherein the information and communication technologies may be the main victim or the target of the crime and it may comprise of a single event or a number of events (Geers, 2011). Those who conduct such crimes are basically swayed by negative motivations such as thrill, profit making or vengeance. The said paper discusses about the fact whether the private companies and the government are able to fight a cyber attack by destructively counter striking against those who attack the cyber space. Unfortunately the cyber crimes are not only being conducted by the hackers but also by employees of a company past or present, as they enter the structures of the organization which otherwise they are suppose to protect (Melancon 2015). The said essay is in support of the tactics undertaken by these private entities of counter attacking the hackers instead of depending upon the law making authorities wherein they can at least use the said method as a stop gap if not an ultimate solution to the problem. How Private Companies And Governments Be Able To Mitigate Cyber Attacks By Counter Striking The past four years has witnessed high profile cyber attacks in companies like JP Morgan Chase, Sony Pictures and Fiat Chrysler, which has toppled down the trust of the consumers as well as the staff members of the corporates so much that these companies are now drooling over spending huge amount so as to be able to improvise upon their presently active defence mechanisms against these attacks (Lohrmann, 2016). However, the series of such attacks has been beneficial for the businesses, since they have allowed the companies to adopt a new procedure of protection against the attackers commonly known as active defence. As the name suggests it is a more aggressive methodology of fighting the crime rather than simply depending upon the age old methodology of applying pass-codes and firewalls (Sexton 2016). The owner of Black Hills Information Security, John Strand, uses such ways and means which would attract the attackers in a manner so that they would also fall into his trap or to be able to outline the steps taken by the attackers so as to be able to find out the origin of their attack. Unfortunately some of the victims use such methods which are illegitimate such as hack back against such a crime of the cyber world. As per the notion of many, even though hacking back may not be within the legal boundary, yet it becomes necessary at times to counter attack the criminals in their pattern only (Kutler, 2016). After a flurry of destructive hacks, the private companies and the governments are trying to voice it back by strengthening their counter attacks thus looking more active methods so as to mitigate the threats from such cyber hacks. But ultimately, the first movers advantage with regards technological advancement rests with the attackers, wherein the lawful and political deliberat ions restrict the area of counter attacks by victims (Messmer, 2011). The increase in the number of cyber attacks has proved how weak the various sectors are such as the banking, retail, healthcare givers etc. Thus such attacks, eventually forced the companies to cater to such active defence methodologies. One such took place in the year 2013, wherein the demonstrator has entre the cloud services which was being used by the hackers, got hold of their contact details and also was able to locate their office building with the help of GPS . However locating these criminals was easier but in spite of them stealing away millions of data and money, they have not been taken into custody and will never be. Simple reason for the same is that most law are national despite cyber crime conventions, while the internet is borderless and international by definition. (Kuchler, 2015) The fact is still debatable that whether counter-attacking the cyber criminals is acceptable and legal or not. However, the US alone, the Department of Justice names hacking back as likely illegitimate. However the same has not been defined as unlawful. It is the ethics which is guiding the hacking back. The issue here is that even if the law authorities are taking steps to punish the attackers, but the same is not deterring them from attacking further. If the judicial system is punctured due to the system in vogue, then it may not be considered vigilantism to take action against the attackers (Lin, 2016). Part of our public bond to produce and abide by government is to surrender our ordinary powers to take integrity into our control, in exchange of a more dependable and acceptable legal system. A person or entity is always entitled to defend oneself ad it does not wade off even if there is law to help him (Iasiello, 2016). Risk Involved In Hacking Back However, the biggest risk in the hack back policy is that it may at times lead to hacking back the offender who actually was innocent simply because it is very difficult to identify the actual attacker at times. Thus even if the private companies and governments may be able to mitigate a cyber attack by counter attacking at the hackers, there still lies a possibility of counter attacking the innocent which is very devastating in nature. For instance in a DDoS attack, if one thuds out all the systems that were unsuspectingly attacked and were used to throng against ones system, the question being asked here is whether the innocent are being attacked due to the same and is it acceptable ethically (Centre for Cyber and Homeland Security 2016). The owners of the systems may not be harmful and had no intention to act maliciously although they may be inattentive in updating their system against malicious attack. However the said type of attack against the attackers connotes that it is not important to prove a person or a group of persons guilty before one can act against a possible threat. If not done then most of the time the results and the outcomes may be devastating. Therefore keeping the guilt aside, one should ensure that if a person poses to be a threat then the same should be counter attackers in defence (Paganini, 2013). The critics about hack back system have questioned the mitigation policies of cyber attacks by counter attacks. As per them, the hacking back may lead to destruction of proofs which would else be available and required at the time of prosecution of the earlier stages of the attack. However the same criticism is counter attacked by the fact that it is acceptable to destroy the evidences, if that would ensure the prevention of the cyber attacks causing losses (Goodman, 2017). The fact that if the private companies and government are able to mitigate the cyber risks via counter attacks, then the same if made lawful and legitimate would ensure deep rooted loss of those hackers who are involved in the IP theft. The counter attacks would lead to an increase in their cost in terms of the IP thieves thus ultimately deterring them from such a conduct. It is said by all that the government has not been able to implement laws which would help private companies safeguard themselves from such cyber attacks (Glosson, 2015). However, the then US president, Barack Obama, noticed those calls in the month of March 2013, by entering into an agreement on signing the executive order that would ensure that the various government agencies would share data on the various cyber security related matters to those private entities. This order will help the entities become aware of the expected terrorization to their existing systems with the help of national intelligence. But unfo rtunately, the said arrangement will not help to vaccinate the companies who share data with the government agencies (Smith, 2013). There still lies a apprehension with regards the expected implications of allowing the private entities to counter attack. It is quite commonly used phrase the best defence is a strong offence also fits to some extent to the attacks caused by these cyber hackers. In cyber space the most apt defence is a strong defence, i.e the best solution is to defend oneself since the idea of retaliating someone else is senseless. If the hacker is being attacked back that will cause them damage too, then they would end up finding recourse into something else via the existing law prevailing and the channels of government. Hence applying a hack-back solution shows that the retaliators have not been able to understand the situation (Hutchinson, 2013). Hence it can be rightly construed that counter attack is a mere hack-back vigilantism and not any proactive policy which would help the problem to be insulated. Aggressiveness In Defence Is Better Than Offence How? Although hacking back is nowadays construed as one of the most prominent ways of safeguarding the system from cyber attacks by the private companies, yet it is very important to understand that showing aggressiveness in the various defence strategies being formulated is better than being unpleasant and offensive by nature. The inclination is still towards hacking back strategy, but it should be understood that via a combination of strategies, policies and such defensive ways and means, the achievement graph of the hackers will significantly diminish and the capability of the defenders to improvise upon the resiliency will augment, thus in turn diminishing upon the cost of dealing with the loss caused by the cyber threats (Harrington, 2014). The companies should develop a strategy wherein they would lure the attackers to attack their system and those defending will check out on their methodologies thereby applying defensive strategies. Denial and deception may also come out to be one of the most successful techniques of defending such hacks. This would enable to deceive the attackers via various technical solutions (Iasiello, 2014). It is a very smart technique which would ensure hacking back the attackers by first and foremost inviting them to attack and then catching hold of them (Leyden, 2016). Another common way would be creation of a website that would consist of files and attachments fulfilled as unsystematic from the actual files simply to perplex the hackers into viewing nonexistent connections. Lastly, the active defence tools comprise of such trigger posts on hosts which would enable automatic identification of the hackers thus leading to they being blacklisted. These are also ways of hacking back but a subtle way which cannot be considered as illegitimate by the law and the regulatory authorities and officials (Myers, 2013). Cyber Deterrence Theory Incidentally there lies three fold stage of defence- prevention, management of the occurrence of the attack and management of the situation. First, it states that the system should be designed in such a manner that it is safe from all ends from being attacked by any hacker. If the same is possible or done successfully, then all such attacks would be futile a preventive measures are already in place (Watkins et.al. 2016). Unfortunately, till date applications are designed but without considering security issues as a main issue to cater to. Mainly the active defence is expected to be conducted by governments. The intergovernmental co-operation will most probably act as a momentum for future developments of such active defence strategies in fields such as the exchange of intelligence. But unfortunately, in such a situation, many private entities are mistakenly construed as cyber criminals (Waxman, 2011). Second, is the management of such attacks occurrence i.e. to make the staff and the others aware of the happening of such an attack which seems to be a better option than ultimate prevention. For ensuring that the attack is managed at the occurrence stage itself, various hurdles are installed. This management helps to protect the important data while such an attack is occurring. Further, it is more easy to handle the attack at this stage since prevention also may have various unmanageable loopholes unlike this stage (Rid, Buchanan, 2015). The last stage comprises of the management of the situation and the ultimate consequence of the attack. It has further two stages i.e. recovery and response. The recovery stage is an age old one wherein the organization which has been attacked tries to reinstate the entire operation to such an extent so as to construe as earlier situation. However, the second stage is a relatively newer one which calls for a more active defence strategy (Tsagourias, 2013). If the attack is planned vigilantly with a lot of thought behind the same, then recovering from the same may become difficult. Thus the various tasks which can be categorised under the second category of response comprises of, getting hold of the correct attacker, measured counter attacks, asymmetries which discusses about what to do about the attackers which comprises of lesser number of IT assets and weaknesses and escalation which enables rating of the attack so as to decide whether the victim wishes to send a strong message o t he attacker so that they are made aware for any such attacks again in future (Romanosky Goldman, 2016). Conclusion Thus on a concluding note it can be said that the cyber space is diseased by a number of attacks by these hackers. It is the fasting growing area of nuisance and the number of hackers have also been multiplying which each passing phase. It is true that the said issue is a diplomatic one which cannot be resolved until the intervention of the government. It cannot be denied that practicality and the effectiveness are lawful alarms about hacking back. However, if the same is legalised then the opportunities are huge. The fact that there still lies some intuitions against the hack-back method such as the risk of misidentifying the actual attacker and by mistake get hold of an innocent person. Therefore it can be rightly said counter attacking can be used as a stop gap approach until and unless the cyber security and the law enforcement agencies are being able to find out better means to identify and punish these attackers. The said method of hack back is swinging like a pendulum between proactive policy and vigilantism References: Centre for Cyber and Homeland Security., (2016), Into the Gray Zone: The Private sector and Active Defense Against Cyber Threats, Available at https://cchs.gwu.edu/sites/cchs.gwu.edu/files/downloads/CCHS-ActiveDefenseReportFINAL.pdf (Accessed 18th May 2017) Geers,K., (2011), Strategic Cyber Security, CCD COE Publication : Estonia, Available at https://www.law.upenn.edu/institutes/cerl/conferences/cyberwar/papers/reading/Geers.pdf (Accessed 09th May 2017) Goodman,S.E., (2017), Cyberterrorism and Security Measures, Available at https://www.nap.edu/read/11848/chapter/6 (Accessed 09th May 2017) Glosson, A.D., (2015), Active Defence : An Overview of the Debate and a Way Forward, Mercatus Working Paper, Mercatus Center at George Mason University: Arlington, Available at https://www.mercatus.org/system/files/Glosson-Active-Defense.pdf (Accessed 09th May 2017) Harrington,S.L., (2014), Cyber Security Active Defense: Playing with Fire or Sound Risk Management, Richmond Journal of Law and Technology, vol. XX, no.4, pp. 1-41 Hutchinson, J., (2013), Companies should hack back at cyber attacks : security experts, Available at https://www.afr.com/technology/enterprise-it/companies-should-hack-back-at-cyber-attackers-security-experts-20130527-j0rqm (Accessed 08th May 2017) Iasiello,E., (2016), Is the Best defence a strong defence in cybersecurity? Available at https://fabiusmaximus.com/2016/03/13/is-offense-best-defense-in-cybersecurity-94550/ (Accessed 09th May 2017) Iasiello,E., (2014), Hacking Back : Not the Right Solution, Parameters, Vol. 44, no. 3, pp. 105-113 Available at file:///C:/Users/E-ZONE/Downloads/1434062_1772786097_14289211698173281Hackingbackno.PDF (Accessed 18th May 2017) Kuchler,H., (2015), Cyber Insecurity : Hacking Back, Available at https://www.ft.com/content/c75a0196-2ed6-11e5-8873-775ba7c2ea3d (Accessed 08th May 2017) Kutler,J., (2016), Cybersecurity has started fighting back against hackers, Available at https://www.businessinsider.com/cyber-security-has-started-fighting-back-against-hackers-2016-6?IR=T (Accessed 18th May 2017) Lin,P., (2016), Forget About Law and Ethics Is Hacking Back Even Effective? Available at https://www.forbes.com/sites/patricklin/2016/09/26/forget-about-law-and-ethics-is-hacking-back-even-effective/#32ed84ac47d8 (Accessed 09th May 2017) Lohrmann,D., (2016), Can Hacking Back Be An Effective Cyber Answer? Available at https://www.govtech.com/blogs/lohrmann-on-cybersecurity/can-hacking-back-be-an-effective-cyber-answer.html (Accessed 18th May 2017) Leyden,J., (2016), National cyber Security Centre to Shift UK to Active defence, Available at https://www.theregister.co.uk/2016/09/16/uk_gov_active_cyber_defence/ (Accessed 18th May 2017) Melancon,D., (2015), Should Companies Strike Back at Hackers? Available at https://www.tripwire.com/state-of-security/security-data-protection/should-companies-strike-back-at-hackers/ (Accessed 09th May 2017) Messmer,E., (2011), Is retaliation the answer to cyber attacks? Available at https://www.networkworld.com/article/2199010/malware-cybercrime/is-retaliation-the-answer-to-cyber-attacks-.html (Accessed 09th May 2017) Myers,L., (2013), Active Defense: Good Protection doesnt need to be offensive, Available at https://www.welivesecurity.com/2013/11/19/active-defense-good-protection-doesnt-need-to-be-offensive/ (Accessed 18th May 2017) Paganini,P., (2013), The Offensive Approach to Cyber Security in Government and Private Industry, Available at https://resources.infosecinstitute.com/the-offensive-approach-to-cyber-security-in-government-and-private-industry/#gref (Accessed 09th May 2017) Rid,T., Buchanan,B., (2015), Attributing Cyber Attacks, Journal of Strategic Studies, 38(1) and (2), pp. 4-37, Available at https://sipa.columbia.edu/system/files/Cyber_Workshop_Attributing%20cyber%20attacks.pdf (Accessed 09th May 2017) Romanosky,S., Goldman, Z., (2016), Cyber Collateral Damage, Procedia Computer Science, vol.95, pp. 10-17, Available at https://ac.els-cdn.com/S1877050916324590/1-s2.0-S1877050916324590-main.pdf?_tid=b09abc7c-3544-11e7-83f5-00000aacb35eacdnat=1494395659_f0cb6430e118607b25d1dca5d65428f2 (Accessed 09th May 2017) Smith,G., (2013), Hacking back Could Deter Chinese Cyberattacks, Available at https://www.huffingtonpost.in/entry/hacking-back-chinese-cyberattacks_n_3322247 (Accessed 09th May 2017) Sexton,M., (2016), U.K. cybersecurity strategy and active cyber defence Issues and risks, Journal of Cyber Policy, vol.1, no.2. Tsagourias,N., (2013), Cyber Attacks, Self Defence and the Problem of Attribution, Journal of Conflict and Security Law, vol.17, no.2, pp. 229-244 Waxman,M.C., (2011), Cyber Attacks and the Use of Force, The Yale Journal of International Law, vol.36, pp. 421-459. Available at https://digitalcommons.law.yale.edu/cgi/viewcontent.cgi?article=1403context=yjil (Accessed 09th May 2017) Watkins,LA., Hurley, J.S., Xie, S., Yang, T., (2016), Enhancing Cybersecurity by Defeating the Attack Lifecycle: Using Mobile Device Resource Usage Patterns to Detect Unauthentic Mobile Applications, Journal of Informati
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.