Cyber Security Essay Example for Free

Cyber Security EssayPresident Obama has state that the cyber curse is one of the most serious economic and national security measures challenges we face as a nation Americas economic prosperity in the 21st century will depend on cyber security. So why is it that so umpteen people still dont eff some of the primary ways that produce cyber threats? The purpose of this paper is to name some of the more basic cyber threats. Even though it is just the beginning to the hazards you can obtain, they atomic number 18 mettlesomely effective beca substance abuse of the number of people that still consent to these kinds of breaches. First and foremost are viruses. According to ck in a flash.com, There were over 50,000 computer viruses in 2000 and that number was then(prenominal) and still is growing rapidly. Sophos, in a print ad in June 2005 claims over 103,000 viruses. And, Symantec, in April 2008 is describe to confirm claimed the number is over one million. With so many diff erent viruses out there, how do you write out what to look for and how to harbor your cyber world from viruses? Some of the most common viruses that effect people are Trojans and bring in Bots.PCmag.com defines a Trojan as A program that appears legitimate, but performs some illicit action at law when it is run. It whitethorn be used to locate password information or show the system more assailable to future entry or simply destroy programs or data on the hard disk. A Trojan is similar to a virus, except that it does not replicate itself. It stays in the computer doing its malign or allowing somebody from a remote site to take control of the computer. Trojans often sneak in attached to a free game or other utility. To add to their definition, it can also be affixed to an email attachment or the email itself. So now that you know what it is youre in all probability thinking so what can I do to protect myself from obtaining this virus? The best thing to do would be to direct yourself about this threat. Know what they look wish and common websites they reside. The next thing that to do is to be sure to always energise an up to date WELL KNOWN antivirus such as Sophos, McAfee, or Norton.The well known post is very important because some of the smaller antivirus companies are part of the reason there are so many Trojans out there. Once you get some antivirus software system you need to be sure to keep it up to date. Also, dont open emails from senders that you dont recognize. Several of the Trojans out there that get circulated by email come from people opening emails from unsung senders. The next one is botnets. http//searchsecurity.techtarget.com says A botnet (also known as a zombie army) is a number of net income computers that, although their owners are unaware of it, have been set up to forward transmissions (including spam or viruses) to other computers on the Internet. Any such computer is referred to as a zombie in effect, a computer autom aton or bot that serves the wishes of some master spam or virus originator. Most computers compromised in this way are home-based. According to a report from Russian-based Kaspersky Labs, botnets not spam, viruses, or worms currently pose the biggest threat to the Internet. Trojans are the study way that you can get one of these viruses.So it is important that you again get antivirus software, keep it up to date, and dont open emails from unknown senders. However, with this virus you can get it just from going to a questionable web site. So how do you know what ones are good and what ones are questionable? wellspring that you can for the most part guess using these deciding factors ar there several deep brown applications on the web page? Is there a lot of download able content? Are there pop up advertisements that come up on the page? Then you probably should do your best to stay away from the page. In case you are unsure, some antivirus software are now including a trusted a nd untrusted feature so when you search a site it will let you know if the page is safe or proceed at your own risk. If your antivirus does not have such a feature then there are some applications out there that will do the similar thing just to name one would be WOT or Web of Trust. The next liberate is a minuscular more targeted to the business world.It deals more with their emails and correspondence but can also be say to an average internet user. It is phishing. Webroot.com expounds Email Phishing scams are carried out online by tech-savvy con artists and identity larceny criminals. They use spam, fake websites constructed to look identical to a real sites, email and instant messages to trick you into divulging sensitive information, like bank account passwords and credit card numbers. Once you take the phishers bait, they can use the information to require fake accounts in your name, ruin your credit, and steal your money or even your identity. This is a serious issue tha t takes some skill to recognize to evade taking the phishers bait. First and foremost is to educate yourself on phishing attacks or scams. Know what it looks like. There are many resources that you have available to you on the internet to discipline how to spot a phishing attack and a legitimist email. The Department of Defense offers a great course on how to spot a phishing email at http//iase.disa.mil/eta/phishing/Phishing/launchPage.htm. A more specific attack is whaling. Blogs.iss.net explains The adoption of the line Whaling within phishing is fairly new and may have been derived from the use of Whales within gambling to refer to big-time gamblers and heights rollers, but most likely come from the colloquialism for big fish.Regardless, Whaling describes the most focused subject of phishing currently encountered by businesses or government targeted attacks against groups of high- take decision makers within a single organization, or executive positions common to multiple o rganizations (e.g. the CTO or CFO). In a whaling attack, the phisher focuses upon a very small group of ripened personnel within an organization and tries to steal their credentials preferably through the installation of malware that provides back-door functionality and key logging. By focusing upon this small group, the phisher can invest more time in the attack and finely form his message to achieve the highest likelihood of success. Note that these messages need not be limited to email. Some scams have relied upon regular postage systems to deliver infected media for example, a CD supposedly containing evaluation software from a known supplier to the CIO, but containing a hidden malware installer.So if youre not a high level employee, youre probably wondering how this is important to you. How phishers go about their scam is by obtaining little bits of what some would consider being painless information from other employees about level executives and projects going on in the company. They start at the bottom to get more information at the top. So in all actuality it very much concerns everyone in the company. This leads me in to my last but important area of cyber security insider threat. Frankly, that is you. Every employee is potentially an insider threat. So let me define it a little better with some cooperate from searchsecurity.techtarget.com. An insider threat is a malicious hacker (also called a cracker or a black hat) who is an employee or officer of a business, institution, or agency. The term can also apply to an outside person who poses as an employee or officer by obtaining false credentials. The cracker obtains access to the computer systems or networks of the enterprise, and then conducts activities think to cause harm to the enterprise.Insider threats are often disgruntled employees or ex-employees who believe that the business, institution, or agency has do them wrong and feel justified in gaining revenge. The malicious activity usua lly occurs in four go or phases. First, the cracker gains entry to the system or network. Secondly, the cracker investigates the nature of the system or network in order to learn where the vulnerable points are and where the most damage can be caused with the least(prenominal) effort. Thirdly, the cracker sets up a workstation from which the nefarious activity can be conducted. Finally, the actual destructive activity takes place. The damage caused by an insider threat can take many forms, including the introduction of viruses, worms, or Trojan horses the theft of information or corporate secrets the theft of money the corruption or deletion of data the mend of data to produce inconvenience or false criminal leaven and the theft of the identities of specific individuals in the enterprise.Protection against the insider threat involves measures similar to those recommended for Internet users, such as the use of multiple spyware scanning programs, anti-virus programs, firewalls, an d a rigorous data backup and archiving routine. It could also be an employee giving away what you would consider to be harmless information like an email address, a project you are working on at work, how many people you work with, or even where you work and the location of the building. Even with some of the best antivirus software, a stellar knowledge of phishing, and an elite cyber security system, an insider threat can penetrate that because they most the time have the credentials to log it to the system and pull resources ligitimently so it would go unnoticed. So how can you help protect you network or your companys network from an insider threat? Simply, dont be one. ever so be sure to only give information that the other person is on the same level to receive.Secondly is to educate yourself on insider threat prevention. There is a plethora of resources to do just that. A helpful one is http//www.ussecurityawareness.org/highres/insider-threat.html. Also watch for signs of cur ious activity with co workers. Report any evidence or suspicions to your supervisor. So in conclusion, prevention starts with you. Buy up to date antivirus software. avoid risky sites, educate yourself on what a phishing attack looks like, know what a legitimate email is, dont be an insider threat and educate yourself about things to look for from other co workers. Cyber security is a serious threat and is a major issue that needs to be taken seriously. It is not just something for the IT department to headache about but starts with every one making sure to take the appropriate security measures to make the cyber world more secure.