Is Destructive Retaliation By Private Companies And Governments The Answer To Cyber Attacks?

Is Destructive Retaliation by Private Companies and Governments the Answer To Cyber Attacks?

Cyber-attack can be easily defined as an attack that is mainly initiated from various kinds of system against a list of website that is mainly provided, systems or even an individual computer. It mainly compromises with various kinds of parameter that is confidentiality, integrity and even availability of various computer systems or any kind of information that is mainly stored in it(Rid and Buchanan, 2015).  The ultimate objective of cyber-attacks is to gain or attempt for any kind of unauthorized kind of access of information which is mainly stored in computer system along with various kind of data. It can result in disruption of any kind of data, denial of service attacks which is mainly inclusive of various kinds of attacks to websites. It also focuses on installation of various kinds of virus or any kind of malware which comes up malicious kind of code for the system. It also focuses on unauthorized use of various computer system which is mainly used for process large volume of data (Liu, 2016). Any kind of changes which is made from the hardware characteristics of a computer system and hardware, fire along with owner’s instruction and consent. Improper use of data may result disruption of various kinds of employees.

In the coming pages of the report an idea has been provided regarding the fact that should various kinds of private companies and government retaliate various kinds of cyber-attacks. It mainly focuses on destructively counter-striking against attackers. After that an analysis has been done regarding reactive policy which is mainly used for insulating various kinds of critical services from any kind of damage. It is mainly used for mitigation of harm from any kind of potential attacks.

System technology was mainly invented with mere goal to improvise efficiency of operation in both the domains that is for both public and private kind of organization. Various kinds of individuals, government and organization are more focused on effecting various kinds of individual that tends to operate on Individuals, organization and government that mainly tends to work or operate on the kind of platform that is available for large number of people. Various kinds of methods are available for large number of organization needs to focus on large number of cyber-attacks. Australian Cyber security centre is mainly used by Australian organization that is used by cyber-attack in real value that is provided.

Advanced persistence threats

Protection of IT infrastructure and data mainly requires proper kind of development in the terms of implementation of appropriate and effective safeguards that is mainly ensured for delivering services for ensuring various kinds of critical infrastructure (Ding et al, 2017). Typical kinds of threats are mainly inclusive of various kinds of infrastructure services. Typical kinds of threats are mainly associated with execution of various kinds of cyber attacks

Most common kinds of cyber attack

APT or Advance persistence are considered to be much long in terms of targets which is mainly based on breaking into the network by making use of multi-phase and advoiding of any kind of detection (Mousavian, Valenzuela and Wang, 2015). The five kinds of stages of APT are reconnaissance, incursion, discovery, capture, exfiltration.

DDoS type of attack mainly occurs when a server is overload intentionally by the help of various kinds of request. It comes up with same kind of goal that is mainly shutting down of targeted website or internet based system (Liu et al., 2017). User cannot access the site or network which ultimately results in partial or complete breakdown of business operations. It totally depends on the fact that how various business rely on internet services.

For this particular kind of cyber-attack a proper kind of software is not required. Someone who comes up from various kinds of administrative privilege usually are within the various kinds of organization that mainly makes misuse of credentials for getting access to the confidential information of the organization (Isozaki et al., 2016). It also focuses on ex-employers which is present in the threat if they have left that organization on any kind of bad terms.  So the business should have some kinds of protocols in place that is mainly used for revoking all the access to the data of the company in terms bad. So the various kinds of business should have a protocol that is mainly used for accessing to the organization data immediately after the termination of various employees (Mousavian et al., 2017). Inside kind of attacks can also take place in form of cyber-attacks which mainly focus on large number of employees as a representative in the company with business work which is mainly used for gaining access to the sensitive information of various business works.

It mainly covers any kind of program that is mainly used for targeting any kind of computers that is mainly intent for use that can easily cause damage or gain any kind of unauthorized access (Ashok et al., 2015). At present there are large number of malwares are available like virus, spyware, worms, ransomware, Trojan horses and keyloggers.

Distributed Denial of services

Creation of password based attack is considered to be the most simplified kind of attack for various kinds of attackers that is mainly used for getting access to targeted accounts and any kind of database (Yampolskiy et al., 2015). There are mainly three kinds of password based attacks like brute force attack, it mainly involves getting into the dictionary attack that mainly makes use of dictionary words and key logging. It tracks various kinds of user stroke’s like login and password inclusively.

This is considered to be most common deployment from various kinds of cyber theft. It also involves collection sensitive information of an individual user like login credentials and information of credit card (Low, 2017). It can be considered to be legitimate out as a kind of website that is mainly sent out for suspecting various individuals in an email. With the increasing awareness of various kinds of common techniques of phishing. For a provided instance it can be considered to be more damage for various kinds of common techniques of phishing. One should easily keep a track of mismatched or unsecured kind of URL. In the near future it will have hackers which have become popular and essential kind of information that is mainly kept secured for having protection against various kinds of tactics.

Although various kinds of system can be easily taken into consideration by the help of variety of methods, GCHQ is much focused to have a proper understanding of various kinds of codes which malicious in nature and various kinds of attackers need to carry out the fact (Chlela et al., 2017). Various kinds of information and computer system mainly comes up with broad value of spectrum of threats along with capabilities. Various kinds of impact can easily harm the business which mainly depends on list of opportunities that are mainly offered to attackers. Various capabilities of attackers are mainly used for exploitation that ultimately focus on increasing motivation with large number of attackers. Let us example, an easily focus on guessing password of an online account that mainly takes various kinds of capabilities that is mainly used for exploitation. With the help of technical knowledge various attackers can easily make use of certain number of tools that are mainly available on domain of internet. It can be also used for brining various kinds of resources that are mainly which are needed for bear out the fact that is mainly used for discovering a list of vulnerabilities which mainly focus on various kinds developing tools and techniques which is mainly used for bypassing some basic kinds of control schemes like Cyber Essential. It mainly focuses on protecting against bespoke attacks which needs to heavily invest in more kind of hostiles securities (Cerrudo, 2015). This whole thing has been termed as 10 essential steps that are mainly used as present. Motivation of various kinds of attackers is considered to be most important for demonstration which comes up with technical powers for a range of person. It also helps in having financial gain, commercial kind of advantage, protest for political domain by the help of economic or any kind of diplomatic kind of advantage for the country.

Internet attacks

Along with various kinds of attackers should come up with capability and various kinds of motivation. Instead of that they also need a proper kind of opportunity that is mainly used for delivering a proper kind of successful attack (Liu and Li, 2017). One need to have no kind of control that is mainly based on large number of capabilities and various kinds of motivation. One can easily look into various kinds of attacks that is mainly based on various kinds of capabilities along with motivations.

The paper also deals with various kinds of term related to commodity and bespoke that is mainly used for characterising the capabilities of various kinds of attackers.

This main requires certain number of tools and techniques that is mainly openly available to internet that is off the shelf that are considered to be relatively much simple to use. This is also inclusive of various kinds of tools that is mainly designed for various kinds of security specialists like system testers (Gillani et al., 2015). It can be easily used by large number of attackers which is mainly designed for scanning public based vulnerabilities in various operating systems and related applications. Poison Ivy is defined as a well-known kind of tool for commodity. It is mainly used for readily available remote based access tools that has bene used in large number of methods or ways.

Bespoke Capability: It generally involves a certain number of tools and techniques which has been specifically developed and so it requires a special kind of knowledge. It is mainly inclusive of special kind of knowledge. It is mainly inclusive of various kinds of malicious code which mainly take advantage of various kinds of vulnerabilities which is not known to any kind of software vulnerabilities and it is not also known to any kind of anti-malware companies and is often termed as zero-day output (Zhuang, 2015). It is also inclusive of undocumented kind of software features or various kinds of application that is mainly designed in such a way for large number of application. Bespoke capabilities come up with various kinds of capabilities as soon it is discovered and in some matters in few days that are also available. By considering the nature, the availability of bespoke tool is not generally advertised as soon as it is released for large number of commodities.

It is generally considered to be available for large number of capabilities which are considered to be effective which mainly arises due to result of various kinds of cyber security principles. The various kinds of steps have been discussed and 10 steps of cyber security are not being followed according to the provided requirement (Taha et al., 2016). Regardless of various kinds of cybersecurity attacks of capabilities and along with motivation the commodity tools mainly highlight various kinds of tools and techniques that are used in global platform.

Malware or malicious software

In various kinds of untargeted attacks various kinds of attackers can easily focus on many kind of devices that are mainly available on large scale. They do not need to care about who the ultimate victim is as well number of systems that are mainly available for use (Ovelgönne et al., 2017). The machine comes up with various kinds of vulnerabilities. For doing this technique one needs to take advantage of list of things like openness of internet.

This activity is mainly relates sending of emails to large number of people and asking for list of sensitive data and encouraging them to visit a fake website and providing necessary details like bank account details.

Water holing: It is considered to be setting up of a website and compromising with large number of legitimate users which is mainly used for exploitation the users that have visited the website.

It is considered to be disseminating of disk encryption exploitation of malware which is order for visiting a website. 

On the contrary when the organization is singled then the attackers can easily make use of singled out because of various kinds of attacks that comes up with specific kind of attack. The ultimate groundwork for this kind of attack is mainly taking various kinds of months so that they can easily find out some of the possible kind of routes for delivering their exploitation which is mainly directed to a system (Sanatinia and Noubir, 2015). A targeted attack is mainly considered to be more specifically that needs to tailored for providing attacks in comparison to un-targeted attacks as it comes up with specifically tailored to some kinds of systems.  It mainly focuses on system, processes and various kind of personnel in various offices along with home. Targeted attack is mainly inclusive of spear-phishing, deployment of botnet and subverting of supply chain.

Spear-phishing: It mainly focus on sending of emails to various kinds of target individuals which mainly contains an attachment of various kinds of malicious software or a particular link that can be used for downloading the link for various kinds of malicious software (Durairajan, Saravanan, and Chakkaravarthy, 2016).

It is mainly used for delivering various kinds of DDoS attack.

This type of equipment or software is mainly used for delivering to the organization.

In general, various kinds of attacks can be easily used for various kinds of commodity tools and techniques which is mainly used for system for exploitation of vulnerability (Chakhchoukh,and Ishii, 2015). Many kinds of organization generally want mainly focus on the needs for providing accurate assessment which is inclusive of various kinds of threats. Every organisation is considered to be potential victims. All the various kinds of organization have some kind of value that is mainly needed.

Password attacks

Should private companies and governments be able to retaliate against a cyber-attack by destructively counter-striking against attackers?

Chances of cyber-attack is considered to be a well-known option that is mainly used for both kinds of organization that is public and private in nature. It comes up with multiple kind of methods that be used by organization and government bodies for sealing various kinds of attacks. One of the best kinds of methods that can be used is to proper kind of data security to be installed in their system as per the requirement or need.

For understanding various kinds of legal provision then first to have a proper understanding regarding various kinds of legal provision that is mainly coming into action. It is mainly important for considering the fact international kind of cyber laws can be easily used for analysing each an d every kind of parameter that is mainly used on regular basis. The first thing that is mainly taken into consideration that various kinds of laws that can be used by cyber-attacks methods which is mainly used for seeking into various kinds of parameter and how the provided action can easily proceed with respect to provided requirement. Secondly, counter-striking of various kinds of attacks mainly focus on certain number of needs or requirements. Another kind of hacking is the mainly focus on the use of affected parties by large number of people. Third method is allow counter-striking of various kinds of measures that is mainly used for tackling a large number of things. Lastly is all about active kinds of defence mechanism which is about gathering of intelligent of local basis. By making use of four ways, first one is all about gathering of intelligence on local basis. The other kind of two mechanism is all about three  kind of active defence form that can be actively have negative kinds of effect of the organization which is mainly inclusive of penalties and any kind of reputational damage. 

Conclusion

From the above discussion it can be easily concluded that this report is all about various objectives of a cyberattack and some of its methodologies have discussed above. This methodology is considered to be important for execution them on regular basis. A small business should have cyber security plan for tackling it in a proper way. It is mainly used for addressing various kinds of physical networks and lastly security of data that consideration above. Various kinds of cyberattacks like advanced persistent threats, distribution denial of services and its impact on various business have been discussed in details. After that an analysis has been done on various kinds of cyber-attacks, malware and malicious software, attacks based on password mechanism have been discussed in details. The report also highlights phishing attack which is totally considered to be security breach. The report mainly discusses the fact that should various kinds of private organization and government bodies retaliate against various kinds of cyber-security attacks. In the above pages of the report an idea has been provided regarding destructively counter striking of attacks. It is mainly used for insulation from various kinds of critical services that mainly works for damage along with certain number of mitigation techniques.

Phishing attack

Reference

Ashok, A., Wang, P., Brown, M. and Govindarasu, M., 2015, July. Experimental evaluation of cyber attacks on automatic generation control using a CPS security testbed. In Power & Energy Society General Meeting, 2015 IEEE (pp. 1-5). IEEE.

Cerrudo, C., 2015. An emerging us (and world) threat: Cities wide open to cyber attacks. Securing Smart Cities.

Chakhchoukh, Y. and Ishii, H., 2015. Coordinated cyber-attacks on the measurement function in hybrid state estimation. IEEE Transactions on Power Systems, 30(5), pp.2487-2497.

Chlela, M., Mascarella, D., Joos, G. and Kassouf, M., 2017. Fallback Control for Isochronous Energy Storage Systems in Autonomous Microgrids Under Denial-of-Service Cyber-Attacks. IEEE Transactions on Smart Grid.

Ding, D., Wang, Z., Ho, D.W. and Wei, G., 2017. Observer-based event-triggering consensus control for multiagent systems with lossy sensors and cyber-attacks. IEEE transactions on cybernetics, 47(8), pp.1936-1947.

Durairajan, M.S., Saravanan, R. and Chakkaravarthy, S.S., 2016. Low Interaction Honeypot: A Defense Against Cyber Attacks. Journal of Computational and Theoretical Nanoscience, 13(8), pp.5446-5453.

Gillani, F., Al-Shaer, E., Lo, S., Duan, Q., Ammar, M. and Zegura, E., 2015, April. Agile virtualized infrastructure to proactively defend against cyber attacks. In Computer Communications (INFOCOM), 2015 IEEE Conference on (pp. 729-737). IEEE.

Isozaki, Y., Yoshizawa, S., Fujimoto, Y., Ishii, H., Ono, I., Onoda, T. and Hayashi, Y., 2016. Detection of cyber attacks against voltage control in distribution power grids with PVs. IEEE Transactions on Smart Grid, 7(4), pp.1824-1835.

Liu, S., Wei, G., Song, Y. and Liu, Y., 2016. Extended Kalman filtering for stochastic nonlinear systems with randomly occurring cyber attacks. Neurocomputing, 207, pp.708-716.

Liu, X. and Li, Z., 2017. Trilevel modeling of cyber attacks on transmission lines. IEEE Transactions on Smart Grid, 8(2), pp.720-729.

Liu, X., Li, Z., Shuai, Z. and Wen, Y., 2017. Cyber attacks against the economic operation of power systems: a fast solution. IEEE Transactions on Smart Grid, 8(2), pp.1023-1025.

Low, P., 2017. Insuring against cyber-attacks. Computer Fraud & Security, 2017(4), pp.18-20.

Mousavian, S., Erol-Kantarci, M., Wu, L. and Ortmeyer, T., 2017. A Risk-based Optimization Model for Electric Vehicle Infrastructure Response to Cyber Attacks. IEEE Transactions on Smart Grid.

Mousavian, S., Valenzuela, J. and Wang, J., 2015. A probabilistic risk mitigation model for cyber-attacks to PMU networks. IEEE Transactions on Power Systems, 30(1), pp.156-165.

Ovelgönne, M., Dumitras, T., Prakash, B.A., Subrahmanian, V.S. and Wang, B., 2017. Understanding the Relationship between Human Behavior and Susceptibility to Cyber Attacks: A Data-Driven Approach. ACM Transactions on Intelligent Systems and Technology (TIST), 8(4), p.51.

Rid, T. and Buchanan, B., 2015. Attributing cyber attacks. Journal of Strategic Studies, 38(1-2), pp.4-37.

Sanatinia, A. and Noubir, G., 2015, June. Onionbots: Subverting privacy infrastructure for cyber attacks. In Dependable Systems and Networks (DSN), 2015 45th Annual IEEE/IFIP International Conference on (pp. 69-80). IEEE.

Taha, A.F., Qi, J., Wang, J. and Panchal, J.H., 2016. Risk mitigation for dynamic state estimation against cyber attacks and unknown inputs. IEEE Transactions on Smart Grid.

Yampolskiy, M., Horváth, P., Koutsoukos, X.D., Xue, Y. and Sztipanovits, J., 2015. A language for describing attacks on cyber-physical systems. International Journal of Critical Infrastructure Protection, 8, pp.40-52.

Zhuang, R., Bardas, A.G., DeLoach, S.A. and Ou, X., 2015, October. A theory of cyber attacks: a step towards analyzing MTD systems. In Proceedings of the Second ACM Workshop on Moving Target Defense (pp. 11-20). ACM.