Psychological Warfare In The Cyber Realm: Risks, Concerns, And Strategies Essay.

Discuss About The Psychological Warfare In The Cyber Realm?

In this modern digital world, Information technology is playing very vital role in providing comforts by easing the way of work. However, there is always a bright side and dark side of any beneficial aspect similarly, there are certain security risks related to the application of information technology. There are various types of risks related to the information security; this report focuses on the Ransomware attack, which can be remarked as the trending risk in this field.  It is threat that cannot be pushed away completely, in fact it is changing and evolving day by day as the technology is developing. There are several approaches, opinions, methods, and actions that can help in addressing the risk related to the ransomware attacks; however in real world “the reality is that it is not if an individual will be affected, but when.”

Cybercriminals are not those who are trying to steal someone’s mail from the mailbox or about putting skimmers on ATMs. Cybercriminals are getting more advanced than that, which means cybercriminals are using more sophisticated technology to get the access to someone’s personal data without any authority (Clough, 2015).

Ransomware can be stated as a form of cyberattack, which is made to obtain the data related to an individual or an organization and in exchange gain payment. There are several ways to encrypt the file that is being used by many attackers, however the common or predominantly uses the AES algorithm (Corrigan, 2017). Ransomware is spreading by the means of distribution of malicious files that contains malicious virus. The very recent example of such attempt is WannaCryransomware attack, which was successfully attempted and affected many of the organizations in all over the world. This attack also damaged many systems that cause loss of several data and information of more than a million people (Mansfield-Devine, 2017).

According to the U.S. Government interagency report, it can be said that there are almost 4,000 ransomware attacks are being made daily from since 2016 and estimated that these attacks have been increased by 300% as, it was reported in 2015 that the attack rate was 1,000 in 2015. These attacks are being assumed that will keep on increasing like this growth rate. Another report presented by McAfee^TM depicts that “just one ransomware made $121 million in the last year” (Carlin, 2015).

Risks and Security Concerns of Ransomware

Loss of money: In order to get access to own data an individual or an organization had to pay the ransom to the hackers for the decryption of encryption that they had put on the files through intrusion. Kirk ransomware is the latest example in which the ransom wase paid by the means of Monero (Karaffa, 2017).

Loss of money and not any data recovery: This is the top most risk in any ransomware attack in which there are chances that the hackers will not provide the decryption for the files even after receiving money. For example in WannaCry ransomware cyber attack many of the victims had to pay the ransom whereas most of them do not receive any decryption for their corrupted files.

Data compromised: Even after receiving the data there are chances the data has been already compromised means if hackers have the access to the data then they have also access to manipulate them by exposing, deleting or editing, which is a serious risk that can affect the proper functioning of the organization (Kharraz et al., 2015).

Encouraging cybercriminals: If an individual pays the ransom to the hackers it will encourage to make later attempts, which will not only affect the same organization rather it will affect rest of the organizations in the world too (Pathak & Nanded, 2016).

These intrusions can lead the intruders to access the operational related files and the access for the users by encrypting those files with unbreakable encryption, which cannot be decrypted by own. Generally it encrypted all types of the files including videos, documents, images, audio files, game extensions and many more. Each computer that had been infected by the virus can act as a botnet itself and can be used to infect other computers who are at the same network as well (Lipovsky, 2014). Encrypting the files is not the only action that goes on at that moment, but it also extracts the sensitive data related to the individual including username, email address, password and many more and sends them to the cybercriminals, which can be used in further case by them. These all activities raise the concern of security for the computers where the data has been being saved by the individuals or the organizations. CryptoLocker is one of the virus that is being used for such cases from decades and is also known as “police virus.” This uses engineering techniques in order to trick the users into running it (Cabaj & Mazurczyk, 2016). Generally it is sent in the form of the zip file and looks similarly as the organization uses to send files and ask the individual of that organization to open it. After getting downloaded into the system it starts hiding itself into the system in the profile of the user under LocalAppData or AppData (Beede, 2012). It registers itself into the system as a register key and coding ensures that whenever the computer restarts, it also runs every time and once the encryption is complete a popup arises with the demand of the ransom.  These are the risks that raise computer security concerns and need of the better security approaches in order to protect the data and information that could cause serious loss.

Strategies for Addressing the Risks

There are various strategies for addressing the risks that rise in ransomware cyber-attacks, which can be listed as:

Social engineering: taking care of personal credentials related to the personal accounts and bewaring of phishing. An individual should not expose the credentials to random phone calls from outside of the network (Sitting & Singh, 2016).

Security Awareness Training: With the perceptive of the organizational assets protection, security awareness training can play a vital role in mitigating these threats. This program will focus on the role of the employees in the information security and will ensure that the individual user knows the new tricks, scams, and trends. The goal of this program should be that the employees get educated about the defensive mechanism of the organization (Andre, 2017).

Physical Security: Care should be provided to the computers and the laptops in order to confirm that it does not goes in wrong hands or any unauthorized user who can take benefits for personal use by harming the organization (Mishra, 2017).

Authentication: There are three ways to make the network more secured firstly, implementation of two factor authentication that will help in protecting the network by asking passwords or OTP whenever the user log into the system. Secondly, saving complex passwords for the user or using randomly generated passwords. A user should must not use general passwords like name, date of birth or else rather it should use at least one uppercase letter (capital letter), a lowercase letter (small letters), a number and a symbol (*,#,_,@,!) in the whole password with. These measures will help in creating a very strong password that will be very difficult for the intruders to hack the password (Sawler, 2016). Password manager software can also be helpful for this purpose and will manage the passwords that have been used for different websites or servers by the user and allow to access with only one password.

User Access Control: Limiting the internet usage for organizational work only and allowing access to websites that might infect the system like social media, gaming, online shopping, chatting and many more (Malhotra, 2015). Leverage tools are another option to manage the blocking website access.

Anti-virus and Anti-Malware solutions: There should be always firewall and a supporting anti-virus into the system that can detect if any malicious file is being accessed or manipulating the program of the computer and ensures that it is deleted completely from the system (Piggin, 2016). There are various anti-virus are present in the market and individual should not just buy any one of them, proper research should be made before buying the anti-virus. Both firewall and anti-virus should be updated with the new version.

Backup Solution: It is a very important activity towards tackling from the ransomware to always keep backup of the data and keep checking whether the system is working or not accordingly. Keeping backup at a goggle drive is not a very good idea rather the organization should have a application-to cloud service, or cloud-to-cloud service, or an on-premise storage unit like hard disks, SAN, drives, tapes and many more (Cook, 2017).

System Maintenance: Many of the vulnerabilities occur due to the improper maintenance of the systems that are being used in the organization for saving data related to the operational activities.

Conclusion

Based on the above report it can be concluded that ransomware is a serious issue in the sector of the Information Technology (IT) related to the information security that is increasing in a very rapid manner and proper precautions should be provided on the preventive measures related to these issues. This can be the biggest loss for any organization to lose their data or not access to personal data and could lead to several delays in the production, supply or many other activities. This report focuses on the risks to the ransomware cyber-attacks to the organization or an individual on how this unwanted incident can cause damage to the assets and their intellectual property. Prevention of these risks are very necessary in order to be safe from such intrusions; this report focuses on some of the measures that could help in fighting back this unwanted situation or preventing them from being started. Personal awareness is also the most important approach towards these risks. Some of future trends in ransomware have been explained below. Every individual related to the data and information and using organization’s network should be self-responsible about the preventive measures and should play their role with responsibility can be recommended in order to stop from letting such unwanted event and protect organizational assets.

Per Botnet Payout: there are the possibilities in future that botnets will be pushed out with the ransomware. This means that cybercriminals are hiring junior cybercriminals who are skilled with pushing botnets into the system. This implies that a small hacker would be able to breach into the databases and steal them and it is being named too ‘Ransom as a Service.’

Public Works and Manufacturing: public works like water treatment facilities can face the intrusion as the hackers may hack the facility system and demand for the money and if not received payment they could start releasing more chlorine to the drinking water supplies. This way they will attack the government and can make ransom in exchange with the security of public. They could manipulate the equipments used for counting, measuring, or any analytical calculation and their formulas of the product ingredients and even there is the possibility of termination of power by them until the organization or government pays the ransom.

Dentist and Healthcare Providers: It is already happening at this time but it can evolve and take a more advanced shape. Cybercriminals are educating themselves and trying to get the access with whom an organization or individual is working with and trying to trick them by infecting with virus.

By the development of threats cybersecurity is also getting evolved and advanced in which prediction  is being made in future the priority of each organization and the individual will be the cloud computing, which can be a better for sure preventive measure. Healthcares, federal agencies and other organizations have started storing data in physical storage devices along with the cloud storage as a backup plan if any ransomware breached their database

References:

Andre, T. (2017). Cybersecurity an enterprise risk issue. Healthcare Financial Management, 71(2), 40-46.

Beede, R. (2012). A Framework for Benevolent Computer Worms (Doctoral dissertation, University of Colorado at Boulder).

Cabaj, K., & Mazurczyk, W. (2016). Using software-defined networking for ransomware mitigation: the case of cryptowall. IEEE Network, 30(6), 14-20.

Carlin, J. P. (2015). Detect, Disrupt, Deter: A Whole-of-Government Approach to National Security Cyber Threats. Harv. Nat'l Sec. J., 7, 391.

Clough, J. (2015). Principles of cybercrime. Cambridge University Press.

Cook, R. (2017). Plenary IV: Keynote Speaker: FINRA President and CEO Robert Cook Wednesday, May 17 8: 45 am–9: 45 am.

Corrigan, K. (2017). Ransomware: A Growing Epidemic for Business(Doctoral dissertation, Utica College).

Karaffa, C. (2017). Causation and Impact of Ransomware Infection in Large Organizations (Doctoral dissertation, Utica College).

Kharraz, A., Robertson, W., Balzarotti, D., Bilge, L., & Kirda, E. (2015, July). Cutting the gordian knot: A look under the hood of ransomware attacks. In International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment (pp. 3-24). Springer, Cham.

Lipovsky, R. (2014). Eset analyzes first android file-encrypting, tor-enabled ransomware. WeLiveSecurity.

Malhotra, Y. (2015). Cybersecurity & Cyber-Finance Risk Management: Strategies, Tactics, Operations, &, Intelligence: Enterprise Risk Management to Model Risk Management: Understanding Vulnerabilities, Threats, & Risk Mitigation (Presentation Slides).

Mansfield-Devine, S. (2017). Leaks and ransoms–the key threats to healthcare organisations. Network Security, 2017(6), 14-19.

MISHRA, R. Strategies: To Defeat Ransomware Attacks.

Piggin, R. (2016). Risk in the Fourth Industrial Revolution. ITNOW, 58(3), 34-35.

Sawler, D. R. (2016). Ransomware: Psychological warfare in the cyber realm(Doctoral dissertation, Utica College).

Sittig, D. F., & Singh, H. (2016). A socio-technical approach to preventing, mitigating, and recovering from ransomware attacks. Applied clinical informatics, 7(2), 624.