Monday, June 4, 2012

Cyber war- A Threat to Business




Md. Shainur Rahman, AGM, DTR (west), SBN, BTCL


Man’s regular attachment with information technology has made the world very much busy. Man has brought physical distance almost to zero level with IT. The day is not far away when man would control the whole world sitting in his room. Man has already utilized IT in his utility services so greatly but some exceptional incidents are taking place now a days. Recently the war called cyber war has spread allover the world so widely that it can rightly be called a “Silent psychological war”. It is true that the cyber war has got no blood shedding but it has produced a negative effect on the people. As for example, communication system is being suspended, online transactions are being disrupted by it. The idea of cyber war has been discussed recently in Bangladesh greatly in the media. By the hacking of Bangladeshi and Indian hackers on some websites the fear has spread far & wide. Cyber hacking or attack in the technologically advanced countries is a well known matter. The buzzing media news of recent time shows that China has acquired a big step on cyber war and it has made the American forces fall at a risk. Tension on Taiwan or South China Sea may bring extra pressure on American forces due to the cyber power of China. However, the  hackers have not yet attacked on someone heavily but they are capable to attack seriously if they wish. More over, Criminal hackers already have acquired great capability on hacking the website of the world computers. Hence we are to be very much cautious about the terrible nature of hacking or cyber war at present and how to overcome the deadly attack of cyber war should be our main concern of today.




What is cyber war


Cyber war is an Internet based conflict involving politically motivated attacks on information and information systems. Cyber war attacks can disable official websites and networks, disrupt or disable essential services, steal or alter classified data and cripple financial systems like many other possibilities. The initiator of cyber war can be an individual, an organization or a government. There are many different kinds of cyber war, from specialized hacking jobs on a specific server to generally targetted denial of service attacks. The ultimate target in cyber war is an attack that completely removes the ability for all of the members of an organization or government to be connected to the Internet; in the modern information centric society, this can lead to the loss of millions or billions of dollars of productivity or worse.


Types of attack:


There are many different kinds of Cyber war attacks-
§  Vandalism
§  Propaganda
§  Denial of Service
§  Network Attacks Against Infrastructure
§  Non-Network Attacks Against Infrastructure.


Vandalism:

Web Vandalism is characterized by Website defacement and/or denial of service attacks. Website defacement is a major threat to many internet enabled businesses. It negatively affects the public image of the Company. Companies may suffer from loss of customers.


Propaganda:


Propaganda is deliberate collection of messages intended to influence the opinions and actions of large numbers of people. The information provided in these messages is not done so impartially or necessarily truthfully, as the basic purpose of propaganda is to influence the audience towards the side of the propagandist. Propaganda is a powerful recruiting tool. The web provides a way in which propaganda can be quickly and cheaply disseminated. The cost of publishing propaganda may simply be a web hosting fee. Through the use of the web’s Video & file-sharing sites along with social networking sites, propaganda can reach large audiences in a very short manner of time.


Denial of Service:


A Denial of Service attack is an attempt to consume all of an available resource in order to keep that resource from its intended users. The denial of service attack is one of the most common attacks on the Internet. Its use is so widespread because it is relatively easy to implement and it is very difficult to defend against. Generally, an attacker creates a flood of bogus requests to a service, ignoring the results. The server is bogged down by the large numbers of incoming requests, taking a long time to handle both the fraudulent requests and any  legitimate requests that come in during the attack. In extreme cases, the server will not be able to handle the strain of the incoming connections and will crash, permanently breaking the server until it is manually restarted. A denial of service attack may also consist of a request which is crafted to exploit a specific Vulnerability in the server, causing it to crash without requiring a large number of requests. 


Network Based attacks Against Infrastructure:


As in conventional war, critical infrastructure serves as a target to cyber attacks. Although often regarded as the most severe type of cyber attack that includes power, water, fuel, communications and transportation, few critical infrastructure attacks have been perpetrated to this day. Previously, it was thought that the worst a network based attack could do was denial of service. As recently as this year however, hackers were able to inflict physical damage on machinery. Electrical power, water and fuel supplies are at the core of a country’s infrastructure. The disruption of any of these services would have a chain reaction effect and cause severe repercussions. For efficiency and cost saving purposes, the control systems of power plants, water pump stations and fuel lines have been networked and can be controlled remotely. This opens the possibility of an attacker gaining access and taking control.


Non-Network Based Attacks Against Infrastructure:


Equipment disruption can also occur from non-computerized attacks. An Electromagnetic Pulse (EMP) occurs after a nuclear device is detonated and disables all electronic devices within range. However EMPs can also be generated without a nuclear explosion. Non-nuclear EMPs can be loaded in cruise missiles or as the payload of bombs and cause widespread equipment failure, as shown in the figure below.







Defense Mechanism


The threat of cyber war is different from common Internet threats and most organizations are not adequately prepared for it. Corporate defenses typically concentrate on protecting data from theft or alteration. Cyber war also seeks to disrupt critical infrastructure and services .New technologies such as cloud computing, social networking and the proliferation of mobile devices have also resulted in an increase of cyber attacks. These factors are expected to drive the demand for cyber security programs. As the cyber war has a great negative impact in our life so we should try to protect our system from the attack of cyber war. The defense mechanisms of cyber war are as given below.


Cyber war defenses: 


Internet based attacks are becoming more sophisticated all the time. Cyber war threats warrant composite security defenses comprised of preventive, detective and corrective controls. A successful defense strategy focuses on identifying critical information and services and implementing layered controls to protect them.
Sound business practices are founded on the principle of action, not reaction. That means security programs must be highly proactive in safeguarding sensitive data and critical services, which means: fixing vulnerabilities hidden from auditors; raising awareness of issues that exist because of politics or organizational gaps and working collaboratively to address them and preventing compensating controls from being cited inappropriately. The layered controls specified by best practices and applicable regulations are necessary to maintain a strong security posture.


Network breach prevention: 
Defining a network security perimeter can be difficult in a large enterprises, but there are a number of best practices that can help to start by documenting networks and systems at each site. Next, Internet service providers (ISP) should be contacted and available IP address range should be determined. After obtaining proper permissions, each IP range during a maintenance window should be scanned. The scan results for vulnerabilities and rogue system should be carefully examined. Finally, each IP range should be monitored and alerts should be configured if an unused IP address comes into use. It needs to ensure that all external network access points are controlled through the use of firewalls and encrypted virtual private networks (VPNs).


Monitoring and hardening: Cyber warriors may be very stealthy and conduct custom attacks over weeks or months. Intrusion Detection Systems (IDS) softwares have to tune appropriately to prevent cyber attacks. A content filtering solutions have to implement to detect unauthorized use of sensitive information and prevent it from leaving the network.


Availability: Availability isn’t just a matter of business continuity or disaster recovery. Systems must also be available when under attack. One should prepare for network DOS attacks by implementing intrusion prevention systems (IPS) to counter attacks in real-time and configure operating systems to discard DOS traffic.


Government strength controls: Cyber war threats require government strength controls to protect confidential information such as trade secrets. Implementing an air gap or physical separator should be considered to protect sensitive networks. This is an absolute way to prevent data leaks across networks. Most information security professionals agree that a determined attacker will penetrate perimeter defenses. The principle of defense- in-depth is founded on that assumption.


Knowing and exploiting enemyTo be successful in fending off cyber attacks, it is necessary to understand how the opposition think and anticipate their next move. Cyber warriors are professionals and utilize traditional warfare strategy and tactics.
The table shows the attack examples and defenses in brief-
Attack target
Goal of attack
Attack examples
Defenses
End-system
Data access and modification
Hacking, phishing, espionage etc.
Virus scanner, firewall, network intrusion detection system etc.
Denial-of-service
Denial-of-service attack via botnets etc.
Control plane
Data access and modification
Malicious route announcement, DNS cache poisoning etc.
Secure routing protocols (with cryptographic authentication), secure DNS (DNSSEC). etc
Denial-of- service
DNS recursion attack etc
Data plane
Data access and modification
Eavesdropping, man-in-the-middle attack etc.
Secure network protocols (IPSec, TLS) etc



Every new technology has got its merits and demerits. Information Technology is no exception to this. Despite, its numerous merits, advantages and abilities it is not free from a negative side called cyber attack or cyber war done by the immoral hackers all over the world. It is therefore imperative to study cyber attack and spread moral teaching collectively by the world body through implementing anti-hacking laws. 





Md. Shahinur Rahaman
Assistant General Manager
DTR(West), Sher-e-Bangla Nagar, Dhaka.

2 comments:

  1. Cyber war should be prevented strictly. All should take initiatives to stop Cyber war.
    Business security systems

    ReplyDelete
  2. Cool stuff you have got and you keep update all of us. dark0de market

    ReplyDelete