cyber security vulnerabilities
Cybersecurity Vulnerabilities Facing IT Managers Today
Darin Swan
University of Maryland University College
Two factors increase the stakes of the cyber struggle. Tactically and operationally, the increasing dependence of modern technologically advanced forces (especially U.S. forces) on networks and information systems create new kinds of exploitable vulnerabilities. Second, as modern societies including the militaries that mirror them have continued to evolve, they have become ever more dependent on a series of interconnected, increasingly vulnerable “critical infrastructures” for their effective functioning. These infrastructures not only have significantly increased the day-to-day efficiency of almost every part of our society, but they have also introduced new kinds of vulnerabilities.
- Robert A. Miller and Daniel T. Kuehl
Connectivity in the Modern World
Today, computers connect us to our finances through online banking, mutual fund management, stock trading services, and a variety of other online applications that provide access to accounts twenty four hours a day. Beyond financial services, we have the ability to connect to a wide variety of information, including social media content such as Facebook, YouTube, and Twitter, as well as magazines, video games, and other Web 2.0 content. The interconnectivity of such systems has not only provided individuals with access to a wide variety of data, but now businesses have the ability to leverage the Internet as a part of their day-to-day operations. Whether it be human resources management, email and coordinated calendar systems, or sales tracking systems, the cloud offers opportunity to businesses for quicker, streamlined processes and potential cost savings. Furthermore, the government uses interconnected computer systems to manage public services such as energy systems, coordinate public transportation logistics, synchronize emergency services, run water treatment facilities, and
Darin Swan
University of Maryland University College
Two factors increase the stakes of the cyber struggle. Tactically and operationally, the increasing dependence of modern technologically advanced forces (especially U.S. forces) on networks and information systems create new kinds of exploitable vulnerabilities. Second, as modern societies including the militaries that mirror them have continued to evolve, they have become ever more dependent on a series of interconnected, increasingly vulnerable “critical infrastructures” for their effective functioning. These infrastructures not only have significantly increased the day-to-day efficiency of almost every part of our society, but they have also introduced new kinds of vulnerabilities.
- Robert A. Miller and Daniel T. Kuehl
Connectivity in the Modern World
Today, computers connect us to our finances through online banking, mutual fund management, stock trading services, and a variety of other online applications that provide access to accounts twenty four hours a day. Beyond financial services, we have the ability to connect to a wide variety of information, including social media content such as Facebook, YouTube, and Twitter, as well as magazines, video games, and other Web 2.0 content. The interconnectivity of such systems has not only provided individuals with access to a wide variety of data, but now businesses have the ability to leverage the Internet as a part of their day-to-day operations. Whether it be human resources management, email and coordinated calendar systems, or sales tracking systems, the cloud offers opportunity to businesses for quicker, streamlined processes and potential cost savings. Furthermore, the government uses interconnected computer systems to manage public services such as energy systems, coordinate public transportation logistics, synchronize emergency services, run water treatment facilities, and
References: 2011 state of security survey. (2011, August 31). Symantec. Retrieved from http://www.symantec.com/connect/blogs/2011-state-security-survey Ashford, W Chen, T. & Walsh, P. J. (2009). Guarding Against Network Intrusions. In J. R. Vacca Computer and Information Security Handbook. Amsterdam: Elsevier. Cliff, A. (2001, July 3). Intrusion detection systems terminology, part one: A – H. Symantec. Retrieved from http://www.symantec.com/connect/articles/intrusion-detection-systems-terminology-part-one-h Coleman, K The Comprehensive National Cybersecurity Initiative. (n.d.) The White House, President Barack Obama. Retrieved from http://www.whitehouse.gov/cybersecurity/comprehensive-national-cybersecurity-initiative Dhamankar, R., et al (2009, September) Efrati, A and Gorman, S. (2011, June 2). Google mail hack blamed on China. Wall Street Journal. Retrieved from http://online.wsj.com/article/SB10001424052702303657404576359770243517568.html FBI says hackers hit key services in three US cities Gottlieb, P. J. B., CDR. (2010). Cyberspace vs. cyber strategy. American Intelligence Journal, 28 (2), 18-25. Granger, S Gregg, M. (2006, June 9). Certified Ethical Hacker Exam Prep: Understanding Footprinting and Scanning. Pearson IT Certification. Hadnagy, C. (2010). Social Engineering: The Art of Human Hacking. Indianapolis, Indiana: John Wiley and Sons. Hassell, J. (2006, June 8). The top five ways to prevent IP spoofing. Computer World. Retrieved from http://www.computerworld.com/s/article/9001021/The_top_five_ways_to_prevent_IP_spoofing Hess, M Ispitzner. (2011, February 7). Book review – Social engineering. SANS (Securing the Human). Retrieved from http://www.securingthehuman.org/blog/2011/02/07/book-review-social-engineering-2 Jackson, D Kim, J. (2012, January 19). Many security breaches go unreported. Fierce Compliance IT. Retrieved from http://www.fiercecomplianceit.com/story/many-security-breaches-go-unreported/2012-01-19 Knickerbocker, B Lohrmann, D. (2012, January 4). 2012 Cybersecurity trends to watch in government. Government Technology. Retrieved from http://www.govtech.com/blogs/lohrmann-on-cybersecurity/2012-Cybersecurity-Trends-to-010412.html Libicki, M Libicki, M. C. (2009). The information environment. In America’s Security Role in a Changing World: Global Strategic Assessment 2009, 53-55. Lynn, III, W. J. (2010, September/October). Defending a new domain: The Pentagon 's cyberstrategy. Foreign Affairs. Retrieved from http://www.foreignaffairs.com/articles/66552/william-j-lynn-iii/defending-a-new-domain Mallery, J Mateti, P. (2006). TCP/IP Suite. In Bidgoli, H. (Ed.), Handbook of Information Security. Bakersfield, California: John Wile & Sons, Inc. Meier, J.D., Mackman, A., Dunner, M., Vasireddy, S., Escamilla, R Mick, J. (2011, June 19). Reports: Hackers use stolen RSA information to hack Lockheed Martin. Daily Tech. Retrieved from http://www.dailytech.com/Reports+Hackers+Use+Stolen+RSA+Information+to+Hack+Lockheed+Martin/article21757.htm Milevski, L McClure, S., Scambray, J., & Kurtz, G. (2009). Hacking exposed 6: Network security secrets & solutions. New York: McGraw-Hill. Meier, J.D., Mackman, A., Dunner, M., Vasireddy, S., Escamilla, R. & Murukan, A. (2003, June). Threats and countermeasures. Microsoft. Retrieved from http://msdn.microsoft.com/en-us/library/ff648641.aspx Montalbano, E Moore, R. (2005). Cybercrime: Investigating High Technology Computer Crime. Matthew Bender & Company. Security trumps secrecy in cyber fight-prosecutor (2012, January 12). Reuters. Retrieved from http://newsandinsight.thomsonreuters.com/Legal/News/2012/01_-_January/Security_trumps_secrecy_in_cyber_fight-prosecutor/ Sternstein, A Tanase, M. (2003, March 11). IP spoofing: An introduction. Symantec. Retrieved from http://www.symantec.com/connect/articles/ip-spoofing-introduction Editor Vacca, J Valacich, J. & Schneider, C. (2012). Information Systems Today: Managing in the Digital Word. Boston: Prentice Hall. Velasco, V. (2000, November 21). Introduction to IP spoofing. SANS (SysAdmin, Audit, Network, Security) Institute. Retreieved from ttp://www.sans.org/reading_room/whitepapers/threats/introduction-ip-spoofing_959