SlideShare ist ein Scribd-Unternehmen logo
1 von 27
Downloaden Sie, um offline zu lesen
Cybersecurity	
  
	
  
1	
  |	
  P a g e 	
  
	
  
	
  
Cybersecurity	
  	
  
Issues,	
  Challenges	
  and	
  Security	
  Controls	
  	
  	
  
	
   	
  
Image:	
  Courtesy	
  of	
  Google	
  	
  
By	
  
Asad	
  Zaman	
  
Information	
  Assurance	
  Capstone-­‐670	
  (Research	
  Paper)	
  
November	
  2011.	
  
For	
  
Dr.	
  James	
  Clark	
  
University	
  of	
  Maryland	
  University	
  College	
  (UMUC)	
  
Cybersecurity	
  
	
  
2	
  |	
  P a g e 	
  
	
  
Table	
  of	
  Contents	
  	
  
	
  
1. Abstract…………………………………………………………………………………………………………………………………...…3	
  
2. Introduction……………………………………………………………………………………………………………..…………………4	
  
3. Background…………………..…………………………………………….…………………………………………….……………….6	
  
4. Cybersecurity	
  	
  issues	
  &	
  Challenges	
  -­‐	
  Federal	
  Information	
  Systems……………………………………………..6	
  
5. Cybersecurity	
  Issues	
  and	
  Challenges	
  -­‐The	
  Corporations,	
  Institutes,	
  and	
  Service	
  Providers..….…..8	
  
6. Cybersecurity	
  Tools………………….……………………………….………………………………………………………………12	
  
A).	
  Cybersecurity	
  Measures………………………………………………………………………………………………………13	
  
7. Cybersecurity	
  Method………………………………………………………………………………………………………………15	
  
A).	
  Cryptography	
  ………………………………………………………………………………………………………………………15	
  
B).	
  Firewall…………………………………………………………………………………………………..……………………………16	
  
C).	
  Application	
  gateway…………………………………………………………………………………………………………….17	
  
D).	
  Pocket	
  Filtering……………………………………………………………………………………………………………………18	
  
E).	
  Hybrid………………………………………………………………………………………………………………………………….19	
  
8. Cybersecurity	
  Management	
  Issues………………………………………………………………………….………………..20	
  
9. Recommendation	
  on	
  Network	
  security…………………………………………………………………………………….21	
  
10. Wireless	
  ……………………………………………………………………………………………………………………………………21	
  
11. Cybersecurity	
  Technology…………….……………………………………………………………………..…..……………….23	
  
A).	
  SSL-­‐VPN……………………………………………………………………………………………………………………………….23	
  
B).	
  Intrusion	
  Detection	
  Prevention	
  System……………………………………………………………………………….24	
  
12. Conclusion………………………………………………………………………………………………………..………..……………24	
  	
  
13. Bibliography……………………………………………………………………………………………………………………………..25	
  	
  
Figure	
  
Figure	
  1:	
  Sample	
  application	
  of	
  gateway……………………………………………………………………………………………….18	
  
Figure	
  2:	
  Sample	
  Pocket	
  filtering……………………………………………………………………………………………………………19	
  
	
  
	
  	
  
	
  
Cybersecurity	
  
	
  
3	
  |	
  P a g e 	
  
	
  
1. Abstract	
  
Physical	
  world	
  is	
  increasingly	
  supported	
  by	
  a	
  cyberspace	
  or	
  internet	
  infrastructure.	
  This	
  
infrastructure	
  enables	
  new	
  business	
  models,	
  enhances	
  communications,	
  makes	
  personal	
  lives	
  
more	
  convenient,	
  and	
  contributes	
  to	
  national	
  defense.	
  The	
  flip	
  side	
  of	
  this	
  increased	
  reliance,	
  
however,	
  is	
  that	
  vulnerable	
  to	
  threats	
  to	
  cyberspace	
  infrastructure.	
  Network	
  outages,	
  data	
  
compromised	
  by	
  hackers,	
  propagating	
  viruses,	
  and	
  other	
  incidents	
  affect	
  lives	
  in	
  ways	
  that	
  
range	
  from	
  inconvenient	
  to	
  life-­‐threatening.	
  Cybersecurity	
  necessitates	
  a	
  comprehensive	
  
national	
  policy	
  to	
  protect	
  electronically	
  transmitted	
  and	
  stored	
  information	
  from	
  intrusion.	
  	
  	
  
The	
  President	
  of	
  the	
  United	
  State	
  (U.S.)	
  declared	
  that	
  the	
  U.S.	
  economic	
  prosperity	
  in	
  21st
	
  
century	
  depends	
  on	
  cybersecurity.	
  	
  In	
  the	
  face	
  of	
  severe	
  exigencies	
  of	
  threat,	
  several	
  nations	
  
and	
  organizations	
  are	
  addressing	
  the	
  issue	
  independently	
  as	
  well	
  as	
  jointly.	
  Cybersecurity	
  
threats	
  are	
  increasing	
  day	
  by	
  day	
  and	
  making	
  high	
  speed	
  wired/wireless	
  network	
  and	
  internet	
  
services,	
  insecure	
  and	
  unreliable.	
  Security	
  measures	
  works	
  more	
  importantly	
  towards	
  fulfilling	
  
the	
  cutting	
  edge	
  demands	
  of	
  today’s	
  growing	
  internet	
  use.	
  The	
  need	
  is	
  also	
  induced	
  in	
  to	
  the	
  
areas	
  like	
  defense,	
  where	
  secure	
  and	
  authenticated	
  access	
  of	
  resources	
  are	
  the	
  key	
  issues	
  
related	
  to	
  information	
  security.	
  	
  	
  
This	
  paper	
  described	
  the	
  important	
  measures	
  and	
  parameters	
  regarding	
  large	
  
industry/organizational	
  requirements	
  for	
  establishing	
  a	
  secure	
  network	
  as	
  well	
  as	
  issue	
  and	
  
challenges	
  in	
  cybersecurity.	
  	
  Wi-­‐Fi	
  networks	
  are	
  very	
  common	
  in	
  providing	
  wireless	
  network	
  
access	
  to	
  different	
  resources	
  and	
  connecting	
  various	
  devices	
  wirelessly.	
  There	
  are	
  need	
  of	
  
different	
  requirements	
  to	
  handle	
  Wi-­‐Fi	
  threats	
  and	
  network	
  hacking	
  attempts.	
  This	
  paper	
  also	
  
Cybersecurity	
  
	
  
4	
  |	
  P a g e 	
  
	
  
explores	
  important	
  security	
  measures	
  related	
  to	
  cybersecurity,	
  so	
  that	
  a	
  fully	
  secured	
  network	
  
environment	
  could	
  be	
  established	
  in	
  an	
  organization.	
  	
  
2. Introduction	
  
As	
  government	
  agencies,	
  private	
  sector	
  corporations,	
  the	
  military,	
  and	
  even	
  retail	
  shoppers	
  
shift	
  their	
  activities	
  to	
  the	
  Internet,	
  cybersecurity	
  becomes	
  increasingly	
  important.	
  In	
  October	
  
2010,	
  the	
  President	
  of	
  the	
  United	
  States	
  (U.S.)	
  called	
  upon	
  U.S.	
  people	
  to	
  recognize	
  the	
  
importance	
  of	
  cybersecurity.	
  	
  He	
  emphasized	
  on	
  the	
  confidentiality	
  of	
  sensitive	
  information,	
  
integrity	
  of	
  e-­‐commerce,	
  and	
  resilience	
  of	
  cyber	
  infrastructure.	
  	
  The	
  President	
  requested	
  for	
  a	
  
universal	
  co-­‐operations	
  to	
  reduce	
  cyber	
  risk	
  (http://www.whitehouse.gov/the-­‐press-­‐
office/2010/10/01/presidential-­‐proclamation-­‐national-­‐cybersecurity-­‐awareness-­‐month).	
  
Cyberspace	
  touches	
  nearly	
  every	
  part	
  of	
  daily	
  lives.	
  	
  It's	
  the	
  broadband	
  networks	
  beneath	
  us	
  
and	
  the	
  wireless	
  signals	
  around	
  us,	
  the	
  local	
  networks	
  in	
  our	
  schools	
  and	
  hospitals	
  and	
  
businesses,	
  and	
  the	
  massive	
  grids	
  that	
  power	
  our	
  nation.	
  	
  It's	
  the	
  classified	
  military	
  and	
  
intelligence	
  networks	
  that	
  keep	
  us	
  safe,	
  and	
  the	
  World	
  Wide	
  Web	
  that	
  has	
  made	
  us	
  more	
  
interconnected	
  than	
  at	
  any	
  time	
  in	
  human	
  history.	
  	
  We	
  must	
  secure	
  our	
  cyberspace	
  to	
  ensure	
  
that	
  we	
  can	
  continue	
  to	
  grow	
  the	
  nation’s	
  economy	
  and	
  protect	
  our	
  way	
  of	
  life	
  
(www.whitehouse.gov/cybersecurity).	
  
Cybersecurity	
  is	
  the	
  measure	
  to	
  safeguard	
  organizational	
  computing	
  assets	
  from	
  cyber	
  
threats	
  and	
  vulnerabilities.	
  	
  While	
  computers	
  provide	
  increased	
  features	
  and	
  functionality,	
  they	
  
also	
  introduce	
  new	
  risks.	
  	
  Any	
  piece	
  of	
  electronic	
  equipment,	
  such	
  as	
  computer,	
  cell	
  phone,	
  car	
  
navigation	
  device,	
  PDA,	
  etc.	
  that	
  uses	
  some	
  kind	
  of	
  computerized	
  component	
  is	
  vulnerable	
  to	
  
software	
  imperfections	
  and	
  vulnerabilities.	
  	
  The	
  risks	
  increase	
  if	
  the	
  device	
  is	
  connected	
  to	
  the	
  
Cybersecurity	
  
	
  
5	
  |	
  P a g e 	
  
	
  
internet	
  or	
  a	
  network	
  that	
  an	
  attacker	
  may	
  be	
  able	
  to	
  access.	
  	
  The	
  outside	
  connection	
  provides	
  
a	
  way	
  for	
  an	
  attacker	
  to	
  send	
  information	
  to	
  or	
  extract	
  information	
  from	
  the	
  connected	
  device.	
  	
  
Both	
  wired	
  and	
  wireless	
  connections	
  are	
  vulnerable	
  to	
  cyber	
  threats.	
  	
  Attackers	
  may	
  be	
  able	
  to	
  
take	
  advantage	
  of	
  these	
  technological	
  advancements	
  to	
  target	
  devices	
  previously	
  considered	
  
"safe."	
  For	
  example,	
  an	
  attacker	
  may	
  be	
  able	
  to	
  infect	
  cell	
  phone	
  with	
  a	
  virus,	
  steal	
  phone	
  or	
  
wireless	
  service,	
  or	
  access	
  the	
  data	
  on	
  PDA.	
  Not	
  only	
  do	
  these	
  activities	
  have	
  implications	
  for	
  
users’	
  personal	
  information,	
  but	
  they	
  could	
  also	
  have	
  serious	
  consequences	
  if	
  any	
  corporate	
  
information	
  is	
  stored	
  on	
  the	
  device.	
  	
  Computing	
  devices	
  should	
  never	
  be	
  left	
  unattended	
  in	
  
public	
  or	
  easily	
  accessible	
  areas.	
  	
  All	
  patches,	
  firmware	
  updates,	
  and	
  software	
  updates	
  must	
  be	
  
installed	
  immediately	
  after	
  it	
  is	
  released	
  by	
  the	
  vendor	
  –	
  installing	
  them	
  will	
  prevent	
  attackers	
  
from	
  being	
  able	
  to	
  take	
  advantage	
  of	
  known	
  problems	
  or	
  vulnerabilities.	
  	
  A	
  strong	
  and	
  unique	
  
password	
  which	
  is	
  difficult	
  for	
  thieves	
  to	
  guess	
  should	
  be	
  used	
  for	
  each	
  computing	
  device,	
  and	
  
option	
  to	
  remember	
  password	
  should	
  be	
  disabled.	
  	
  Network	
  connections,	
  including	
  wireless	
  
connections,	
  should	
  be	
  kept	
  disabled	
  when	
  they	
  are	
  not	
  in	
  use.	
  	
  All	
  data,	
  especially	
  the	
  privacy	
  
data,	
  should	
  be	
  stored	
  encrypted.	
  	
  When	
  data	
  is	
  encrypted,	
  unauthorized	
  people	
  can't	
  view	
  
data	
  even	
  if	
  they	
  can	
  physically	
  access	
  it;	
  the	
  data	
  owner	
  must	
  remember	
  the	
  encryption	
  
password	
  to	
  decrypt	
  data,	
  otherwise	
  even	
  the	
  owner	
  will	
  be	
  unable	
  to	
  see	
  data	
  (McDowell	
  &	
  
Lytle,	
  2008).	
  
Even	
  the	
  U.S.	
  President,	
  Barack	
  Obama,	
  in	
  his	
  address	
  on	
  May	
  29,	
  2009	
  to	
  the	
  National	
  
Security	
  Council	
  (NSC),	
  declared	
  that	
  America's	
  economic	
  prosperity	
  in	
  the	
  21st	
  century	
  would	
  
depend	
  on	
  effective	
  implementation	
  of	
  cybersecurity.	
  	
  Obama	
  mentioned	
  cyber	
  threat	
  as	
  one	
  
of	
  the	
  serious	
  economic	
  and	
  national	
  security	
  challenges	
  and	
  cautioned	
  about	
  the	
  risk	
  of	
  
Cybersecurity	
  
	
  
6	
  |	
  P a g e 	
  
	
  
privacy	
  data,	
  identity	
  theft,	
  botnet,	
  spyware,	
  malware,	
  spoofing,	
  phishing,	
  cyber	
  threats,	
  and	
  
cyber	
  criminals.	
  	
  He	
  mentioned	
  that	
  about	
  1.5	
  billion	
  people	
  worldwide	
  use	
  Internet	
  and	
  it	
  is	
  
growing	
  rapidly.	
  	
  The	
  President	
  highlighted	
  that	
  e-­‐commerce	
  in	
  U.S.	
  accounted	
  for	
  $132	
  billion	
  
retail	
  sales	
  in	
  2008.	
  	
  Obama	
  estimated	
  that	
  cyber	
  criminals	
  stole	
  $1	
  trillion	
  worth	
  of	
  intellectual	
  
property	
  in	
  2008	
  worldwide	
  (Obama,	
  2009).	
  	
  Cybersecurity	
  can	
  be	
  defined	
  as	
  protection	
  of	
  
networks	
  and	
  their	
  services	
  from	
  unauthorized	
  alteration,	
  destruction,	
  or	
  disclosure,	
  and	
  
provision	
  of	
  assurance	
  that	
  the	
  network	
  performs	
  in	
  critical	
  situations	
  and	
  have	
  no	
  harmful	
  
effects	
  for	
  neither	
  user	
  nor	
  for	
  employee	
  (Jegal,	
  2008).	
  It	
  also	
  includes	
  provisions	
  made	
  in	
  an	
  
underlying	
  computer	
  network	
  infrastructure,	
  policies	
  adopted	
  by	
  the	
  network	
  administrator	
  to	
  
protect	
  the	
  network	
  and	
  the	
  network-­‐accessible	
  resources	
  from	
  unauthorized	
  access.	
  	
  
3. Background	
  
Computer	
  networks	
  were	
  developed	
  in	
  the	
  1960s	
  to	
  help	
  a	
  small	
  group	
  of	
  scientists	
  to	
  
communicate	
  among	
  themselves.	
  	
  The	
  Internet	
  was	
  developed	
  in	
  1969	
  in	
  an	
  effort	
  to	
  link	
  a	
  few	
  
computers	
  in	
  scientific	
  labs	
  across	
  the	
  Unites	
  States,	
  especially	
  for	
  military	
  research,	
  and	
  
financed	
  by	
  Pentagon	
  through	
  the	
  Advanced	
  Research	
  Project	
  Agency	
  (ARPA).	
  	
  The	
  first	
  
network	
  was	
  called	
  ARPANET.	
  	
  In	
  1989,	
  the	
  Internet	
  was	
  transformed	
  to	
  World	
  Wide	
  Web	
  
(WWW)	
  allowing	
  millions	
  of	
  people	
  to	
  access.	
  	
  In	
  the	
  early	
  1990s,	
  the	
  development	
  of	
  Netscape	
  
Navigator	
  even	
  made	
  the	
  WWW	
  easier	
  to	
  use.	
  	
  Today,	
  the	
  Internet	
  is	
  used	
  by	
  millions	
  of	
  people	
  
on	
  a	
  daily	
  basis	
  (Stevenson,	
  2000).	
  	
  	
  	
  
4. Cybersecurity Issues & Challenges (The Federal Information Systems)
Federal agencies are facing a set of emerging cybersecurity threats that are the result of
increasingly sophisticated methods of attack and the blending of once distinct types of attack into
Cybersecurity	
  
	
  
7	
  |	
  P a g e 	
  
	
  
more complex and damaging forms. Examples of these threats include spam (unsolicited
commercial e-mail), phishing (fraudulent messages to obtain personal or sensitive data), and
spyware (software that monitors user activity without user knowledge or consent). To address
these issues, GAO was asked to determine (1) the potential risks to federal systems from these
emerging cybersecurity threats, (2) the federal agencies' perceptions of risk and their actions to
mitigate them, (3) federal and private-sector actions to address the threats on a national level, and
(4) government faces a wide challenges to protecting federal systems from these threats. Spam,
phishing, and spyware pose security risks to federal information systems. Spam consumes
significant resources and is used as a delivery mechanism for other types of cyber attacks;
phishing can lead to identity theft, loss of sensitive information, and reduced trust and use of
electronic government services; and spyware can capture and release sensitive data, make
unauthorized changes, and decrease system performance. The blending of these threats creates
additional risks that cannot be easily mitigated with currently available tools. Agencies'
perceptions of the risks of spam, phishing, and spyware vary. In addition, most agencies were not
applying the information security program requirements of the Federal Information Security
Management Act of 2002 (FISMA) to these emerging threats, including performing risk
assessments, implementing effective mitigating controls, providing security awareness training,
and ensuring that their incident-response plans and procedures addressed these threats. Several
entities within the federal government and the private sector have begun initiatives to address
these emerging threats. These efforts range from educating consumers to targeting cybercrime.
Similar efforts are not, however, being made to assist and educate federal agencies. Although
federal agencies are required to report incidents to a central federal entity, they are not
consistently reporting incidents of emerging cybersecurity threats. Pursuant to FISMA, the
Cybersecurity	
  
	
  
8	
  |	
  P a g e 	
  
	
  
Office Management and Budget (OMB) and the Department of Homeland Security (DHS) share
responsibility for the federal government's capability to detect, analyze, and respond to
cybersecurity incidents. However, government a wide guidance has not been issued to clarify to
agencies which incidents they should be reporting, as well as how and to whom they should
report. Without effective coordination, the federal government is limited in its ability to identify
and respond to emerging cybersecurity threats, including sophisticated and coordinated attacks
that target multiple federal entities (Wilschsen, 2005).
5. Cybersecurity	
  Issue	
  &	
  Challenges	
  (The	
  Corporations,	
  Institutes,	
  and	
  Service	
  Providers)	
  
A	
  Deloitte	
  study	
  in	
  2010	
  found	
  that	
  cyber	
  threats	
  posed	
  to	
  organizations	
  have	
  increased	
  
faster	
  than	
  potential	
  victims,	
  the	
  cybersecurity	
  professionals,	
  can	
  cope	
  with	
  them.	
  	
  This	
  placed	
  
organizations	
  at	
  significant	
  risk.	
  	
  Cyber	
  criminals	
  are	
  increasingly	
  adept	
  at	
  gaining	
  undetected	
  
access	
  and	
  maintaining	
  a	
  persistent,	
  low-­‐profile,	
  long-­‐term	
  presence	
  in	
  IT	
  environments.	
  	
  An	
  
underground	
  economy	
  has	
  evolved	
  around	
  stealing,	
  packaging,	
  and	
  reselling	
  information.	
  	
  
Malware	
  authors	
  for	
  hire	
  provide	
  skills,	
  capabilities,	
  products,	
  and	
  outsourced	
  services	
  to	
  cyber	
  
criminals.	
  	
  These	
  include,	
  among	
  others,	
  identity	
  collection	
  and	
  theft,	
  data	
  acquisition	
  and	
  
storage,	
  stealthy	
  access	
  to	
  systems,	
  misdirection	
  of	
  communications,	
  keystroke	
  identification,	
  
identity	
  authentication,	
  and	
  botnets.	
  	
  Security	
  models	
  today	
  are	
  primarily	
  “reactive,”	
  and	
  cyber	
  
criminals	
  are	
  exploiting	
  that	
  weakness.	
  	
  Many	
  security	
  organizations	
  may	
  be	
  leaving	
  themselves	
  
vulnerable	
  to	
  cyber	
  crime	
  based	
  on	
  a	
  false	
  sense	
  of	
  security,	
  perhaps	
  even	
  complacency,	
  driven	
  
by	
  non-­‐agile	
  security	
  tools	
  and	
  processes.	
  	
  Many	
  are	
  failing	
  to	
  recognize	
  cyber	
  crimes	
  in	
  their	
  
information	
  technology	
  (IT)	
  environments	
  and	
  misallocating	
  limited	
  resources	
  to	
  lesser	
  threats.	
  	
  
Cybersecurity	
  
	
  
9	
  |	
  P a g e 	
  
	
  
For	
  example,	
  many	
  organizations	
  focus	
  heavily	
  on	
  foiling	
  hackers	
  and	
  blocking	
  pornography	
  
while	
  potential	
  cyber	
  crimes	
  are	
  going	
  undetected	
  and	
  unaddressed	
  (DeZabala	
  &	
  Baich,	
  2010).	
  
There	
  are	
  concerns	
  that	
  Apple	
  uploads	
  clients’	
  data,	
  up	
  to	
  73MB	
  a	
  night,	
  from	
  every	
  iPhone	
  
device	
  in-­‐use.	
  	
  Apple	
  is	
  claiming	
  that	
  they	
  are	
  uploading	
  location	
  data	
  only.	
  	
  Uploading	
  up	
  to	
  73	
  
MB	
  of	
  location	
  data	
  every	
  night?	
  	
  Is	
  that	
  true?	
  	
  What	
  Apple	
  is	
  really	
  uploading?	
  	
  Are	
  they	
  
harvesting	
  keyboard	
  cache,	
  GeoTag	
  (location	
  data),	
  date,	
  time,	
  photo	
  library,	
  WiFi	
  connection	
  
logs,	
  and	
  personal	
  interest	
  of	
  users	
  supplemented	
  with	
  name,	
  phone	
  number,	
  and	
  email	
  
address?	
  	
  All	
  combined,	
  this	
  set	
  of	
  information	
  has	
  a	
  huge	
  value	
  in	
  the	
  underground	
  market	
  of	
  
personal	
  data.	
  	
  This	
  data	
  is	
  enough	
  for	
  a	
  dubious	
  spouse	
  to	
  prove	
  that	
  the	
  partner	
  was	
  not	
  in	
  
office	
  at	
  a	
  given	
  date	
  and	
  time?	
  	
  Is	
  Apple	
  infringing	
  the	
  data	
  privacy	
  of	
  its	
  users?	
  	
  As	
  a	
  
precaution,	
  Apple	
  users	
  should	
  regularly	
  clean	
  the	
  browser’s	
  recent	
  searches	
  and	
  the	
  keyboard	
  
cache.	
  	
  Germany’s	
  justice	
  minister,	
  Sabine	
  Leutheusser-­‐Schnarrenberger,	
  has	
  already	
  asked	
  
Apple	
  to	
  tell	
  the	
  State	
  Data	
  Protection	
  Officials	
  about	
  the	
  kind	
  of	
  data	
  that	
  Apple	
  is	
  gathering	
  on	
  
individual	
  iPhone	
  users	
  in	
  Germany.	
  	
  Apple	
  is	
  also	
  asked	
  to	
  outline	
  the	
  purpose	
  of	
  collecting	
  this	
  
data	
  and	
  how	
  long	
  the	
  data	
  will	
  be	
  stored	
  (Brien,	
  2010;	
  Seriot,	
  2010).	
  	
  	
  
Although	
  there	
  are	
  popular	
  believes	
  that	
  only	
  computer	
  programs	
  can	
  get	
  infected	
  with	
  
virus	
  software,	
  but	
  that	
  is	
  not	
  necessarily	
  true.	
  	
  In	
  fact,	
  almost	
  any	
  electronic	
  device	
  that	
  runs	
  
automatically	
  can	
  get	
  infected	
  with	
  malware	
  (virus,	
  worm,	
  etc.),	
  and	
  even	
  cell	
  phones	
  are	
  not	
  
safe	
  from	
  cyber	
  crimes.	
  	
  IKEE	
  is	
  the	
  first	
  known	
  iPhone	
  worm.	
  	
  This	
  worm	
  changes	
  the	
  iPhone’s	
  
wallpaper	
  and	
  displays	
  a	
  photograph	
  of	
  1980s	
  singer	
  Rick	
  Ashley	
  with	
  the	
  words	
  “IKEE	
  is	
  never	
  
goanna	
  give	
  you	
  up.”	
  	
  The	
  programmer	
  of	
  this	
  worm,	
  a	
  21-­‐year	
  old	
  Australian	
  programmer,	
  was	
  
Cybersecurity	
  
	
  
10	
  |	
  P a g e 	
  
	
  
subsequently	
  hired	
  by	
  the	
  Australian	
  iPhone	
  development	
  company,	
  Mogeneration.	
  	
  Typically,	
  
iPhone	
  runs	
  software	
  in	
  its	
  standard	
  configuration	
  that	
  is	
  cryptographically	
  signed	
  only	
  by	
  
Apple,	
  but	
  iPhone	
  hackers	
  found	
  ways	
  to	
  circumvent	
  this	
  limitation	
  by	
  creating	
  a	
  modified	
  
version	
  of	
  iPhone	
  operating	
  system	
  (OS)	
  that	
  runs	
  other	
  software	
  codes.	
  	
  Installing	
  such	
  a	
  
firmware	
  is	
  called	
  “jailbreaking.”	
  	
  It	
  is	
  estimated	
  that	
  about	
  6–8%	
  of	
  all	
  iPhone	
  are	
  “jailbroken”	
  
and	
  hackers	
  can	
  steal	
  users’	
  data	
  now,	
  including	
  users’	
  privacy	
  and	
  sensitive	
  data,	
  from	
  
jailbroken	
  iPhones	
  remotely	
  (Seriot,	
  2010).	
  	
  	
  
	
   Cybercrime,	
  such	
  as	
  identity	
  theft	
  electronically,	
  is	
  a	
  federal	
  crime	
  in	
  the	
  USA.	
  	
  It	
  is	
  one	
  
of	
  the	
  most	
  prevalent	
  nuisances	
  of	
  the	
  21st
	
  century,	
  the	
  digital	
  revolution,	
  and	
  the	
  radical	
  
transformation	
  of	
  world	
  for	
  its	
  widespread	
  Internet	
  use.	
  	
  Not	
  only	
  has	
  this	
  revolution	
  changed	
  
the	
  way	
  people	
  live	
  and	
  do	
  business,	
  it	
  has	
  also	
  expanded	
  the	
  spectrum	
  of	
  illegal	
  activities.	
  	
  
Cybercrime	
  has	
  many	
  faces	
  -­‐	
  from	
  computer	
  hacking	
  and	
  online	
  piracy	
  of	
  copyrighted	
  content	
  
to	
  spam,	
  spyware,	
  malware,	
  or	
  any	
  of	
  a	
  host	
  of	
  other	
  issues,	
  unimaginable	
  a	
  few	
  decades	
  ago.	
  	
  
It	
  is	
  not	
  yet	
  clear	
  how	
  the	
  law	
  is	
  faring	
  against	
  this	
  ever	
  elusive	
  opponent	
  (Demarco,	
  2009).	
  
The	
  most	
  frequent	
  form	
  of	
  identity	
  theft	
  is	
  the	
  fraudulent	
  use	
  of	
  someone’s	
  name	
  and	
  
identifying	
  data	
  to	
  obtain	
  credit,	
  merchandise,	
  and	
  services	
  (COPS,	
  2006).	
  	
  The	
  Internet	
  has	
  
made	
  it	
  easier	
  for	
  individuals	
  and	
  organizations	
  to	
  communicate	
  and	
  conduct	
  business	
  online;	
  
hence,	
  e-­‐commerce	
  is	
  growing.	
  	
  According	
  to	
  eMarketer,	
  an	
  estimated	
  152	
  million	
  individuals	
  
ages	
  14	
  and	
  above	
  shopped	
  online	
  in	
  2009.	
  	
  With	
  the	
  growth	
  of	
  e-­‐commerce,	
  identity	
  theft	
  
problems	
  have	
  also	
  grown	
  in	
  many	
  parts	
  of	
  the	
  world.	
  	
  Tremendous	
  efforts	
  have	
  been	
  made	
  in	
  
Cybersecurity	
  
	
  
11	
  |	
  P a g e 	
  
	
  
the	
  past	
  decade	
  by	
  governments	
  and	
  businesses	
  to	
  understand	
  these	
  issues	
  and	
  to	
  find-­‐out	
  
solutions	
  for	
  combating	
  these	
  problems	
  (Ji,	
  Smith-­‐Chao,	
  &	
  Min,	
  2008).	
  	
  	
  
The	
  growth	
  potential	
  of	
  e-­‐commerce	
  has	
  its	
  own	
  vulnerabilities	
  also.	
  	
  The	
  chance	
  of	
  
security	
  failure,	
  including	
  disclosure	
  of	
  privacy	
  information,	
  is	
  high.	
  	
  The	
  confidentiality,	
  
integrity,	
  and	
  availability	
  (CIA)	
  are	
  at	
  stake.	
  	
  Perhaps	
  the	
  most	
  important	
  reason	
  for	
  both	
  
businesses	
  and	
  consumers	
  to	
  partially	
  refrain	
  from	
  establishing	
  and	
  participating	
  in	
  e-­‐
commerce	
  is	
  the	
  potential	
  for	
  loss	
  of	
  privacy	
  data.	
  	
  A	
  single	
  highly	
  publicized	
  security	
  breach	
  in	
  
privacy	
  data	
  can	
  erode	
  confidence	
  in	
  the	
  business	
  and	
  can	
  not	
  only	
  damage	
  the	
  reputation	
  of	
  
the	
  firm,	
  but	
  cause	
  widespread	
  repercussions	
  in	
  the	
  e-­‐commerce	
  industry	
  (Farahmand	
  &	
  
Navathe,	
  2005).	
  	
  The	
  internet	
  has	
  presented	
  opportunities	
  for	
  companies	
  to	
  bombard	
  the	
  
consumers	
  with	
  various	
  marketing	
  information,	
  especially	
  in	
  online	
  advertisements.	
  	
  Some	
  of	
  
these	
  techniques	
  infringe	
  data	
  privacy	
  and	
  leaves	
  consumers	
  with	
  security	
  issues.	
  	
  Dobosz,	
  
Green,	
  &	
  Sisler	
  (2006)	
  found	
  that	
  DoubleClick	
  collecting	
  PII	
  of	
  Internet	
  users	
  although	
  it	
  claims	
  
that	
  it	
  does	
  not.	
  	
  	
  
A	
  Federal	
  Trade	
  Commission	
  survey	
  conducted	
  in	
  2003	
  estimated	
  the	
  annual	
  number	
  of	
  
victims	
  of	
  some	
  form	
  of	
  identity	
  theft	
  at	
  9.91	
  million	
  adults	
  or	
  about	
  4.6	
  percent	
  of	
  the	
  United	
  
States	
  population.	
  	
  Actual	
  dollar	
  losses	
  for	
  businesses	
  and	
  victims	
  in	
  the	
  United	
  States	
  are	
  
estimated	
  roughly	
  at	
  $53	
  billion	
  for	
  2004.	
  	
  These	
  figures	
  do	
  not	
  take	
  into	
  account	
  expenses	
  
incurred	
  by	
  the	
  victims	
  to	
  recover	
  losses;	
  the	
  cost	
  to	
  the	
  criminal	
  justice	
  system	
  to	
  detect,	
  
investigate,	
  and	
  prosecute	
  offenders;	
  or	
  the	
  expenditures	
  of	
  time	
  and	
  money	
  to	
  develop,	
  
promulgate,	
  and	
  enforce	
  legislation	
  to	
  control	
  this	
  crime	
  (COPS,	
  2006).	
  	
  The	
  total	
  one-­‐year	
  
Cybersecurity	
  
	
  
12	
  |	
  P a g e 	
  
	
  
fraud	
  amount	
  for	
  2006	
  is	
  estimated	
  at	
  $55.7	
  billion,	
  and	
  the	
  average	
  number	
  of	
  hours	
  that	
  each	
  
victim	
  devotes	
  to	
  resolving	
  fraudulent	
  transactions	
  and	
  negative	
  credit	
  reporting	
  issues	
  is	
  
thought	
  to	
  be	
  40	
  hours	
  per	
  victim	
  (Fonte,	
  2008).	
  
It	
  is	
  essential	
  to	
  reduce	
  the	
  opportunities	
  for	
  criminals’	
  misusing	
  the	
  data	
  that	
  they	
  steal	
  
because	
  thieves	
  are	
  resourceful	
  and	
  security	
  systems	
  are	
  imperfect.	
  	
  Strong	
  law	
  enforcement	
  is	
  
necessary	
  to	
  punish	
  the	
  identity	
  thieves.	
  	
  The	
  recent	
  increasing	
  sophistication	
  of	
  identity	
  
thieves	
  meant	
  that	
  law	
  enforcement	
  agencies	
  at	
  all	
  levels	
  of	
  government	
  must	
  increase	
  the	
  
resources	
  they	
  devote	
  for	
  investigating	
  identity	
  related	
  crimes	
  (Gonzales	
  &	
  Majoras,	
  2007).	
  
According	
  to	
  the	
  U.S.	
  Federal	
  Trade	
  Commission	
  (FTC)	
  survey,	
  about	
  9.9	
  million	
  Americans	
  were	
  
victims	
  of	
  identity	
  theft	
  in	
  2002.	
  	
  Losses	
  from	
  such	
  crimes	
  totaled	
  $48	
  billion.	
  	
  Consumers	
  
reported	
  $5	
  billion	
  in	
  out-­‐of-­‐pocket	
  expenses	
  to	
  fix	
  the	
  problem	
  (Africa	
  news,	
  2003).	
  	
  The	
  
federal	
  trade	
  commission	
  (FTC)	
  publication	
  in	
  2008	
  –	
  “Take	
  Charge:	
  Fighting	
  Back	
  Against	
  
Identity	
  Theft”	
  is	
  rich	
  in	
  contents	
  identifying	
  the	
  prevailing	
  risks,	
  such	
  as	
  tax	
  fraud,	
  banking	
  
fraud,	
  and	
  credit	
  fraud	
  in	
  identity	
  theft	
  and	
  data	
  privacy	
  risks,	
  resolving	
  problems,	
  and	
  
minimizing	
  recurrence	
  (FTC,	
  2008).	
  	
  
There	
  is	
  a	
  growing	
  awareness	
  among	
  e-­‐commerce	
  customers	
  that	
  they	
  must	
  stay	
  ahead	
  
of	
  the	
  risks,	
  because	
  risk	
  is	
  everywhere;	
  even	
  using	
  a	
  teller	
  machine	
  is	
  a	
  potential	
  risk	
  where	
  a	
  
criminal	
  might	
  watch	
  the	
  personal	
  identification	
  number	
  (PIN)	
  over	
  the	
  shoulder	
  and	
  use	
  it	
  later	
  
or	
  sell	
  it	
  to	
  others	
  for	
  their	
  financial	
  gains	
  (Bhakta,	
  2008).	
  	
  	
  
6.	
  Cybersecurity	
  Tools	
  
Cybersecurity	
  
	
  
13	
  |	
  P a g e 	
  
	
  
Nowadays	
  many	
  commercial	
  and	
  some	
  DOD	
  or	
  DOE	
  installations	
  have	
  networks	
  which	
  
include	
  various	
  supercomputer	
  models	
  incorporated	
  in	
  them.	
  	
  It	
  would	
  be	
  interesting	
  to	
  know	
  if	
  
products	
  cater	
  for	
  such	
  environments	
  too	
  along	
  with	
  the	
  associated	
  pricing	
  algorithm.	
  	
  New	
  
techniques	
  and	
  advances	
  in	
  the	
  field	
  of	
  “real-­‐time”	
  auditing	
  in	
  the	
  area	
  of	
  IDS,	
  Intrusion	
  
Detection	
  Systems,	
  now	
  look	
  for	
  signs	
  of	
  intrusions	
  or	
  variations	
  in	
  the	
  normal	
  operations	
  in	
  
real	
  time.	
  	
  Thus	
  bringing	
  auditing	
  of	
  ICT	
  network	
  systems	
  into	
  more	
  of	
  an	
  a	
  ‘prior	
  system	
  than	
  
previous	
  known.	
  Previous	
  ICT	
  auditing	
  systems	
  looked	
  more	
  like	
  the	
  classical	
  accounting	
  and	
  
financial	
  auditing	
  tools	
  applied	
  to	
  computing.	
  	
  There	
  is	
  still	
  that	
  element	
  present.	
  	
  However;	
  
today	
  the	
  computer	
  is	
  the	
  network	
  and	
  the	
  network	
  is	
  the	
  computer	
  and	
  it	
  is	
  a	
  dynamic	
  system	
  
which	
  lends	
  itself	
  to	
  real-­‐time	
  auditing.	
  	
  This	
  is	
  a	
  dimension	
  beyond	
  yesterday’s	
  computer	
  
auditing	
  functionality	
  (Clark,	
  2011).	
  
Below	
  are	
  named	
  few	
  tools	
  and	
  a	
  very	
  brief	
  functionality	
  used	
  to	
  secure	
  the	
  network:	
  
•	
  N-­‐map	
  Security	
  Scanner	
  is	
  a	
  free	
  and	
  open	
  source	
  utility	
  for	
  network	
  exploration	
  or	
  security	
  
auditing.	
  
•	
  Nessus	
  is	
  the	
  best	
  free	
  network	
  vulnerability	
  scanner	
  available.	
  
•	
  Wire	
  shark	
  or	
  Ethereal	
  is	
  an	
  open	
  source	
  network	
  protocol	
  analyzer	
  for	
  UNIX	
  and	
  Windows.	
  
•	
  Snort	
  is	
  light-­‐weight	
  network	
  intrusion	
  detection	
  and	
  prevention	
  system	
  excels	
  at	
  traffic	
  
analysis	
  and	
  packet	
  Logging	
  on	
  IP	
  networks.	
  
•	
  Net	
  Cat	
  is	
  a	
  simple	
  utility	
  that	
  reads	
  and	
  writes	
  data	
  across	
  TCP	
  or	
  UDP	
  network	
  connections.	
  
•	
  Kismet	
  is	
  a	
  powerful	
  wireless	
  sniffer.	
  
6. Cybersecurity	
  Measures:	
  
	
  
Cybersecurity	
  
	
  
14	
  |	
  P a g e 	
  
	
  
(Marin,	
  2005)	
  defined	
  the	
  core	
  practical	
  networking	
  aspects	
  of	
  security	
  including	
  
computer	
  intrusion	
  detection,	
  traffic	
  analysis,	
  and	
  network	
  monitoring	
  aspects	
  of	
  network	
  
security.	
  (Flauzac,	
  2009)	
  has	
  presented	
  a	
  new	
  approach	
  for	
  the	
  implementation	
  of	
  
distributed	
  security	
  solution	
  in	
  a	
  controlled	
  collaborative	
  manner,	
  called	
  grid	
  of	
  security,	
  in	
  
which	
  community	
  of	
  devices	
  ensures	
  that	
  a	
  device	
  is	
  trustworthy	
  and	
  communications	
  
between	
  devices	
  can	
  be	
  performed	
  under	
  control	
  of	
  the	
  system	
  policies.	
  (Wu	
  Kehe,	
  2009)	
  
has	
  defined	
  information	
  security	
  in	
  three	
  parts	
  -­‐	
  data	
  security,	
  network	
  system	
  security	
  and	
  
network	
  business	
  security,	
  and	
  the	
  network	
  business	
  security	
  model.	
  A	
  theoretical	
  basis	
  for	
  
security	
  defense	
  for	
  enterprise	
  automatic	
  production	
  system	
  has	
  also	
  been	
  established.	
  A	
  
Public	
  Key	
  Infrastructure	
  (PKI)-­‐based	
  security	
  framework	
  for	
  wireless	
  network	
  has	
  been	
  
defined	
  by	
  (Wuzheng	
  2009).	
  In	
  this	
  paper	
  various	
  tools	
  and	
  treatment	
  related	
  to	
  
cryptography	
  and	
  network	
  security	
  has	
  been	
  defined.	
  The	
  latest	
  issues	
  related	
  to	
  network	
  
security	
  technology	
  and	
  their	
  practical	
  applications	
  like	
  Advance	
  Encryption	
  Standard	
  (AES),	
  
CMAC	
  mode	
  for	
  authentication	
  and	
  the	
  CCM	
  mode	
  for	
  authenticated	
  encryption	
  standards	
  
are	
  also	
  discussed	
  in	
  a	
  very	
  elaborative	
  way.	
  In	
  addition,	
  various	
  hacking	
  attempts	
  and	
  their	
  
detection,	
  remedial	
  are	
  also	
  discussed	
  in	
  a	
  very	
  efficient	
  way.	
  Nowadays,	
  transfer	
  of	
  
information	
  in	
  a	
  safer	
  and	
  secure	
  way	
  over	
  a	
  network	
  has	
  become	
  a	
  major	
  challenge	
  for	
  the	
  
industry.	
  The	
  attacks	
  and	
  the	
  network	
  security	
  measures	
  define	
  that	
  how	
  using	
  the	
  network	
  
security	
  tools,	
  a	
  better,	
  healthy	
  and	
  safe	
  network	
  can	
  be	
  designed	
  and	
  maintained	
  for	
  an	
  
organization/industry.	
  This	
  paper	
  focuses	
  on	
  the	
  issues	
  through	
  which	
  Cybersecurity	
  can	
  be	
  
managed	
  and	
  maintained	
  more	
  efficiently	
  in	
  an	
  organization.	
  	
  
Following	
  measures	
  are	
  to	
  be	
  taken	
  to	
  secure	
  the	
  network	
  
Cybersecurity	
  
	
  
15	
  |	
  P a g e 	
  
	
  
•	
  A	
  strong	
  firewall	
  and	
  proxy	
  to	
  be	
  used	
  to	
  keep	
  unwanted	
  traffic	
  out.	
  
•	
  A	
  strong	
  Antivirus	
  software	
  package	
  and	
  Internet	
  Security	
  Software	
  package	
  should	
  be	
  
installed.	
  
•	
  For	
  authentication,	
  use	
  strong	
  passwords	
  and	
  change	
  every	
  30	
  days	
  basis.	
  
•	
  When	
  using	
  a	
  wireless	
  connection,	
  use	
  a	
  robust	
  password.	
  
•	
  Employees	
  should	
  be	
  cautious	
  about	
  physical	
  security.	
  
•	
  Prepare	
  a	
  network	
  analyzer	
  or	
  network	
  monitor	
  and	
  use	
  it	
  when	
  needed.	
  
•	
  Implementation	
  of	
  physical	
  security	
  measures	
  like	
  closed	
  circuit	
  television	
  for	
  entry	
  areas	
  and	
  
restricted	
  zones.	
  
•	
  Security	
  barriers	
  to	
  restrict	
  the	
  organization's	
  perimeter.	
  
•	
  Fire	
  asphyxiators	
  can	
  be	
  used	
  for	
  fire-­‐sensitive	
  areas	
  like	
  server	
  rooms	
  and	
  security	
  rooms.	
  
7. Cybersecurity	
  Method	
  
According	
  to	
  one	
  of	
  my	
  UMUC	
  professor	
  that	
  Security	
  is	
  on	
  one	
  hand	
  a	
  race	
  of	
  imagination,	
  
trying	
  to	
  outthink	
  the	
  bad	
  guys,	
  but	
  it	
  is	
  also	
  a	
  very	
  regimented,	
  details	
  oriented,	
  carefully	
  
thought	
  out	
  pattern	
  of	
  activity.	
  The	
  imagination	
  and	
  the	
  cybersecuity	
  method	
  are	
  expressed	
  
regarding	
  the	
  cybersecurity	
  war	
  (Samid,	
  2009).	
  In	
  a	
  never-­‐ending	
  loop,	
  cybersecurity	
  experts	
  
develop	
  new	
  ways	
  to	
  prevent	
  continually	
  emerging	
  threats,	
  and	
  hackers	
  develop	
  more	
  
sophisticated	
  technology	
  to	
  circumvent	
  information	
  security	
  systems.	
  Below	
  are	
  named	
  a	
  few	
  
methods	
  and	
  a	
  brief	
  discussed.	
  
A. Cryptography	
  
Today’s	
  information	
  systems	
  and	
  the	
  information	
  that	
  they	
  contain	
  are	
  considered	
  to	
  be	
  
major	
  assets	
  that	
  require	
  protection.	
  Cryptography	
  relies	
  on	
  ciphers	
  (after	
  encrypted	
  plaintext),	
  
Cybersecurity	
  
	
  
16	
  |	
  P a g e 	
  
	
  
which	
  is	
  nothing	
  but	
  mathematical	
  functions	
  used	
  for	
  encryption	
  and	
  decryption	
  of	
  a	
  message.	
  
To	
  ensure	
  the	
  security	
  of	
  information	
  in	
  increasingly	
  prevalent	
  e-­‐commerce,	
  e-­‐business,	
  and	
  to	
  
protect	
  private	
  data	
  from	
  hackers	
  and	
  saboteurs,	
  among	
  the	
  others,	
  cryptography	
  is	
  one	
  of	
  the	
  
key	
  techniques	
  that	
  ensure	
  confidentiality	
  and	
  integrity	
  of	
  information.	
  	
  The	
  information	
  used	
  
by	
  government	
  and	
  business	
  is	
  contained	
  in	
  computer	
  systems	
  consisting	
  of	
  groups	
  of	
  
interconnected	
  computers	
  that	
  make	
  use	
  of	
  shared	
  networks,	
  often	
  referred	
  to	
  as	
  the	
  Internet	
  
or	
  Cyberspace.	
  Since	
  the	
  Cyberspace	
  is	
  shared	
  by	
  diverse	
  and	
  often	
  competing	
  organizations	
  
and	
  individuals,	
  information	
  systems	
  should	
  protect	
  themselves	
  and	
  the	
  information	
  that	
  they	
  
contain	
  from	
  unauthorized	
  disclosure,	
  modification	
  and	
  use.	
  Cryptography	
  is	
  often	
  used	
  to	
  
protect	
  information	
  from	
  unauthorized	
  disclosure,	
  to	
  detect	
  modification,	
  and	
  to	
  authenticate	
  
the	
  identities	
  of	
  system	
  users.	
  Cryptography	
  is	
  particularly	
  useful	
  when	
  data	
  transmission	
  or	
  
authentication	
  occurs	
  over	
  communications	
  networks	
  for	
  which	
  physical	
  means	
  of	
  protection	
  
are	
  often	
  cost-­‐prohibitive	
  or	
  even	
  impossible	
  to	
  implement.	
  Thus,	
  cryptography	
  is	
  widely	
  used	
  
when	
  business	
  is	
  conducted	
  or	
  when	
  sensitive	
  information	
  is	
  transmitted	
  over	
  the	
  Cyberspace.	
  
Cryptography	
  also	
  provides	
  a	
  layer	
  of	
  protection	
  for	
  stored	
  data	
  (in	
  addition	
  to	
  physical	
  and	
  
computer	
  security	
  access	
  controls)	
  against	
  insiders	
  who	
  may	
  have	
  physical	
  and	
  possibly	
  logical	
  
(e.g.,	
  system	
  administrator)	
  access	
  to,	
  but	
  not	
  the	
  authorization	
  to	
  know	
  or	
  modify,	
  the	
  
information	
  Cryptographic	
  techniques	
  (Pandey,	
  2011).	
  
B. Firewall	
  
Firewalls	
  are	
  devices	
  or	
  programs	
  that	
  control	
  the	
  flow	
  of	
  network	
  traffic	
  between	
  networks	
  
or	
  hosts	
  that	
  employ	
  differing	
  security	
  postures.	
  At	
  one	
  time,	
  most	
  firewalls	
  were	
  deployed	
  at	
  
network	
  perimeters.	
  This	
  provided	
  some	
  measure	
  of	
  protection	
  for	
  internal	
  hosts,	
  but	
  it	
  could	
  
Cybersecurity	
  
	
  
17	
  |	
  P a g e 	
  
	
  
not	
  recognize	
  all	
  instances	
  and	
  forms	
  of	
  attack,	
  and	
  attacks	
  sent	
  from	
  one	
  internal	
  host	
  to	
  
another	
  often	
  do	
  not	
  pass	
  through	
  network	
  firewalls.	
  Because	
  of	
  these	
  and	
  other	
  factors,	
  
network	
  designers	
  now	
  often	
  include	
  firewall	
  functionality	
  at	
  places	
  other	
  than	
  the	
  network	
  
perimeter	
  to	
  provide	
  an	
  additional	
  layer	
  of	
  security,	
  as	
  well	
  as	
  to	
  protect	
  mobile	
  devices	
  that	
  
are	
  placed	
  directly	
  onto	
  external	
  networks.	
  	
  Threats	
  have	
  gradually	
  moved	
  from	
  being	
  most	
  
prevalent	
  in	
  lower	
  layers	
  of	
  network	
  traffic	
  to	
  the	
  application	
  layer,	
  which	
  has	
  reduced	
  the	
  
general	
  effectiveness	
  of	
  firewalls	
  in	
  stopping	
  threats	
  carried	
  through	
  network	
  communications.	
  
However,	
  firewalls	
  are	
  still	
  needed	
  to	
  stop	
  the	
  significant	
  threats	
  that	
  continue	
  to	
  work	
  at	
  lower	
  
layers	
  of	
  network	
  traffic.	
  Firewalls	
  can	
  also	
  provide	
  some	
  protection	
  at	
  the	
  application	
  layer,	
  
supplementing	
  the	
  capabilities	
  of	
  other	
  network	
  security	
  technologies.	
  There	
  are	
  several	
  types	
  
of	
  firewalls,	
  each	
  with	
  varying	
  capabilities	
  to	
  analyze	
  network	
  traffic	
  and	
  allow	
  or	
  block	
  specific	
  
instances	
  by	
  comparing	
  traffic	
  characteristics	
  to	
  existing	
  policies.	
  Understanding	
  the	
  capabilities	
  
of	
  each	
  type	
  of	
  firewall,	
  and	
  designing	
  firewall	
  policies	
  and	
  acquiring	
  firewall	
  technologies	
  that	
  
effectively	
  address	
  an	
  organization’s	
  needs,	
  are	
  critical	
  to	
  achieving	
  protection	
  for	
  network	
  
traffic	
  flows.	
  
C. Application	
  gateway	
  
This	
  is	
  the	
  first	
  firewall	
  and	
  is	
  sometimes	
  also	
  known	
  as	
  proxy	
  gateways	
  as	
  shown	
  in	
  figure	
  
1.	
  These	
  are	
  made	
  up	
  of	
  bastion	
  hosts	
  so	
  they	
  do	
  act	
  as	
  a	
  proxy	
  server.	
  This	
  software	
  runs	
  at	
  
the	
  Application	
  Layer	
  of	
  the	
  ISO/OSI	
  Reference	
  Model.	
  Clients	
  behind	
  the	
  firewall	
  must	
  be	
  
categorized	
  &	
  prioritized	
  in	
  order	
  to	
  avail	
  the	
  Internet	
  services.	
  This	
  is	
  been	
  the	
  most	
  secure,	
  
Cybersecurity	
  
	
  
18	
  |	
  P a g e 	
  
	
  
because	
  it	
  doesn't	
  allow	
  anything	
  to	
  pass	
  by	
  default,	
  but	
  it	
  also	
  need	
  to	
  have	
  the	
  programs	
  
written	
  and	
  turned	
  on	
  in	
  order	
  to	
  start	
  the	
  traffic	
  passing.	
  
	
  
Figure	
  1:	
  A	
  sample	
  application	
  gateway	
  (Pandra,	
  2010)	
  
D. Pocket	
  Filtering	
  
Packet	
  filtering	
  is	
  a	
  technique	
  whereby	
  routers	
  have	
  ACLs	
  (Access	
  Control	
  Lists)	
  turned	
  on.	
  
By	
  default,	
  a	
  router	
  will	
  pass	
  all	
  traffic	
  sent	
  through	
  it,	
  without	
  any	
  restrictions	
  as	
  shown	
  in	
  
figure	
  2.	
  ACL’s	
  is	
  a	
  method	
  to	
  define	
  what	
  sorts	
  of	
  access	
  is	
  allowed	
  for	
  the	
  outside	
  world	
  to	
  
have	
  to	
  access	
  internal	
  network,	
  and	
  vice	
  versa.	
  This	
  is	
  less	
  complex	
  than	
  an	
  application	
  
gateway,	
  because	
  the	
  feature	
  of	
  access	
  control	
  is	
  performed	
  at	
  a	
  lower	
  ISO/OSI	
  layer.	
  Due	
  to	
  
low	
  complexity	
  and	
  the	
  fact	
  that	
  packet	
  filtering	
  is	
  done	
  with	
  routers,	
  which	
  are	
  specialized	
  
computers	
  optimized	
  for	
  tasks	
  related	
  to	
  networking,	
  a	
  packet	
  filtering	
  gateway	
  is	
  often	
  much	
  
faster	
  than	
  its	
  application	
  	
  layer	
  cousins.	
  Working	
  at	
  a	
  lower	
  level,	
  supporting	
  new	
  applications	
  
either	
  comes	
  automatically,	
  or	
  is	
  a	
  simple	
  matter	
  of	
  allowing	
  a	
  specific	
  packet	
  type	
  to	
  pass	
  
through	
  the	
  gateway.	
  There	
  are	
  problems	
  with	
  this	
  method;	
  thought	
  TCP/IP	
  has	
  absolutely	
  no	
  
Cybersecurity	
  
	
  
19	
  |	
  P a g e 	
  
	
  
means	
  of	
  guaranteeing	
  that	
  the	
  source	
  address	
  is	
  really	
  what	
  it	
  claims	
  to	
  be.	
  As	
  a	
  result,	
  use	
  
layers	
  of	
  packet	
  filters	
  are	
  must	
  in	
  order	
  to	
  localize	
  the	
  traffic.	
  
	
  
Figure	
  2:	
  A	
  sample	
  packet	
  filtering	
  gateway	
  (Pandra,	
  2010)	
  
It	
  can	
  differentiate	
  between	
  a	
  packet	
  that	
  came	
  from	
  the	
  Internet	
  and	
  one	
  that	
  came	
  from	
  our	
  
internal	
  network.	
  Also	
  It	
  can	
  be	
  identified	
  which	
  network	
  the	
  packet	
  came	
  from	
  with	
  certainty,	
  
but	
  it	
  can't	
  get	
  more	
  specific	
  than	
  that.	
  
E. Hybrid	
  System	
  
In	
  an	
  attempt	
  to	
  combine	
  the	
  security	
  feature	
  of	
  the	
  application	
  layer	
  gateways	
  with	
  the	
  
flexibility	
  and	
  speed	
  of	
  packet	
  filtering,	
  some	
  developers	
  have	
  created	
  systems	
  that	
  use	
  the	
  
principles	
  of	
  both.	
  In	
  some	
  of	
  these	
  systems,	
  new	
  connections	
  must	
  be	
  authenticated	
  and	
  
approved	
  at	
  the	
  application	
  layer.	
  Once	
  this	
  has	
  been	
  done,	
  the	
  remainder	
  of	
  the	
  connection	
  is	
  
passed	
  down	
  to	
  the	
  session	
  layer,	
  where	
  packet	
  filters	
  watch	
  the	
  connection	
  to	
  ensure	
  that	
  only	
  
packets	
  that	
  are	
  part	
  of	
  an	
  ongoing	
  (already	
  authenticated	
  and	
  approved)	
  conversation	
  are	
  
being	
  passed.	
  Uses	
  of	
  packet	
  filtering	
  and	
  application	
  layer	
  proxies	
  are	
  the	
  other	
  possible	
  ways.	
  
Cybersecurity	
  
	
  
20	
  |	
  P a g e 	
  
	
  
The	
  benefits	
  here	
  include	
  providing	
  a	
  measure	
  of	
  protection	
  against	
  your	
  machines	
  that	
  provide	
  
services	
  to	
  the	
  Internet	
  (such	
  as	
  a	
  public	
  web	
  server),	
  as	
  well	
  as	
  provide	
  the	
  security	
  of	
  an	
  
application	
  layer	
  gateway	
  to	
  the	
  internal	
  network.	
  Additionally,	
  using	
  this	
  method,	
  an	
  attacker,	
  
in	
  order	
  to	
  get	
  to	
  services	
  on	
  the	
  internal	
  network,	
  will	
  have	
  to	
  break	
  through	
  the	
  access	
  router,	
  
the	
  bastion	
  host,	
  and	
  the	
  choke	
  router.	
  
8. Security	
  Management	
  Issues	
  
a)	
  Ensuring	
  the	
  security	
  strength	
  of	
  the	
  organization	
  is	
  a	
  big	
  challenge	
  nowadays.	
  Organizations	
  
have	
  some	
  pre-­‐defined	
  security	
  policies	
  and	
  procedures	
  but	
  they	
  are	
  not	
  implementing	
  it	
  
accordingly.	
  Through	
  the	
  use	
  of	
  technology,	
  we	
  should	
  impose	
  these	
  policies	
  on	
  people	
  and	
  
process.	
  	
  	
  
b)	
  Building	
  and	
  affirming	
  high-­‐quality	
  resources	
  for	
  deployment	
  and	
  efficient	
  management	
  of	
  
network	
  security	
  infrastructure.	
  	
  Adopting	
  technologies	
  that	
  are	
  easy	
  and	
  cost	
  effective	
  to	
  
deploy	
  and	
  manage	
  day-­‐to–day	
  network	
  security	
  operations	
  and	
  troubleshoots	
  in	
  the	
  long	
  run.	
  
c)	
  Ensuring	
  a	
  fully	
  secure	
  networking	
  environment	
  without	
  degradation	
  in	
  the	
  performance	
  of	
  
business	
  applications.	
  
d)	
  On	
  a	
  day-­‐to-­‐day	
  basis,	
  enterprises	
  face	
  the	
  challenge	
  of	
  having	
  to	
  scale	
  up	
  their	
  
infrastructure	
  to	
  a	
  rapidly	
  increasing	
  user	
  group,	
  both	
  from	
  within	
  and	
  outside	
  of	
  the	
  
organizations.	
  At	
  the	
  same	
  time,	
  they	
  also	
  have	
  to	
  ensure	
  that	
  performance	
  is	
  not	
  
compromised.	
  
e)	
  Organizations	
  sometimes	
  have	
  to	
  deal	
  with	
  a	
  number	
  of	
  point	
  products	
  in	
  the	
  network.	
  
Securing	
  all	
  of	
  them	
  totally	
  while	
  ensuring	
  seamless	
  functionality	
  is	
  one	
  of	
  the	
  biggest	
  
challenges	
  they	
  face	
  while	
  planning	
  and	
  implementing	
  a	
  security	
  blueprint.	
  
Cybersecurity	
  
	
  
21	
  |	
  P a g e 	
  
	
  
f)	
  The	
  implementation	
  and	
  conceptualization	
  of	
  security	
  blueprint	
  is	
  a	
  challenge.	
  Security	
  is	
  a	
  
combination	
  of	
  people,	
  processes,	
  and	
  technology;	
  while	
  IT	
  managers	
  are	
  traditionally	
  tuned	
  to	
  
address	
  only	
  the	
  technology	
  controls.	
  
9.	
  Recommendation	
  of	
  Network	
  security	
  controls	
  
a)	
  Organization	
  should	
  be	
  prepared	
  to	
  cope	
  with	
  the	
  growth	
  of	
  the	
  organization,	
  which	
  in	
  turn	
  
would	
  entail	
  new	
  enhancements	
  in	
  the	
  network	
  both	
  in	
  terms	
  of	
  applications	
  and	
  size.	
  They	
  
should	
  plan	
  security	
  according	
  to	
  the	
  changing	
  requirements,	
  which	
  may	
  grow	
  to	
  include	
  
various	
  factors	
  like	
  remote	
  and	
  third-­‐party	
  access.	
  
b)	
  Threats	
  are	
  no	
  longer	
  focused	
  on	
  network	
  layer;	
  application	
  layer	
  is	
  the	
  new	
  playground	
  of	
  
hackers.	
  Attack	
  protection	
  solutions	
  must	
  protect	
  network,	
  services	
  and	
  applications;	
  provide	
  
secure	
  office	
  connection,	
  secure	
  remote	
  employee	
  access,	
  resilient	
  network	
  availability,	
  and	
  
controllable	
  Internet	
  access.	
  
c)	
  The	
  ideal	
  solution	
  for	
  internal	
  security	
  challenges	
  is	
  not	
  only	
  a	
  conventional	
  security	
  product	
  
but	
  it	
  must	
  contain	
  the	
  threats	
  (like	
  worms),	
  divide	
  the	
  network,	
  and	
  protect	
  the	
  desktop,	
  
server	
  and	
  the	
  data	
  center.	
  
d)	
  About	
  70	
  percent	
  of	
  new	
  attacks	
  target	
  Web-­‐enabled	
  applications	
  and	
  their	
  number	
  is	
  
growing.	
  Enterprises	
  should,	
  therefore,	
  deploy	
  Web	
  security	
  solutions	
  that	
  provide	
  secure	
  Web	
  
access	
  as	
  well	
  as	
  protect	
  Web	
  servers	
  and	
  applications.	
  The	
  security	
  solutions	
  must	
  be	
  easy	
  to	
  
deploy,	
  and	
  they	
  should	
  also	
  provide	
  integrated	
  access	
  control	
  (Pandey,	
  2011).	
  
10.	
  Wireless	
  
While	
  wireless	
  provides	
  productivity	
  and	
  benefit,	
  their	
  explosive	
  growth	
  they	
  also	
  pose	
  
risks	
  to	
  end	
  users	
  and	
  organizations	
  
Cybersecurity	
  
	
  
22	
  |	
  P a g e 	
  
	
  
	
  
Threats	
  to	
  wireless	
  local	
  area	
  networks	
  (WLANs)	
  are	
  numerous	
  and	
  potentially	
  devastating.	
  
Security	
  issues	
  ranging	
  from	
  misconfigured	
  wireless	
  access	
  points	
  (WAPs)	
  to	
  session	
  hijacking	
  to	
  
Denial	
  of	
  Service	
  (DoS)	
  can	
  plague	
  a	
  WLAN.	
  Wireless	
  networks	
  are	
  not	
  only	
  susceptible	
  to	
  
TCP/IP-­‐based	
  attacks	
  native	
  to	
  wired	
  networks,	
  they	
  are	
  also	
  subject	
  to	
  a	
  wide	
  array	
  of	
  802.11-­‐
specific	
  threats.	
  To	
  aid	
  in	
  the	
  defense	
  and	
  detection	
  of	
  these	
  potential	
  threats,	
  WLANs	
  should	
  
employ	
  a	
  security	
  solutions.	
  	
  
Wireless	
  access	
  points	
  are	
  increasingly	
  serving	
  as	
  entry	
  points	
  to	
  the	
  Internet,	
  increasing	
  
connectivity	
  options	
  and	
  security	
  concerns.	
  Particularly	
  significant	
  are	
  public	
  access	
  points,	
  
commonly	
  known	
  as	
  hotspots,	
  which	
  are	
  often	
  located	
  in	
  heavily	
  populated	
  areas	
  such	
  as	
  
airports,	
  coffee	
  shops,	
  and	
  hotels,	
  appealing	
  to	
  both	
  business	
  and	
  casual	
  users,	
  but	
  offering	
  
little	
  or	
  no	
  security.	
  	
  The	
  number	
  of	
  worldwide	
  commercial	
  hotspots	
  reached	
  143,700	
  in	
  2006,	
  
with	
  an	
  estimated	
  675,000	
  additional	
  access	
  points	
  shipped	
  during	
  the	
  year	
  specifically	
  for	
  use	
  
in	
  public	
  hot	
  spots	
  (Chenoweth,	
  Minch	
  &	
  Tabor,	
  2010).	
  The	
  growth	
  in	
  hotspots	
  is	
  expected	
  to	
  
continue	
  because	
  they	
  are	
  inexpensive,	
  new	
  applications	
  (such	
  as	
  voice	
  over	
  Wi-­‐Fi)	
  are	
  
emerging,	
  and	
  the	
  public	
  is	
  becoming	
  accustomed	
  to	
  the	
  mobility	
  and	
  ubiquitous	
  Internet	
  
access	
  they	
  provide.	
  At	
  the	
  same	
  time	
  that	
  wireless	
  usage	
  is	
  increasing,	
  computer	
  and	
  network	
  
security	
  is	
  consuming	
  an	
  increasing	
  amount	
  of	
  time	
  and	
  resources	
  for	
  individuals	
  and	
  
organizations.	
  The	
  spiraling	
  number	
  of	
  viruses	
  and	
  outsider	
  attacks	
  has	
  driven	
  this	
  increase	
  and	
  
has	
  shortened	
  the	
  timeframe	
  between	
  vulnerability	
  announcements	
  and	
  the	
  appearance	
  of	
  
global	
  exploits.	
  Despite	
  the	
  increased	
  risk,	
  most	
  wireless	
  networks	
  have	
  little	
  or	
  no	
  network	
  
security	
  implemented.	
  Surveys	
  have	
  determined	
  that	
  approximately	
  60%	
  of	
  all	
  wireless	
  
Cybersecurity	
  
	
  
23	
  |	
  P a g e 	
  
	
  
networks	
  use	
  no	
  form	
  of	
  encryption,	
  and	
  that	
  even	
  when	
  encryptions	
  enabled,	
  approximately	
  
75%	
  are	
  using	
  wired	
  equivalent	
  privacy	
  (WEP),	
  which	
  has	
  several	
  well-­‐documented	
  security	
  
deficiencies	
  (Chenoweth,	
  Minch	
  &	
  Tabor,	
  2010).	
  	
  The	
  problem	
  is	
  even	
  more	
  acute	
  with	
  public	
  
hotspots	
  because	
  their	
  users	
  are	
  more	
  interested	
  in	
  ease	
  of	
  use	
  than	
  the	
  level	
  of	
  security.	
  
11. Security	
  Technology	
  
Leading	
  security	
  vendors	
  offer	
  end-­‐to-­‐end	
  solutions	
  that	
  claim	
  to	
  take	
  care	
  of	
  all	
  aspects	
  of	
  
Cybersecurity.	
  End-­‐to-­‐end	
  solutions	
  usually	
  offer	
  a	
  combination	
  of	
  hardware	
  and	
  software	
  
platforms	
  including	
  a	
  security	
  management	
  solution	
  that	
  performs	
  multiple	
  functions	
  and	
  takes	
  
care	
  of	
  the	
  entire	
  gamut	
  of	
  security	
  on	
  a	
  network.	
  An	
  integrated	
  solution	
  is	
  one	
  that	
  
encompasses	
  not	
  only	
  a	
  point-­‐security	
  problem	
  (like	
  worms/intrusion)	
  but	
  one	
  that	
  also	
  
handles	
  a	
  variety	
  of	
  network	
  and	
  application	
  layer	
  security	
  challenges.	
  Available	
  products	
  can	
  
be	
  categorized	
  in	
  the	
  following	
  streams.	
  
A. SSL-­‐VPN	
  
	
  
According	
  to	
  NIST	
  SSL-­‐VPN	
  guidelines	
  that	
  the	
  protection	
  of	
  sensitive	
  information	
  that	
  is	
  
transmitted	
  across	
  interconnected	
  networks	
  is	
  critical	
  to	
  the	
  overall	
  security	
  of	
  an	
  
organization’s	
  information	
  and	
  information	
  systems.	
  	
  	
  SSL	
  VPNs	
  provide	
  secure	
  remote	
  access	
  
to	
  an	
  organization’s	
  resources.	
  A	
  VPN	
  is	
  a	
  virtual	
  network,	
  built	
  on	
  top	
  of	
  existing	
  physical	
  
networks,	
  which	
  can	
  provide	
  a	
  secure	
  communications	
  mechanism	
  for	
  data	
  and	
  other	
  
information	
  transmitted	
  between	
  two	
  endpoints.	
  Because	
  a	
  VPN	
  can	
  be	
  used	
  over	
  existing	
  
networks	
  such	
  as	
  the	
  Internet,	
  it	
  can	
  facilitate	
  the	
  secure	
  transfer	
  of	
  sensitive	
  data	
  across	
  public	
  
networks.	
  An	
  SSL	
  VPN	
  consists	
  of	
  one	
  or	
  more	
  VPN	
  devices	
  to	
  which	
  users	
  connect	
  using	
  their	
  
Cybersecurity	
  
	
  
24	
  |	
  P a g e 	
  
	
  
Web	
  browsers.	
  The	
  traffic	
  between	
  the	
  Web	
  browser	
  and	
  the	
  SSL	
  VPN	
  device	
  is	
  encrypted	
  with	
  
the	
  SSL	
  protocol	
  or	
  its	
  successor,	
  the	
  Transport	
  Layer	
  Security	
  (TLS)	
  protocol	
  (Frankel	
  2010).	
  	
  	
  
A. Intrusion	
  Detection	
  Prevention	
  Systems	
  
An	
  IPS	
  combines	
  the	
  best	
  features	
  of	
  firewalls	
  and	
  intrusion	
  detection	
  system	
  to	
  provide	
  
a	
  tool	
  that	
  changes	
  the	
  configurations	
  of	
  network	
  access	
  control	
  points	
  according	
  to	
  the	
  rapidly	
  
changing	
  threat	
  profile	
  of	
  a	
  network.	
  This	
  introduces	
  the	
  element	
  of	
  intelligence	
  in	
  network	
  
security	
  by	
  adapting	
  to	
  new	
  attacks	
  and	
  intrusion	
  attempts.	
  Intrusion	
  prevention	
  has	
  received	
  a	
  
lot	
  of	
  interest	
  in	
  the	
  user	
  community.	
  Most	
  organization	
  evolves	
  in	
  their	
  use	
  of	
  intrusion	
  
prevention	
  technology.	
  Some	
  will	
  adopt	
  blocking	
  in	
  weeks	
  and	
  rapidly	
  expand	
  their	
  blocking	
  as	
  
they	
  see	
  the	
  benefits	
  of	
  accurate	
  attack	
  blocking.	
  Others	
  will	
  start	
  slowly	
  and	
  expand	
  slowly.	
  
The	
  key	
  is	
  to	
  reliably	
  detect	
  and	
  stop	
  both	
  known	
  and	
  unknown	
  attacks	
  real	
  time.	
  Traffic	
  
monitoring	
  in	
  wired	
  networks	
  is	
  usually	
  performed	
  at	
  switches,	
  routers	
  and	
  gateways,	
  but	
  an	
  ad	
  
hoc	
  network	
  does	
  not	
  have	
  these	
  types	
  of	
  network	
  elements	
  where	
  the	
  IDS	
  can	
  collect	
  audit	
  
data	
  for	
  the	
  entire	
  network.	
  Network	
  traffic	
  can	
  be	
  monitored	
  on	
  a	
  wired	
  network	
  segment,	
  but	
  
ad	
  hoc	
  nodes	
  or	
  sensors	
  can	
  only	
  monitor	
  network	
  traffic	
  within	
  its	
  observable	
  radio	
  
transmission	
  range.	
  	
  
	
  
	
  
	
  
	
  
	
  
	
  
Cybersecurity	
  
	
  
25	
  |	
  P a g e 	
  
	
  
12.	
  Conclusion	
  
The	
  cybersecurity	
  problem	
  is	
  unlike	
  any	
  other	
  security	
  problem	
  the	
  nation	
  has	
  faced	
  
before.	
  It	
  is	
  epiphenomenal,	
  a	
  consequence	
  of	
  the	
  computer	
  and	
  Internet	
  revolution.	
  This	
  
beguiling	
  device	
  is	
  now	
  a	
  part	
  of	
  twenty-­‐first-­‐century	
  life—a	
  tool	
  for	
  cataloguing	
  recipes,	
  and	
  
essential	
  for	
  launching	
  cruise	
  missiles,	
  flying	
  airplanes,	
  and	
  operating	
  nuclear	
  power	
  plants.	
  The	
  
ubiquity	
  of	
  the	
  computer	
  and	
  the	
  Internet,	
  which	
  links	
  one	
  computer	
  to	
  another,	
  offers	
  
tremendous	
  efficiency	
  and	
  customizable	
  convenience.	
  However,	
  this	
  efficiency	
  and	
  
convenience	
  come	
  at	
  a	
  significant	
  price.	
  The	
  cornerstone	
  of	
  America’s	
  cyberspace	
  security	
  
strategy	
  is	
  and	
  will	
  remain	
  a	
  public–private	
  partnership.	
  The	
  public–private	
  partnerships	
  that	
  
formed	
  in	
  response	
  to	
  the	
  President’s	
  call	
  have	
  developed	
  their	
  own	
  strategies	
  to	
  protect	
  the	
  
parts	
  of	
  cyberspace	
  on	
  which	
  they	
  rely.	
  This	
  unique	
  partnership	
  and	
  process	
  was	
  and	
  will	
  
continue	
  to	
  be	
  necessary	
  because	
  the	
  majority	
  of	
  the	
  country’s	
  cyber	
  resources	
  are	
  controlled	
  
by	
  entities	
  outside	
  of	
  government.	
  (NSSC	
  2003,1,	
  54).	
  	
  
The	
  security	
  measures	
  should	
  be	
  designed	
  and	
  provided,	
  first	
  organization	
  should	
  know	
  its	
  
need	
  of	
  security	
  on	
  the	
  different	
  levels	
  of	
  the	
  organization	
  and	
  then	
  it	
  should	
  be	
  implemented	
  
for	
  different	
  levels.	
  Security	
  policies	
  should	
  be	
  designed	
  first	
  before	
  its	
  implementation	
  in	
  such	
  
a	
  way,	
  so	
  that	
  future	
  alteration	
  and	
  adoption	
  can	
  be	
  acceptable	
  and	
  easily	
  manageable.	
  The	
  
Security	
  system	
  must	
  be	
  tight	
  but	
  must	
  be	
  flexible	
  for	
  the	
  end-­‐user	
  to	
  make	
  him	
  comfortable,	
  
he	
  should	
  not	
  feel	
  that	
  security	
  system	
  is	
  moving	
  around	
  him.	
  Users	
  who	
  find	
  security	
  policies	
  
and	
  systems	
  too	
  restrictive	
  will	
  find	
  ways	
  around	
  them.	
  
	
  
	
  
Cybersecurity	
  
	
  
26	
  |	
  P a g e 	
  
	
  
12. Bibliography:	
  
Brooks,	
  T.N.	
  (2003).	
  A	
  thematic	
  content	
  analysis	
  of	
  identity	
  theft:	
  What	
  it	
  is	
  and	
  how	
  to	
  
avoid	
  it.	
  The	
  University	
  of	
  Texas	
  at	
  Arlington.	
  UMI	
  Microform	
  No.	
  1416811	
  
Bhakta,	
  P.	
  (2008).	
  Identity	
  theft:	
  Examining	
  the	
  challenges.	
  California	
  State	
  University.	
  
Retrieved	
  from	
  
http://proquest.umi.com.ezproxy.umuc.edu/pqdweb?index=2&did=1548707731&Srch
Mode=2&sid=1&Fmt=6&VInst=PROD&VType=PQD&RQT=309&VName=PQD&TS=12624
67011&clientId=8724.	
  
	
  
Obama,	
  B.	
  (2009).	
  Speech	
  of	
  the	
  U.S.	
  President	
  to	
  the	
  National	
  Security	
  Council.	
  White	
  
House.	
  Retrieved	
  from	
  
http://www.whitehouse.gov/administration/eop/nsc/cybersecurity	
  
	
  
Chenweth,	
  t.,	
  Minch,	
  R.,	
  &	
  Tobor,	
  S.	
  (February,	
  2010).	
  Wireless	
  Insecurity:	
  Examining	
  user	
  
security	
  behavior	
  on	
  public	
  networks.	
  Vol.	
  53	
  Issue	
  2,	
  p134-­‐138,	
  5p,	
  4.	
  Retrieved	
  from	
  
ACM	
  database	
  
	
  
Curtin,	
  M.	
  (March,	
  1997).	
  Introduction	
  to	
  Network	
  Security.	
  Retrieved	
  from	
  
http://www.cs.cornell.edu/Courses/cs519/2003sp/slides/15_securitybasics.pdf	
  
	
  
	
  
DeZabala,	
  T.	
  &	
  Baich,	
  R.	
  (2010).Cybercrime:	
  A	
  clear	
  and	
  present	
  danger	
  –	
  Combating	
  the	
  
fastest	
  growing	
  cyber	
  security	
  Threat.	
  Deloitte.	
  Retrieved	
  from	
  
http://www.deloitte.com/assets/Dcom-­‐
UnitedStates/Local%20Assets/Documents/AERS/us_aers_Deloitte%20Cyber%20Crime%
20POV%20Jan252010.pdf	
  
	
  
	
  
Flauzac,	
  R.,	
  Nolot,	
  F.,	
  Rabat,	
  C.,	
  &	
  Steffencel,	
  L,	
  A.	
  (2009).	
  Grid	
  of	
  Security:	
  A	
  New	
  Approach	
  
of	
  the	
  Network	
  Security.	
  International	
  Conference	
  on	
  Network	
  and	
  System	
  Security.	
  
PP.	
  67-­‐72.	
  Retrieved	
  from	
  ACM	
  database.	
  	
  
Fonte,	
  E.	
  (2008,	
  February).	
  Who	
  will	
  pay	
  the	
  price	
  for	
  identity	
  theft?	
  	
  The	
  Computer	
  &	
  
Internet	
  Lawyer,	
  25(2).	
  	
  
Gonzales,	
  R.A.	
  &	
  Majoras,	
  P.D.	
  (2007).	
  Identity	
  Theft	
  -­‐	
  A	
  Strategic	
  Plan,	
  The	
  President’s	
  
Identity	
  Theft	
  Task	
  Force,	
  Federal	
  Trade	
  Commission	
  Publications	
  
	
  
O’Brien,	
  K.	
  J.	
  (2010).	
  Germany	
  asks	
  Apple	
  about	
  iPhone	
  data-­‐gathering.	
  Retrieved	
  from	
  
http://www.pogowasright.org/?p=11907	
  
	
  
Cybersecurity	
  
	
  
27	
  |	
  P a g e 	
  
	
  
Pandey,	
  S.	
  (2011).	
  Modern	
  Network	
  Issue	
  and	
  Challenges.	
  	
  International	
  Journal	
  of	
  
Engineering	
  Science	
  &	
  Technology,	
  2011,	
  Vol.	
  3	
  Issue	
  5,	
  p4351-­‐357,	
  7p.	
  Retrieved	
  form	
  
Academic	
  Search	
  Complete.	
  
Ji,	
  S.,	
  Smith-­‐Chao,	
  S.,	
  &	
  Min,	
  Q.	
  (2008).	
  Systems	
  Plan	
  for	
  Combating	
  Identity	
  Theft	
  -­‐	
  A	
  
Theoretical	
  Framework.	
  Journal	
  of	
  Service	
  Science	
  and	
  Management,	
  1(2),	
  143-­‐
152.	
  	
  doi:	
  1788212021	
  
Khan,	
  M,	
  A.,	
  Shah,	
  G,	
  A.,	
  &	
  Sher,	
  M,	
  (August	
  2011).	
  Challenges	
  for	
  Security	
  in	
  Wireless	
  
sensor	
  Networks	
  (WSNs).	
  World	
  Academy	
  of	
  Science,	
  Engineering	
  &	
  Technology,	
  
Aug2011,	
  Vol.	
  80,	
  p390-­‐396,	
  7p.	
  Retrieved	
  from	
  EBSCO	
  database.	
  
Kelhe,	
  W.,	
  Tong,	
  Z.,	
  	
  Wei,	
  L.,	
  &	
  Gang,	
  M.	
  (2009).	
  Security	
  Model	
  Based	
  on	
  Network	
  Business	
  
Security,	
  In	
  Proc.	
  Of	
  Int.	
  Conf.	
  on	
  Computer	
  Technology	
  and	
  Development.	
  ICCTD,	
  Val.	
  1,	
  
pp.577-­‐580.	
  Retrieved	
  from	
  ACM	
  database	
  
	
  
McDowell,	
  M.	
  &	
  Lytle,	
  M.	
  (2008).	
  Cybersecurity	
  for	
  electronic	
  devices.	
  U.S.	
  Department	
  of	
  
Homeland	
  Security.	
  Retrieved	
  from	
  http://www.us-­‐cert.gov/cas/tips/ST05-­‐017.html	
  
Marin,	
  G,	
  A.	
  (2005).	
  “Network	
  Security	
  Basics”,	
  In	
  security	
  &	
  privacy,	
  IEEE,	
  Issue	
  6,	
  Vol	
  3,	
  pp.	
  
68-­‐72.	
  Retrieved	
  from	
  ACM	
  database.	
  
	
  
Stevenson,	
  E.H.	
  (2000).	
  Identity	
  theft.	
  The	
  University	
  of	
  Houston	
  Clear	
  Lake.	
  A	
  Master	
  Thesis.	
  
Retrieved	
  from	
  
http://proquest.umi.com.ezproxy.umuc.edu/pqdweb?index=11&did=729227861&Srch
Mode=1&sid=1&Fmt=6&VInst=PROD&VType=PQD&RQT=309&VName=PQD&TS=12630
89712&clientId.	
  
Samid,	
  G.	
  (2009).	
  The	
  unending	
  Cyber	
  war.	
  Publisher:	
  DGS,	
  Vitco,	
  Mclean,	
  VA.	
  P.	
  V	
  
Wilschen,	
  G.	
  (	
  2005).	
  Information	
  Security:	
  Emerging	
  Cybersecurity	
  Issues	
  Threaten	
  Federal	
  
Information	
  Systems:	
  GAO	
  Report.	
  P1,	
  79p.	
  	
  Retrieved	
  from	
  MasterFile	
  Premier.	
  	
  
	
  

Weitere ähnliche Inhalte

Was ist angesagt?

Network Security and Privacy in Medium Scale Businesses in Nigeria
Network Security and Privacy in Medium Scale Businesses in NigeriaNetwork Security and Privacy in Medium Scale Businesses in Nigeria
Network Security and Privacy in Medium Scale Businesses in NigeriaINFOGAIN PUBLICATION
 
Managing High-Volume Cyber Attacks Through Effective Strategies in Indonesia
Managing High-Volume Cyber Attacks Through Effective Strategies in IndonesiaManaging High-Volume Cyber Attacks Through Effective Strategies in Indonesia
Managing High-Volume Cyber Attacks Through Effective Strategies in IndonesiaYudhistira Nugraha
 
IRJET- Cybersecurity: The Agenda for the Decade
IRJET- Cybersecurity: The Agenda for the DecadeIRJET- Cybersecurity: The Agenda for the Decade
IRJET- Cybersecurity: The Agenda for the DecadeIRJET Journal
 
Cyber Security in the Manufacturing Industry: New challenges in the informati...
Cyber Security in the Manufacturing Industry: New challenges in the informati...Cyber Security in the Manufacturing Industry: New challenges in the informati...
Cyber Security in the Manufacturing Industry: New challenges in the informati...Ekonomikas ministrija
 
Cyber War, Cyber Peace, Stones and Glass Houses
Cyber War, Cyber Peace, Stones and Glass HousesCyber War, Cyber Peace, Stones and Glass Houses
Cyber War, Cyber Peace, Stones and Glass HousesPaige Rasid
 
ACS Talk (Melbourne) - The future of security
ACS Talk (Melbourne) - The future of securityACS Talk (Melbourne) - The future of security
ACS Talk (Melbourne) - The future of securitysiswarren
 
Cyber Security - ICCT Colleges
Cyber Security - ICCT CollegesCyber Security - ICCT Colleges
Cyber Security - ICCT CollegesPotato
 
Fundamental Areas of Cyber Security on Latest Technology
Fundamental Areas of Cyber Security on Latest TechnologyFundamental Areas of Cyber Security on Latest Technology
Fundamental Areas of Cyber Security on Latest Technologyijtsrd
 
Presentasi ftii intlcyberlaw
Presentasi ftii intlcyberlawPresentasi ftii intlcyberlaw
Presentasi ftii intlcyberlawftii
 
Department of Defense Strategy for Operating in Cyberspace
Department of Defense Strategy for Operating in CyberspaceDepartment of Defense Strategy for Operating in Cyberspace
Department of Defense Strategy for Operating in CyberspaceDepartment of Defense
 
Cyber Security Intelligence
Cyber Security IntelligenceCyber Security Intelligence
Cyber Security Intelligenceijtsrd
 
Cybersecurity environment in malaysia and the function of internal auditor
Cybersecurity environment in malaysia and the function of internal auditorCybersecurity environment in malaysia and the function of internal auditor
Cybersecurity environment in malaysia and the function of internal auditorKhalizan Halid
 
Cyberterrorism. Past, Present, Future
Cyberterrorism. Past, Present, FutureCyberterrorism. Past, Present, Future
Cyberterrorism. Past, Present, FuturePriyanka Aash
 
cybersecurity- A.Abutaleb
cybersecurity- A.Abutalebcybersecurity- A.Abutaleb
cybersecurity- A.AbutalebFahmi Albaheth
 
Need for Improved Critical Industrial Infrastructure Protection
Need for Improved Critical Industrial Infrastructure ProtectionNeed for Improved Critical Industrial Infrastructure Protection
Need for Improved Critical Industrial Infrastructure ProtectionWilliam McBorrough
 

Was ist angesagt? (18)

Indonesia National Cyber Security Strategy
Indonesia National Cyber Security StrategyIndonesia National Cyber Security Strategy
Indonesia National Cyber Security Strategy
 
Network Security and Privacy in Medium Scale Businesses in Nigeria
Network Security and Privacy in Medium Scale Businesses in NigeriaNetwork Security and Privacy in Medium Scale Businesses in Nigeria
Network Security and Privacy in Medium Scale Businesses in Nigeria
 
Managing High-Volume Cyber Attacks Through Effective Strategies in Indonesia
Managing High-Volume Cyber Attacks Through Effective Strategies in IndonesiaManaging High-Volume Cyber Attacks Through Effective Strategies in Indonesia
Managing High-Volume Cyber Attacks Through Effective Strategies in Indonesia
 
IRJET- Cybersecurity: The Agenda for the Decade
IRJET- Cybersecurity: The Agenda for the DecadeIRJET- Cybersecurity: The Agenda for the Decade
IRJET- Cybersecurity: The Agenda for the Decade
 
Cyber Security in the Manufacturing Industry: New challenges in the informati...
Cyber Security in the Manufacturing Industry: New challenges in the informati...Cyber Security in the Manufacturing Industry: New challenges in the informati...
Cyber Security in the Manufacturing Industry: New challenges in the informati...
 
Cyber War, Cyber Peace, Stones and Glass Houses
Cyber War, Cyber Peace, Stones and Glass HousesCyber War, Cyber Peace, Stones and Glass Houses
Cyber War, Cyber Peace, Stones and Glass Houses
 
ACS Talk (Melbourne) - The future of security
ACS Talk (Melbourne) - The future of securityACS Talk (Melbourne) - The future of security
ACS Talk (Melbourne) - The future of security
 
Mon cirt khaltar
Mon cirt khaltarMon cirt khaltar
Mon cirt khaltar
 
Cyber Security - ICCT Colleges
Cyber Security - ICCT CollegesCyber Security - ICCT Colleges
Cyber Security - ICCT Colleges
 
Fundamental Areas of Cyber Security on Latest Technology
Fundamental Areas of Cyber Security on Latest TechnologyFundamental Areas of Cyber Security on Latest Technology
Fundamental Areas of Cyber Security on Latest Technology
 
Presentasi ftii intlcyberlaw
Presentasi ftii intlcyberlawPresentasi ftii intlcyberlaw
Presentasi ftii intlcyberlaw
 
Department of Defense Strategy for Operating in Cyberspace
Department of Defense Strategy for Operating in CyberspaceDepartment of Defense Strategy for Operating in Cyberspace
Department of Defense Strategy for Operating in Cyberspace
 
Cyber Security Intelligence
Cyber Security IntelligenceCyber Security Intelligence
Cyber Security Intelligence
 
Cybersecurity environment in malaysia and the function of internal auditor
Cybersecurity environment in malaysia and the function of internal auditorCybersecurity environment in malaysia and the function of internal auditor
Cybersecurity environment in malaysia and the function of internal auditor
 
Cyberterrorism. Past, Present, Future
Cyberterrorism. Past, Present, FutureCyberterrorism. Past, Present, Future
Cyberterrorism. Past, Present, Future
 
cybersecurity- A.Abutaleb
cybersecurity- A.Abutalebcybersecurity- A.Abutaleb
cybersecurity- A.Abutaleb
 
Case study 11
Case study 11Case study 11
Case study 11
 
Need for Improved Critical Industrial Infrastructure Protection
Need for Improved Critical Industrial Infrastructure ProtectionNeed for Improved Critical Industrial Infrastructure Protection
Need for Improved Critical Industrial Infrastructure Protection
 

Ähnlich wie ZamanAsad_INFA 670_9041_RPAPER_Cybersecurity-3

Cyber Security And Internet Security Essay
Cyber Security And Internet Security EssayCyber Security And Internet Security Essay
Cyber Security And Internet Security EssayKara Bell
 
The Security Of A Network
The Security Of A NetworkThe Security Of A Network
The Security Of A NetworkShannon Sand
 
security in it (data and cyber security)
security in it (data and cyber security)security in it (data and cyber security)
security in it (data and cyber security)Rohana K Amarakoon
 
Security in IT (data and cyber security)
Security in IT (data and cyber security)Security in IT (data and cyber security)
Security in IT (data and cyber security)Rohana K Amarakoon
 
Essay About Threats To Computer And Data Systems Today
Essay About Threats To Computer And Data Systems TodayEssay About Threats To Computer And Data Systems Today
Essay About Threats To Computer And Data Systems TodayAngilina Jones
 
IT8073 _Information Security _UNIT I Full notes
IT8073 _Information Security _UNIT I Full notesIT8073 _Information Security _UNIT I Full notes
IT8073 _Information Security _UNIT I Full notesAsst.prof M.Gokilavani
 
FinalResearch_95752_oliver
FinalResearch_95752_oliverFinalResearch_95752_oliver
FinalResearch_95752_oliverMadison Oliver
 
Team 3_Final Project.docx
Team 3_Final Project.docxTeam 3_Final Project.docx
Team 3_Final Project.docxMarcusBrown87
 
Wireless Network Security
Wireless Network SecurityWireless Network Security
Wireless Network SecurityMelissa Dudas
 
Wireless Network Security
Wireless Network SecurityWireless Network Security
Wireless Network SecurityDawn Robertson
 
Cyber Security Intelligence
Cyber Security IntelligenceCyber Security Intelligence
Cyber Security Intelligenceijtsrd
 
Axxera End Point Security Protection
Axxera End Point Security ProtectionAxxera End Point Security Protection
Axxera End Point Security ProtectionShawn Crimson
 
wp-us-cities-exposed
wp-us-cities-exposedwp-us-cities-exposed
wp-us-cities-exposedNumaan Huq
 
An Empirical Study on Information Security
An Empirical Study on Information SecurityAn Empirical Study on Information Security
An Empirical Study on Information Securityijtsrd
 
Running Head IDENTIFYING POTENTIAL MALICIOUS ATTACKS, THREATS, AN.docx
Running Head IDENTIFYING POTENTIAL MALICIOUS ATTACKS, THREATS, AN.docxRunning Head IDENTIFYING POTENTIAL MALICIOUS ATTACKS, THREATS, AN.docx
Running Head IDENTIFYING POTENTIAL MALICIOUS ATTACKS, THREATS, AN.docxcharisellington63520
 
INFORMATION ASSURANCE AND SECURITY 1.pdf
INFORMATION ASSURANCE AND SECURITY 1.pdfINFORMATION ASSURANCE AND SECURITY 1.pdf
INFORMATION ASSURANCE AND SECURITY 1.pdfEarlvonDeiparine1
 
Threat, Attack and Vulnerability Play a Key Role in Cyber Security
Threat, Attack and Vulnerability Play a Key Role in Cyber SecurityThreat, Attack and Vulnerability Play a Key Role in Cyber Security
Threat, Attack and Vulnerability Play a Key Role in Cyber SecurityIRJET Journal
 

Ähnlich wie ZamanAsad_INFA 670_9041_RPAPER_Cybersecurity-3 (20)

Cyber Security And Internet Security Essay
Cyber Security And Internet Security EssayCyber Security And Internet Security Essay
Cyber Security And Internet Security Essay
 
The Security Of A Network
The Security Of A NetworkThe Security Of A Network
The Security Of A Network
 
security in it (data and cyber security)
security in it (data and cyber security)security in it (data and cyber security)
security in it (data and cyber security)
 
Internet Security
Internet SecurityInternet Security
Internet Security
 
Security in IT (data and cyber security)
Security in IT (data and cyber security)Security in IT (data and cyber security)
Security in IT (data and cyber security)
 
Essay About Threats To Computer And Data Systems Today
Essay About Threats To Computer And Data Systems TodayEssay About Threats To Computer And Data Systems Today
Essay About Threats To Computer And Data Systems Today
 
IT8073 _Information Security _UNIT I Full notes
IT8073 _Information Security _UNIT I Full notesIT8073 _Information Security _UNIT I Full notes
IT8073 _Information Security _UNIT I Full notes
 
FinalResearch_95752_oliver
FinalResearch_95752_oliverFinalResearch_95752_oliver
FinalResearch_95752_oliver
 
Team 3_Final Project.docx
Team 3_Final Project.docxTeam 3_Final Project.docx
Team 3_Final Project.docx
 
Wireless Network Security
Wireless Network SecurityWireless Network Security
Wireless Network Security
 
Wireless Network Security
Wireless Network SecurityWireless Network Security
Wireless Network Security
 
Cyber Security Intelligence
Cyber Security IntelligenceCyber Security Intelligence
Cyber Security Intelligence
 
Axxera End Point Security Protection
Axxera End Point Security ProtectionAxxera End Point Security Protection
Axxera End Point Security Protection
 
wp-us-cities-exposed
wp-us-cities-exposedwp-us-cities-exposed
wp-us-cities-exposed
 
An Empirical Study on Information Security
An Empirical Study on Information SecurityAn Empirical Study on Information Security
An Empirical Study on Information Security
 
Essay Viruses And Internet Security
Essay Viruses And Internet SecurityEssay Viruses And Internet Security
Essay Viruses And Internet Security
 
Running Head IDENTIFYING POTENTIAL MALICIOUS ATTACKS, THREATS, AN.docx
Running Head IDENTIFYING POTENTIAL MALICIOUS ATTACKS, THREATS, AN.docxRunning Head IDENTIFYING POTENTIAL MALICIOUS ATTACKS, THREATS, AN.docx
Running Head IDENTIFYING POTENTIAL MALICIOUS ATTACKS, THREATS, AN.docx
 
INFORMATION ASSURANCE AND SECURITY 1.pdf
INFORMATION ASSURANCE AND SECURITY 1.pdfINFORMATION ASSURANCE AND SECURITY 1.pdf
INFORMATION ASSURANCE AND SECURITY 1.pdf
 
Threat, Attack and Vulnerability Play a Key Role in Cyber Security
Threat, Attack and Vulnerability Play a Key Role in Cyber SecurityThreat, Attack and Vulnerability Play a Key Role in Cyber Security
Threat, Attack and Vulnerability Play a Key Role in Cyber Security
 
Cyber Security And Internet Security Essay
Cyber Security And Internet Security EssayCyber Security And Internet Security Essay
Cyber Security And Internet Security Essay
 

ZamanAsad_INFA 670_9041_RPAPER_Cybersecurity-3

  • 1. Cybersecurity     1  |  P a g e       Cybersecurity     Issues,  Challenges  and  Security  Controls           Image:  Courtesy  of  Google     By   Asad  Zaman   Information  Assurance  Capstone-­‐670  (Research  Paper)   November  2011.   For   Dr.  James  Clark   University  of  Maryland  University  College  (UMUC)  
  • 2. Cybersecurity     2  |  P a g e     Table  of  Contents       1. Abstract…………………………………………………………………………………………………………………………………...…3   2. Introduction……………………………………………………………………………………………………………..…………………4   3. Background…………………..…………………………………………….…………………………………………….……………….6   4. Cybersecurity    issues  &  Challenges  -­‐  Federal  Information  Systems……………………………………………..6   5. Cybersecurity  Issues  and  Challenges  -­‐The  Corporations,  Institutes,  and  Service  Providers..….…..8   6. Cybersecurity  Tools………………….……………………………….………………………………………………………………12   A).  Cybersecurity  Measures………………………………………………………………………………………………………13   7. Cybersecurity  Method………………………………………………………………………………………………………………15   A).  Cryptography  ………………………………………………………………………………………………………………………15   B).  Firewall…………………………………………………………………………………………………..……………………………16   C).  Application  gateway…………………………………………………………………………………………………………….17   D).  Pocket  Filtering……………………………………………………………………………………………………………………18   E).  Hybrid………………………………………………………………………………………………………………………………….19   8. Cybersecurity  Management  Issues………………………………………………………………………….………………..20   9. Recommendation  on  Network  security…………………………………………………………………………………….21   10. Wireless  ……………………………………………………………………………………………………………………………………21   11. Cybersecurity  Technology…………….……………………………………………………………………..…..……………….23   A).  SSL-­‐VPN……………………………………………………………………………………………………………………………….23   B).  Intrusion  Detection  Prevention  System……………………………………………………………………………….24   12. Conclusion………………………………………………………………………………………………………..………..……………24     13. Bibliography……………………………………………………………………………………………………………………………..25     Figure   Figure  1:  Sample  application  of  gateway……………………………………………………………………………………………….18   Figure  2:  Sample  Pocket  filtering……………………………………………………………………………………………………………19          
  • 3. Cybersecurity     3  |  P a g e     1. Abstract   Physical  world  is  increasingly  supported  by  a  cyberspace  or  internet  infrastructure.  This   infrastructure  enables  new  business  models,  enhances  communications,  makes  personal  lives   more  convenient,  and  contributes  to  national  defense.  The  flip  side  of  this  increased  reliance,   however,  is  that  vulnerable  to  threats  to  cyberspace  infrastructure.  Network  outages,  data   compromised  by  hackers,  propagating  viruses,  and  other  incidents  affect  lives  in  ways  that   range  from  inconvenient  to  life-­‐threatening.  Cybersecurity  necessitates  a  comprehensive   national  policy  to  protect  electronically  transmitted  and  stored  information  from  intrusion.       The  President  of  the  United  State  (U.S.)  declared  that  the  U.S.  economic  prosperity  in  21st   century  depends  on  cybersecurity.    In  the  face  of  severe  exigencies  of  threat,  several  nations   and  organizations  are  addressing  the  issue  independently  as  well  as  jointly.  Cybersecurity   threats  are  increasing  day  by  day  and  making  high  speed  wired/wireless  network  and  internet   services,  insecure  and  unreliable.  Security  measures  works  more  importantly  towards  fulfilling   the  cutting  edge  demands  of  today’s  growing  internet  use.  The  need  is  also  induced  in  to  the   areas  like  defense,  where  secure  and  authenticated  access  of  resources  are  the  key  issues   related  to  information  security.       This  paper  described  the  important  measures  and  parameters  regarding  large   industry/organizational  requirements  for  establishing  a  secure  network  as  well  as  issue  and   challenges  in  cybersecurity.    Wi-­‐Fi  networks  are  very  common  in  providing  wireless  network   access  to  different  resources  and  connecting  various  devices  wirelessly.  There  are  need  of   different  requirements  to  handle  Wi-­‐Fi  threats  and  network  hacking  attempts.  This  paper  also  
  • 4. Cybersecurity     4  |  P a g e     explores  important  security  measures  related  to  cybersecurity,  so  that  a  fully  secured  network   environment  could  be  established  in  an  organization.     2. Introduction   As  government  agencies,  private  sector  corporations,  the  military,  and  even  retail  shoppers   shift  their  activities  to  the  Internet,  cybersecurity  becomes  increasingly  important.  In  October   2010,  the  President  of  the  United  States  (U.S.)  called  upon  U.S.  people  to  recognize  the   importance  of  cybersecurity.    He  emphasized  on  the  confidentiality  of  sensitive  information,   integrity  of  e-­‐commerce,  and  resilience  of  cyber  infrastructure.    The  President  requested  for  a   universal  co-­‐operations  to  reduce  cyber  risk  (http://www.whitehouse.gov/the-­‐press-­‐ office/2010/10/01/presidential-­‐proclamation-­‐national-­‐cybersecurity-­‐awareness-­‐month).   Cyberspace  touches  nearly  every  part  of  daily  lives.    It's  the  broadband  networks  beneath  us   and  the  wireless  signals  around  us,  the  local  networks  in  our  schools  and  hospitals  and   businesses,  and  the  massive  grids  that  power  our  nation.    It's  the  classified  military  and   intelligence  networks  that  keep  us  safe,  and  the  World  Wide  Web  that  has  made  us  more   interconnected  than  at  any  time  in  human  history.    We  must  secure  our  cyberspace  to  ensure   that  we  can  continue  to  grow  the  nation’s  economy  and  protect  our  way  of  life   (www.whitehouse.gov/cybersecurity).   Cybersecurity  is  the  measure  to  safeguard  organizational  computing  assets  from  cyber   threats  and  vulnerabilities.    While  computers  provide  increased  features  and  functionality,  they   also  introduce  new  risks.    Any  piece  of  electronic  equipment,  such  as  computer,  cell  phone,  car   navigation  device,  PDA,  etc.  that  uses  some  kind  of  computerized  component  is  vulnerable  to   software  imperfections  and  vulnerabilities.    The  risks  increase  if  the  device  is  connected  to  the  
  • 5. Cybersecurity     5  |  P a g e     internet  or  a  network  that  an  attacker  may  be  able  to  access.    The  outside  connection  provides   a  way  for  an  attacker  to  send  information  to  or  extract  information  from  the  connected  device.     Both  wired  and  wireless  connections  are  vulnerable  to  cyber  threats.    Attackers  may  be  able  to   take  advantage  of  these  technological  advancements  to  target  devices  previously  considered   "safe."  For  example,  an  attacker  may  be  able  to  infect  cell  phone  with  a  virus,  steal  phone  or   wireless  service,  or  access  the  data  on  PDA.  Not  only  do  these  activities  have  implications  for   users’  personal  information,  but  they  could  also  have  serious  consequences  if  any  corporate   information  is  stored  on  the  device.    Computing  devices  should  never  be  left  unattended  in   public  or  easily  accessible  areas.    All  patches,  firmware  updates,  and  software  updates  must  be   installed  immediately  after  it  is  released  by  the  vendor  –  installing  them  will  prevent  attackers   from  being  able  to  take  advantage  of  known  problems  or  vulnerabilities.    A  strong  and  unique   password  which  is  difficult  for  thieves  to  guess  should  be  used  for  each  computing  device,  and   option  to  remember  password  should  be  disabled.    Network  connections,  including  wireless   connections,  should  be  kept  disabled  when  they  are  not  in  use.    All  data,  especially  the  privacy   data,  should  be  stored  encrypted.    When  data  is  encrypted,  unauthorized  people  can't  view   data  even  if  they  can  physically  access  it;  the  data  owner  must  remember  the  encryption   password  to  decrypt  data,  otherwise  even  the  owner  will  be  unable  to  see  data  (McDowell  &   Lytle,  2008).   Even  the  U.S.  President,  Barack  Obama,  in  his  address  on  May  29,  2009  to  the  National   Security  Council  (NSC),  declared  that  America's  economic  prosperity  in  the  21st  century  would   depend  on  effective  implementation  of  cybersecurity.    Obama  mentioned  cyber  threat  as  one   of  the  serious  economic  and  national  security  challenges  and  cautioned  about  the  risk  of  
  • 6. Cybersecurity     6  |  P a g e     privacy  data,  identity  theft,  botnet,  spyware,  malware,  spoofing,  phishing,  cyber  threats,  and   cyber  criminals.    He  mentioned  that  about  1.5  billion  people  worldwide  use  Internet  and  it  is   growing  rapidly.    The  President  highlighted  that  e-­‐commerce  in  U.S.  accounted  for  $132  billion   retail  sales  in  2008.    Obama  estimated  that  cyber  criminals  stole  $1  trillion  worth  of  intellectual   property  in  2008  worldwide  (Obama,  2009).    Cybersecurity  can  be  defined  as  protection  of   networks  and  their  services  from  unauthorized  alteration,  destruction,  or  disclosure,  and   provision  of  assurance  that  the  network  performs  in  critical  situations  and  have  no  harmful   effects  for  neither  user  nor  for  employee  (Jegal,  2008).  It  also  includes  provisions  made  in  an   underlying  computer  network  infrastructure,  policies  adopted  by  the  network  administrator  to   protect  the  network  and  the  network-­‐accessible  resources  from  unauthorized  access.     3. Background   Computer  networks  were  developed  in  the  1960s  to  help  a  small  group  of  scientists  to   communicate  among  themselves.    The  Internet  was  developed  in  1969  in  an  effort  to  link  a  few   computers  in  scientific  labs  across  the  Unites  States,  especially  for  military  research,  and   financed  by  Pentagon  through  the  Advanced  Research  Project  Agency  (ARPA).    The  first   network  was  called  ARPANET.    In  1989,  the  Internet  was  transformed  to  World  Wide  Web   (WWW)  allowing  millions  of  people  to  access.    In  the  early  1990s,  the  development  of  Netscape   Navigator  even  made  the  WWW  easier  to  use.    Today,  the  Internet  is  used  by  millions  of  people   on  a  daily  basis  (Stevenson,  2000).         4. Cybersecurity Issues & Challenges (The Federal Information Systems) Federal agencies are facing a set of emerging cybersecurity threats that are the result of increasingly sophisticated methods of attack and the blending of once distinct types of attack into
  • 7. Cybersecurity     7  |  P a g e     more complex and damaging forms. Examples of these threats include spam (unsolicited commercial e-mail), phishing (fraudulent messages to obtain personal or sensitive data), and spyware (software that monitors user activity without user knowledge or consent). To address these issues, GAO was asked to determine (1) the potential risks to federal systems from these emerging cybersecurity threats, (2) the federal agencies' perceptions of risk and their actions to mitigate them, (3) federal and private-sector actions to address the threats on a national level, and (4) government faces a wide challenges to protecting federal systems from these threats. Spam, phishing, and spyware pose security risks to federal information systems. Spam consumes significant resources and is used as a delivery mechanism for other types of cyber attacks; phishing can lead to identity theft, loss of sensitive information, and reduced trust and use of electronic government services; and spyware can capture and release sensitive data, make unauthorized changes, and decrease system performance. The blending of these threats creates additional risks that cannot be easily mitigated with currently available tools. Agencies' perceptions of the risks of spam, phishing, and spyware vary. In addition, most agencies were not applying the information security program requirements of the Federal Information Security Management Act of 2002 (FISMA) to these emerging threats, including performing risk assessments, implementing effective mitigating controls, providing security awareness training, and ensuring that their incident-response plans and procedures addressed these threats. Several entities within the federal government and the private sector have begun initiatives to address these emerging threats. These efforts range from educating consumers to targeting cybercrime. Similar efforts are not, however, being made to assist and educate federal agencies. Although federal agencies are required to report incidents to a central federal entity, they are not consistently reporting incidents of emerging cybersecurity threats. Pursuant to FISMA, the
  • 8. Cybersecurity     8  |  P a g e     Office Management and Budget (OMB) and the Department of Homeland Security (DHS) share responsibility for the federal government's capability to detect, analyze, and respond to cybersecurity incidents. However, government a wide guidance has not been issued to clarify to agencies which incidents they should be reporting, as well as how and to whom they should report. Without effective coordination, the federal government is limited in its ability to identify and respond to emerging cybersecurity threats, including sophisticated and coordinated attacks that target multiple federal entities (Wilschsen, 2005). 5. Cybersecurity  Issue  &  Challenges  (The  Corporations,  Institutes,  and  Service  Providers)   A  Deloitte  study  in  2010  found  that  cyber  threats  posed  to  organizations  have  increased   faster  than  potential  victims,  the  cybersecurity  professionals,  can  cope  with  them.    This  placed   organizations  at  significant  risk.    Cyber  criminals  are  increasingly  adept  at  gaining  undetected   access  and  maintaining  a  persistent,  low-­‐profile,  long-­‐term  presence  in  IT  environments.    An   underground  economy  has  evolved  around  stealing,  packaging,  and  reselling  information.     Malware  authors  for  hire  provide  skills,  capabilities,  products,  and  outsourced  services  to  cyber   criminals.    These  include,  among  others,  identity  collection  and  theft,  data  acquisition  and   storage,  stealthy  access  to  systems,  misdirection  of  communications,  keystroke  identification,   identity  authentication,  and  botnets.    Security  models  today  are  primarily  “reactive,”  and  cyber   criminals  are  exploiting  that  weakness.    Many  security  organizations  may  be  leaving  themselves   vulnerable  to  cyber  crime  based  on  a  false  sense  of  security,  perhaps  even  complacency,  driven   by  non-­‐agile  security  tools  and  processes.    Many  are  failing  to  recognize  cyber  crimes  in  their   information  technology  (IT)  environments  and  misallocating  limited  resources  to  lesser  threats.    
  • 9. Cybersecurity     9  |  P a g e     For  example,  many  organizations  focus  heavily  on  foiling  hackers  and  blocking  pornography   while  potential  cyber  crimes  are  going  undetected  and  unaddressed  (DeZabala  &  Baich,  2010).   There  are  concerns  that  Apple  uploads  clients’  data,  up  to  73MB  a  night,  from  every  iPhone   device  in-­‐use.    Apple  is  claiming  that  they  are  uploading  location  data  only.    Uploading  up  to  73   MB  of  location  data  every  night?    Is  that  true?    What  Apple  is  really  uploading?    Are  they   harvesting  keyboard  cache,  GeoTag  (location  data),  date,  time,  photo  library,  WiFi  connection   logs,  and  personal  interest  of  users  supplemented  with  name,  phone  number,  and  email   address?    All  combined,  this  set  of  information  has  a  huge  value  in  the  underground  market  of   personal  data.    This  data  is  enough  for  a  dubious  spouse  to  prove  that  the  partner  was  not  in   office  at  a  given  date  and  time?    Is  Apple  infringing  the  data  privacy  of  its  users?    As  a   precaution,  Apple  users  should  regularly  clean  the  browser’s  recent  searches  and  the  keyboard   cache.    Germany’s  justice  minister,  Sabine  Leutheusser-­‐Schnarrenberger,  has  already  asked   Apple  to  tell  the  State  Data  Protection  Officials  about  the  kind  of  data  that  Apple  is  gathering  on   individual  iPhone  users  in  Germany.    Apple  is  also  asked  to  outline  the  purpose  of  collecting  this   data  and  how  long  the  data  will  be  stored  (Brien,  2010;  Seriot,  2010).       Although  there  are  popular  believes  that  only  computer  programs  can  get  infected  with   virus  software,  but  that  is  not  necessarily  true.    In  fact,  almost  any  electronic  device  that  runs   automatically  can  get  infected  with  malware  (virus,  worm,  etc.),  and  even  cell  phones  are  not   safe  from  cyber  crimes.    IKEE  is  the  first  known  iPhone  worm.    This  worm  changes  the  iPhone’s   wallpaper  and  displays  a  photograph  of  1980s  singer  Rick  Ashley  with  the  words  “IKEE  is  never   goanna  give  you  up.”    The  programmer  of  this  worm,  a  21-­‐year  old  Australian  programmer,  was  
  • 10. Cybersecurity     10  |  P a g e     subsequently  hired  by  the  Australian  iPhone  development  company,  Mogeneration.    Typically,   iPhone  runs  software  in  its  standard  configuration  that  is  cryptographically  signed  only  by   Apple,  but  iPhone  hackers  found  ways  to  circumvent  this  limitation  by  creating  a  modified   version  of  iPhone  operating  system  (OS)  that  runs  other  software  codes.    Installing  such  a   firmware  is  called  “jailbreaking.”    It  is  estimated  that  about  6–8%  of  all  iPhone  are  “jailbroken”   and  hackers  can  steal  users’  data  now,  including  users’  privacy  and  sensitive  data,  from   jailbroken  iPhones  remotely  (Seriot,  2010).         Cybercrime,  such  as  identity  theft  electronically,  is  a  federal  crime  in  the  USA.    It  is  one   of  the  most  prevalent  nuisances  of  the  21st  century,  the  digital  revolution,  and  the  radical   transformation  of  world  for  its  widespread  Internet  use.    Not  only  has  this  revolution  changed   the  way  people  live  and  do  business,  it  has  also  expanded  the  spectrum  of  illegal  activities.     Cybercrime  has  many  faces  -­‐  from  computer  hacking  and  online  piracy  of  copyrighted  content   to  spam,  spyware,  malware,  or  any  of  a  host  of  other  issues,  unimaginable  a  few  decades  ago.     It  is  not  yet  clear  how  the  law  is  faring  against  this  ever  elusive  opponent  (Demarco,  2009).   The  most  frequent  form  of  identity  theft  is  the  fraudulent  use  of  someone’s  name  and   identifying  data  to  obtain  credit,  merchandise,  and  services  (COPS,  2006).    The  Internet  has   made  it  easier  for  individuals  and  organizations  to  communicate  and  conduct  business  online;   hence,  e-­‐commerce  is  growing.    According  to  eMarketer,  an  estimated  152  million  individuals   ages  14  and  above  shopped  online  in  2009.    With  the  growth  of  e-­‐commerce,  identity  theft   problems  have  also  grown  in  many  parts  of  the  world.    Tremendous  efforts  have  been  made  in  
  • 11. Cybersecurity     11  |  P a g e     the  past  decade  by  governments  and  businesses  to  understand  these  issues  and  to  find-­‐out   solutions  for  combating  these  problems  (Ji,  Smith-­‐Chao,  &  Min,  2008).       The  growth  potential  of  e-­‐commerce  has  its  own  vulnerabilities  also.    The  chance  of   security  failure,  including  disclosure  of  privacy  information,  is  high.    The  confidentiality,   integrity,  and  availability  (CIA)  are  at  stake.    Perhaps  the  most  important  reason  for  both   businesses  and  consumers  to  partially  refrain  from  establishing  and  participating  in  e-­‐ commerce  is  the  potential  for  loss  of  privacy  data.    A  single  highly  publicized  security  breach  in   privacy  data  can  erode  confidence  in  the  business  and  can  not  only  damage  the  reputation  of   the  firm,  but  cause  widespread  repercussions  in  the  e-­‐commerce  industry  (Farahmand  &   Navathe,  2005).    The  internet  has  presented  opportunities  for  companies  to  bombard  the   consumers  with  various  marketing  information,  especially  in  online  advertisements.    Some  of   these  techniques  infringe  data  privacy  and  leaves  consumers  with  security  issues.    Dobosz,   Green,  &  Sisler  (2006)  found  that  DoubleClick  collecting  PII  of  Internet  users  although  it  claims   that  it  does  not.       A  Federal  Trade  Commission  survey  conducted  in  2003  estimated  the  annual  number  of   victims  of  some  form  of  identity  theft  at  9.91  million  adults  or  about  4.6  percent  of  the  United   States  population.    Actual  dollar  losses  for  businesses  and  victims  in  the  United  States  are   estimated  roughly  at  $53  billion  for  2004.    These  figures  do  not  take  into  account  expenses   incurred  by  the  victims  to  recover  losses;  the  cost  to  the  criminal  justice  system  to  detect,   investigate,  and  prosecute  offenders;  or  the  expenditures  of  time  and  money  to  develop,   promulgate,  and  enforce  legislation  to  control  this  crime  (COPS,  2006).    The  total  one-­‐year  
  • 12. Cybersecurity     12  |  P a g e     fraud  amount  for  2006  is  estimated  at  $55.7  billion,  and  the  average  number  of  hours  that  each   victim  devotes  to  resolving  fraudulent  transactions  and  negative  credit  reporting  issues  is   thought  to  be  40  hours  per  victim  (Fonte,  2008).   It  is  essential  to  reduce  the  opportunities  for  criminals’  misusing  the  data  that  they  steal   because  thieves  are  resourceful  and  security  systems  are  imperfect.    Strong  law  enforcement  is   necessary  to  punish  the  identity  thieves.    The  recent  increasing  sophistication  of  identity   thieves  meant  that  law  enforcement  agencies  at  all  levels  of  government  must  increase  the   resources  they  devote  for  investigating  identity  related  crimes  (Gonzales  &  Majoras,  2007).   According  to  the  U.S.  Federal  Trade  Commission  (FTC)  survey,  about  9.9  million  Americans  were   victims  of  identity  theft  in  2002.    Losses  from  such  crimes  totaled  $48  billion.    Consumers   reported  $5  billion  in  out-­‐of-­‐pocket  expenses  to  fix  the  problem  (Africa  news,  2003).    The   federal  trade  commission  (FTC)  publication  in  2008  –  “Take  Charge:  Fighting  Back  Against   Identity  Theft”  is  rich  in  contents  identifying  the  prevailing  risks,  such  as  tax  fraud,  banking   fraud,  and  credit  fraud  in  identity  theft  and  data  privacy  risks,  resolving  problems,  and   minimizing  recurrence  (FTC,  2008).     There  is  a  growing  awareness  among  e-­‐commerce  customers  that  they  must  stay  ahead   of  the  risks,  because  risk  is  everywhere;  even  using  a  teller  machine  is  a  potential  risk  where  a   criminal  might  watch  the  personal  identification  number  (PIN)  over  the  shoulder  and  use  it  later   or  sell  it  to  others  for  their  financial  gains  (Bhakta,  2008).       6.  Cybersecurity  Tools  
  • 13. Cybersecurity     13  |  P a g e     Nowadays  many  commercial  and  some  DOD  or  DOE  installations  have  networks  which   include  various  supercomputer  models  incorporated  in  them.    It  would  be  interesting  to  know  if   products  cater  for  such  environments  too  along  with  the  associated  pricing  algorithm.    New   techniques  and  advances  in  the  field  of  “real-­‐time”  auditing  in  the  area  of  IDS,  Intrusion   Detection  Systems,  now  look  for  signs  of  intrusions  or  variations  in  the  normal  operations  in   real  time.    Thus  bringing  auditing  of  ICT  network  systems  into  more  of  an  a  ‘prior  system  than   previous  known.  Previous  ICT  auditing  systems  looked  more  like  the  classical  accounting  and   financial  auditing  tools  applied  to  computing.    There  is  still  that  element  present.    However;   today  the  computer  is  the  network  and  the  network  is  the  computer  and  it  is  a  dynamic  system   which  lends  itself  to  real-­‐time  auditing.    This  is  a  dimension  beyond  yesterday’s  computer   auditing  functionality  (Clark,  2011).   Below  are  named  few  tools  and  a  very  brief  functionality  used  to  secure  the  network:   •  N-­‐map  Security  Scanner  is  a  free  and  open  source  utility  for  network  exploration  or  security   auditing.   •  Nessus  is  the  best  free  network  vulnerability  scanner  available.   •  Wire  shark  or  Ethereal  is  an  open  source  network  protocol  analyzer  for  UNIX  and  Windows.   •  Snort  is  light-­‐weight  network  intrusion  detection  and  prevention  system  excels  at  traffic   analysis  and  packet  Logging  on  IP  networks.   •  Net  Cat  is  a  simple  utility  that  reads  and  writes  data  across  TCP  or  UDP  network  connections.   •  Kismet  is  a  powerful  wireless  sniffer.   6. Cybersecurity  Measures:    
  • 14. Cybersecurity     14  |  P a g e     (Marin,  2005)  defined  the  core  practical  networking  aspects  of  security  including   computer  intrusion  detection,  traffic  analysis,  and  network  monitoring  aspects  of  network   security.  (Flauzac,  2009)  has  presented  a  new  approach  for  the  implementation  of   distributed  security  solution  in  a  controlled  collaborative  manner,  called  grid  of  security,  in   which  community  of  devices  ensures  that  a  device  is  trustworthy  and  communications   between  devices  can  be  performed  under  control  of  the  system  policies.  (Wu  Kehe,  2009)   has  defined  information  security  in  three  parts  -­‐  data  security,  network  system  security  and   network  business  security,  and  the  network  business  security  model.  A  theoretical  basis  for   security  defense  for  enterprise  automatic  production  system  has  also  been  established.  A   Public  Key  Infrastructure  (PKI)-­‐based  security  framework  for  wireless  network  has  been   defined  by  (Wuzheng  2009).  In  this  paper  various  tools  and  treatment  related  to   cryptography  and  network  security  has  been  defined.  The  latest  issues  related  to  network   security  technology  and  their  practical  applications  like  Advance  Encryption  Standard  (AES),   CMAC  mode  for  authentication  and  the  CCM  mode  for  authenticated  encryption  standards   are  also  discussed  in  a  very  elaborative  way.  In  addition,  various  hacking  attempts  and  their   detection,  remedial  are  also  discussed  in  a  very  efficient  way.  Nowadays,  transfer  of   information  in  a  safer  and  secure  way  over  a  network  has  become  a  major  challenge  for  the   industry.  The  attacks  and  the  network  security  measures  define  that  how  using  the  network   security  tools,  a  better,  healthy  and  safe  network  can  be  designed  and  maintained  for  an   organization/industry.  This  paper  focuses  on  the  issues  through  which  Cybersecurity  can  be   managed  and  maintained  more  efficiently  in  an  organization.     Following  measures  are  to  be  taken  to  secure  the  network  
  • 15. Cybersecurity     15  |  P a g e     •  A  strong  firewall  and  proxy  to  be  used  to  keep  unwanted  traffic  out.   •  A  strong  Antivirus  software  package  and  Internet  Security  Software  package  should  be   installed.   •  For  authentication,  use  strong  passwords  and  change  every  30  days  basis.   •  When  using  a  wireless  connection,  use  a  robust  password.   •  Employees  should  be  cautious  about  physical  security.   •  Prepare  a  network  analyzer  or  network  monitor  and  use  it  when  needed.   •  Implementation  of  physical  security  measures  like  closed  circuit  television  for  entry  areas  and   restricted  zones.   •  Security  barriers  to  restrict  the  organization's  perimeter.   •  Fire  asphyxiators  can  be  used  for  fire-­‐sensitive  areas  like  server  rooms  and  security  rooms.   7. Cybersecurity  Method   According  to  one  of  my  UMUC  professor  that  Security  is  on  one  hand  a  race  of  imagination,   trying  to  outthink  the  bad  guys,  but  it  is  also  a  very  regimented,  details  oriented,  carefully   thought  out  pattern  of  activity.  The  imagination  and  the  cybersecuity  method  are  expressed   regarding  the  cybersecurity  war  (Samid,  2009).  In  a  never-­‐ending  loop,  cybersecurity  experts   develop  new  ways  to  prevent  continually  emerging  threats,  and  hackers  develop  more   sophisticated  technology  to  circumvent  information  security  systems.  Below  are  named  a  few   methods  and  a  brief  discussed.   A. Cryptography   Today’s  information  systems  and  the  information  that  they  contain  are  considered  to  be   major  assets  that  require  protection.  Cryptography  relies  on  ciphers  (after  encrypted  plaintext),  
  • 16. Cybersecurity     16  |  P a g e     which  is  nothing  but  mathematical  functions  used  for  encryption  and  decryption  of  a  message.   To  ensure  the  security  of  information  in  increasingly  prevalent  e-­‐commerce,  e-­‐business,  and  to   protect  private  data  from  hackers  and  saboteurs,  among  the  others,  cryptography  is  one  of  the   key  techniques  that  ensure  confidentiality  and  integrity  of  information.    The  information  used   by  government  and  business  is  contained  in  computer  systems  consisting  of  groups  of   interconnected  computers  that  make  use  of  shared  networks,  often  referred  to  as  the  Internet   or  Cyberspace.  Since  the  Cyberspace  is  shared  by  diverse  and  often  competing  organizations   and  individuals,  information  systems  should  protect  themselves  and  the  information  that  they   contain  from  unauthorized  disclosure,  modification  and  use.  Cryptography  is  often  used  to   protect  information  from  unauthorized  disclosure,  to  detect  modification,  and  to  authenticate   the  identities  of  system  users.  Cryptography  is  particularly  useful  when  data  transmission  or   authentication  occurs  over  communications  networks  for  which  physical  means  of  protection   are  often  cost-­‐prohibitive  or  even  impossible  to  implement.  Thus,  cryptography  is  widely  used   when  business  is  conducted  or  when  sensitive  information  is  transmitted  over  the  Cyberspace.   Cryptography  also  provides  a  layer  of  protection  for  stored  data  (in  addition  to  physical  and   computer  security  access  controls)  against  insiders  who  may  have  physical  and  possibly  logical   (e.g.,  system  administrator)  access  to,  but  not  the  authorization  to  know  or  modify,  the   information  Cryptographic  techniques  (Pandey,  2011).   B. Firewall   Firewalls  are  devices  or  programs  that  control  the  flow  of  network  traffic  between  networks   or  hosts  that  employ  differing  security  postures.  At  one  time,  most  firewalls  were  deployed  at   network  perimeters.  This  provided  some  measure  of  protection  for  internal  hosts,  but  it  could  
  • 17. Cybersecurity     17  |  P a g e     not  recognize  all  instances  and  forms  of  attack,  and  attacks  sent  from  one  internal  host  to   another  often  do  not  pass  through  network  firewalls.  Because  of  these  and  other  factors,   network  designers  now  often  include  firewall  functionality  at  places  other  than  the  network   perimeter  to  provide  an  additional  layer  of  security,  as  well  as  to  protect  mobile  devices  that   are  placed  directly  onto  external  networks.    Threats  have  gradually  moved  from  being  most   prevalent  in  lower  layers  of  network  traffic  to  the  application  layer,  which  has  reduced  the   general  effectiveness  of  firewalls  in  stopping  threats  carried  through  network  communications.   However,  firewalls  are  still  needed  to  stop  the  significant  threats  that  continue  to  work  at  lower   layers  of  network  traffic.  Firewalls  can  also  provide  some  protection  at  the  application  layer,   supplementing  the  capabilities  of  other  network  security  technologies.  There  are  several  types   of  firewalls,  each  with  varying  capabilities  to  analyze  network  traffic  and  allow  or  block  specific   instances  by  comparing  traffic  characteristics  to  existing  policies.  Understanding  the  capabilities   of  each  type  of  firewall,  and  designing  firewall  policies  and  acquiring  firewall  technologies  that   effectively  address  an  organization’s  needs,  are  critical  to  achieving  protection  for  network   traffic  flows.   C. Application  gateway   This  is  the  first  firewall  and  is  sometimes  also  known  as  proxy  gateways  as  shown  in  figure   1.  These  are  made  up  of  bastion  hosts  so  they  do  act  as  a  proxy  server.  This  software  runs  at   the  Application  Layer  of  the  ISO/OSI  Reference  Model.  Clients  behind  the  firewall  must  be   categorized  &  prioritized  in  order  to  avail  the  Internet  services.  This  is  been  the  most  secure,  
  • 18. Cybersecurity     18  |  P a g e     because  it  doesn't  allow  anything  to  pass  by  default,  but  it  also  need  to  have  the  programs   written  and  turned  on  in  order  to  start  the  traffic  passing.     Figure  1:  A  sample  application  gateway  (Pandra,  2010)   D. Pocket  Filtering   Packet  filtering  is  a  technique  whereby  routers  have  ACLs  (Access  Control  Lists)  turned  on.   By  default,  a  router  will  pass  all  traffic  sent  through  it,  without  any  restrictions  as  shown  in   figure  2.  ACL’s  is  a  method  to  define  what  sorts  of  access  is  allowed  for  the  outside  world  to   have  to  access  internal  network,  and  vice  versa.  This  is  less  complex  than  an  application   gateway,  because  the  feature  of  access  control  is  performed  at  a  lower  ISO/OSI  layer.  Due  to   low  complexity  and  the  fact  that  packet  filtering  is  done  with  routers,  which  are  specialized   computers  optimized  for  tasks  related  to  networking,  a  packet  filtering  gateway  is  often  much   faster  than  its  application    layer  cousins.  Working  at  a  lower  level,  supporting  new  applications   either  comes  automatically,  or  is  a  simple  matter  of  allowing  a  specific  packet  type  to  pass   through  the  gateway.  There  are  problems  with  this  method;  thought  TCP/IP  has  absolutely  no  
  • 19. Cybersecurity     19  |  P a g e     means  of  guaranteeing  that  the  source  address  is  really  what  it  claims  to  be.  As  a  result,  use   layers  of  packet  filters  are  must  in  order  to  localize  the  traffic.     Figure  2:  A  sample  packet  filtering  gateway  (Pandra,  2010)   It  can  differentiate  between  a  packet  that  came  from  the  Internet  and  one  that  came  from  our   internal  network.  Also  It  can  be  identified  which  network  the  packet  came  from  with  certainty,   but  it  can't  get  more  specific  than  that.   E. Hybrid  System   In  an  attempt  to  combine  the  security  feature  of  the  application  layer  gateways  with  the   flexibility  and  speed  of  packet  filtering,  some  developers  have  created  systems  that  use  the   principles  of  both.  In  some  of  these  systems,  new  connections  must  be  authenticated  and   approved  at  the  application  layer.  Once  this  has  been  done,  the  remainder  of  the  connection  is   passed  down  to  the  session  layer,  where  packet  filters  watch  the  connection  to  ensure  that  only   packets  that  are  part  of  an  ongoing  (already  authenticated  and  approved)  conversation  are   being  passed.  Uses  of  packet  filtering  and  application  layer  proxies  are  the  other  possible  ways.  
  • 20. Cybersecurity     20  |  P a g e     The  benefits  here  include  providing  a  measure  of  protection  against  your  machines  that  provide   services  to  the  Internet  (such  as  a  public  web  server),  as  well  as  provide  the  security  of  an   application  layer  gateway  to  the  internal  network.  Additionally,  using  this  method,  an  attacker,   in  order  to  get  to  services  on  the  internal  network,  will  have  to  break  through  the  access  router,   the  bastion  host,  and  the  choke  router.   8. Security  Management  Issues   a)  Ensuring  the  security  strength  of  the  organization  is  a  big  challenge  nowadays.  Organizations   have  some  pre-­‐defined  security  policies  and  procedures  but  they  are  not  implementing  it   accordingly.  Through  the  use  of  technology,  we  should  impose  these  policies  on  people  and   process.       b)  Building  and  affirming  high-­‐quality  resources  for  deployment  and  efficient  management  of   network  security  infrastructure.    Adopting  technologies  that  are  easy  and  cost  effective  to   deploy  and  manage  day-­‐to–day  network  security  operations  and  troubleshoots  in  the  long  run.   c)  Ensuring  a  fully  secure  networking  environment  without  degradation  in  the  performance  of   business  applications.   d)  On  a  day-­‐to-­‐day  basis,  enterprises  face  the  challenge  of  having  to  scale  up  their   infrastructure  to  a  rapidly  increasing  user  group,  both  from  within  and  outside  of  the   organizations.  At  the  same  time,  they  also  have  to  ensure  that  performance  is  not   compromised.   e)  Organizations  sometimes  have  to  deal  with  a  number  of  point  products  in  the  network.   Securing  all  of  them  totally  while  ensuring  seamless  functionality  is  one  of  the  biggest   challenges  they  face  while  planning  and  implementing  a  security  blueprint.  
  • 21. Cybersecurity     21  |  P a g e     f)  The  implementation  and  conceptualization  of  security  blueprint  is  a  challenge.  Security  is  a   combination  of  people,  processes,  and  technology;  while  IT  managers  are  traditionally  tuned  to   address  only  the  technology  controls.   9.  Recommendation  of  Network  security  controls   a)  Organization  should  be  prepared  to  cope  with  the  growth  of  the  organization,  which  in  turn   would  entail  new  enhancements  in  the  network  both  in  terms  of  applications  and  size.  They   should  plan  security  according  to  the  changing  requirements,  which  may  grow  to  include   various  factors  like  remote  and  third-­‐party  access.   b)  Threats  are  no  longer  focused  on  network  layer;  application  layer  is  the  new  playground  of   hackers.  Attack  protection  solutions  must  protect  network,  services  and  applications;  provide   secure  office  connection,  secure  remote  employee  access,  resilient  network  availability,  and   controllable  Internet  access.   c)  The  ideal  solution  for  internal  security  challenges  is  not  only  a  conventional  security  product   but  it  must  contain  the  threats  (like  worms),  divide  the  network,  and  protect  the  desktop,   server  and  the  data  center.   d)  About  70  percent  of  new  attacks  target  Web-­‐enabled  applications  and  their  number  is   growing.  Enterprises  should,  therefore,  deploy  Web  security  solutions  that  provide  secure  Web   access  as  well  as  protect  Web  servers  and  applications.  The  security  solutions  must  be  easy  to   deploy,  and  they  should  also  provide  integrated  access  control  (Pandey,  2011).   10.  Wireless   While  wireless  provides  productivity  and  benefit,  their  explosive  growth  they  also  pose   risks  to  end  users  and  organizations  
  • 22. Cybersecurity     22  |  P a g e       Threats  to  wireless  local  area  networks  (WLANs)  are  numerous  and  potentially  devastating.   Security  issues  ranging  from  misconfigured  wireless  access  points  (WAPs)  to  session  hijacking  to   Denial  of  Service  (DoS)  can  plague  a  WLAN.  Wireless  networks  are  not  only  susceptible  to   TCP/IP-­‐based  attacks  native  to  wired  networks,  they  are  also  subject  to  a  wide  array  of  802.11-­‐ specific  threats.  To  aid  in  the  defense  and  detection  of  these  potential  threats,  WLANs  should   employ  a  security  solutions.     Wireless  access  points  are  increasingly  serving  as  entry  points  to  the  Internet,  increasing   connectivity  options  and  security  concerns.  Particularly  significant  are  public  access  points,   commonly  known  as  hotspots,  which  are  often  located  in  heavily  populated  areas  such  as   airports,  coffee  shops,  and  hotels,  appealing  to  both  business  and  casual  users,  but  offering   little  or  no  security.    The  number  of  worldwide  commercial  hotspots  reached  143,700  in  2006,   with  an  estimated  675,000  additional  access  points  shipped  during  the  year  specifically  for  use   in  public  hot  spots  (Chenoweth,  Minch  &  Tabor,  2010).  The  growth  in  hotspots  is  expected  to   continue  because  they  are  inexpensive,  new  applications  (such  as  voice  over  Wi-­‐Fi)  are   emerging,  and  the  public  is  becoming  accustomed  to  the  mobility  and  ubiquitous  Internet   access  they  provide.  At  the  same  time  that  wireless  usage  is  increasing,  computer  and  network   security  is  consuming  an  increasing  amount  of  time  and  resources  for  individuals  and   organizations.  The  spiraling  number  of  viruses  and  outsider  attacks  has  driven  this  increase  and   has  shortened  the  timeframe  between  vulnerability  announcements  and  the  appearance  of   global  exploits.  Despite  the  increased  risk,  most  wireless  networks  have  little  or  no  network   security  implemented.  Surveys  have  determined  that  approximately  60%  of  all  wireless  
  • 23. Cybersecurity     23  |  P a g e     networks  use  no  form  of  encryption,  and  that  even  when  encryptions  enabled,  approximately   75%  are  using  wired  equivalent  privacy  (WEP),  which  has  several  well-­‐documented  security   deficiencies  (Chenoweth,  Minch  &  Tabor,  2010).    The  problem  is  even  more  acute  with  public   hotspots  because  their  users  are  more  interested  in  ease  of  use  than  the  level  of  security.   11. Security  Technology   Leading  security  vendors  offer  end-­‐to-­‐end  solutions  that  claim  to  take  care  of  all  aspects  of   Cybersecurity.  End-­‐to-­‐end  solutions  usually  offer  a  combination  of  hardware  and  software   platforms  including  a  security  management  solution  that  performs  multiple  functions  and  takes   care  of  the  entire  gamut  of  security  on  a  network.  An  integrated  solution  is  one  that   encompasses  not  only  a  point-­‐security  problem  (like  worms/intrusion)  but  one  that  also   handles  a  variety  of  network  and  application  layer  security  challenges.  Available  products  can   be  categorized  in  the  following  streams.   A. SSL-­‐VPN     According  to  NIST  SSL-­‐VPN  guidelines  that  the  protection  of  sensitive  information  that  is   transmitted  across  interconnected  networks  is  critical  to  the  overall  security  of  an   organization’s  information  and  information  systems.      SSL  VPNs  provide  secure  remote  access   to  an  organization’s  resources.  A  VPN  is  a  virtual  network,  built  on  top  of  existing  physical   networks,  which  can  provide  a  secure  communications  mechanism  for  data  and  other   information  transmitted  between  two  endpoints.  Because  a  VPN  can  be  used  over  existing   networks  such  as  the  Internet,  it  can  facilitate  the  secure  transfer  of  sensitive  data  across  public   networks.  An  SSL  VPN  consists  of  one  or  more  VPN  devices  to  which  users  connect  using  their  
  • 24. Cybersecurity     24  |  P a g e     Web  browsers.  The  traffic  between  the  Web  browser  and  the  SSL  VPN  device  is  encrypted  with   the  SSL  protocol  or  its  successor,  the  Transport  Layer  Security  (TLS)  protocol  (Frankel  2010).       A. Intrusion  Detection  Prevention  Systems   An  IPS  combines  the  best  features  of  firewalls  and  intrusion  detection  system  to  provide   a  tool  that  changes  the  configurations  of  network  access  control  points  according  to  the  rapidly   changing  threat  profile  of  a  network.  This  introduces  the  element  of  intelligence  in  network   security  by  adapting  to  new  attacks  and  intrusion  attempts.  Intrusion  prevention  has  received  a   lot  of  interest  in  the  user  community.  Most  organization  evolves  in  their  use  of  intrusion   prevention  technology.  Some  will  adopt  blocking  in  weeks  and  rapidly  expand  their  blocking  as   they  see  the  benefits  of  accurate  attack  blocking.  Others  will  start  slowly  and  expand  slowly.   The  key  is  to  reliably  detect  and  stop  both  known  and  unknown  attacks  real  time.  Traffic   monitoring  in  wired  networks  is  usually  performed  at  switches,  routers  and  gateways,  but  an  ad   hoc  network  does  not  have  these  types  of  network  elements  where  the  IDS  can  collect  audit   data  for  the  entire  network.  Network  traffic  can  be  monitored  on  a  wired  network  segment,  but   ad  hoc  nodes  or  sensors  can  only  monitor  network  traffic  within  its  observable  radio   transmission  range.                
  • 25. Cybersecurity     25  |  P a g e     12.  Conclusion   The  cybersecurity  problem  is  unlike  any  other  security  problem  the  nation  has  faced   before.  It  is  epiphenomenal,  a  consequence  of  the  computer  and  Internet  revolution.  This   beguiling  device  is  now  a  part  of  twenty-­‐first-­‐century  life—a  tool  for  cataloguing  recipes,  and   essential  for  launching  cruise  missiles,  flying  airplanes,  and  operating  nuclear  power  plants.  The   ubiquity  of  the  computer  and  the  Internet,  which  links  one  computer  to  another,  offers   tremendous  efficiency  and  customizable  convenience.  However,  this  efficiency  and   convenience  come  at  a  significant  price.  The  cornerstone  of  America’s  cyberspace  security   strategy  is  and  will  remain  a  public–private  partnership.  The  public–private  partnerships  that   formed  in  response  to  the  President’s  call  have  developed  their  own  strategies  to  protect  the   parts  of  cyberspace  on  which  they  rely.  This  unique  partnership  and  process  was  and  will   continue  to  be  necessary  because  the  majority  of  the  country’s  cyber  resources  are  controlled   by  entities  outside  of  government.  (NSSC  2003,1,  54).     The  security  measures  should  be  designed  and  provided,  first  organization  should  know  its   need  of  security  on  the  different  levels  of  the  organization  and  then  it  should  be  implemented   for  different  levels.  Security  policies  should  be  designed  first  before  its  implementation  in  such   a  way,  so  that  future  alteration  and  adoption  can  be  acceptable  and  easily  manageable.  The   Security  system  must  be  tight  but  must  be  flexible  for  the  end-­‐user  to  make  him  comfortable,   he  should  not  feel  that  security  system  is  moving  around  him.  Users  who  find  security  policies   and  systems  too  restrictive  will  find  ways  around  them.      
  • 26. Cybersecurity     26  |  P a g e     12. Bibliography:   Brooks,  T.N.  (2003).  A  thematic  content  analysis  of  identity  theft:  What  it  is  and  how  to   avoid  it.  The  University  of  Texas  at  Arlington.  UMI  Microform  No.  1416811   Bhakta,  P.  (2008).  Identity  theft:  Examining  the  challenges.  California  State  University.   Retrieved  from   http://proquest.umi.com.ezproxy.umuc.edu/pqdweb?index=2&did=1548707731&Srch Mode=2&sid=1&Fmt=6&VInst=PROD&VType=PQD&RQT=309&VName=PQD&TS=12624 67011&clientId=8724.     Obama,  B.  (2009).  Speech  of  the  U.S.  President  to  the  National  Security  Council.  White   House.  Retrieved  from   http://www.whitehouse.gov/administration/eop/nsc/cybersecurity     Chenweth,  t.,  Minch,  R.,  &  Tobor,  S.  (February,  2010).  Wireless  Insecurity:  Examining  user   security  behavior  on  public  networks.  Vol.  53  Issue  2,  p134-­‐138,  5p,  4.  Retrieved  from   ACM  database     Curtin,  M.  (March,  1997).  Introduction  to  Network  Security.  Retrieved  from   http://www.cs.cornell.edu/Courses/cs519/2003sp/slides/15_securitybasics.pdf       DeZabala,  T.  &  Baich,  R.  (2010).Cybercrime:  A  clear  and  present  danger  –  Combating  the   fastest  growing  cyber  security  Threat.  Deloitte.  Retrieved  from   http://www.deloitte.com/assets/Dcom-­‐ UnitedStates/Local%20Assets/Documents/AERS/us_aers_Deloitte%20Cyber%20Crime% 20POV%20Jan252010.pdf       Flauzac,  R.,  Nolot,  F.,  Rabat,  C.,  &  Steffencel,  L,  A.  (2009).  Grid  of  Security:  A  New  Approach   of  the  Network  Security.  International  Conference  on  Network  and  System  Security.   PP.  67-­‐72.  Retrieved  from  ACM  database.     Fonte,  E.  (2008,  February).  Who  will  pay  the  price  for  identity  theft?    The  Computer  &   Internet  Lawyer,  25(2).     Gonzales,  R.A.  &  Majoras,  P.D.  (2007).  Identity  Theft  -­‐  A  Strategic  Plan,  The  President’s   Identity  Theft  Task  Force,  Federal  Trade  Commission  Publications     O’Brien,  K.  J.  (2010).  Germany  asks  Apple  about  iPhone  data-­‐gathering.  Retrieved  from   http://www.pogowasright.org/?p=11907    
  • 27. Cybersecurity     27  |  P a g e     Pandey,  S.  (2011).  Modern  Network  Issue  and  Challenges.    International  Journal  of   Engineering  Science  &  Technology,  2011,  Vol.  3  Issue  5,  p4351-­‐357,  7p.  Retrieved  form   Academic  Search  Complete.   Ji,  S.,  Smith-­‐Chao,  S.,  &  Min,  Q.  (2008).  Systems  Plan  for  Combating  Identity  Theft  -­‐  A   Theoretical  Framework.  Journal  of  Service  Science  and  Management,  1(2),  143-­‐ 152.    doi:  1788212021   Khan,  M,  A.,  Shah,  G,  A.,  &  Sher,  M,  (August  2011).  Challenges  for  Security  in  Wireless   sensor  Networks  (WSNs).  World  Academy  of  Science,  Engineering  &  Technology,   Aug2011,  Vol.  80,  p390-­‐396,  7p.  Retrieved  from  EBSCO  database.   Kelhe,  W.,  Tong,  Z.,    Wei,  L.,  &  Gang,  M.  (2009).  Security  Model  Based  on  Network  Business   Security,  In  Proc.  Of  Int.  Conf.  on  Computer  Technology  and  Development.  ICCTD,  Val.  1,   pp.577-­‐580.  Retrieved  from  ACM  database     McDowell,  M.  &  Lytle,  M.  (2008).  Cybersecurity  for  electronic  devices.  U.S.  Department  of   Homeland  Security.  Retrieved  from  http://www.us-­‐cert.gov/cas/tips/ST05-­‐017.html   Marin,  G,  A.  (2005).  “Network  Security  Basics”,  In  security  &  privacy,  IEEE,  Issue  6,  Vol  3,  pp.   68-­‐72.  Retrieved  from  ACM  database.     Stevenson,  E.H.  (2000).  Identity  theft.  The  University  of  Houston  Clear  Lake.  A  Master  Thesis.   Retrieved  from   http://proquest.umi.com.ezproxy.umuc.edu/pqdweb?index=11&did=729227861&Srch Mode=1&sid=1&Fmt=6&VInst=PROD&VType=PQD&RQT=309&VName=PQD&TS=12630 89712&clientId.   Samid,  G.  (2009).  The  unending  Cyber  war.  Publisher:  DGS,  Vitco,  Mclean,  VA.  P.  V   Wilschen,  G.  (  2005).  Information  Security:  Emerging  Cybersecurity  Issues  Threaten  Federal   Information  Systems:  GAO  Report.  P1,  79p.    Retrieved  from  MasterFile  Premier.