Free Report Example on Over Dependence on Internet

Introduction

Information technology, in general, and the Internet in particular, have become fundamental in the performance of critical operations like personal and business correspondences, education, and even entertainment. However, the overdependence on these tools comes with attendant risks (Hodgson et al., 2019). Hackers may use underlying vulnerabilities to collect confidential information from individuals, organizations, or countries. Such a scenario occurred in August 2019 when multiple organizations became targets of Russian hackers who launched cyberattacks on several nations, leading to the exposure of some classified emails and the damage of several devices. The 2019 cyber-attack had political and economic risks, and so there is a need for the adoption of strategies that result in risk aversiveness.

Is your time best spent reading someone else’s essay? Get a 100% original essay FROM A CERTIFIED WRITER!

Save 25%

Background of the Attack

The August 2019 cyberattack was the work of a Russia-backed group, known as Fancy Bear or APT28, which targeted computers and mobile devices, and intruded on several Internet of Things (IoT) devices to access corporate networks (Jensen et al., 2019). The group took advantage of weak security in office printers, voice-over phones, and video decoders. Microsoft, the whistleblower, never revealed identifiable details of the affected individuals or organizations. However, the company’s concerns are a teller that this attack highpoint the security threats linked with the intrusion of inter-connected devices. According to the cybersecurity company, CrowdStrike, the ATP28 is a covert military intelligence front for Russia’s GRU (Woodier & Zingerle, 2019). Fancy Bear targeted victims in various sectors across the globe, with its extensive operations contrary matching the precision of military intelligence, and its profile meticulously mirroring the tactical interests of the government of Russia.

The stealth and extent of the attack pointed to a highly-placed beneficiary. Microsoft delivered about 1500 nation-state notices to potential targets and corporates that were compromised by the fancy bear (Jensen et al., 2019). About one-fifth of the attacks targeted non-governmental and diplomatically affiliated organizations. The larger percentage was more direct, indicating the potential involvement of a country like Russia. Most of these attacks targeted healthcare organizations, military establishments, and other government information technology resources. Later, security researchers disclosed multiple zero-day weaknesses in the operating system that powers over 2 billion IoT devices globally, VxWorks (Jensen et al., 2019). The disclosure on the potential undetected attack on VxWorks indicates how low-risk devices, firewalls, printers, and medical kits could have served as access points into corporate webs, rendering network security coatings useless.

Impacts of the Hack on the United States

A joint pursuit of the Fancy Bear by Cisco experts and the Federal Bureau of Investigation (FBI) agents revealed the extent of the hack. From their investigation, the direct impact of the hack affected more than 50,000 routers in over 50 political jurisdictions (Jensen et al., 2019). The investigators determined that the malware used the Fancy Bear used IoT devices to eavesdrop on communications, particularly those involving governmental entities. This malware was able to perform multiple activities on their hosts, including gaining unauthorized access and monitor information traffic through network endpoints. The malware was later discovered to operate as a VPN filter, which was later neutralized by the FBI with the aid of Cisco’s security experts (Jensen et al., 2019).

The attack had a political and economic impact. The global leading political powers, the United States, and Russia severed their ties due to these attacks. The role of Russia in the US elections attracted debate as the Fancy Bear was blamed on the 2016 attack on the National Democratic Committee systems (Jensen et al., 2019). This particular attack led to email leaks, which revealed over 8,000 confidential attachments and 19000 email correspondences from the democratic national committee (Jensen et al., 2019). A similar trend was revealed in 2019 with the targeting of IoT devices to penetrate the Internet deeply and extract confidential information from their victims (Hodgson et al., 2019). A joint impact of the Russian hacking on the United States was also that most documents were lost, and the devices hacked were left at risk of the malware. This attack declined the market for electronic devices as the customer felt like such an attack could repeat itself, which may lead to other damages. Therefore, companies like Microsoft have been facing a significant decline in the market, as most customers no longer trust their products.

Reason for the Attack

Russia, just any country, seeks territorial expansion that leads to the control of governments and individuals. Increasingly, such countries are finding cyberwarfare convenient due to the power of emotional intelligence. Countries that seek military and soft power try to extract confidential and classified data from their opponents and use them against them. This is as identified by the CIA in the US after they collected and keenly observed the country’s evidence on the 2016 elections interferences (Jensen et al., 2019). Russia has its group of hackers who work tirelessly to crack into the systems of the country’s enemies and uses the collected information to control the states. They can achieve this by threatening the countries of leaking the data when they do not do as they ask or even leak the information to make their enemies lose reputation from their citizens (Raychev, 2019). The act of extracting valuable information and using it against a country or an individual through hacking into their systems amounts to cyberbullying and can make organizations and governments vulnerable to manipulation by an external power.

Another reason that would motivate the launch of a cyberattack on a state is to disrupt their economies so that they become subservient and cede their power. After launching the cyberattack, the attacked countries spent most of their time worrying about the strategies they would initiate to prevent similar attacks instead of worrying much about their economies. This apparent manipulation and predicted path of action led to slow economic growth in various countries as the Russian economy continued rising at a higher rate. The attacks also led to the decline of the market of most electronic devices like phones, laptops, and computers, which had formed the base for the economies for Russia’s political nemesis, the US. Microsoft is one of the companies whose sales were significantly affected by the Russian cyberattack (Jensen, Valeriano & Maness, 2019). Most people could also not trust the Internet as they knew that everything they discuss could easily be lost or manipulated by hackers.

Recommendations

Every computer user expects their information to remain confidential and not to land to the hands of the unauthorized individuals. Computer security also prevents cyberbullying, where one uses information about someone to bully him or her. However, it is a challenging task to eliminate the effects of cybersecurity in technology. To make personally identifiable information and computer device safe, it is therefore advisable that individuals using these appliances and those in need of confidentiality update their devices regularly to boost their devices and fix bugs, secure their emails, and other websites with strong passwords that uncrackable. Affected corporates such as Microsoft have intensified calls for designers of communication devices to explore more secure ways of protecting their clients’ information from landing into unauthorized hands.

Constant updates and upgrades are encouraged to avoid hacks. This practice typically permits security prioritization and also establishes a substantial, persistent reference line of low to average dangers in the environment that may lead to wildfire events even under the right backgrounds (Benisha & Ratna, 2018). Incomplete hardware and software donate to the hazard as applications, as well as devices, turn out to be unmanageable. Live platforms, migrations, application updates, configuration management, and user administration are tedious and usually underappreciated. However, this activity will reduce the risks of opportunistic attacks and cyber proceedings in an organization.

Individuals and organizations need to set up email securities to protect their communications. Emails are the top avenues for malware access to organizational communication. Therefore, organizations need to take time and understand the kind of threats unsecured email communications pose and how available security measures are effective at their job. Also, segmentation and egress filtering can help minimize the chances of a hacker getting access to personal and organizational communication spaces through adjacent link nodes. Limiting the capacity to communicate across the network through a mixture of controls like firewall policies and needing the use of proxy servers is usually an overlooked opportunity for the association to boost their security, bound the effect of an incident, and avoid a network incident against becoming a communal data breach.

Conclusion

Organizations also need to design and adopt a robust detection control infrastructure. This approach can help minimize time to exposure and remediation, ensure the availability of a well-tuned SIEM/SOAR as critical security architecture and provide continuous logs of internal internet traffic and use (Benisha & Ratna, 2018). Also, using multi-step authentication serves to prevent hackers from accessing devices that connect to the Internet. Durable multi-factor tools provide the capacity to detect and notify users on login attempts and provide hints that maybe help develop risk-averse systems. Further, continuous updates to the operating system and other software keep inserts security patches and defense improvements that eliminate vulnerabilities in the dated program. Companies like Microsoft advise their users to download regular updates for extra device protection.

References

Benisha, R. B., & Ratna, S. R. (2018, May). Prevention of Cyber Attacks in Control Systems: A Review. In 2018 2nd International Conference on Trends in Electronics and Informatics (ICOEI) (pp. 419-424). IEEE. doi:10.1109/ICOEI.2018.8553801

Hodgson, Q. E., Ma, L., Marcinek, K., & Schwindt, K. (2019). Fighting Shadows in the Dark: Understanding and Countering Coercion in Cyberspace. Rand National Defense Research Inst. Santa Monica, Ca Santa Monica United States.
https://apps.dtic.mil/sti/pdfs/AD1086680.pdf

Jensen, B., Valeriano, B., & Maness, R. (2019). Fancy bears and digital trolls: Cyber strategy with a Russian twist. Journal of Strategic Studies, 42(2), 212-234.
https://doi.org/10.1080/01402390.2018.1559152

Jensen, B., Valeriano, B., & Maness, R. (2019). Fancy bears and digital trolls: Cyber strategy with a Russian twist. Journal of Strategic Studies, 42(2), 212-234.
https://doi.org/10.1080/01402390.2018.1559152

Raychev, Y. (2019). Cyberwar in Russian and US Military-Political Thought: A Comparative View. Information & Security: An International Journal, 43, 349-361.
https://connections-qj.org/system/files/4326_cybrid_russia_us_views.pdf

Woodier, J. R., & Zingerle, A. (2019). The Internet and cybersecurity: taking the virtual fight to cybercrime and cyberwarfare. In Handbook of Terrorism and Counter Terrorism Post 9/11. Edward Elgar Publishing.