The Impact of IT: Cyber-Attack & Its Consequences - Research Paper

Introduction

The impact of information technology in today's global world is profound, having both positive and negative implications on everything from business, society, health, to the smallest detail of everyday life. The advantages of information technology seem infinite, making it hard to weigh the disadvantages against it. Cyber-attack is one of the most significant downsides of information technology. "Cyber incidents are becoming so widespread that some of the associated costs are fairly well anticipated, and are increasingly accepted as part of the risk of doing business today" (Mossburg, 2015). "In the U.S. alone, data breaches rose by a substantial 40% in 2016.

Is your time best spent reading someone else’s essay? Get a 100% original essay FROM A CERTIFIED WRITER!

Save 25%

Moreover, if you consider the number of attacks occurring on a global scale, it only further highlights the rising tide of cyber-attacks facing businesses today" (Timms 2017). Cybercriminals are the perpetrators of cyber incidents. This paper discusses the causes and mitigation of cyberattacks, types of attacks, and the effects of cyber-attacks on individuals, businesses, and government agencies.

According to the studies by Myauo & Romanosky (2016), over the last decade, there has been an increasing number of cyber-attack incidents in the United States rising between 60 to 62 per cent targeted against finance, insurance, information, communication, and government agencies. A cyber-attack can be defined as a malicious and intentional attempt to breach the computer system, network, or technology-dependent enterprise of an individual or organization. The attacker uses a specific code to change computer data or logic, usually seeking some benefit from breaching the victim's network. "Forensic analyses show most cyberattacks come via social-engineering trickery, as employees unwittingly leave their organizations susceptible to severe damage. Adversaries may usurp pertinent information from company websites and LinkedIn, for example." (Jaffee, 2017). Cyber-attacks result in disruptive consequences capable of compromising data and leading to various cyber-crimes such as identity theft, phishing, ransomware, malware, structured query language (SQL), among others.

To understand the impact of cyber-attacks is worth looking at some common types of attacks and the terms associated with them. Malware is malicious software that includes viruses, worms, ransomware, and spyware. Breaches linked to malware access a computer network through specific vulnerability. Usually, when a user clicks on an infected email attachment or website link that then automatically installs malicious software. Once the malware is inside the system, it can trigger a code that prevents access to critical network components or installs additional harmful software. Phishing is a process whereby fraudulent communications are sent in such a way that they appear to originate from a reputable source, typically via email. A more dangerous attack follows phishing; once an attacker gained access to a computer network, they drop ransomware to take control of the entire server. Upon successfully gaining access to a victim's computer, hackers then lock it up (Jaffee, 2017). A Structured Query Language (SQL) attack involves an attacker inserting malicious codes into a server that uses SQL, forcing it to reveal information that is encrypted. It can be done by merely submitting a malicious code into a susceptible website search box.

The impact of cyber incidents on an individual is extensive just as it is for organization and government, but it is arguably more psychological for individuals. "55 per cent of malicious actors were persons with insider access to the organization's systems (31.5 per cent malicious insiders, 23.5 per cent inadvertent actor), and 45 per cent were malicious outsiders" (Myauo, 2016). Malicious attackers take advantage of this need to steal personally identifiable information, cyberbully, and cyber stalk victims. Furthermore, Hackers target individuals just as relentlessly as they do large organizations. Large corporations can afford to hire an efficient and dedicated cybersecurity team because they have the resources. However, the average person is mostly on their own when it comes to securing their computers, networks, devices, and personal data. Such a situation means there are millions of potential targets out there who are vulnerable to cyber-attacks (Timms, 2107).

Cyber-attacks and breaches at any level can be quite destructive to more giant corporations and small businesses. However, small firms are more vulnerable to cyber-attacks than larger ones considering that they have fewer resources directed towards cyber-security. Small and medium organizations maintain a basic operating system, rather than having more detailed exposure to the cyber threat. Hence, cybercriminals utilized this scheme because attacks on small and medium organizations often bring more success due to their limitations (Timms, 2017). As a result of these attacks, a business may be forced to shut down for several days, causing it to lose both customers and revenue. "The total cost of cyber events (over the ten years between 2005 and 2014) was approximately $85 billion or about $8.5 billion annually ($85 billion was computed as $6.5 billion/7.6% based on the observations for which cost data are available" (Romanosky, 2016).

Cyber espionage in the economy is one of the leading issues for government and law enforcement officials. The U.S. Department of Defense (DoD) maintains the world's largest computer system network. Hence, the goal of DoD is to implement strategic measures to deter cyber incidents, ensuring that the department's critical missions are executed without disruption. Also, it is essential to note that cyber espionage does not only affect government or national defense.

Information technology has created a vital role in every aspect of the society, and as newer technologies continue to be implemented, cyber-attacks are inevitable. The problems of cyber-attacks remain an essential talking point among cybersecurity administrators and stakeholders. However, the issues will continue to rise if the information system architecture is not redesigned to a more security-focused approach. "Although Forbes reports spending on information security reached $75 billion for 2015, our adversaries are still greatly outpacing us. With that large financial incentive for vested interests, resources are mostly devoted to doing more of what we knew didn't work then, and still doesn't." (Schell, 2016).

To eliminate the potential risk of the growing number of cybercriminals, cybersecurity stakeholders must initiate advanced technology such as Bring Your Device (BYOD). They will reduce security risk while boosting productivity, especially in small and medium enterprises. However, BYOD could be detrimental to an organization if it not correctly implemented. SMEs are regularly confined by restricted assets and little I.T. groups whose primary job is to keep essential systems working. It is opposed to having a far-reaching comprehension of the cyber threat. Kevin Timms of Stream wire looks at the security difficulties looked by SMEs and diagrams how these can be tended to. Also, the implementation of Mandatory Access Control (MAC), maintaining up-to-date antivirus software, and applying updated patches would limit cyber incident exposure. Lastly, implementing cybersecurity risk programs would ensure every organization formulates an incident response plan to manage and control cyber-attacks.

References

Jaffee, L. (2017). Gone phishing: cyberattacks have become increasingly harder to detect -- and prevent. McKnight's Long-Term Care News, 38(6), 10-13. Retrieved from http://search.ebscohost.com.ezproxy.umuc.edu/login.aspx?direct=true&db=ccm&AN=123718176&site=eds-live&scope=site

Mossburg, E. (2015). A deeper look at the financial impact of cyber-attacks. Financial Executive, 31(3 & 4), 77-80. Retrieved from http://search.ebscohost.com.ezproxy.umuc.edu/login.aspx?direct=true&db=heh&AN=113229323&site=eds-live&scope=site

Myauo, M. (2016). The U.S. department of defense cyber strategy. Georgetown Journal of International Affairs, 17(3), 21. Retrieved from http://search.ebscohost.com.ezproxy.umuc.edu/login.aspx?direct=true&db=edo&AN=121150181&site=eds-live&scope=site

Romanosky, S. (2016). Examining the costs and causes of cyber incidents. Journal of Cybersecurity, 2(2), 121-135. Retrieved from https://doi.org/10.1093/cybsec/tyw001

Schell, R. R. (2016). Cyber defense triad for where security matters. Communications of the ACM, 59(11), 20-23. Retrieved from https://doi-org.ezproxy.umuc.edu/10.1145/3000606

Timms, K. (2017). BYOD must be met with a wider appreciation of the cyber-security threat. Computer Fraud & Security, 2017(7), 5-8. Retrieved from https://doi-org.ezproxy.umuc.edu/10.1016/S1361-3723(17)30058-1