StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

How Hacking and Cyber-Attacks Compromise on Sensitive Information - Annotated Bibliography Example

Cite this document
Summary
The paper "How Hacking and Cyber-Attacks Compromise on Sensitive Information" states that cybercriminals are notorious for breaking into computer networks and illegally obtaining sensitive information. These hackers spend considerable time assessing vulnerabilities in target companies…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER93.9% of users find it useful
How Hacking and Cyber-Attacks Compromise on Sensitive Information
Read Text Preview

Extract of sample "How Hacking and Cyber-Attacks Compromise on Sensitive Information"

A critical review on 3 journal papers A critical review on 3 journal papers It is undoubtedly certain that with new technological innovations in the IT sector, cases of hacking and rising issues concerning cyber security have equally been on the rise. These three articles take us through the various forms of vulnerabilities that companies face from potential hackers and give us an overview on the steps companies can take to improve security. Fundamentally, the articles address the major issue of prevalent cyber-attacks on small business as they are less vigilant in putting strong security on their data. This issue is important since hacking and cyber-attacks compromise on sensitive information. To the larger information security community, hacking and cyber security pose a persistent challenge to data security and more specifically. Understanding the scope and extent of damage that cybercrimes and hacking can cause in organizations is important. This is because the damages caused have financial as well as administrative implications. Financially, this can result to loss of an organization’s funds. On the administrative level, cybercrimes have their effects on losing or stealing of information such business strategies, research information, financial reports, and other vital information like emails, addresses and names of clients and employees within an organization. According to Eschelbeck approximately 1 % of internet end users usually click on junk mail which subsequently pause a great risk to companies (Ericka 2010 p58). Interestingly, the articles appreciate the fact that hackers are not keen on stealing large amounts of money but rather, are only interested in the security systems that can be accessed with least resistance. The articles also take us through the various measures that businesses should put in place to ensure that their data and online systems are protected from hackers. These measures range from encrypting data to resisting the temptation to use Wi-Fi networks in areas prone to cyber-attacks. First article: Pullen, J. Patrick, (2013). Smooth Criminals: Entrepreneur, p.51-53 The first article by John Patrick Pullen takes us through a case study of cyber-attack with the attackers causing damages amounting to $3 million. The article provides various solutions for safeguarding security systems. Key among the measures is data encryption. This involves encoding information or data in a manner that it can only be accessible to authorized personnel. Moreover, the article insists on the need to protect Wi-Fi systems with passwords and use of motion detectors as wells as security alarms. The article notes that installing the latest antivirus protection and anti-malware programs are a sure fire way of guarding computers from unauthorized access. Finally, the article also proposes a fine idea of outsourcing security experts to take care of a company’s security remotely. Second article: lock down your business: Security essentials By Mah, Paul. Pcworld, Sep2013, Vol 31, issue 9 The second article by Paul Mah makes various suggestions on ensuring data security. First, the article suggests full disk encryption for PCs. Other measures such as setting the computer to sleep and prompt for a password every few minutes as well as users locking the keyboard when they are away from their machines would be equally effective (Reyes 2007, p68). Further, the article proposes the use of multiple passwords for different accounts and a password manager to store the various passwords. This article also recommends use of encrypted external drives to safeguard sensitive data. Finally, the article urges users to ensure they maintain updated security programs. Third article: Sound the alarm by Chickowski, Ericka. Entrepreneur. June 2010. Vol 38 Issue 6, p.54-59 The third article by Chickowski describes the prevalent use of malware to take control of the computer systems. The article advocates the use of URL/web filtering. It further suggests installing antiviruses that locate source of malwares. Further, the article suggests the use of web application firewalls to prevent attacks on a company’s websites. The journal maintains that businesses should scan the vulnerability of their website to ensure all weaknesses through which the business’ website can be infected are put in check. Finally, the article reminds on the essence of training employees the need to be on the lookout for any anomalies in their online systems. The three articles successfully bring out the issue of security and hacking in small businesses. With the appreciation of the fact that businesses have embraced the internet in doing businesses, the articles go ahead to show the potent risks that come with online businesses. Moreover, they provide an analytical approach in guiding entrepreneurs on how to deal with these threats in their upcoming businesses. Priority is put on ensuring security in organizations’’ data and prudence in the conduct of any online activity by employees, with the realization that most hackers primarily target websites, Wi-Fi networks, as well as user accounts. The first and third journals put more attention on the role of the internet in facilitating cyber-crimes. However, the second journal focuses majorly on the tools that a small business with little or no use of online systems will embark on. Moreover, the third article covers the subject of online cyber-attacks in a more comprehensive manner whereby it informs security system experts on the various loopholes that should be closed to ensure safe use of online systems. It introduces a new concept on the role of social media in perpetrating cyber-attacks to the vulnerable small businesses. The first article majorly deals with the relation between physical burglaries in organizations and cybercrimes. Less than one case study, a burglary later leads to loss of funds in the organization. The reality, therefore, is that hackers’ chief interest is to gain access to information regarding a company’s employees and operations with this information they can compromise an organization’s security. Moreover, this article addresses a delicate issue that is missed out in the others: the issue of safeguarding hardware. The writer here points out that securing hardware from physical theft is a key step in upholding security. Besides, locking up computers manually on their desks decreases the chances of physical theft. Further, the article proposes the use of tracking software to locate operations either on the servers or even on the mobile phones. On laptops, the tracking software makes use of the webcam to take pictures of unauthorized users. These are innovative ideas that make this article stand out from the rest. In addition to these, the writer of this article also brings out a unique strategy of initiating a Managed Service Provider to deal with technology infrastructure components such as data encryption, firewall updates, file backups on the server, and in ensuring overall running of security system is an effective strategy to minimize risk of attack. The second article takes a lesser critical approach in addressing online cybercrimes. Instead, the article focuses on the pertinent issue of ensuring computers in an organization are safe from day to day physical data theft. Paul Mah acknowledges the common misconception among small business owners that they are not targeted by cyber criminals. He notes that small businesses are placed in a somewhat delicate position whereby they lack the necessary funds to hire expert personnel and consultants while the lurking danger of cyber-attacks remains relatively high. The third article by Chickowski takes a more critical approach to the issue of cyber-crimes in small businesses. It presents the reality that contrary to common belief, small enterprises are the key target of cyber hackers. The realization by hackers is that big corporations have taken extremely stringent measures to lock down their security systems. Therefore, the small businesses, still unaware of the security loopholes in their systems, are bogged down by hackers who take advantage of their unguarded credit card numbers, unsecured Wi-Fi and other vulnerabilities. This articles stands out in its analysis of cyber-crimes in that it focuses our attention on the financial implication of cyber hacking. Unlike the first two that give us a rough idea of the financial implication of hacking, this article provides us with concrete data with an analogy of the biggest breaches and the annals of assault on business networks between the years 2005- 2010. However, the three articles share striking similarities in their approaches of combating cybercrimes. The essence of securing Wi-Fi networks with strong passwords is well substantiated in the articles. With hackers coming up with crafty techniques such as scripting methods that penetrate web applications and bogus advertising that spam and spoof information from company online systems. Therefore using intrusion detection systems are essential in auditing and keeping the system safe. Moreover, securing the Wi-Fi network with up to date encryption standards such as WPA2 and complex passwords is paramount to curb unauthorized access. Further, the first and second articles highlight the role of encrypting drives to safeguard unwarranted users from accessing it. With Operating Systems such as windows 7 & 8 coming with features such as bit locker, prudent businesses should adopt this innovation to be a step ahead of these attackers. But, with the ability to encrypt data, there is a loophole since this involves users choosing their preferred passwords. In the event a user chooses an easy password, it will be easy for cracking by malicious users. Employees should therefore be urged to use complex passwords to guard them from malware threats designed and targeted at compromising usernames and passwords (Ericka 2010 p56). Moreover, the three articles do appreciate the role that installing and maintaining updated antivirus software plays in keeping at bay cyber criminals. Hackers primarily run virus programs through the background and in this way gain access to login passwords that can be used maliciously. The articles share the common notion that enabling computer within an organization to install the latest updates and regularly checking if there are any failed updates or errors in downloading updates is crucial. This antivirus software prevents virus infection either in individual computers or computers within a network in an organization (Reyes 2007, p72). Moreover, antivirus software assists in locating the source of malware. Most importantly, the articles share a common certainty on the role that the human element plays in facilitating this vice in virtually all organizations. It is an undeniable fact that employees will casually give out sensitive information to strangers without giving it a second thought. Essentially, we deduce that educating a company’s employees on various ways to detect potential cyber-crimes should be the priority of any business seriously contemplating on eliminating cyber-attacks. In this regard, practical measures to enlighten employees such as prohibiting them from opening suspicious emails, reporting any unusual transfer of funds to foreign accounts and caution when giving out sensitive information should be put in place. Overall, the articles create an undeniably realistic perspective to small business owners as well as security system analysts regarding the delicate position that these businesses lie in the cyber-crime world. The revelation that cyber criminals have found a new gold mine in the small businesses is well substantiated and the articles give extremely sound and practical advice on how to alleviate these crimes. Ideally, it is a shared responsibility between business owners and the employees to ensure not only the safety of the business but also that of their clients. Typically, the ideas presented in these articles provide amicable solutions to the cyber-crimes in our society. However, before embarking on any changes in a company’s information security, caution should be taken to ensure that the real issues in the organization are addressed (Ghosh & Turrini, 2010 p156). In this regard, it is necessary that businesses understand the possible threats and put in measure relevant to these threats. It is a prudent initiative to outsource security experts, but do all businesses have that financial capability? Moreover, while some of these measures such as locking down computers in metal bars may call for complete restructuring of the security information system, some are relatively easy and brilliant strategies. The ideas presented in these articles provide security experts with rather unique approaches of addressing the issue of information security. Particularly, the articles enlighten us on initiating logical security controls. This mechanism involves providing due protection to information systems from attackers who have already gained physical access. This is a relatively modernistic approach and this can be incorporated into security systems through installing webcams to capture photos of adversaries seeking to gain access, use of CCTV cameras as well as other tracking software (Ghosh & Turrini, 2010 p85). Further, the articles challenge the common misconception that vulnerabilities in information security are dependent on the business size. On the contrary, we realize that hacking and cybercrimes occur across the board irrespective of business size or financial records. In this regard, the articles urge upcoming institutions should make a concerted effort to safeguard data even in the absence a huge capital to hire external information security experts. Introducing measures such as reviewing of access authorization, distributing a written security policy among employees and rewarding employees who report suspicious activities are prudent measures to take (Ghosh & Turrini, 2010 p88). Moreover, visible enforcement of security rules and simulating security incidents so as to improve security procedures are effective measures to enhance information security and create security awareness among employees. Implementing measures such as data encryption is on one hand an effective and easy strategy that can prevent loss of valuable data to unauthorized persons. However, it is not quite effective to encrypt external drives as this measure is still prone to abuse. Brilliant techniques such as reputation based antivirus scanning which detects the source of malwares are a sound tactic of combating cyber-crimes. This technique can be implemented in a business and help to identify and track down these cyber criminals. Moreover, businesses should invest in educating employees on the need to be extra cautious when using internet in business. This can prevent threats such as malware infection through viruses or even gain of access by hackers through unsecured Wi-Fi networks. In addition to this, training employees on proper ethics such as having their computers password protected will in the long run save the business the risks of enormous financial losses and data theft. Business security planning in the 21st century has become a critical issue ranging from small businesses to multi-million dollar businesses. External threats of data theft as well as hacking into a company’s security systems have become as real as physical burglary in companies’ premises. Essentially, hacking is considered to be a cybercrime all over the world. Cyber criminals are notorious for breaking into computer networks and illegally obtaining sensitive information (Ghosh & Turrini, 2010 p47). Moreover, these hackers spend considerable time assessing vulnerabilities in target companies before attacking. Data security, on the other hand, refers to shielding an organization’s database from malicious forces and unauthorized access by other users. It is the primary responsibility of every business to tighten security in its online system as well as taking considerable caution before giving out sensitive information to non-members of their organization. Reported cases of hacking in banks and other financial institutions have sky rocketed over the recent past, with records indicating on average $1 trillion is lost through these criminals. Equally contributing is the fact that security is hardly a priority for most software developers (Reyes 2007, p73). Whilst companies may put in place the latest software, it is up to the software developers to ensure that this software is resistant to potential risks. References: GHOSH, S., & TURRINI, E. (2010). Cybercrimes: a multidisciplinary analysis. Berlin, Springer. PULLEN, J. PATRICK, (2013). Smooth Criminals: Entrepreneur, p.51-53 Lock down your business: Security essentials By Mah, Paul. Pcworld, Sep2103, Vol 31, issue 9 Sound the alarm by Chickowski, Ericka. Entrepreneur. June 2010. Vol 38 Issue 6, p.54-59 Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(How Hacking and Cyber-Attacks Compromise on Sensitive Information Annotated Bibliography Example | Topics and Well Written Essays - 2500 words, n.d.)
How Hacking and Cyber-Attacks Compromise on Sensitive Information Annotated Bibliography Example | Topics and Well Written Essays - 2500 words. https://studentshare.org/information-technology/1820346-critical-review-on-3-journal-papers
(How Hacking and Cyber-Attacks Compromise on Sensitive Information Annotated Bibliography Example | Topics and Well Written Essays - 2500 Words)
How Hacking and Cyber-Attacks Compromise on Sensitive Information Annotated Bibliography Example | Topics and Well Written Essays - 2500 Words. https://studentshare.org/information-technology/1820346-critical-review-on-3-journal-papers.
“How Hacking and Cyber-Attacks Compromise on Sensitive Information Annotated Bibliography Example | Topics and Well Written Essays - 2500 Words”. https://studentshare.org/information-technology/1820346-critical-review-on-3-journal-papers.
  • Cited: 0 times

CHECK THESE SAMPLES OF How Hacking and Cyber-Attacks Compromise on Sensitive Information

Cyber crime and security affair in e-business

how computers of home users are affected by Cybercrimes?... The study will define Cybercrime and its meanings along with defining E-Commerce.... Effect of cyber crime on E commerce will be discussed in detail.... It will be established whether Cybercrime and cyber criminals are a threat to E Commerce especially online shopping....
24 Pages (6000 words) Article

How to Save Organisations from Hackers

This report "How to Save Organisations from Hackers" sheds some light on the recent worrying trends in which more types of sophisticated technical approaches are used to compromise and illegal access information and computer systems/networks.... hellip; To highlight the threats to which IT companies are exposed with regards to hacking, the essay has used RSA's hacking incident in which attackers used phishing to target low-level users of RSA's information systems....
26 Pages (6500 words) Report

The Main Vulnerabilities Associated with IT/IS Security

Another possible reason suggested by Van Loggerenberg and Morne (2008) is that we place our trust in these systems, and this demonstrated by the existence of extensive internal intranet and online systems which business and personal users access to send highly sensitive information.... This essay "The Main Vulnerabilities Associated with IT/IS Security" is about trends associated with the developments in information technology is also responsible for the introduction of vulnerabilities within the information technology and information systems security....
7 Pages (1750 words) Essay

Business Security: Phishing

It explains that phishers attempt fraudulently to acquire sensitive information, such as passwords and credit card details, by masquerading as a trustworthy person or business in an electronic communication.... It continues by detailing what the stakeholders have done and… It ended with a practical advice on a personal note how an internet user protects itself from the dangers of failing to respond to the challenge. Wikipedia (2006) described phishing attempt as a disguised as official email from a (fictional) bank, as attempts to trick the banks members into giving away their account information by "confirming" it at the phishers linked website....
6 Pages (1500 words) Essay

Week 1 CYB

They then used a rogue wireless access point and carried out social engineering to gain access to sensitive information on customers.... This means that security at the organisation was highly compromised because, apart from the customer information, the collection of the expensive, luxury vehicles was also easily accessible to potential thieves, and the Tiger Team actually made away with one.... Further, the technical team that installs and implements the cyber hygiene protocols can give away the information to an adversary at a price....
2 Pages (500 words) Assignment

International Analysing Different Dimensions of Cyber-Warfare

It is often not possible to obtain information directly from those firms that are affected by cyber warfare.... This study shall highlight different methods related to the hacking procedures and their impact on various organizations.... The paper "Analysing Different Dimensions of Cyber-Warfare" discusses that targeted attacks can be referred to as those when a specific victim is to be targeted....
15 Pages (3750 words) Research Paper

Current Trends in Information Security

The paper "Current Trends in information Security" examines the significant current threats to information security and the most important controls that WebCenter should be considered as a priority to mitigate the risks of these threats being realized.... hellip; The primary objectives of information security are; integrity, confidentiality, and availability.... Confidentiality means that information that is stored in the system is protected against unauthorized users....
8 Pages (2000 words) Essay

Information Security Concept Map

This term paper "information Security Concept Map" discusses information security that ensures the integrity, availability, and privacy of data is protected.... hellip; The primary function of information security is to prevent unauthorized access, disclosure, or modification of information in order to maintain reliable access and use.... The paper is meant to help information security managers organizations understand the concept of information security with reference to its importance, responsibilities, and threats involved, control measures, and how to plan and implement security policies....
7 Pages (1750 words) Term Paper
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us