Blog January 26, 2015

What are Cyber-Threats, Cyber-Attacks and how to defend our Systems

What are Cyber-Threats, Cyber-Attacks and how to Defend our Systems 1
Research Proposal Paper: Final Term Project Paper
What are Cyber-Threats, Cyber-Attacks and how to defend our Systems
Ahmed Al-Zaidy
Strayer University
What are Cyber-Threats, Cyber-Attacks and how to Defend our Systems 2
According to a research published on University of California Los Angeles UCLA, that
technology changing our brains and how is the gap between the “young native” technology
generation and the older “digital immigrants”. (Dr. Gary Small) Technology today becomes the
most important thing to a human being; it used almost in every category in life, for example;
technology used in education, work, entertainment, communication, and medical. The
terminology Cyber war and Cyber Attack are used as a reference to an attack that target
computer systems or hardware in order to harm a person, business, or government agency.
The History (Chapter 1)
We are using technology at most of the time now, when we communicate, shop, work, just
enjoing the evening. Technology breach now might be realy harmful for us, or the company that
is targeted According to an article by Megan Hazle published on December 20, 2013 that up to
40 million shoppers may be affected by a security breach of debit and credit cards data that used
for in-store transactions at the Target stores U.S. locations. (Hazle, 2013). Not only that, but by
an estimate that each American family has no less than five devices connected to the internet that
is transfer important data such a bank accounts and log in information. In additional to this,
Bloomberg news on their technology page posted an article by Mark Milian & Jordan Robertson
on April 23rd, 2013, stating in it that is China Responsible for up to 41 percent of computerattack
traffic in the world in the last quarter of 2012. (Milian & Robertson, 2013).
Smartphone and Tablets now at risk of getting attacked by hackers and it is a good target not
them due to the mobility that these devices have; also it is a good target for personal information,
people attend to store their sensitive information on mobile devices such as social security
numbers, passwords, bank accounts, and etc.
What are Cyber-Threats, Cyber-Attacks and how to Defend our Systems 3
Technology today toke a large portion in a daily activity in almost everything in personal life,
that is why it is important to secure these devices we use, and have laws and regulation in order
to protect people information by law to reduce online crime, and track the criminal to keep them
away from harming people, and protect this nation assets to be attacked and harmed by others.
There is a new vocabulary that defines information Security, or computer security termi-nologies
under one umbrella, it is Cyber security. This terminology will refer to all activates from threats,
attack, hack, and it referred to the software in use to secure, or attack… According to the National
Initiative for Cyber Security Education (NICE) there is little consistency of how cyber security
work is the definition or description with in the Federal Government Agencies and our nation
(NATIONAL INITIATIVE FOR CYBERSECURITY EDUCATION (NICE), 2012). When the
company is online, so this company will face a lot of threats and be at risk of attacks due to the
company industry that deals with money, Companies that use Virtual Privet Network (VPN) will
face a type of attacks called Remote Access Attacks.
Cyber-attacks will include any attack or threats on a computer using the network connection on
the internet. The attack may target a web server or a computer or a web application. There are
different types of attacks and threats that target the system of a person, business, or government
agencies. Cyber Crime in new vocabulary that is used to define the cyber-attacks, threats this
divination will address these issues to have an action under the law and regulations.
According to the United Nations U.N there are almost six billion mobile phone users in the
world. (World Has About 6 Billion Cell Phone Subscribers, According To U.N. Telecom Agency
Report, 2012 ¶ 1) for that reason it is a good target for an attacker to harm people. mobile
What are Cyber-Threats, Cyber-Attacks and how to Defend our Systems 4
devices are very from makes and brands also the are deferent in the Operation System (OS) in
use, we have apple phone using iOS, others brands like HTC, Samsung are using Android, Nokia
and blackberry they have their own OS. There are different types of hacker that do attacks, first
type is just to enjoy harming people, other type are professional hackers that they are connected
with a Terrorist organization, government agencies, or other organization that target money. Due
to the large number of smartphone, tablets, and computer Laptops, or Desktops it consider a
good target for this hacker to do what they like to do. Attackers target any device portable or
desktop in order to gain access to important information from an individual or group originated
or for pleasure using the internet and network connecting will be referred it to Cyber. Technology
today toke a large portion in a daily activity in almost everything in personal life, that is why it is
so important to secure these devices we use, and have laws and regulation in order to protect
people information by law to reduce online crime, and track the criminal to keep them away
from harming people, and protect this nation assets to be attacked and harmed by others.
In this Research, we will learn the types of cyber threats, and cyber-attacks, how to secure and
defend our self what we need to know about the attacks and how to secure our systems and our
smartphones.
The Problem (Chapter 2)
Internet is an open world where there are groups dedicating their time to gain access to sensitive
information; also individual may store sensitive information on their laptops, computers, Tablets,
and Smartphones. These groups are well known as hackers; they attend to use the vulnerabilities
of the systems or network and attempt to do an attack. These groups do not target only people
What are Cyber-Threats, Cyber-Attacks and how to Defend our Systems 5
they may target companies, and government agencies. The loss not only money loss it affects
company integrity, credibility, and its repetition, Companies need to under-stands and secure
their network and systems on standards rules. Therefore, this proposal will cover the types of
threats and attacks that may target the Network, Computer, and Portable devices. Also, will cover
some ways to define and protect the systems we are using, and educate to increase our
knowledge about Cyber Security.
The Purpose/Significant (Chapter 3)
According to an article by Megan Hazle published on December 20, 2013, that up to 40 million
shoppers may be affected by a security breach of debit and credit cards data that used for instore
transactions at the Target stores U.S. locations. (Hazle, 2013). Not only that, but by an
estimate that each American family has no less than five devices connected to the internet that is
transfer important data such a bank accounts and log in information. In additional to this,
Bloomberg news on their technology page posted an article by Mark Milian & Jordan Robertson
on April 23rd, 2013, stating in it that is China Responsible for up to 41 percent of computerattack
traffic in the world in the last quarter of 2012. (Milian & Robertson, 2013). Also,
Smartphone and Tablets now at risk of getting attacked by hackers. These devices are a good
target due that people attends to store their sensitive information on mobile devices, Such as
social security numbers, passwords, and bank accounts. This information give us an idea about
the importance of knowing what are the threats, attacks, and how to secure our systems. These
threats not targeting only companies,but also targets any person on the net. Without the study,
we will be in risk. This research study will give us information about the attacks, and how we
can secure our personal data. Education is one of the important points to help prevent an attack
What are Cyber-Threats, Cyber-Attacks and how to Defend our Systems 6
employee and people if knew that accepting any incoming mail from a person that they do not
know, will put them in high risk of an attack and their information to be stolen. Any interested
person who want to learn more about cyber security will find this research with the information
needed in order to gain the knowledge to secure his computer or network, and also will learn
about the techniques that used to secure the systems.
The Vulnerabilities and Threats (Chapter 4)
Threat is any vulnerable point in the network or the oberation system and also in the software in
use, and it consider a risk, due it may be used in the cyber attack. Computer operating systems
and software in use will determine where if there is a risk to the computer system or on the
information stored in the computer. Also, one more factor that effects and increase the risk is the
user who is using the system some time the user will give approve to the attacker to hack the
computer without knowing. If the system does not have a malware detector like antivirus
software, antimalware software that will increase the risk of being attacked because the computer
do not have software that control the income traffic. the most known cyber threats in 2012
according to Emerging Cyber Threats 2012 report that the most mobile threat vector because;
Mobile browsers present a unique challenge, Mobile devices do not commonly receive patches
and updates, Threats targeting Android and iOS are on the rise, Implementing a strong mobile
security program focused on encapsulation, and Mobile devices—a new vector for attacking the
network and critical systems. (Ahamad, et al., 2012, pp. 2,3,4,5). Mobile devices and tablets
users are growing in numbers every year and also may be more than the desktop PC internets
user by 2014 (Ahamad, et al., 2012, p. 3) for that we can feel the increase in the application in
use for these mobile devices and tablets, almost all these application are web-based and
What are Cyber-Threats, Cyber-Attacks and how to Defend our Systems 7
depending on the web browser we may see an increase in the attacks against who is using these
applications online (Ahamad, et al., 2012, p. 3). We may see some issues with the web browsers
because how they do designed the webpage is to fit the desktop PC screen and functions,
sometime we may have an issue with view the page because it has been designed just to be
viewed the PC screen. According to the ICS-CERT the cyber threats are the attempt for an
unauthorized access to a network or a computer to take control on the device, this action from a
trusted person within the organization or from an unknown person connecting remotely. Cyber
threats come from many sources like hostile governments, terrorist groups, disgruntled
employees, and malicious intruders. (Cyber Threat Source Descriptions). From the biggest cyber
threats that’s may affect any computer user are Cyber crime syndicates, Small-time cons,
Hacktivists, Intellectual property theft and corporate espionage, Malware mercenaries, Botnets as
a service, All-in-one malware, The increasingly compromised Web, Cyber warfare. (Today’s 9
Biggest Cyber Security Threats) Cyber Threats rated number one At the top of the list At the U.S.
intelligence community’s 2013 assessment of global threats is cyber after that comes
transnational organized crime and terrorism, weapons of mass destruction, space activities,
competition for natural resources, health and pandemic threats, and mass atrocities. (Pellerin,
2013 ¶ 3). Cyber Threats will include all vulnerabilities in the Computer, network connection,
software in use and the operating system. The information systems will have the most vulnerable
assets because its most targeted assets and also connected to the internet, IS the most impacted of
the cyber threats and need to apply the cyber security to it to protect, cyber threats will affect the
data on the systems also may affect the computer of the physical machine. Types of
vulnerabilities in the network and the computer systems that will affect or will consider threats
and helps in the attacks.
What are Cyber-Threats, Cyber-Attacks and how to Defend our Systems 8
The Types of Attacks (Chapter 5)
Online attacks will not be only on a web server attackers focus on the most vulnerable part in the
system, backups, database. Attacker will serv for any small access point to gain access to the
network and harm the systems. Network having access to VPN will face other risk of attending
to hack, there are a lot of vulnerabilities in these types of systems with VPN, and they are
Information Leaks, Caching and Duplication, Denial of Service. (Remote Access—Attack
Vectors, Threats, Findings & Remedies, 2010) There are other common network attacks likes;
Eavesdropping, Data Modification, Identity Spoofing (IP Address Spoofing), Password-Based
Attacks, Man-in-the-Middle Attack, Compromised-Key Attack, Sniffer Attack, and Application-
Layer Attack. (Common Types of Network Attacks). For better understanding some common
attacks;
• Information Leaks : When installing VPN software on the system the network traffic will
be available on high profile, an issue was found in 2010 it caused in the combination if the IPv6
with PPtP-based VPN, (Remote Access—Attack Vectors, Threats, Findings & Remedies, 2010).
• Caching and Duplication: VPN client programs sometimes will store the access
information to make the network access easier in future; this setting sometimes if the default
setting in some of the VPN programs this setting will make the authentication credentials in high
risk and be the sensitive information extremely vulnerable (Remote Access—Attack Vectors,
Threats, Findings & Remedies, 2010)
• Denial of Service: This is one of the most attacks that can let a VPN or Web Server or any
What are Cyber-Threats, Cyber-Attacks and how to Defend our Systems 9
online server to be down because of the overflew if there are no security systems to control the
overflow the VPN will be down due to the amount if Ddos attacks that are at the same time. How
can we protect the VPN from this attack, if the edge network of the VPN is effectively protected
it will be protected, we can use Firewall in the networks and a firewall application the
application layer in our system. (S.Saraswathi & P.Yogesh)
• Social Engineering How it’s Work: A Social Engineering attack is a person to person
attack, where the attacker will let the targeted employee to perfume an action will lead to let the
attacker to have access or let him have sensitive information will used it later. (Gregory, 2010, p.
256). The attacker will attempt to let the targeted employee or employees know that he needs
some help; also he will contact the IT Department at the same time and ask for the Password or
the remote desktop connection the Virtual Private Network (VPN) providing some information to
the IT department and letting them know that he is on travel work and some information and it is
an emergency and need to help, (Gregory, 2010, p. 50) by human natural of helping other and
“be the hero” this weakness will help the social attacker to have access and start collecting
information and send/receive emails as the targeted employee. (Gregory, 2010, p. 101) “Social
Engineering is a technique used to trick an individual into giving up sensitive information that
can be used in a criminal activity. Most often the targeted information is credit card and banking
information, followed by social security numbers and passwords. The social engineer may use emails,
voice messages, or even in person visits masquerading as a legitimate, trusted source.”
(Social Engineering ¶ 1). From that, we can know that the attacker looking for money or any
information he can get, also not only by e-mail or hacking you password and compreomize it but
also he may call the employee by phone or show up by a person. All of that why to tirck the
What are Cyber-Threats, Cyber-Attacks and how to Defend our Systems 10
targeted employee.
Mobile device attacks will keep increasing if there is no solution to its vulnerabilities, but first let
us take a closer look into the mobile devices vulnerabilities, and for better understanding we will
devoid our research into two points first iOS Malware, second Android Malware because they
are the two major operating system in use; is Malware it is not too much issue with the system
due to the company policy for their system and not disturbing it as open source like android. iOS
Malware almost being a fake apps like the original game is Temple Run the fake ones are
Temple Climb, Temple Rush, and Cave Run. Also, iOS malware come as the jail breaking
iDevices, rickrolled. iOS and Android both have been hit by same malware find, call, and it
target the SMS system and spammed contacts. (Champion & Xuan¶ 8). Android Malware due to
android is an open source, and any person can develop it, it has been hit by malware under tha
name of Droid Dream this malware had infected 58 applications on android market and have
been downloaded 260,000 times in 4 days. The main funcation of this malware is sending
premium rate SMS messages at night, rooted the phone using the android debug bridge
(Champion & Xuan¶ 9). Also android has more malware like the fake angry birds space, and it
was bot, trojan, and also android SMS Worm that has been spreads to all contacts through social
engineering (Champion & Xuan¶¶ 10,11).
The Countermeasure (Chapter 6)
There are some important points that need to be used to increase the security measurement in the
network and the system in both software and application. It is recommend procedures in order to
reduce or eliminate business interruptions it can be secured when applying the correct risk
management plan; we need to check some security measurement including to the Authentication,
What are Cyber-Threats, Cyber-Attacks and how to Defend our Systems 11
Authorization, and Auditing (Remote Access—Attack Vectors, Threats, Findings & Remedies,
2010). Some types of Defense are Acess Controls, Firewalls, Intrusion Detection systems (IDS),
Intrusion prevention systems (IPS), Protect network cabling, Anti-virus software, Private
addressing, Close unnecessary ports and services, Install security patches, Unified Threats
Management (UTM), Authentication, Authorization, Education, Backups, Encryption.
There are some important points that need to be used to increase the security measurement in the
network and the system in both software and application. It is recommend procedures in order to
reduce or eliminate business interruptions, it can be secured when applying the correct risk
management plan; we need to check some security measurement including to the Authentication,
Authorization, and Auditing (Remote Access—Attack Vectors, Threats, Findings & Remedies,
2010)
Acess Controls: Access Controls will help in the imporvment of the security measurement and
keep it in high level, it need sometimes some complex types of TCP/IP configration and
sessions. (Gregory, 2010, p. 377)
Firewalls: The firewalls were invented in the 1980’s and it is devices where placed on the
network boundary desiged to block unwanted incomming or outgoing traffic. Firewalls work on
a set of rules to control the packet to premite the packet to pass through the firewalls or blocked.
There are three generations of firewalls, they are packet filters first genreation firewalls made on
pass-or-drop where check the source and destination IP address and port number before they did
not aware of TCP sessions, stateful packet filter this is the second generation of firewalls
What are Cyber-Threats, Cyber-Attacks and how to Defend our Systems 12
overcome on the problems on the first generation in using smarter techniques, application layer
filters this is the newest generation of firewalls that go steps further be checking the packets
where if contain malicious patterns or content. (Gregory, 2010, p. 377)
Intrusion Detection systems (IDS): IDS the programes or devices that design to detect network
communications and alert when any harmful or traffic is detected. There are two types of IDS,
Network-based IDS, and it is usually taking standable appliance, orblade modular in a router or
switch. Host-based IDS this program can be installed on the server, and it will monitor the
incoming network traffic and other types of events on the system that include tempering.
(Gregory, 2010, p. 377).
Intrusion prevention systems (IPS) : IPS is a device or a program that not only moniter and alert
about the unwanted trffice, but it block the unwanted traffic.there are two types of IPS they are
network-based IPS witch can block single packets or disconnect untrusted drvice from the
network. Host-based IPS and it are the program where can installed on the server where is the
fuction of it detacting and blocking unwanted events. (Gregory, 2010, p. 378)
Protect network cabling: Any exposed cabbling need to be removed, covered in the order they it
will not be used to access the netowrk. (Gregory, 2010, p. 378)
Anti-virus software: This is the software that will be installed on the server to detacte wroms and
any other malware and prevent from working and damaging the server. (Gregory, 2010, p. 378)
Private addressing: When the main reason of the private addressing is the protect publiclyroutable
IP addresses, for that many of home based broadband routers rely on private addressing
in order to protact systems in the home or small business network. (Gregory, 2010, p. 378)
Close unnecessary ports and services: This is a high effective method in reducing the chance of
successful attacks, and it is closing all unnecessary ports or services on the system and devices.
What are Cyber-Threats, Cyber-Attacks and how to Defend our Systems 13
(Gregory, 2010, p. 378)
Install security patches: All necessary security patches need to be installed on servers or network
devices as soon as posible when it is available because these patches are designed to correct the
error in coding that can use to loss some security and be used in attacks. (Gregory, 2010, p. 378)
Unified Threats Management (UTM): UTM is the term that used to define security devices and
application that run on the system and perform a lot of functions in order to make simpler of the
defenses in the network it can be Firewalls, IDS, IPS, Anti-Virus, Anti-Spam, World wide web
Content filter. (Gregory, 2010, p. 379)
Authentication : It done by two levels one by certificate authentication that is done by
exchanging certificates and / or pre-shared keys for the VPN, secret word or password, the other
way is the authentication is a database or central directory authorization like Microsoft Active
Directory.
There are two factor authentications that are required in high levels of security environments, it
will be a combination between something user know and something user have like an
authentication certificate or token that will stop a lot of VPN attacks. Many of tokens can
generate one time password that will reduce the risk level. (Remote Access—Attack Vectors,
Threats, Findings & Remedies, 2010)
Authorization: In this case a user or a system is allowed to access the VPN with certain network
resources after they will pass the authentication process. There are common systems to do so like
Microsoft Active Directory. If an employee is no longer with the company the Authorization
must be removed from the user as soon as possible to protect the system. (Remote Access—
Attack Vectors, Threats, Findings & Remedies, 2010)
What are Cyber-Threats, Cyber-Attacks and how to Defend our Systems 14
Auditing: There are tools with VPN is very useful to detect an attack before or after its happen,
and it is the logs that will keep track of some information like; User, Date, time and command,
System location, Authentication success/failure, Authorization success/failure, Configuration
change, especially to protection (anti-virus and intrusion detection), Privileged access, And
Network addresses and protocols (Remote Access—Attack Vectors, Threats, Findings &
Remedies, 2010).
Risk Planning: Any organization and specially government agencies like to keep their own
information for their self. For that have a good risk management plan and also having a good
security system will prevent from any social attack and also leak of information. Having in
insider is more dangers from having an attack because hacking attack can be security and
detected and secured from the IT department and firewalls, but the insider already pass all the
security checkpoints. For that, we can secure our organization from in insider by
First: not allowing any employees to use a removable disc, external hard drive, CD-RW, and
DVD. This will help the organization to be secure from a lot of security issues such as malwares
like virus’s, spasm, spywares, and Trojans also help from the in insider.
Second: using high security with a password and security questions, also can use a second
security authorization token when login into the system. This will help from compromised
passwords and security questions.
In the information security, we can use more than one or two methods for checking if the
attempting to log in is our trusted employee or not. First step is a user id and password, and when
the password was with upper letters and lower letters, numbers, and simples more than eight
charters it will be complicated for an attacker to guess it. second is an authorization token that
change the security code every 30 second this will help protect the agency from outsider or an
What are Cyber-Threats, Cyber-Attacks and how to Defend our Systems 15
attacker how trying to access information on the internet, monitoring the log in locations and
time this monitoring will help the IT department to understand if the employee are login in into
the system out of the facility out off clock, there are a lot if the security system like finger print
system of eye deducting system that will help to limiting outsider from access inside the facility.
IT department need to understand the level of security they need to use and develop it into a
security policy plan. Information security defiance will be very depending on the attack they are
getting.
Education : Employees of any company must be aware of cyber-attacks that can occur and what
they should do about them. This learning includes proper operating procedures, the passwords
the key attack targets, and the classic attack methods. Education is more effective than any other
countermeasure for protecting information.
Patches: It is important to fix flaws or bugs in software as soon as they are discovered since
attacks are typically launched within days of the discovery of major flaws. Manufacturers
provide “patches”, “security updates”, or “service packs” to fix flaws, in the form of modified
software that you must go to their Web site to download. The Web site www.cert.org, among
others, keeps a current listing of known flaws in important commercial software and their
patches. Software that has been sold for a significant period of time generally requires fewer
future patches because programmers have had more time to find and fix its flaws, so buying justreleased
software products is not a good idea.
Backups: Since many attacks destroy data or programs, making copies (“backups”) of digital
information is essential to recovery from attack. Backups need to be done for any critical
information, and need to be stored some distance from the systems they track so no common
disaster (e.g., fire, flood, and earthquake) affecting both locations is likely. Optical-disk storage
What are Cyber-Threats, Cyber-Attacks and how to Defend our Systems 16
is preferable for backups because it cannot be as easily damaged as magnetic media can be. A
backup can be an entire duplicate computer system when it is important to maintain continuous
operation.
Encryption: Encryption hides data in some form that cannot easily be read; you then supply a
character-string “key” to decode it when you need it (Pfleeger & Pfleeger, 2002). Any attempts
to modify encrypted data will result in undecipherability, so you can tell if encrypted messages or
programs have been modified (or repeated if a time is included in the message). Strong and
virtually unbreakable methods of encryption have been developed recently with “public-key
cryptography”, and software for it is available for free download from a number of Web sites.
Encryption methods can also be used for “authentication” or to provide digital “signatures” on
documents to prove who wrote them and when. Encryption has been touted as a solution to
many security problems but is overrated. If an attacker gains system-administrator privileges, he
may be able to get keys or disable encryption methods without your knowledge.
Honeypots: Honeypots and honeynets (networks of honeypots) provide richer log information
about cyber-attacks (The Honeynet Project, 2002; Spitzner, 2003). These are systems with no
legitimate purpose other than to receive attackers, so everyone using them other than their
system administrator is inherently suspicious. Honeypots need not explicitly invite attackers ?
once they are on the Internet, attackers can find them with automated tools. However, they can
be dangerous if attackers use them as springboards to attack other sites. For this reason, “reverse
firewalls” of various kinds must keep the attack from spreading. But an attacker may infer the
existence of the honeypot from the restrictions of the reverse firewall, so a honeypot cannot
remain effective forever.
What are Cyber-Threats, Cyber-Attacks and how to Defend our Systems 17
The Laws and Policies (Chapter 7)
In this chapter, it will cover the laws and the policies we have for cybersecurity. the most recent
update on the cybersecurity is the executive order by the president of the United State of America
about the importance of the cyber threat to critical infrastructure and how its continuing growing
and how its represents a serious national secuirty. (OBAMA, 2013 Section 1. Policy) also in the
executive order by the president of the United State of America about the cybersecurity
information sharing mantioned that the policy is to increase the private sector security and
increase the ability of the private sector the defend against cyber threats (OBAMA, 2013 Sec. 4
a). Each orginazation need to work to have a good risk management plan to see the valubale
assets they want to protact in accourding the the National Institute of Standards and Technology
(NIST) standards on securing the information systems and the assets on it. (CRITICAL
INFRASTRUCTURE PROTECTION, 2011, pp. 11,12) to apply for these assets access controls
to the assests to secure it, make sure these access controls is fully protacted to these assets. Laws
prohibit all the attacks we have mentioned, but do not do much to prevent them. In the United
States, laws prohibit eavesdropping on communications and damage to computers, which covers
most of the attacks we have mentioned, and many other countries have similar laws. But most
attackers do not worry about getting caught since it is hard to track them down and laws are hard
to apply. Laws can however be effective against repeat offenders within a given legal
jurisdiction, like spies selling secrets.
According to the National Initiative for Cyber Security Education (NICE) They divided cyber
security to seven categories; securely provision, operate and maintain, Protect and Defend,
investigate, operate and collect, analyze, and support. For better understanding, we will go with
each one in a part to understand and defined.
What are Cyber-Threats, Cyber-Attacks and how to Defend our Systems 18
Securely Provision: There are organizations were they deal with people sensitive information and
they need to be well organized specially in the part of information security management, and
want to make sure that who handle these duties people know what their jobs are according to
NICE this category has seven points; First Information Assurance Compliance in this point they
address that organization to evaluate and supervise, and supports to ensure that the new IT
systems have met the organization’s requirements. Second Systems Requirements Planning in
this point NICE wants from any organization to Consults with customers to collect and assess
useful requirements and interprets these requirements into technical solutions Third Software
Engineering NICE defend who do programs developments, creation, and codes new or recoding
an exiting applications, software, or programs people with requirement qualification of technical
experience or education level. Forth Test and Evaluation NICE require all software engineers to
tests their systems in order to make sure that it is with compliance with requirements, and they
have applied the methods. Fifth Enterprise Architecture creates system concepts and works on
the capabilities of the systems development lifecycle. Sixth Systems Development Working on
developing systems lifecycle. Seventh Technology Demonstration perfume technology
assessment and integration processes. (National Initiative for Cybersecurity Education, 2011)
Operate and maintain: In this category NICE requires developers to maintain the systems system
performance and security by supporting it, administration, and maintenance, in this category the
requirement of having people how can work and administrate the system and component like
database, network, customer services, systems security analyses, and information security
management. (National Initiative for Cybersecurity Education, 2011).
What are Cyber-Threats, Cyber-Attacks and how to Defend our Systems 19
PROTECT AND DEFEND: In this category NICE require from the organization to implement
defense in depth to secure the assets of this company, like Computer Network Defense, Incident
Response, Infrastructure Support, Vulnerability Assessment and Management, and Security
Program Management. (National Initiative for Cybersecurity Education, 2011)
INVESTIGATE: In this category for the organization that got attack they need to investigate on
how this event become and how did they had access, it has to main points Investigation, Digital
Forensics. (National Initiative for Cybersecurity Education, 2011).
OPERATE AND COLLECT: This category will defend the areas that may be used in developing
intelligence, like Collection Operations, Cyber Operations, and Cyber Operations Planning.
ANALYZE: In this category people who responsible on this area will review, and evaluation of
cyber security information to define if its usefulness for intelligence or not, the areas of Cyber
Threat Analysis, Exploitation Analysis, All Source Intelligence, Targets. (National Initiative for
Cybersecurity Education, 2011)
Support: In this category NICE requires to provide support to others may effectively use their
cybersecurity work, like legal Advice and Advocacy, Strategic Planning and Policy
Development, Education and Training. (National Initiative for Cybersecurity Education, 2011)
What are Cyber-Threats, Cyber-Attacks and how to Defend our Systems 20
Reference
Ahamad, M., Alperovitch, D., Conti, G., Davis, J., DeMillo, R., Feamster, N., et al. (2012).
Georgia Tech Emerging Cyber Threats Report 2012. Atlanta, GA: Georgia Tech
Information Security Center and Georgia Tech Research Institute.
Common Types of Network Attacks. (n.d.). Retrieved March 4, 2013, from Microsoft:
http://technet.microsoft.com/en-us/library/cc959354.aspx
Dr. Gary Small. (n.d.). Research shows that Internet is rewiring our brains. Retrieved January
19, 2014, from University of California Los Anageles:
http://www.today.ucla.edu/portal/ut/PRN-081015_gary-small-ibrain.aspx
Hazle, M. (2013, December 20). CREDIT CARD SECURITY BREACH AT TARGET. Retrieved
January 14, 2014, from University of Southern California:
http://viterbi.usc.edu/news/news/2013/credit-card-security.htm
Milian , M., & Robertson, J. (2013, April 23). China-Based Cyber Attacks Rise at Meteoric
Pace. Retrieved January 14, 2014, from BLOOMBERG L.P:
http://www.bloomberg.com/news/2013-04-23/china-based-cyber-attacks-rise-atmeteoric-
pace.html
Milian, M., & Robertson, J. (2013, April 23). China-Based Cyber Attacks Rise at Meteoric Pace.
Retrieved January 21, 2014, from Bloomberg L.P:
http://www.bloomberg.com/news/2013-04-23/china-based-cyber-attacks-rise-atmeteoric-
pace.html
NATIONAL INITIATIVE FOR CYBERSECURITY EDUCATION (NICE). (2012, august).
Retrieved January 21, 2014, from
http://csrc.nist.gov/nice/framework/national_cybersecurity_workforce_framework_v1_1_
What are Cyber-Threats, Cyber-Attacks and how to Defend our Systems 21
august2012_for_printing.pdf
OBAMA, B. (2013, February 12). Executive Order — Improving Critical Infrastructure
Cybersecurity. Retrieved 03 13, 2014, from The White House:
http://www.whitehouse.gov/the-press-office/2013/02/12/executive-order-improvingcritical-
infrastructure-cybersecurity
QUALITATIVE RESEARCH. (1997). Retrieved Feb 28, 2014, from Oklahoma State University :
http://www.okstate.edu/ag/agedcm4h/academic/aged5980a/5980/newpage21.htm
Remote Access—Attack Vectors, Threats, Findings & Remedies. (2010). Retrieved March 4,
2013, from NCP secure communications: http://www.ncpe.
com/fileadmin/pdf/techpapers/NCP-Attack-Vectors-WP.pdf
World Has About 6 Billion Cell Phone Subscribers, According To U.N. Telecom Agency Report.
(2012, 10 11). Retrieved 03 13, 2014, from TheHuffingtonPost.com, Inc.:
http://www.huffingtonpost.com/2012/10/11/cell-phones-world-subscribers-sixbillion_
n_1957173.html

You may also like...