Category: Cybersecurity

Introduction

Cybersecurity has become an important problem in today’s Internet networked world because of the increasing range of attacks perpetrated on the networks, making organizations such as DTL Power Corporation to develop countermeasures by training technical people with the skills necessary to respond to such threats effectively.

One training approach was through simulations that were done involving different groups at different levels to establish a range of issues related to Cyber-attacks.

This assessment report provides information about the roles the team members played to ensure business continuity planning, data encryption, emergency bypass policy, information privacy policy, load management, and training incentives (Wright, 2012).

Activities

Individual planning

Each team member was required to provide some support and play a significant role in the simulation exercise by contributing to the overall success of the simulation. In that context, the plan used as a framework for the hacking simulation activity for each member is discussed in the context as follows.

The hacker was prepared to make continuous and sophisticated attacks at the company’s network infrastructure and Cyberspace to increase the risk of loss of business continuity.

According to Agresti (2010), it was determined that a Distributed Denial-of-Service (DDoS) attack had occurred that was designed to cause financial loss by making the attacks known to the public.

The hacker contributed immensely to the disruption of the company’s services to the public to ensure disruptions occurred resulting into loss of business.

At the individual level, the preparation for the attacks involved putting in place the use of redundant primary disks to make the DDoS attacks successful.

The approach involved using primary disks that could make the movement of data through the restricted bandwidth difficult and impossible to deal with.

The procedure was implemented by the hacker who engaged in continuous tracking to determine the average usage of the disks by activating redundant disks to ensure that the primary disks were completely occupied and no memory space was available for additional use in service delivery.

The hacker had two backups for power redundancies, which is a common practice for setting up power systems to ensure sustained supply of power in case power disruptions happen.

In addition, two backup systems were used to ensure more power was available for use and in case of an emergency, two backup systems were deemed necessary to ensure sustained power supply (Agresti, 2010).

On the other hand, two backup power maintenance systems were made available for user’s data with two copies of the original data made available for comparison when the activity was over. The additional data backup was important to ensure sustained data availability in case the data was corrupted.

Policy review

Policy is an important element in Cyber security because it enables the organisation to set up strategies for combating Cyber-attacks that are relevant to the time the attacks occur and the level of technology development. Policy reviews were recommended to be revised on a 12 months cycle.

However, recommendations show that the 12 months are appropriate to investigate Cyber defenses and breaches to ensure sustained protection of the company’s critical resources.

In addition, it is a cost effective schedule because constant reviews are costly and sometimes could end up causing losses to the company (Assante & Tobey, 2011).

Business continuity planning

The protection of the company’s website was based on the DDoS protection binding strategy that was technically achieved by delaying the binding of the damage caused by the distributed denial-service attack.

The results include reduced employee morale, inability to provide the essential data availability services, and an interruption of customer services. The results were reduced customer and stakeholder confidence, which leads to loss of revenue, profits, and other related service delivery income.

To address the problem, the DTL Corporation must create a framework to protect its website and minimise the potential risk of being compromised by hackers using the DDoS attacks (Assante & Tobey, 2011).

However, to ameliorate the adverse effects of the DDoS attacks, the responsible team member put place business continuity measures that included the use of personal relationship management program to talk with the customers on the need to collaborate with the management to ensure service deliveries were made as required.

Collaboration was essential for each team member because of the contributions they made towards protecting the sensitive information assets of the company (Wright, 2012).

Load balancing

Load balancing was one the strategies that was used to protect the servers from the successful DDoS attacks. Load balancing was done to delay the DDoS binding to delay the movement of network traffic to protect the system and allow it to support its working capabilities.

In addition, by extending the network traffic using the load balancing program, it was possible to demonstrate how network traffic could flow smoothly through each resource used to make the system to work effectively (Assante & Tobey, 2011).

Data encryption

Data encryption is a technique that is widely accepted as an effective method of engaging hackers so that they do not find an easy way or access to protected data to comprise the integrity of the information system for unauthorized use.

The information stored in the company’s database was encrypted to create confidence in the customers on the security of the data.

However, some additional mechanisms were required to enforce data integrity and confidentiality by us of the SSL encryption to protect customer and company data against the threats from malware.

Here, each team member collaborated effectively by contributing their skills and knowledge on the best data encryption algorithms to use to encrypt data for security reasons.

It was established that each team member has specialist technical expertise on the use of encryption algorithms and the best solution was arrives at after evaluating the performance of each algorithm (Assante & Tobey, 2011).

One of the approaches that were used to increase integrity and confidentiality was the use of secure data encryption algorithms that could be developed by the company.

In addition, it was recommended that the company use minimum resources on training the staff on information security programs such as how to enforce privacy using different tools, policies, and algorithms.

Information privacy policy

The information privacy policy was an important asset for the company to use for the protection of data according to the recommended data protection act to ensure minimum standards for data protection were observed.

In computer investigations and Cyberspace employee most have to upgrade their skill by training in order to continue with their career (Assante & Tobey, 2011).

There are number of organization recently proving the certification programs for computer forensics and before engaging in a certificate program make sure to research the requirements, cost and acceptability in the chosen area of employment.

Also, the Federal government still in under threat; therefore, funding should be provide in order to protect the Cyber incidents and trained the worker who can take care Cyber threats.

Incentives

When creating incentives programs the conforming to the usual affection for employers is to provide training bonus and maximum amount of spending on training promotion and evaluation.

DTL Power Corporation require to update, revision and implement the innovation through the emergency bypass policy by spending with a maximum amount of money and the violations of typical separation of duties protocol will be warrant through the restriction and violation of damage involve with fines.

Briefing report

In making the simulation to work, it was important to ensure that different measures were in place to ensure that the DDoS attacks could not successfully compromise the website or the company’s network.

The core elements that were integrated into the protection mechanism were to disable the company’s ability to provide access to its services using remote communication methods. Here, the risk to the type of attacks that could be minimized includes DDoS attacks.

However, to ensure business continuity, it was crucial to provide the middle level management with remote access capabilities to the company’s information assets or systems because it provided the management with the ability to reduce the vulnerabilities to Cyber-attacks.

Business continuity assurance

However, a critical analysis revealed that business continuity was not assured because of the increases in the downtime that occurred because of the network isolation techniques that were employed to isolate and assess the network for vulnerabilities and threats.

In addition, the loss of business continuity stemmed from the strategy of isolating the network to minimise the risk of attacks or minimise the effects of the attack. However, loss occurred because the network isolation policy was contributing to the detriment of the operational functionality of the network.

On the other hand, the company’s management beliefs that disabling the operating system (OS) and the database ports and its associated services could minimise the level of vulnerabilities of attack on the systems.

On the other hand, the management of the company has placed its trust to protect its resources against brute force attacks by creating a password change policy which requires that each user changes the password regularly to avoid hackers guessing passwords.

However, the policy to allow for password changes for every 45 days provides the hackers enough time to conduct intrusion attacks and to brute force the passwords.

Gradually, it was established that DTL Power views the increase in budgetary allocations could lead to loss and reduce profits if the company invested significant amount of money in implementing the technical measures to protect its network from Cyber-attacks.

However, a more widely accepted strategy was to use more financial resources in establishing strong customer relations development to increase their confidence towards the organisation.

Controls

The type of controls recommended for use to protect the resources include delaying the binding, a technical method that allows the technician to conduct a TCP splicing that could allow controlled flow of traffic within the company’s systems’ network to detect and deter malicious attacks.

Load balancing could be achieved by spreading the workload to different servers and ensuring that no one server was overloaded using the HTTP protocol. By making the distribution of the services offered by the server, it could be possible to counter the DDoS threat.

On the other hand, the use of a firewall was deemed necessary to filter the incoming web traffic and block suspicious traffic to ensure effective auditing of the attacks or attempted attacks at the network.

DTL Company settled on an additional system protection technology by using an intrusion detection and prevention system, with the aim of the ability to monitor the flow of traffic into and out of the system that might be malicious.

In addition, a log management system could provide a summary of programs that were allowed access into the network or the programs that were rejected to understand the level of threats intending to attack the system.

Table 1: Downtime effects report

The results in table 1 show an increase in downtime, security index, budget, and a significance decrease in the company’s profitability because of the poor implementation of Cyber security defenses.

Results for round 2 simulations

Introduction

The second simulations were done to investigate the attacks that happened affecting the networks and websites for both public and private institutions with DTL Power suffering a significant impact of the operations and service delivery of the company.

It was necessary to conduct vulnerability assessment of the DTL Power security controls and establish the most effective countermeasures to ensure that the weak points were established and the best security mechanisms to integrate into the information architecture of the company.

Here, the impact of the Cyber defenses of the company was audited and the results noted.

Team assessment report

An assessment report indicating the operational functionality of the company’s website and network protection shows that the strategy of reducing network access to reduce the risk of remote attacks was not an economically feasible.

The rationale for the argument was that discontinuity of service provision to the customers violated one of the IT triad of security and that is availability. Here the response to the attacks that were caused by a virus being transmitted on the Internet was unprofessional.

However, a professional application and use of the tools such as port blocking based on the type of virus and the target port number the virus uses to infect the systems could be used to re-mediate the problems.

Security controls

The strategies to counter the attacks that were recommended by the team members include patching the operating system with the most recent and up to date patches that are recommended and regularly provides by the company, using both the hardware and software firewalls and the universal threat management systems to filter and block malicious code, use of delayed binding or the TCP protocol at the appropriate layer, and careful use of the ISP to block any code that behaves maliciously.

In addition, it was necessary to train users of the information systems to avoid downloading programs or any email attachments that were suspected to be coming from suspicious sources.

The preventive measures include educating employees on how to encrypt data in transit, conduct a continuous risk management to discover the security holes and the risks data can be exposed to, use antivirus software from a reliable vendor to protect an scan computers for viruses and worms, and any other malware, and ensure mails are received or sent as per the policies of the company.

On the other hand, it is necessary to train workers on the procedures and policies necessary to enable them identify resources that are under the threats of Cyber-attacks.

In addition, it is necessary to train technical and mobile employees on the effective application of information security data standards irrespective of the tools or services they are getting from the company’s IT infrastructure (Ten, Liu & Manimaran, 2008).

Table 1

Profitability

The team convened to evaluate different strategies to improve the profitability of the company under the current DDoS threat landscape.

The core elements that were suggested to be changed because of the inherent weaknesses that were identified in the assessment include policies on remote access, patch management, issuing of alerts, vendor software use, the privacy of information, and system analysis and development.

However, the most important areas covered include policy changes to CERT in Round 2 from the Breach Notification Policy from FBI/NSA in Round 1.

Impact of Cyber–defenses

As detailed in table 3, the Cyber defense applied on the information system of the company showed a significant increase in compliance, contribution to NSE, disaster readiness, popular sentiment, fair balancing of network load, an increase in internal security index, a reduction in the downtime experienced at the company network services, and an improvement of insurance security index (Wright, 2012).

The rationale for the achievements is because of the application of Cyber defenses, which include firewalls, antivirus software, regular operating systems updates, regular patches, and

Table 3: Cyber defense

Conclusion

In conclusion, the simulation showed that there was a for the company to improve its Cyber defenses by implementing appropriate controls, which include firewalls, intrusion detection and prevention tools, universal threat management tools, antivirus software, and constant and constant updates, and regular patching of the operating system.

In addition, the study showed that training employees on the basic Cyber prevention skills were necessary to enable them prevent Cyber-attacks that are perpetrated though social engineering techniques and the spread of malware on the Internet.

In addition, the use of data encryption techniques such as algorithms, load balancing techniques, and other techniques underpins the successful implementation of controls to ensure profitability and operational efficiency of the controls.

References

Agresti, W. W. (2010). The four forces shaping cybersecurity. Computer, 43(2), 0101- 104.

Assante, M. J., & Tobey, D. H. (2011). Enhancing the cybersecurity workforce. IT professional, 13(1), 12-15

Ten, C. W., Liu, C. C., & Manimaran, G. (2008). Vulnerability assessment of cybersecurity for SCADA systems. Power Systems, IEEE Transactions on, 23(4), 1836-1846.

Wright, K. (2012). Cybersecurity roundtable: The enemy is unknown. Electric Light & Power, 90(2), pp. 28-31.

Abstract

The research will mainly focus on existing computer crimes, and some of the ethical issues that should be taken into concern in information technology. Hacking as one of the ethical issues will be broadly looked at some of the topics about hacking will include; hacking methods, hacking vulnerabilities i.e. weaknesses exhibited in systems that make it easy for hackers gain access to a system, information contained in government websites and lastly the research will look at why at times hacking is viewed as a just practice and a right to people.

Introduction

The environment has direct influence on the personality and behaviors of individuals. In the past, the environment consisted of family, friends and the local community members. However, the environment has considerably changed after the invention of the internet, because globally many people have access to the internet and the use of internet make individuals establish contacts with new people from diverse backgrounds and culture. There exists a relation between new environment and the human personality or behavior, for example some people use technology for learning purposes, some for work or business while others use it for pleasure. There are some individuals or groups who use the internet for illegal purposes; this may involve obtaining sensitive information without permission and downloading of files or programs without permission. Computer crimes refers to the use of the computer system or the internet to commit criminal activities

Computer Crimes

A computer crime is an unlawful act done via a computer or a network and some of the habitual crimes that may be involved include; racket, theft, blackmail, falsification, and misappropriation of funds. The illegal activities take place when an unauthorized user gains access to a computer system, unlawfully intercepts data being transmitted by a computer, interferes with data, or interferes with the system (Bishop: 2005, p. 109).

Computer crimes can be divided into two categories; crimes that directly target computer devices or networks and crimes that are facilitated by computer networks or devices. Mean code, denial of service (DNA) and system viruses are examples of unlawful actions that aim computer networks. Crimes that use computers or networks include; cyber talking, theft, drug trafficking etc (Bishop: 2005, p. 103).

Some of the precise computer crimes include; spam which refers to the sending of mass mail messages for marketable purposes, fraud which may be defined by many activities; the altering of computer information in an unauthorized way, changing or damaging output with the aim of hiding unauthorized transactions, changing or deleting stored data, and writing code for fraud purposes, another computer crime is the obscene content, harassment whereby the content used may be offend to the user, drug trafficking whereby the transactions between the drug traffickers may take place via the internet, the last crime likely to take place is cyber terrorism which is defined as the act of terrorism that is committed through computer networks (Maxine: 1994, p. 72).

Ethics in computing

Computer ethics refers to a dissection of practical idea which deals with how computing professionals should make decisions concerning professional and social conduct. Computer ethics is the examination of the life and public force of computer technology and the subsequent formulation and explanation of policies for the ethical use of such technology.

Since the introduction of computers there are some ethical dilemmas that have raised an example of such a dilemma is hacking which will be explained later in the research paper. Some of the ethical issues in computing include; safe storage and recovery of information i.e. how should data in a large database be protected, software piracy the question that arise from software piracy is if it is morally right to replicate music or software, use of the internet as an instrument for abuse e.g. spreading pornography and lastly values promoted via the internet for example the internet can be used as a means to support democracy (Best, Picquet: 1996, p. 137).

Hacking

Hacking is one of the ethical issues that this research paper will cover broadly. Hacking is the unlawful use of a computer and networked resources. Hacking is considered to be unlawful and is only supposed to be implemented when an organization needs an ethical hacker to access its information. Hacking mostly occurs when there is the existence of vulnerabilities; examples of vulnerabilities are; condensed plan of Web servers, use of inappropriate software, disabled guard controls, and choosing of inferior passwords (Best, Picquet: 1996, p. 140).

Hacking as an activity has gained fame via the media this is through hacker magazines which publish hackers credentials, fame and there achievements, fiction books, and also non-fictional and fictional movies. A Hacker can be grouped into various categories depending on his activities, the various categories include; white hat who is a hacker who gains entry in to computer systems without any malevolent intentions his main aim is to learn more about computer systems such hackers end up being security system consultants for organizations, grey hat hacker who is a hacker that has uncertain ethics, black hat hacker who is a hacker who gains access in a system without authorization with his main aim being to maliciously damage users information, Cyber terrorist uses his skills to carry out acts of terrorism, script Kiddie who is a hacker who is not an expert but accesses systems using packaged programs written by other hackers and lastly a hacktivist who is a hacker who spreads political messages via the use of technology (Best, Picquet: 1996, p. 153).

Hacking methods

The whole process of hacking involves three processes; one of process is network enumeration and in this process the hacker gathers information about the device he plans to attack, Vulnerability analysis is the other process and at this stage the hacker identifies the means he will use to attack, the last process is the exploitation process and in this process the hacker attacks a system by using the vulnerabilities found in the vulnerability analysis stage. There exist a number of apparatus and techniques that are used by hackers to exercise the art of hacking, the tools and techniques include; security utilize which is a function that is all set and its main purpose is to take benefit over a known flaw, vulnerability scanner is a tool that checks for computer known weaknesses in a network, port scanners are also used which check which ports on a specified computer are open and available for access, Packet sniffer is used to capture data packets that capture passwords and data in a network, spoofing attack is a technique which involves a program masking itself as another by falsifying data with the intention of convincing users or systems in to enlightening secret information, roolkit is used with the projected use of hiding the recognition of a system security, social technology is the technique of convincing users to give out important information about a system this is mainly achieved by impersofinication whereby a hacker pretends to be someone else, A Trojan horse which is a program that seems to be doing one thing, but is actually doing another can be used to set up a back door in a computer system such that the impostor can gain access later, A virus which is a program that replicates itself and spreads by inserting copies of itself into other programs or documents, a worm also replicates itself but it differs from a virus in the sense that it penetrates system networks a user interference, A Keylogger is the last tool used it records each keystroke on an affected for later retrieval its main aim is obtaining confidential information that typed on the affected machine(Maxine: 1994, p. 63).

Hacking vulnerabilities

Websites are generally hacked due to existing vulnerabilities below we will look at the existing attacks that make websites vulnerable to attacks by hackers the vulnerabilities include.

Cross site scripting: It happens when a users program sends data to a web browser without first encrypting the substance. This gives hackers the opportunity to carry out mean code in a browser that lets them take control over user sessions, add unfriendly substance and carry out malware attacks. One of the options to protect a user from such attacks is through the use of a white list, a white list is used to confirm all arriving data, and any data that is not specified in the whitelist is discarded because it is regarded as being bad data (Best, Picquet: 1996, p92).

Injection flaws: This problem occurs when users’ data is sent to interpreters as either a control or a query, hackers’ ploy the interpreter with insertion flaws which permit the hacker to build, comprehend, revise or erase any data offered for the application. The only way to protect a user from this attack is by avoiding the use of an interpreter and if it is a must then safe application programming interfaces (API).

Malicious file execution: This problem occurs when web applications admit filenames or files from users which enable attackers to carry out remote program implementation, remote setting up of programs or entirely compromise a system. One way of protecting users from this vulnerability is by avoiding the use of input provided by users as filename for server based assets also firewalls policies should be set up to avoid new links to external websites(Bishop: 2005, p92).

Insecure direct object reference: The problem occurs when hackers maneuver straight object references to obtain un permitted entry to other objects, mostly happens when uniform resource locaters hold references to objects like files, database records or keys, a hacker can attack by searching for a valid key and expose information on the Web interface. This vulnerability is protected by the use of an index or reference map to evade revealing direct object references, the other way is to authorize users visiting the site.

Cross site request forgery: The attack takes power of affected web browser when logged in the site and transmits wicked program to the web application, websites are vulnerable to such an attack because they allow requests based on session cookies. One way of protecting the users from such an attack is to avoid the dependence on identifications that are submitted mechanically by Web browsers (Bishop: 2005, p. 105).

Information leakage: Error posts that are displayed by web applications to users offer information to hackers about program design and inner mechanism, hackers then use this information to initiate an attack. To protect an application from such an attack will entail the use of a testing tool to investigate the errors generated by an application; applications that are not tested will not produce error posts.

Broken authentication and session management: client and managerial accounts are attacked when web applications fail to guard qualifications and sessions, the problem occurs when the authentication system is rare, weaknesses are introduced through authentication procedures such as log out, password, remember me, and account update. Qualifications should be kept in an encrypted format and also users should avoid using convention cookies for authentication or session administration (Maxine: 1994, p. 86).

Insecure cryptographic storage: This problem occurs when web programmers do not encrypt sensitive data, or poorly plan the web encryption process, these failures lead to the revelation of sensitive data. The only way to protect websites from such attacks is through the use of standard public algorithms for encryption.

Insecure communications: Occurs when network traffic is not encrypted. Hackers can gain entry to non defended communications which include transmissions of qualifications and secretive information. To protect websites from such an attack, there should be use of legitimate link during the broadcast of perceptive data, and also use appropriate protocols to protect communications between networked resources such as servers and databases (Maxine: 1994, p. 45).

Failure to restrict Uniform resource locater access: This vulnerability occurs when web pages do not limit a small division of restricted users. Hackers use a method known as forced browsing which involves the process of guessing links and brute power techniques to find unguarded web pages. To guard users, guard all uniform resource locaters with an efficient admission control method that will validate the user’s task and privileges.

Hacking government Web sites

There some other areas that hacking is considered to be right and just even though most governments consider the art as being illegal. There are some reasons that make it difficult to burn the use of hacking programs, they include; use of a hacking tool such as a port scanner can help a network administrator identify vulnerable ports and protect them, password recovery tools can also be used to acquire an old password incase a user loses one, by governments restricting the use of hacking tools by its residents wont do it good because other this may not protect its citizens from hackers from other countries, businesses should be given an opportunity to use hacking tools to protect themselves from hackers, another reason for using hacking tools is the purpose of education students should be allowed to use hacking tools so that they can effectively learn how to use them for effective purposes (Best, Picquet: 1996, p142).

Information contained in government Websites

There exist a collection of information contained in government websites such information include;

Links to Government Websites: Government websites contains links to other government websites that are publicly available; the other governments may direct that there website not to be made public. It is considered just and right for country citizens to have information about there government operations and though hacking may be considered as un ethical it may be used to provide information to citizens which is there right and assists them in practicing justice. Government websites also offers links to non-government websites which offer government information that is not available on the official website. By hacking government sites information that may be hidden in the non government sites because it is considered confidential is made available to the citizens (Best, Picquet: 1996, p. 153).

Government sites also contain links of particular attention to citizens by momentarily posting them in a spot of distinction on the site. Some of the links may consist of: reports events, news, or other items of interest to the citizens. Hacking in to government websites not only provides concealed sensitive government information to the public, but it also enables hackers to spread information to the entire public regarding a particular topic for example hackers can hack in to a government website and post a message that prohibits homosexuality so that the whole public can have a view of the message and learn the consequences of supporting such an act, at this point hacking is considered to be right and the hackers are seen to be practicing justice (Maxine: 1994, p. 52).

Hacking can also be rightly used for counter terrorism acts which are considered to be right and just, for example an Indian group known as Indian cyber warriors alleged Pakistan for recent event of terrorism in Mumbai and termed it as one of the reasons for hacking into Pakistani government sites another reason was to revenge the act of hacking that was being practiced by a group naming itself as Pakistan cyber army on the Indian government websites (Bishop: 2005, p109).Another right and just reason for hacking will be convey messages to warn governments against participating in illegal activities such as supporting and funding terrorists.

Conclusion

The research first started by looking at various computer crimes that are practiced via the network some of the crimes looked at include; racket, theft, blackmail, falsification, and misappropriation of funds. The illegal activities take place when an unauthorized user gains access to a computer system, unlawfully intercepts data being transmitted by a computer, interferes with data, or interferes with the system. The research also categorized the computer crimes into two categories; crimes that directly target computer devices or networks and crimes that are facilitated by computer networks or devices. The next topic the research covered was ethics in computing and some of the ethical dilemmas mentioned included; Some of the ethical issues in computing include; safe storage and recovery of information i.e. how should data in a large database be protected, software piracy the question that arise from software piracy is if it is morally right to replicate music or software, use of the internet as an instrument for abuse. Later on the research narrowed down on one of the computer crimes which was Hacking, it defined Hacking as the unlawful use of a computer and networked resources, hacking methods were broadly looked. Hackers attack a system by first discovering a system vulnerability, the research looked at some of the vulnerabilities which were; Cross site scripting, Injection flaws, Malicious file execution, Insecure direct object reference, Cross site request forgery, Information leakage, Broken authentication and session management, Insecure cryptographic storage, Insecure communications and Failure to restrict Uniform resource locater access. The research further narrowed down on website security by looking at information that can be unlawfully accessed by hackers from a website, focus was then later on drawn to government websites where the research talked about why some hackers consider it to be just and right for them to hack in to Government websites.

References

1. Bishop, M. (2005). Introduction to computer security.Publication: Boston: Addison-Wesley pp. 103-110.
2. Best, Reba A., and D. Cheryn Picquet (1996). Computer crime, abuse, liability, and security: Jefferson, N.C., McFarland, pp. 136-155.
3. MacCafferty, Maxine. (1994) Computer security. London, Aslib.pp. 43-91.

Introduction

With advent of internet, email hacking has become one of the biggest Information Technology (IT) crimes being perpetuated around the globe. Several people and organisations have lost millions of dollars from the activities of the hackers, and while some countries have laws that can be used to prosecute the email hackers, some countries do not have IT law.

The internet creates the advantages of sending letters, pictures and other important documents, and a person can create a free email through websites such as Yahoo, MSN, to mention a few. However, to create an email, a user must register and create an account. Creating an account involves setting up a username and a password that should be known only by a user.

Password is a secret word, numbers, or combination of the two that allow a person to have access to his account. Thus, after creating an account, an email is ready to be used and a user can send letters or message to another person anywhere in the world. A user can also send some important documents to another person or even store some valuable information such bank information, credit card information, or Social Security Number in the email.

With the realisation that email might contain some important message and valuable documents, some unscrupulous people have devised ways to burst into the email accounts of another people to steal information from email box. The devises to enter into another people’s email and steal information in the email is called Email Hacking.

This paper examines the moral issues surrounding the hacking of emails.

The rest of the paper are organised as follows:

First, this paper presents email hacking history and how email hacking started.

Moreover, essay examines the motivations surrounding email hacking. It should be noted that people or an organisation do not hack for the fun of it, there are motivations behind these acts, which can be personal, economic or political motivations.

In addition, this paper reveals how email is being hacked. With increase in advance in Information Technology, many techniques are being used to burst into another people’s email and steal some valuable information.

The other section of the paper examines the effect of email hacking on society and its effect on the society in general. It should noted that stealing of valuable information through email hacking has become a phenomenon in both developed and developing countries and the acts are affecting the society in general.

Moreover, the paper examines the response of the society on email hacking.

Finally, the paper provides the conclusion for the whole essay, which also contains recommendations on how email hacking can be reduced.

Meanwhile, before analysing the motivations behind email hacking, it is essential to gain insight into the history of email hacking.

History of email hacking

Studies reveal that email hacking started between 1950s and 1960s. In those years, hacking was synonymous to computer genius and people with technical ability to master computer. Thus, in those years, hackers were termed “heroes of computer revolution” that is now considered to be criminal acts. Even in those early years, some universities such as Massachusetts Institute of Technology (MIT) in United States used their computer laboratories to teach students methods of hacking to improve student’s computer skills.

At these periods, hackings were well financed by large institutions such as MIT and Harvard. The motives behind these were to develop and gain new knowledge in computer security (Best, 2006).

In 1970s, new system of hacking was developed, people devised ways to break into telephone network and make long distant calls free of charge.

In 1980s, many people had had accessed to computer, and during this time, there were many inexpensive computers that were easily available. Thus, this was the time when hacking was beginning to gain popularity. Modem devises to hack began to be at hackers’ reach.

The tendency to pursue the criminal acts was gaining popularity at this time. For example, gangs were forming called the Electronics gang with the mission to break into the privacy of computer securities.

It should be noted that in these previous years, email hackings were never known because the internet was never being used in the public.

In the 1990s, the internet became the public usage and with launching of World Wide Web (WWW), several organisations allowed people to create accounts and personal emails to communicate to friends, relatives and even organisations (Clarke, Clawson, and Cordell, 2003).

Communications through email leads to the driven urge to breaks into other peoples’ emails with the intentions to steal sensitive information. In 2000s, email hacking is the order of the day, there are many-sophisticated software that can spy on the usernames and passwords of the email owners to gain access to other people email messages. Formerly, hackers were concentrated in USA and few advanced countries, with advent of internet, email hackers can be found virtually in any country. Email hackers can now be found in Asia, Latin America, North America, in many countries in Europe, and few countries in Africa.

With the increase in email hacking, questions are being raised in the business circles on what motivate the email hackers to perpetuate these criminal acts.

Motivation behind emails hacking

Studies reveal the motivations that make people to indulge in email hackings. Evers (2005) argues that the motivation for email hacking is solely monetary purpose.

Many people receive scam emails that appear to be identical with the trusted corporate company. The main purpose of these scam emails are to trick people to reveal the sensitive personal information, such as bank information, and the main purpose of these acts are to steal money from victims’ accounts (Evers, 2005).

Hines (2004) supports the argument provided by Evers by stating that 7 out 10 people that go online receive phishing emails that advise them to provide their personal information and 15% of these people provide their personal information and were successfully duped (Hines, 2004).

Although, these two authors provide solid arguments on the motives for the email hacking. Nevertheless, not all email hackers are motivated because of money. For example, some young people between the ages of 16 and 30 do hacking to show their expertise in the computer technology. Situation sometimes arises in the chat room where some people boast of having the computer expertise than the other person.

To support this argument Best (2006) points out that some people engage in email hacking just to boast on their ability to ferment art and skills. These people do not have intention to steal money or whatsoever from the individual or organisation. Rather, the basis is only pleasure and play, and these kinds of people are called script kiddies in U.S because these categories of hacker are mostly teenagers and young people between the ages of 18 and 30. It should be noted these group of hackers do not have computer skills because they use automated hacking program to do their email hacking in order to show their group about their expertise in Information Technology (Best, 2006).

Lakhani, and Wolf (2003) who points out that most email hackers indulge in the hacking activities for intrinsic motivation support argument put forward by Best. These include doing something for enjoyment and fun rather than for financial rewards. It should be noted that these hacking group derive enjoyment from the hacking so that it is impossible for them to stop the hacking activities. According to Lakhani and Wolf who state that, “Enjoyable activities are found to provide feelings of creative discovery, a challenge overcome and a difficulty resolved”.

Thus, the enjoyment derived is the basis of principle of email hacking. Sometimes, peer group or social group is formed among the hackers that will only permit the people who have the skills to perpetrate the email hacking into the group (Lakhani, and Wolf, 2003).

All the authors’ argument on the motivation behind email hacking are correct, the motivations that lead people into email hacking should be combinations of financial rewards, showing off the computer skills or programming skills, and for enjoyment purpose. This paper argues that all these factors are the motivations behind the email hackings. While some people may indulge in the email hacking for the purpose of fun, enjoyment and showing off the skills, the motivation for another people may not be the same, some people are motivated because of money. No matter the motivations, email hackings harms the victims. Before discussing the effect of email hacking on society, the next section provides the methods the hackers use in perpetuating email hacking

Methods of email hacking

There are several methods, which email hackers use to accomplish their acts. Due to the technicalities involved in carrying out these tasks, some terminologies are used to describe the tactics the hackers used. Some of hacking tactics are described below:

First, the email hackers may use tactics which Chang (2004) refers as social engineering. This is a tactic hacker uses to launch into the emails of unsuspected person and obtain their personal information. In social engineering, hackers do not need technical skills to accomplish these tasks; hackers only use psychological tricks to gain access to the system. For example, social engineering hackers can disguise as an employee or company executive out of town or country, and contact the IT help desk on the phone, telling them that he has lost his username and password, in a matter of urgency, an hacker will ask the IT help desk for his username and password. If he is able to acquire this information, the email hackers will burst into the company email, and steal valuable information (Chang, 2004).

In addition, a hacker may trick a company employee to download malicious program attachment sent to an employee’s email. The tactics is to gain access to the email of employees through the back door, which will give hackers the ability to have access to personal information. Hackers may also trick an employee to download an attachment that contain virus such as Trojan horse, the trick is to damage the computer of an unsuspected person in order to gain access. For example, email attackers send spyware to 1 out 3 company in the UK to gain access (Chang, 2004)

Moreover, email hackers can attempt to crack a password of unsuspected email user by making use of password cracker. In most online system, the combination of username and password are used to improve the security system of the computer system. Thus, to gain access to passwords, hacker may use dictionary files and combination of dictionary words and numbers. Alternatively, hackers may use only dictionary words to gain access to the computer or hybrid. For example, hackers may use dog1, dog2, dog3, and so on to gain access. It should be noted that these tactics take long time to accomplish, however sometimes email hackers accomplish their tasks. (Chang, 2004).

Presently, most companies have program that protect their computer system from the authorised access, which is called firewall. However, to gain access, hackers may dial telephone number of an organisation, and record the number that answers the telephone call. This can be done through hacker program. Thus, later in the night, hackers will call back the organisation and try to enter the organisational computer system by through the back door (Chang, 2004).

In addition, hacker may burst into the network of the unsuspected user to gather the username and password. The trick is to make use of a program called network packet sniffers, the program can analyse the unencrypted traffic and the hackers can get hold of sensitive information through these methods (Chang 2004).

Finally, email hackers may pose as reputable organisations, for example, there are many organisations with flashy websites that disguise as loan or mortgage companies. In the United States, there are payday loan companies that advertise themselves of giving out loan. In the course of registration with these companies, sensitive information is being asked. The information such as Social Security Number and the victim emails. Having collected this information, the hackers may use the information such as username and password to burst into the emails the unsuspected victims.

It should be noted that the activities of email hackers have caused both financial and psychological damages on society as discussed in the next section.

Effects email hacking on society

There are several financial consequences that email hacking has caused on society. Apart from the society impact, email hacking has caused psychological impact on the people. Report by Majuca and Kesan (2009) reveal the estimation of the financial damages of the email hacking on the society. For example, the cost of email hacking attacks on the companies is huge (Majuca and Kesan, 2009).

Many people and companies fail to report to the police because of the thinking that it would be a waste of time, this is because it is only tiny percentages of the hackers ever get caught. It should be noted that the hackers can be anywhere in the world, and the big problem is that a person in Australia can get access to the computer of another person in U.S. Despite the huge amount of money being lost through hacking, the hackers are difficult to track down.

The financial impact is that millions of dollars are lost into the hands of hackers each year. Apart from monetary value, personal information such Social Security Number, credit card information, or other sensitive information are getting into the hands of email hackers each year, thereby putting financial havoc on the victim (Chang, 2004).

Another damage of email hackers on an individual is that after getting access to email, hacker can reset password and username, which will prevent the person from login. Moreover, email hackers can deliberately delete the sensitive information and files found in the email messages and the victims who do not have a back up file to retrieve these information would end up losing valuable information.

Moreover, most companies affected by hackers have lost customers in their bids to report to police. For example, if companies’ emails are hacked and sensitive information are stolen. If this company report to the police and the matter get into the hand of press, the competitors can quickly use this as a competitive advantage by reporting to the world that they have protective measures to prevent such hacker’s attack. The customers of the attacking company may shift to the rival company, thereby making this company to lose customers.

Despite the financial damages on email attacks on the society, society is helpless to fight back. Moreover, police of most countries do not have technical skills to track down the hackers’ criminal. The damaging effects of email hackers makes the author to examine the response of society on the email hacking.

Society Response

As was discussed in the previous chapter, society is helpless to defend the cyber attack of the email hackers due to the technicality involved. Although, several corporate organisations have set up educational programs to educate their employees on the malicious attachment to the email in order to have access to their computer.

Apart from this, several laws are passed to protect society on the email hackers. For example, there is US law of Electronic Communications Privacy Act, which is to protect people from illegitimately entering into private email of organisation and individual. Wiretap Act is also set up against computer hackers.

Despite these laws, only few hackers are prosecuted because of the difficulties to prove that the hackers actually perpetuate these acts (Chang, 2004).

Conclusion

Hacking of email is one of the IT crimes currently perpetuated virtually all over the world. The paper reveals that this crime has caused havoc to many victims around the world, and the difficulty in tracking down the email hackers is one the main problems that make the attackers to continuing in their acts. The problems of email hacking is that some IT professionals are included in launching these attacks. Although, arguments arise that not many people indulge in email hacking for stealing or financial purpose. Nevertheless, doing email hacking for financial reward or for improving computer skills, bursting into the private email of an individual or a corporate organisation without authorisation is a crime and effort should be made on behalf the governments to fully train the policemen in Information Technology and the techniques to combat the email hacking.

This paper enhances the knowledge of individual, corporate organisation and society as a whole on email hacking and the techniques the hackers use in carrying out their acts.

Index

Email : The is private email address used to send and receive message. It is also used to send and receive document.

E mail hacking: This is the activity of the of some people to enter into private email of an individual or business organisation without authorisation.

Email hacker: These are the people perpetuate in email hacking.

IT law: This is a law to prevent people from breaking IT regulation..

Password : This is secrete word or number or combination of two known only to email owner in order to have access to his inbox.

Phishing : This is the activities of hackers to disguise as reputable organisation to steal people username and password.

Social engineering: This is the trick the email hacker use to steal username and password.

Spyware: This is program that damage computer system to have access to computer system.

References

1. Best, K, (2006), Visceral Hacking or Packet Wanking? The Ethics of Digital Code, Social Science Electronic Publishing, Inc, UK
2. Chang, J, (2004), Computer Hacking: Making the Case for a National Reporting Requirement, Social Science Electronic Publishing, Inc, UK.
3. Clarke, Z, Clawson, J, Cordell, M, (2003), A brief History of Hacking, Historical Approaches to Digital Media, USA.
4. Evers, J, (2005), Hacking for Dollars, CBS Interactive Inc, USA.
5. Hines, M, (2004), Caught in a Phishing trap, CBS Interactive Inc, USA..
6. Lakhani, K, Wolf, R, G, (2003), Why Hackers Do What They Do: Understanding Motivation and Effort in Free/Open Source Software Projects, Social Science Electronic Publishing, Inc, UK.
7. Majuca, R, P, Kesan, J, (2009), Hacking Back: Optimal Use of Self-Defense in Cyberspace, Social Science Electronic Publishing, Inc, UK

Abstract

Computers have been playing a significant role in the daily lives of many people and thus, it is not astounding that unpleasant incidents that involve computer usage have turned out to be widespread issues of litigation. In a broad variety of technological, medical, monetary and other realms, individuals make decisions and execute responses founded on the appearance of the screen of their computer.

Whenever there is an error occurs, the question that naturally comes up is how can one share-out blame between the computer and the person using it? Was the computer inadequately designed or was the user negligent? Mostly, interface is the vital part of the computer.

Users basically do not comprehend the interior sphere of computer’s bytes, ram and files. Instead, they comprehend their computer via the interface, wording, illustrations and images that are displayed on their screens.

Body

When the society started using computers, lack of ethical principles regarding their utilization and other related matters brought about a number of problems. Nonetheless, as their usage became extensive and prevalent in different areas of people’s lives, debates on computer ethics brought about some sort of agreement. In the present day, many regulations have been put together as laws by some global national.

Malpractice is a common term and there are different laws against it; all people are expected to understand what constitutes computer malpractice. With today’s internet freedom, new ethical matters arise (Weckert, 2007). Computer malpractices do not act against the law but they are unethical. Basically, ethics is all about making a decision between doing what is right or wrong.

Computing Machinery Association came up with a code-of-ethics: self-centeredness is the root of unethical conducts (Bynum, 2004). Computer users should understand that it is unacceptable and unethical to look through computer files of someone else because it’s like prying into their private matters. It is also considered to be unethical to send someone an impolite text through e-mail.

Unethical conducts can be perceived as punitive issues in some organizations and companies. Malpractice is a conduct that is legal, however it violates a professional code-of-conduct (Stamatellos, 2007).

Some other intolerable computer malpractices include leaving one’s computer terminal not attended and open. Choosing password poorly is also unacceptable; snooping at unacceptable and inappropriate websites and utilization of computer systems for one’s personal usage.

Computer malpractice is generally a professional misbehavior or a bad practice/conduct. It does not essentially entail infringing a law. Strategies of handling a general problem of getting more consequential precautions in a computer-linked enterprise have both technical and non-technical workings. They are normally multifaceted, but turning out to be more understood and better backed-up by the latest computer systems.

The latter are exceptionally extensive, as well as political, social-economic, religious, and other different aspects (Weckert, 2007). A computer-linked misconduct is a behavior that is different from what is preferred or expected.

Such misconducts may possibly be attributed to computer, human beings or ecological/environmental issues. This means that people misuses computers/systems and computers/systems misuses people (Bynum, 2004).

In different countries, there is a malpractice suit that consists of a professional negligence. Malpractice is an extensively debatable kind of lawsuit. Sadly, it is also broadly misinterpreted, with propaganda stretched in private deliberations, in the media, and in political debates (Weckert, 2007).

Unacceptable computer malpractice entails professional misconduct and negligence when offering services related to computer systems. If one offers services to someone, he/she has a legal accountability or an obligation to practice levelheaded care in offering those services.

For instance, if one offers consultant services, his/her obligation is to take sensible care to offer good counseling. If one offers archiving services and information/data support, his/her obligation is to take sensible measures to make sure that he/she copies the correct data and keeps it protected (Stamatellos, 2007).

Computer malpractices are not ethical and many of them are unacceptable. For instance, one should not interfere with computer workings of other people.

Interference can bring about computer viruses; these are small computer programs that interrupt the work of people in a computer by messing up their stored files and getting rid of large quantities of computer memory or by basically showing bothersome and aggravating messages.

Producing and deliberately spreading these viruses is not acceptable and is also unethical. It is also unacceptable to use a computer for stealing purposes (Stamatellos, 2007).

There are people who make use of a computers to burglarize companies’ or banks’ accounts and transfer considerable amounts of money; this is not only a malpractice but a computer fraud as well, and there are lawful measures against it. It is also unethical to make use of other people’s resources without their permission.

Usage of multiuser systems involves operator ids and private passwords to protect data and info and no one is supposed to circumvent this system of authorization. Hacking a computer system to infringe and circumvent its authorization is also considered to be unethical and can be called a computer malpractice (Bynum, 2004).

Appropriating intellectual output of someone else is also a computer malpractice that is intolerable. For instance, programs that one writes for personal assigned projects are his/her personal intellectual outputs (Stamatellos, 2007).

Conclusion

Additionally, copying other people’s programs without their consent is piracy and is not ethical. Copyright laws safeguard intellectual property because it is a type of private ownership.

Generally, Computer malpractice is seen when a person shows hasty and careless conducts or behaviors when making use of computer systems. It is when one fails to display a minimum degree of competence and experience essential in a particular profession. A person guilty of any kind of computer malpractice can be an operator/user or even a computer expert.

References

Bynum, W.T., (2004).Computer ethics and professional responsibility. California, CA: Wiley-Blackwell.

Stamatellos, G., (2007). Computer ethics: a global perspective. New York: NY. Jones & Bartlett Learning.

Weckert, J., (2007). Computer ethics. New York, NY: Ashgate.

Does a VPN use link encryption or end-to-end?

In the majority of cases, a VPN uses link encryption as the data encryption between the VPN client and the VPN server. The end-to-end encryption is the more complex process that can be discussed as the data encryption between the client application and the server provided with the help of additional technologies.

Does a VPN use symmetric or asymmetric encryption?

VPNs use both symmetric and asymmetric forms of cryptography for encryption. There are some differences in the usage of these types. Symmetric cryptography can utilize one key for both the processes of encryption and decryption and can be considered as more efficient in using for protecting the definite data. It is typical for asymmetric cryptography to use different keys for encryption and decryption, and it is used for authentication.

Does a PKI perform encryption?

According to its functions and peculiarities, a PKI can perform encryption, but the process is limited by the fact a PKI can perform only one action effectively at a time and, it is rather difficult to perform, for instance, the full authentication and encryption. That is why a PKI can perform encryption, but it is not used for continuous mutual authentication.

Does a PKI use symmetric or asymmetric encryption?

A PKI uses asymmetric encryption based on the key pair. Thus, both keys are necessary for the realization of the processes of encrypting and decrypting. The asymmetric encryption is also used because PKI usually works with public and private keys.

Firewalls are targets for penetrators. Why are there few compromises of firewalls?

The firewalls are controlled and protected with the help of passwords. Nevertheless, there are few compromises. The modern and developed firewalls continue to protect the network even if the system is attacked, and a firewall is compromised.

Suppose you are a customs inspector. You are responsible for checking suitcases for secret compartments in which bulky items such as jewelry might be hidden. Describe the procedure you would follow to check for the compartments.

It is necessary to check suitcases with the help of a scanner to observe the hidden items. If there are no possibilities to use the scanner or an inspector have some doubts, it is possible to check the exterior characteristics of the suitcase, to open it before the owner and check the obvious large and small compartments about the double sides or bottoms with paying much attention to the thickness of the material and its qualities.

Your boss hands you a microprocessor and its technical reference manual. You are asked to check for undocumented features of the processor. Because of the number of possibilities, you cannot test every operation code with every combination of operands. Outline the strategy you would use to identify and characterize unpublicized operations.

It is possible to examine the documented operations and features of the processor carefully without paying much attention to their effects. The expected number of operands can be used for testing the possible combinations of the operations and for testing the unexpected operands and effects. The test of a few unexpected operands can provide a picture of the possible undocumented operations.

Your boss hands you a computer program and its technical reference manual. You are asked to check for undocumented features of the program. How is this activity similar to the task of the previous exercises? How does it differ? Which is the most feasible? Why?

There are several ways to test computer programs, and this fact provides us with the opportunity to use more methods in comparison with the previous task. This variability is the main difference between the first task and this one. The undocumented features of the program can be tested with the help of using such approaches as white box testing and black box testing which are widely utilized for testing software with references to the program source and binary codes. Thus, this test can be discussed as more feasible.

The integration of new technologies into a school setting can be seen as an inevitable process. In that regard, the educational institutions that start to integrate technologies, not only to gain a competitive advantage in the education market, they also allow increasing the efficiency of the learning process, and reduce costs.

Computer networks and electronic resources are among the necessary technological assets that attract new students, and allow schools to reduce paper costs. Other advantages can be seen through the possibility to integrate multimedia resources into the curriculum. Qatar Independence School has set on the path of integrating Information Technology (IT) into the school context.

Having already fully equipped computer labs, the school intends to expand and integrate the labs into a unified system connected to the internet, with a digital attendance record, and touch screen test system. In addition to computers in the labs in the proposed system, wireless access will be provided through Wi-Fi hotspot zones. With security aspects being the main focus of such a system, the present project documents the process of designing and implementing security control through fingerprint facilities in the computer network in Qatar Independence Schools.

Requirements and Technologies

Primary Research

In order to identify the requirements for the project, a qualitative research was conducted, in which a series of unstructured interviews with various IT analysts and representatives of computer security field were held in order to identify feasible requirements for the proposed system. The basic outline of the interviews can be seen below.

1. Describe the implementation of a fingerprint facility in a school.
   1. The parts of the system.
   2. The main precautions.
2. How is it justified?
   1. Factors for
   2. Factors against
3. Other means of security.
4. Touch screen tests.
   1. Typical scenario.
   2. Other usages of the devices.

Accordingly, eight interviews were conducted during the span of 10 days, during qualitative data were collected from the main participants of the study. The result of the interviews mainly outlined several common themes and patterns in terms of the design of the proposed security system. These themes and patterns can be seen through the following:

• Most respondent s agreed that third party separate solutions will be a cheaper and more feasible acquisition.
• The authentication procedure using fingerprints should be differentiated through different purposes and different terminals.
• Passwords and other knowledge-based security measures are not sufficient means to manage security in applications.

One of the main arguments supporting fingerprint authentication was through evident through flexibility and speed. One area of arguments justifying the use of a fingerprint identification system is being fast in input. Many experts cited the example a comparison between the time required for a password input and a fingerprint scan.

Considering the fact that Qatar Independence School has 320 students and 45 instructors, the time delays for inputs can pose a real issue in terms of efficiency and flexibility. Categorizing the essential part of the system all respondents s acknowledged that fingerprint authentication facility can be seen as one of the most significant parts of the project. Answering the question on the main part of the system, John Summers, 36, independent IT analyst stated,

The main part in fingerprint identification is the scanner and the database with the templates. Everything else is a matter of providing an infrastructure to communicate between those two parts. Fingerprint authentication is as simple as that. Nevertheless, there were other parts as well which presence is vital for the system to function properly. Those parts included a database server, scalable and capable to manage many queries efficiently, a server that can serve as the core of the whole system, and wired and wireless infrastructure that will connect all the parts of the system together.

In that regard, one essential theme that emerged during the interviews is the compatibility between the different parts of the system. An example of the latter can be seen through installing a fingerprint authentication scanner which is not capable of integrating with Microsoft’s Active Directory. Accordingly, the compatibility between the SQL server, the server, and the fingerprint hardware should be also paid attention to.

Finally, the need to implement other means of security in addition to the fingerprint authentication can be dictated by the fact of using a network in general and a wireless network in particular. Answering the question on using other means of security, Rolanda Bayley, 29, an system administrator, stated,

Fingerprint authentication are necessary to protect access to desktop and laptops, but how about the wireless network. Using powerful access points to cover the school territory, users from outside might infiltrate the network. In this case, it is not about using free internet. It’s about protecting the databases of the school.

In terms of touch screen tests, the main analogy was drawn between the required devices and the products of Apple’s iPad. Nevertheless, all respondents agreed that the price of the device is a major factor for such purpose. The main direction suggestion was using low cost touch screen tablets, which are Wi-Fi certified and capable to integrate into the computer network of the school. Other usages identified by respondents included the following aspects:

• E-reading device for textbooks, electronic articles and lecture notes.
• Playing multimedia materials.
• Time management tool.
• A tool for taking notes.

Secondary Research

A review of literature on the technologies to be used was conducted for the purposes of the present project. In that regard, the main parts of the system can be divided between authentication terminals, a database, a server, and wired and wireless infrastructure. The computer lab desktop terminals will not be discussed within the scope of this project limiting the description to the processes and the interactions of the security system. The overall design of the system can be seen through Figure 1. In that regard, the technologies used include the following aspects.

Fingerprint identification

The technology behind fingerprint identification can be seen through two simple processes scanning and matching. The fact that human identifiers such as fingerprints have distinctive anatomical characteristics enables biometric recognition, which will provide better security and higher efficiency. In that regard, such identifiers cannot be “misplaced, forged, or shared, [and] they are considered more reliable for person recognition than traditional token- (e.g., keys or ID cards) or knowledge- (e.g., password or PIN) based methods” (Maltoni, 2009).

Two modes exist for the operation of fingerprint authentication facilities. The first mode is the enrolment mode, i.e. the mode in which the fingerprint is acquired, and then its feature extracted and stored in a template in the database (Seshadri and Avulapati, 2010). The second mode is the authentication mode, i.e., the mode in which the acquired fingerprint will be matched with existing templates, and according to which scores, certain security policies will be applied (Seshadri and Avulapati, 2010).

It should be noted that the first phase is a one-time phase that will be performed for students and staff in Qatar Independence School, while the second phase is a continuous day-to-day security procedure. The connection of the fingerprint authentication system to the server can be seen through Figure 2.

In order to mitigate the risks of potential failure of the fingerprint authentication system, the computers will be capable of authorisation using passwords. Such possibility will be saved for system administrators for the case of emergencies and computer check ups. It should be mentioned that the labs in this context are reserved for desktop PCs, which will be connected wirelessly to the network.

Although being stationary, as opposed to touch screen tablets, the utilization of wireless connection will allow expanding the number of computer labs without substantial investments in the wired infrastructure. Accordingly, fingerprint authentication devices will be attached to the desktops in computer labs (see Figure 2).

Database

The database contains profiles of each student along with staff personnel with a fingerprint identification template matched to it. Microsoft SQL Server 2008 will be used to create, store and manage data contained in the profiles. Such data will be stored in databases which are scalable and can be even shared between several organizations (Harbaugh, 2010).

In that regard, considering the fact that the Qatar Independence Schools are considering increasing the number of students enrolled, SQL Server can serve as platform capable of handling massive databases, integrating all the data and managing all user queries. Accordingly, combining SQL Server and Windows Server will enable the school to create a centralized data centre, easily upgradable into a more powerful structure if necessary (Microsoft, 2010).

Server

The core of the system can be seen through Microsoft Server 2003. One of the main tasks of the server can be seen through providing network access for connected terminals (Boswell, 2003). An essential element of the implemented technology is the usage of security policies. The security policy can be defined as a collection of rules and instructions that control computer systems and their components, network cohesion, secret and confidential information, etc. In the context of the present project, security policies can be seen as elements of a template to which fingerprints can be attached.

Using user and group policies the administration of the school can limit the rights of these users and groups to perform certain actions (TechNet, 2005). The assignment of permissions can be implemented through either groups or roles in Microsoft Server 2003. The logical roles that can be assigned might include teachers, IT staff, students, administration, etc. The roles can be seen as a collection of tasks supported by an application (MSDN, 2008a). The stages of forming such policy can be seen through either assigning users directly to roles, or collecting users in groups and then assign them to roles (MSDN, 2008a).

The information of group policies can be stored in group policy containers (GPC) in the corresponding template, which can be seen as an area in Active Directory (AD). Utilizing authentication software compatible with AD will allow managing policies and groups, loading profiles and accounts, linking passwords, and others, to be performed in seamless manner within a single system.

Wi-Fi

Wi-Fi technology enables the connection of different devices wirelessly over the air. In that regard, such technology will make the organization of the network structure in the school easier, and at the same time will eliminate the necessity for the devices to be connected to the network in specific places only (Figure 2). The principle of work can be seen through putting several access points throughout the school territory, which will enable all Wi-Fi certified devices to connect to the internet. The certification aspect will ensure reliable connections and security over the air for the devices connected to the network (Wi-Fi Alliance, 2006).

The distinction between finger print authentication and standard methods of security over Wi-Fi can be seen in that the standard methods, e.g. Wi-Fi Protected Access (WPA) security (Wi-Fi Alliance, 2004), can be seen through different application. WPA can be used along with MAC filtering to control access of unauthorised devices, while fingerprint authorisation will link any processes, activities, achievement , etc, of the student to his/her unique profile, controlled by fingerprints.

Touch Screen Tablets

The definition of tablet PCs can be seen as “a portable computer equipped with a touch screen and special pen that allows users to ‘handwrite’ on the screen” (Xiang et al., 2009). Several other variations might exist, including internet tablets, such as Apple’s iPad. The main differences can be seen in the system of control and their usage as handwriting devices. Nevertheless, the main principles of such device are the same, a touch screen, light weight, and connectivity.

The benefits of touch screen tablets might conform to the findings of the primary research, where their use include such aspects as recording presentation slides with notes and audio recording, assessment through receiving, marking, and returning assignments, and using as an interactive teaching aid (Xiang et al., 2009). A study conducted to review the technological aspects of using wireless tablet PCs revealed that students are “overwhelmingly in favour of introducing Tablet PCs to lecture rooms and distance education” (Xiang et al., 2009).

The alternatives to Apple’s iPad, which are either available or ready to be available, include options such as Knowledge Now (KNO), an education oriented low-cost tablet PC, and Marvell prototype (Tsotsis, 2010, Charbax, 2010). Other options can be seen through various Android-based tablet PCs, available from different vendors (Light in the Box, 2010). The connection of the tablet PCs within the system can be seen through Figure 2.

Minimum Requirements

The main software requirements for the project are mainly composed of Microsoft products family. The following family of software products were selected for the system:

For the server:

• Microsoft Server 2003 Standard Edition

For Laptops and Desktop:

• Microsoft Windows XP

For the database server

• Microsoft SL Server 2008

For the Tablet PCs there are no software requirements of the tablets themselves as they come pre-installed with a proprietary operating system (OS). Such system might be based on Android OS, Apple iOS, or Windows Mobile, or other tablets that might be used. Additionally, the choice of the tablet might require installation of software to sync the tablets with Desktops. In that regard, such aspect also depends on the choice of the tablets. Android-based tablets might be recommended in that regard.

The main hardware requirements for the project can be seen through the following aspect:

• Finger print scanners for desktop use (installed on PCs).
• Fingerprint scanner for attendance records (installed on school and/or class entrances).
• Wi-Fi Access points – devices for converting wireless and wired communication through transmitting radio signals (Mitchell, 2010).
• Touch screen tablet PCs.

Accordingly, the hardware requirements might include the minimum specifications for the operation of the Microsoft and SQL servers. According to the official requirements of Microsoft SQL Server 2008, the minimum hardware requirements include:

• Minimum: 1.0 GHz Pentium III-compatible processor or faster.
• Minimum: 512 MB for SQL Server Express with Tools, and SQL Server Express with Advanced Services (MSDN, 2008b).

Microsoft Server 2003 requires the following hardware specifications:

• Processor with minimum speed of 550 megahertz (MHz)
• 256 megabytes (MB) of RAM (Microsoft, 2005).

Additionally, each of the desktops in computer labs should be equipped with a certified wireless adapter that will connect the computer to the network through wireless access points.

Risk Assessment

Risks in IT projects cannot be excluded. In that regard, many of the risks associated with the current projects are foreseeable, and accordingly, can be identified and planned. The risks can be categorised into several types, which include risks external to project management and the organization, governmental regulatory changes, industry specific procedures, change-driven factors, emergencies, and others (Murch, 2001). The main risks associated with the current project can be seen through the following table:

Table 1: Risk Assessment.

Quality Management

The quality in the context of project management can be defined as “the degree to which a set of inherent characteristics fulfil requirements” (Phillips, 2010). In that regard, it can be stated that the quality implied in the context of project management is about the quality of the deliverables and the processes. For each of the deliverables in the projects there should be metrics used to measure the good of the service or the product. The value of the deliverables in this project can be seen through such factors as the value of the implementation, i.e. cost-benefit analysis, value of the service, the value of the experience, the value of the longevity, and the value of the reliability (Phillips, 2010).

Experiments that will test the functionality and the service delivery of the project should be planned. Such experiments might include such aspects as authentication, breaking through the network, the stability of connection, and testing variations in the policies and rules for different users and groups. The schedules for testing should be organised in order to monitor the quality should correspond to each stage of implementation on a prototype of the system. The tasks to be tested and their schedules can be seen through the following table.

Table 2: Testing Schedule.

References

BOSWELL, W. 2003. Inside Windows Server 2003, Boston, Addison-Wesley.

CHARBAX. 2010. Marvell announces $99 Moby Tablet to Revolutionize Education. Web.

HARBAUGH, L. G. 2010. Review: Microsoft SQL Server 2008 R2. Web.

LIGHT IN THE BOX. 2010. Android Tablet PC. Web.

MALTONI, D. 2009. Handbook of fingerprint recognition, New York, Springer.

MICROSOFT. 2005. Windows Server 2003, Enterprise Edition: System requirements. Web.

MICROSOFT. 2010. SQL Server 2008 – Your Data, Any Place Any Time. Web.

MITCHELL, B. 2010. Wireless Access Point. Web.

MSDN. 2008a. Dynamic Groups in Windows Server 2003 Authorization Manager. Web.

MSDN. 2008b. Hardware and Software Requirements for Installing SQL Server 2008. Web.

MURCH, R. 2001. Project management : best practices for IT professionals, Upper Saddle River, NJ, Prentice Hall.

PHILLIPS, J. 2010. IT project management : on track from start to finish. New York: McGraw-Hill.

SESHADRI, R. & AVULAPATI, Y. K. 2010. High Performance Fingerprint Identification System. International Journal of Computer Science and Information Security. Web.

TECHNET. 2005. Local Users and Groups overview. Web.

TSOTSIS, A. 2010. Kno To Build A Single Screen, Education-Focused Tablet. Web.

WI-FI ALLIANCE. 2004. WPA Deployment Guidelines for Public Access Wi-Fi® Networks. Web.

WI-FI ALLIANCE. 2006. Wi-Fi CERTIFIED. Web.

XIANG, W., GOH, S., PATHER, S., MAXWELL, A., WANG, H. & KU, H. 2009. USE OF WIRELESS TABLET PCS AS AN EFFECTIVE LEARNING AND TEACHING ENHANCEMENT TOOL. Web.

Introduction

Data acquisition is a branch of computer forensics concerned with the retrieval of data originally located on a suspect medium such as a hard drive. These data could be images or files. The types of data acquisition are either live or static. This acquisition can fall in any one of the four methods highlighted below:

• The bitstream disk to image, which can be used to create copies, which are bit for bit replicas. This method can enable one to make more than one copy during the process.
• The bitstream disk to disk is used where bitstream disk to the image is not possible.
• While considering the files of interest only, the logical or sparse acquisition will suffice. However, this option remains suitable for large disks and can collect pieces of deleted data.

For the 2GB hard disk in question, a lossless compression may be suitable. However, for effectiveness, this will be combined with a digital signature verification process. For such a case, the contents will be copied as an accurate image to a file preferably to another disk using third-party tools such as ProDiscover or EnCase. However, this depends on other factors that would otherwise disqualify the bitstream disk to the image file method.

Another hard disk is used as the target medium onto which a copy of the suspect hard disk is made. EnCase and SnapCopy is examples of software that can be employed for this process. The acquisition precedes validation of the data. Windows has no inbuilt validation algorithms that are typically hashing algorithms. Third-party utilities are used for such validation processes. Alternatively, Linux validation can be used with the dcfldd with a verify file option to compare the image to the original.

Computer forensics training

CYber DEfense Trainer (CYDEST) describes a virtual environment addressing computer forensics as well as network defense. Considering that training on an actual platform may be costly and remote, CYDEST provides an opportunity for network administrators as well as digital forensics investigators to run real-life scenarios in a virtual environment. This setup achieves realism through “support for highly realistic ‘invasive’ training scenarios which include ongoing attacks and live forensics as well as an automated evaluation of student’s performance” (Brueckner et al., 2008, p.105). CYDEST relies on virtualization.

Virtualization for this case is capable of achieving rich scenarios at random, which are suitable for training purposes. This virtualization is hosted with Xen, which is a hypervisor “running directly on the hardware as an operating system control program” (Brueckner et al., 2008, p.105). Xen will support one or more machines as specially privileged guests. This platform also supports the Linux operating system as a privileged guest. In a CYDEST session, the hosts seen by the student are unprivileged. Xen can also allow other architectures to enable hosts on the network to run licensed software such as windows.

CYDEST in its assessment employs passive and active observation. The former will cover reports involving a student’s responses to direct queries. Active observation on the other hand is whereby a student’s actions are monitored and both the direct and indirect results are analyzed. “CYDEST is web-based and can be accessed over the internet or locally” (Brueckner et al., 2008, p.106). Some shortcomings as far as CYDEST is concerned to relate to the complexity of some of its components. It is not uncommon that a virtual host may unexpectedly crash in which case the system reverts to a predefined baseline. It can be also noted that the student exercises are not repeatable.

Return on investment (ROI)

Determining the return on investment (ROI) is the single most important aspect of any investment today. This stands true for real estate, stocks, or new business ventures just to mention a few. Estimating a return on investment (ROI) helps the business planner to choose from among several investment options. During an IT project, training remains one of the relevant aspects for successful project delivery. This could be team training for those directly involved in the project or user training for the eventual beneficiaries of the project deliverable. User or staff training will result in improved performance and productivity.

It will be noted though that there are no cash flows representing training and therefore net present value as an ROI method is unsuitable to use here. While considering employees as organizational assets, their work can be determined by their remuneration package. Their salaries would translate to how much worth the employee is to the organization. However, this cannot be directly measured in terms of cash flows for the net present value method in determining the return on investment. A return based on their salaries would be a more appropriate method to determine the return on investment as the use of the net present value (NPV) method is unsuitable.

An alternative to NPV would be the use of the annual percentage yield (APY). For such a method, the cost associated with the investment will first be determined; the returns will then be calculated or estimated. The next undertaking would be to define a timeline for the returns and based on this calculation of the annualized return of investment or the annual percentage yield.

Reference

Brueckner, S, Guaspari, D, Adelstein, F, & Weeks, J. (2008). Automated computer forensics training in a virtualized environment. Digital investigation, 5(1), 105- 111.

Introduction

The article is about research on a computer forensic tool that was carried out by Jens Olsson and Martin Boldt at Blekinge Institute of Technology. The two scientists came up with a prototype of an existing computer forensic utility that combines the output of other forensic utilities and displays it against a given timeline. In computer forensics, timeline analysis is time-consuming because each process investigated differs from the other. Data that is not relevant in one process may be crucial in another process in forensic investigations. This is the reason for manual investigations of timeline in forensic analysis. This process is time-consuming. There is a need for the development of a forensic tool that analyzes and filters the necessary information then displays the outcome in a timeline that is easily understood.

The necessity to save time in computer forensic investigations is the basis of the tool that Olssen and Boldt came up with. It is called CyberForensics TimeLab (CFTL). The tool forms a kind of directory for all evidence gathered about time. The outcome is then plotted on a graph of the timeline. In doing so, forensic investigators analyze the timeline easily and quickly as compared to the existing forensic tools. An existing tool that is similar to the CFTL is the Forensic toolkit (FTK) that was created by Access Data. It analyzes different data just like the CFTL but does not display all the timestamp data in a way that makes work easier for the investigator.

Olssen and Boldt tested the CFTL by giving it to several users then comparing its functionality to FKL. The results were positive and overwhelming. 12 tests subjects used the tool CFTL and FKL to solve a hypothetical forensic case. The case was solved in 14 minutes using CFTL and in 45 minutes using FKL.

Case Project

Questions that the woman should be asked are time and access-related. First of all the investigator should determine the location that the files found on her computer were meant to be and who has access to it. This can help in narrowing down other possible suspects in the case. The first question the woman should be asked is about other individuals with access to her computer. She should clearly define people with regular access to her computer and specifically those who have accessed it within the last month. This information helps in relating the list of individuals with access to the main source of files to the ones with access to her computer.

The investigator should then determine how the woman can benefit from accessing the files found on her computer. Are they of any importance to her? If she is fired, who benefits the most? Is it an individual within the company or the company itself? The answers to these questions help the investigator to determine if the woman has been framed or not. The investigator should then determine the woman’s history with computers and the level of her computer knowledge. Does she have any certification in computers? How knowledgeable is she in computer use? Finally, the investigator should determine the number of times she logs into her computer in a day and specific times she has logged into it for the past week. The investigator should then check the computer logs and information about the files. The date and time that the files were created and last modified. The user logged in at the time the files were created is also important for the investigation.

Rational Vs Holistic

People who tend for the rational approach are managers whose guidance stems from the statements of finance. They believe that positive outcomes ought to be achieved by well-calculated means with great precision. All their actions and decisions are based on facts that can be quantified and observed. These managers are viewed by their subjects as plain and uninspiring. According to the subordinates of managers observing rational approach to decision making, they are autocratic.

On the other hand, individuals who tend for the holistic approach are leaders driven by several factors that include relationships. These leaders make their subordinates optimistic hence a general improvement in the performance of the organization. They consider the underlying factors while making their decisions. These leaders take into consideration not only the relationships within the workplace but also social resources that are complex. The employees in this case perceive their managers to be visionary.

Studies have shown that holistic managers are more effective in decision-making as compared to rational managers. Results of these studies show that the performance of their organization is improved as workers are more optimistic than those under rational management.

What Has Happened and What Was Stolen

• A concealed group of hackers stole several disks containing secret data belonging to the National Security Agency (NSA) in 2013 (Schneier 2017);
• In 2016, they announced an auction to sell off the data they had obtained illegally;
• The group demanded one million bitcoins for the data;
• When they failed to receive what they wanted, they started publishing files (Haridy 2017);
• The intelligence-gathering capacity of the NSA was undermined;
• Simultaneously, sophisticated cyberweapons became available for anyone who would like to obtain them;
• The group allowed the developers of the WannaCry ransomware to use the tools they required for infecting large numbers of computers;
• Shadow Brokers damaged several major mail servers (Linux) and operating systems (Microsoft Windows, Cisco routers) rather seriously;
• The group menaced to let out more secret data from the NSA on a monthly basis.
• Such actions made it possible for the governments of other countries and cybercriminals to develop hacking tools against the US (Schneier 2017);
• In May 2017, a blog post was published by Shadow Brokers, in which they announced a strange subscription model that suggested a monthly “haul of data” for the subscribed members;
• For the data, the group wanted to be paid in Zcash, the cryptocurrency that was launched in October 2016;
• The reason behind such a choice of currency is considered to be related not to the reliability of Zcash but to the desire of Shadow Brokers to point out the connection of the US government to its development (Harify 2017).

Threats to Public Infrastructure

• In case the network infrastructure is damaged, criminal groups can obtain control of the infrastructure;
• Such control enables malicious groups to compromise different types of devices;
• Stolen data and redirected or altered traffic leads to serious problems in many systems all over the country;
• Possible outcomes of hacker attacks are data theft, denial-of-service, and unauthorised data modification;
• Since Shadow Brokers have constant access to network devices, they can make new attacks even after they have been forced out from the hosts they exploited earlier (United States Computer Emergency Readiness Team [US-CERT] 2016);
• The group puts under threat not only the individual users but whole corporations and even the government;
• The country’s security is damaged seriously;
• Shadow Brokers’ activity may also lead to massive losses due to blocking the work of some network services (Schneier 2017).

Possible Controls of Future Leaks

The US-CERT (2016) offers several solutions to controlling information leaks in the future:

• Networks and functions should be segmented in order to restrict the intruders’ access to the internal framework;
• When a network is insufficiently segmented, malicious groups can extend their influence on secret data;
• Sensitive information should be physically separated;
• Placing routers between networks will help to create additional boundaries and filter users’ traffic;
• In the design of network segments, the principles of least privilege should be applied;
• Unnecessary lateral communications should be limited;
• The system becomes more vulnerable if unfiltered communications between workstations are allowed;
• It is recommended to harden network devices;
• To protect routers, there should be access lists that will enable remote control and surveillance;
• Configurations should be backed up and stored offline;
• It is possible to protect sensitive files with encryption in case they need to be sent electronically;
• Physical access to routers should be limited;
• Security configurations should be tested against security requirements from time to time;
• Access to infrastructure devices should be limited.

Reference List

Haridy, R 2017, ‘Shadow Brokers hacking group reveals bizarre data dump subscription plan‘, New Atlas. Web.

Schneier, B 2017, ‘Who are the Shadow Brokers?‘, The Atlantic. Web.

United States Computer Emergency Readiness Team 2016, Alert (TA16-250A): the increasing threat to network infrastructure devices and recommended mitigations. Web.

Audit Scope

In the course of carrying out this security audit, I concentrated on a specific area where I primarily wanted to focus my attention. This was important because I believed that these areas are the backbone of this organization’s security. My audit work was to focus on the administrative, technical and physical security measures put in place by the organization.

Initially, I realized that the organization had many assets such as; computers, laptops, cameras, and printers that are used to protect the business information. My first assignment was centered on proving how these assets are capable of ensuring maximum security to the information stored on them.

Administrative and technical safeguards

On the issue of computers and laptops, I learned from the administration that each laptop was specifically assigned to a single person who was entrusted with a password known to him and the organization’s administration alone. To enhance the security of the passwords, each employee was required to select a password that entailed a combination of letters and numerical figures.

The length of the password was not to be less than eight digits, which implied that it was exemplary hard for an imposter to hack the password. In the same measures, the password could only be changed from a centralized position meaning that not even the employee himself was able to violate the security program.

Physical security measures

Similarly, I realized that the administration had come up with a security policy that required physical monitoring of security personnel in addition to installing exceptionally strong metallic doors and state-of-art, topmost security locks. There were equally signs inscribed on most doors of the organization’s premises prohibiting entry of non-staffs beyond designated points, which I also learned was another security measure to prevent unwanted people from having access to the customers’ information.

Besides security personnel, an officer was stationed at the entrance. His role was to allow entry to approved persons only after leaving behind their identification card in exchange for another card bearing the name “visitor”. Apart from the visitors’ badges, there were also other access cards that the holder could only strictly open the intended door. This beefed up the security mostly on the server room that was completely restricted to the employee on duty alone.

The other area I emphasized my audit on was the knowledge and competence of the workforce. I discovered that most of the workers dealing with customers’ information were well equipped with the necessary knowledge and experience pertaining protection of information. Most of them were capable of protecting the information stored from viruses and online threats, through the installation of up-to-date software and other programs such as firewalls and antivirus.

Similarly, these workforces were able to filter spasms from their email and were conversant with opening unexpected attachments that could cause harm to the stored data.

Personal opinion and recommendations

Among the areas, I found wanting from my audit was; accessibility of computers and laptops. Going by the rate at which technology is advancing, I felt that the organization needed to do more than just trust the security of its information on passwords alone. The presence of experienced hackers has almost rendered the use of passwords useless (Hance&Cimino, 498). By this, Hance&Cimino (498) meant that more security measures such as biometric technologies are now readily available in the market and can be more trusted than the use of passwords.

According to Hance&Cimino, by use of biometric technology, it will be extremely hard for anyone to manipulate the security of the laptop because this technology entails the use of customized or individual characters such as one pulse or fingerprint which is passed over the screen of the computer and in the process identify the rightful owner. Another area that the company needed to improve its security was the use of closed-circuit television popularly known as CCTV. By using CCTV, the organization will be able not only to keep track of any intruder during working hours but also at any other time.

Conclusion

By instituting IT, security measures such as; biometric and CCTV among other security measures, the organization will feel secure of its stored information and any other assets within its premises. Thus, the organization will worry less about any other threat that might affect their IT systems.

Work cited

HanceShortliffe, E, & Cimino James, J.Biomedical informatics: computer applications in health care and biomedicine, New York, NY: Springer publishers, 2006. Print.