Middle East Cybersecurity, E-Government, Ecommerce

Abstract

E-commerce and e-governance have been identified as viable business platforms in the Middle Eastern region. However, the continued usage of ICT in the Middle East is affected by the high rate of cybercrime. Apparently, most e-commerce and e-government entities in the region are yet to enhance their security systems to conform to the international standards. This research was geared toward evaluating the factors affecting the implementation of effective security systems erected in the Middle East with those in the developed nations like the United States and the UK. The comparison would reveal the risk level that the Middle Eastern society has been subjected to by the lack of effective e-governance.

The research was also set to reveal the methods that cyber-criminals use to target victims and steal their money and information in the e-commerce and e-government platforms. Most international organizations in the region have actively engaged in e-marketing, and they have recently adopted e-commerce. The report illustrated cybercrime as one of the major factors leading to reluctance in adopting e-commerce in the Middle East. The findings in the research revealed that five main issues led to the reluctance in the adoption of e-commerce and e-governance by the Emirates. Trust was one of the biggest issues. Most potential consumers were not convinced about the viability of e-commerce.

Literature Review and Research Questions

Background information

Growth in Information Communication Technology [ICT], owing to the increased investment in research and development, has created enormous opportunities within the private and public sectors. Governments and private entities are incorporating ICT in their operations, thus leading to the emergence of a digital economy. Beaudry and Pinsonneault (2005) contend that most governments are integrating ICT technologies in their quest to attain operational effectiveness and efficiency in service delivery. This trend has led to the development of diverse e-government technologies, which have been fostered by the innovation of diverse web-based technologies. According to Abbad, Abbad, and Saleh (2011), e-government entails continued usage of different ICT technologies by federal, local, and stage agents in offering government services. One of the core motivations of integrating e-government technologies entails the elimination of the bureaucracies associated with service delivery within diverse government departments.

Similarly, private entities such as business organizations have adopted web-based technologies such as e-commerce in an effort to improve their competitive advantage. Alzahrani, Stahl, and Prior (2012) define e-commerce as “the process of buying and selling of consumer products over the Internet” (p. 19). Both large and small entities are increasingly incorporating e-commerce technologies in their operations. The emergence of diverse models of e-commerce, such as the business-to-business and business-to-consumer models, accentuate the importance of e-commerce in enhancing the quest to attain a competitive advantage. E-commerce has enhanced businesses’ ability to attain a global market reach, hence maximizing their profitability.

KPMG (2011) cites the United Arab Emirates (UAE) as one of the Middle East countries with a higher rate of Internet usage at 71% as compared to 60% in Saudi Arabia, 61% in Qatar, and 62% in Kuwait. One of the core drivers in Internet usage in the Middle East entails the penetration of mobile devices. Furthermore, the large population of a young generation in the region is likely to drive the rate of Internet usage.

Problem statement

Most governments around the world are considering the best strategies to adopt in order to influence their citizens to engage in e-commerce as a potential way of conducting business. One of the strategies being adopted by the Middle East countries entails investment in ICT infrastructure. Fernandes (2013) asserts that e-readiness is one of the core determinants in exploiting the benefits associated with e-commerce and e-government. The Middle East countries are focused on designing economic zones in an effort to foster progress in the development of telecommunication and ICT infrastructure (Basamh, Qudaih & Ibrahim, 2014). Countries in the Middle East have experienced considerable growth in the Network Readiness Index (NRI) with regard to e-government and e-commerce. For example, the UAE has been characterized by a remarkable increment in the rate at which government services are available online, coupled with the participation of the public in online activities (Gupta & Gupta, 2012).

Cybercrimes result in significant social, economic, and political impacts. A study conducted by PricewaterhouseCoopers in 2007 estimates the size of global cybercrime to be US$ 100 billion (Kshetri, 2011). Moreover, Kshetri (2011) argues that cybercrime “is mainly skewed towards the rich economies in the region” (p. 120). Thus, the Gulf Cooperation Council [GCC] nations are ranked amongst the most prone countries due to the economic wealth derived from oil and the high rate of digitalization.

The rate of cybercrime in the Middle East has increased tremendously over the past few years. According to the 2011 Norton Cybercrime Report, over 76% of all Internet users in the UAE had experienced cybercrime within one year. In 2013, over 1,400 cybercrime incidents were reported in the UAE as compared to 588 and 792 cases in 2011 and 2012, respectively (Moukhallati, 2014). The growth in cybercrime incidents has arisen from the high rate at which citizens are using web-based platforms such as social networks.

Despite the fact that most cybercrimes are not reported, the impacts should not be underestimated. Furthermore, the prevalence of cybercrime might affect the development of continued usage intention of e-government and e-commerce platforms amongst the general population. Jewkes (2013) asserts that Saudi Arabia experienced a 3,000% growth in the rate of Internet usage between 2000 and 2009. One of the factors that might limit the development of continued usage entails the lack of trust amongst users. A significant population of the Middle East population is reluctant to use e-commerce and e-government platforms due to security reasons such as comprising their personal financial information. Trust is an essential element in determining the continued usage of Internet technologies. Moreover, Loader and Thomas (2013) contend that the level of trust amongst users influences the post-usage attitude developed. One of the areas that the governments should focus on entails eliminating cybercrime activities. In a bid to attain this goal, an enabling regulatory environment should be developed. Furthermore, the importance of the Middle East countries, developing an integrated Internet security system, should not be ignored in reducing the vulnerability of e-government and e-commerce transactions.

Research objectives

This research intends to achieve the following objectives.

  1. To evaluate the continued usage intentions of e-government and e-commerce platforms amongst the UAE population.
  2. To assess the growth of e-government and e-commerce in the UAE.
  3. To understand the methods used by cybercriminals in committing cybercrime activities.
  4. To evaluate the impact of cybercrime on the development of continued usage intentions amongst the Emiratis.
  5. To examine the effectiveness of the measures implemented by the UAE government in fighting cybercrime.

Research questions

In line with the above research objectives, this study will be guided by the following research questions.

  1. What is the level of continued usage intentions with regard to the implemented e-government and e-commerce platforms amongst the UAE population?
  2. To what extent have the concepts of e-government and e-commerce been integrated into the UAE?
  3. What are the common methods used by cybercriminals in committing cybercrime?
  4. What impact does cybercrime have on the development of continued usage intentions amongst the Emiratis?

Significance of the study

The study’s findings will be of great significance to the UAE government. First, the government will develop insight into the factors that influence the rate of Internet penetration within the country. By gaining this knowledge, the UAE government will be in a position to determine the effectiveness of its infrastructural development with regard to e-commerce and e-commerce platforms. Moreover, the UAE government will map the behavior of the general population with reference to e-government and e-commerce. The government will understand the relationship between trust and development of continued usage intention of e-government and e-commerce platforms amongst the general population. Consequently, the UAE government will be in a position to formulate effective e-government and e-commerce policies. Therefore, the UAE government will appreciate the importance of integrating optimal security measures in order to curb cybercrime activities.

Literature review

The global ICT sector has undergone tremendous growth over the past decade. Despite the growing significance of e-government and e-commerce technologies, its growth varies across countries. The developed countries such as the European countries [UK, France, and Germany] have better-established ICT infrastructure compared to the Middle East countries. Furthermore, the usage of ICT technologies in the European Zone is relatively higher as compared to the Middle East countries. A study conducted by the European Travel Commission (2014) shows that there are approximately 102 million Internet users in the Middle East, which represents 37 percent of the total population. Therefore, the rate of Internet penetration in the region is relatively low despite it being higher than the 35% global average rate. However, some Middle East countries, such as the UAE, have a relatively high penetration rate of 83%. However, growth has not been matched with the development of effective risk management practices.

Subsequently, the sector has experienced a remarkable increment in incidents of e-crimes. Most Middle East countries have recognized the reality associated with e-crimes and are beginning to take action. The UAE leads with reference to the number of e-crimes in the GCC region. However, the UAE government enacted a number of laws aimed at fighting cybercrime in order to safeguard the country’s reputation with regard to e-commerce (Oxford Business Group, 2007). The country’s commitment to fighting cybercrime through different government agencies such as the Dubai Financial Services Authority and the Telecommunications Regulatory Authority has enabled the enhancement of its effectiveness in curbing cybercrime.

A study conducted by the Oxford Business Group (2007) shows that cybercriminals are increasingly targeting e-government sites. Moreover, a report issued by KPMG (2011) emphasizes that the global cybercrime environment is progressively becoming sophisticated. Cybercriminals are employing more sophisticated computer technology as compared to the available cybersecurity measures. Traditionally, cyber-attacks were considered as a way of ‘showing off’ amongst computer geniuses. However, in contemporary society, cyber attacks have evolved into malicious efforts aimed at executing sabotage and espionage.

Types of cybercrime

Different types of cyber attacks have been conducted over the past decade. Some of the common types of attacks are illustrated herein.

  1. Fiscal fraud – this type of e-crime involves targeting online financial platforms such as tax-revenue collection databases or online payment channels. Such attacks can lead to significant economic benefits.
  2. State cyber attack – this type of attack is mainly conducted under the watch of a particular government against another. For example, the Stuxnet computer virus was used in 2010 in an effort to infiltrate and disable Iran’s secret nuclear program.
  3. Malware – this entails software that is created in an effort to control other individual’s computer systems or social networking profiles. The malware provides the attacker with an opportunity to control another person’s computer remotely.
  4. Phishing – this type of attack entails stealing individuals’ network details such as passwords with the objective of assuming control of their personal networks.
  5. Trojan – this involves a program that is designed to damage computer programs or data saved in the hard disk.
  6. Scareware – under this type of e-crime, cyber criminals force computer users to download disguised computer software such as antivirus software. Once downloaded and installed the software attacks the users’ system. The objective is to compel the user to pay the specific software developer [criminals] in order to remove such viruses.

According to KPMG (2011), it is expected that approximately 150,000 malicious codes and computer viruses circulate through the cyberspace every day and affect over 148,000 computers within government agencies and corporate entities. The increase in incidences of cybercrime has also been occasioned by growth in the popularity of computer games and mobile phone applications. Cybercriminals are increasingly embedding malware into computer games and mobile applications (KPMG, 2011). Furthermore, the complex nature of cybercrime requires a collaborative effort between international stakeholders in order to formulate coordinated control measures successfully.

The high rate at which cybercriminals are targeting government offices and corporations has led to an increment in the cost of maintaining, protecting, and reinstating the implemented cyberinfrastructure. For example, the UK estimates the annual cost of cybercrime in the country to be US$ 43 billion. On the other hand, the cost of phishing activities in Germany was estimated to cost US$ 22 million (KPMG, 2011).

Governments and corporations have identified cyberspace as the contemporary battlefield (Marchany & Tront, 2002). Thus, more focus has shifted to protecting digital infrastructure. KPMG (2011) argues that digital infrastructure should be considered as a ‘strategic national asset.’ Countries such as North Korea, Iran, Israel, and Russia are training ‘cyber armies.’ In its quest to fight cybercrime, the US re-introduced the Cyber-security and the Internet Freedom Act in 2011. The Act gives the President power to shut down the country’s Internet network in the event of a cyber attack. Moreover, the US government has established a special division under the Federal Bureau of Investigation [FBI] whose responsibility is to deal with cybercrime in a coordinated way. In 2010, the FBI detained over 90 people who were suspected of engaging in international cybercrime syndicate in which over US$ 70 million were stolen from small businesses and individuals through their computer networks.

Similarly, the UK has categorized cybercrime amongst the tier-1 threats, which means that it is equated to terrorism (McGraw, 2013). The UK government established the National Cyber Crime Unit, which is comprised of experts from the Police Central e-Crime Unit. The unit’s responsibility is to thwart possible cybercrime incidents by being adequately responsive to serious cybercrime incidents and being proactive in disabling cybercriminals activities. China has integrated legislation aimed at curbing cybercrime (Saini, Rao & Panda, 2012). Moreover, the country is increasingly seeking international support, for example, from the Association of Southeast Asian Nations [ASEAN] in its fight against cybercrime (KPMG, 2011).

Despite governments’ efforts, fighting cybercrime is quite complex due to the evolving techniques of cybercriminals (Ray, 2011). The degree of complexity is further increased by the borderless nature of cybercrime. The prevalence of the underground economy is another hurdle experienced in fighting cybercrime. Organized criminals are increasingly using cybercrime as an avenue to enhance illegal activities such as trading on financial information (KPMG, 2011). The shortage of skilled workforce [for example, experienced e-forensic experts] is another factor that limits governments’ effort in fighting cybercrime. Moreover, the prevalent usage of pirated software has increased governments and individuals’ attacks by malware, Trojan, and viruses (Sinrod & Reilly, 2000).

Methodology

In line with the research questions outlined in chapter 2, the process of conducting this study focuses on testing two main research hypotheses, viz. the null (H0)and the alternate (H1) hypothesis as outline below.

  1. H1: The existence of cybercrime negatively affects the development of continued usage intention amongst the Emiratis.
  2. H0: Cybercrime does not have any impact on the development of continued usage intention of e-government and e-commerce platforms amongst the general population in the UAE.

Research design

The purpose of this study is to evaluate the challenges encountered in enhancing the usage of e-government and e-commerce platforms in the Middle East. The researcher is focused on ensuring that the study’s findings are valid in order to enhance the reliability of the findings to the target stakeholders, viz. the UAE government. The validity and reliability of a particular study depend on the research design used, which highlights the importance of selecting an effective research strategy. In the process of conducting this study, the researcher has utilized the concepts highlighted by the following research onion.

Oriesek, 2004
Source: (Oriesek, 2004).

The study is based on mixed research approach, which has been attained by incorporating qualitative and quantitative research approaches. Qualitative research design has been used in an effort to assist the researcher to gather substantial data from the field, hence fostering the effectiveness of the study’s findings. Adopting qualitative research design has increased the researcher’s capacity to understand the challenges encountered in enhancing implementation and usage of e-government and e-commerce platforms. The decision to adopt qualitative research design is further informed by its interpretive nature and ability to gather data from the natural setting.

The researcher recognizes that using qualitative research data leads to the acquisition of voluminous data. Thus, quantitative research design has been utilized in order to condense the data collected. Quantitative research design has been used by deploying numerical data analysis techniques such as statistical data analysis techniques.

Population and sampling

In the course of conducting the study, the researcher was concerned on understanding the impact of cybercrime on utilization of e-government and e-commerce techniques amongst the Emiratis. Subsequently, the researcher identified the general population in the UAE as the target study population. However, the researcher understands the difficulties associated with collecting data on all individuals within the population. Subsequently, the concept of sampling was utilized in selecting respondents from the target population. Simple random sampling techniques increase manageability of research studies. Moreover, the researcher’s design to adopt simple random sampling is informed by the need to eliminate bias in selecting study respondents. A sample of 300 respondents was selected from the general population in the Emirates. The researcher assumed that the responses collected from the target population represented the prevailing situation with reference to cybercrime in the UAE.

Data collection

The study is focused on attaining a high degree of reliability and relevance. Subsequently, the study is based on primary and secondary sources of data. The primary sources of data entail collecting information from the selected research respondents, while secondary sourced involve collecting data from published reports on cybercrime activities in the Middle East region.

In a bid to collect data from primary sources, the researcher adopted questionnaires as the core data-collection instruments. A set of questionnaires on issues related to cybercrime and application of e-commerce and e-government technologies amongst the general Emirati population were designed. The questionnaires designed were semi-structured in nature, which means that both open-ended and close-ended questionnaires were incorporated. The choice of semi-structured questionnaires was informed by the need to increase the rate of response. For example, the use of open-end questionnaires provided the respondents with an opportunity to answer the questionnaires according to their opinion. Conversely, using close-ended questionnaires increased the likelihood of obtaining definite responses on some aspects. The questionnaires were distributed to the selected respondents through emails in order to minimize the cost of the study. Furthermore, the researcher obtained responses by conducting an online survey by posting the questionnaires on university websites and government websites. The choice of electronic mediums in distributing the questionnaires was informed by the need to reach a large reach a large number of respondents more cost efficiently. The questionnaires were reviewed extensively prior to their issuance to the respondents in order to eliminate any ambiguities that might limit the rate of response.

Data analysis and presentation

In order to interpret the research findings successfully, the researcher integrated Microsoft Excel software as the core tool for data analysis. Microsoft Excel enabled the researcher to condense the voluminous data obtained from primary sources of data. This goal was attained by using different tools such as tables, graphs, charts, and percentages. Therefore, the researcher was in a position to develop a better understanding on the relationship between cybercrime and usage of e-government and e-commerce amongst UAE citizens.

Report

Analysis and Findings

The survey showed that citizens in the UAE and Middle East have adopted the application of e-government and e-commerce platforms. When asked about the application of electronic platforms, 55.17% of the respondents argued that they had at least applied e-commerce and e-government platforms in their personal transactions. Additionally, 80% of the respondents cited different ways in which they utilize the electronic platforms implemented by governments and corporations. Some of the areas of application include immigration, healthcare, transport, and consumption utilities such as paying electricity bills. When asked about their experience on e-government and e-commerce platforms, the respondents’ opinion varied as illustrated in the table below.

Opinion Rate of response
Very unsatisfied 3.45%
Unsatisfied 5.17%
somewhat unsatisfied 13.79%
Somewhat satisfied 18.97%
Satisfied 44.83%
very satisfied 13.79%
Response on rate of satisfaction
Response on rate of satisfaction.

The study also intended to evaluate the respondents’ opinion on the relevance of e-government and e-commerce in enhancing operational efficiency within the government and business entities. Over 96.6% of the respondents argued that the electronic platforms within the business and government agencies had enhanced operational efficiency and service delivery.

Opinion Response rate
Positive impact 96.60%
No impact 3.40%
Impact of e-government and e-commerce platforms on operational efficiency
Impact of e-government and e-commerce platforms on operational efficiency.

The survey also showed that 79.3% of the respondents were conversant on utilizing e-government and e-commerce platforms, while only 20.7% asserted that they were not conversant with electronic platforms.

Level to which respondents are conservant with electronic platforms
Level to which respondents are conservant with electronic platforms.

The survey also showed the existence of varied opinion on the level of acceptance of e-commerce and e-government platforms amongst the UAE citizens as illustrated below.

Respondents opinion on acceptance of e-commerce and e-government platforms
Respondents opinion on acceptance of e-commerce and e-government platforms.

The respondents’ opinion regarding perceived usefulness of e-commerce and e-government platforms in the Middle East varied as illustrated by the graph below.

Degree of perceived usefulness of e-commerce and e-governance in the Middle East
Degree of perceived usefulness of e-commerce and e-governance in the Middle East.

Despite the high rate of perceived usefulness of e-government and e-commerce platforms, the respondents identified a number of factors hindering the implementation of e-government and e-commerce platforms as depicted by the chart below.

Major factors hindering adoption of e-commerce and e-government platforms
Major factors hindering adoption of e-commerce and e-government platforms.

The study showed that cybercrime is one major factors hindering the adoption of e-commerce and e-government platforms. Over 70.69% of the respondents cited cybercrime as one of the major factors hindering the increased utilization of e-government and e-commerce platforms in the Middle East. Only 29.31% of the respondents were of the view that cybercrime does not affect the utilization of e-commerce and e-government platforms. Over 82% of the respondents were of the opinion that the UAE government has implemented diverse cyber laws in an effort to deal with cybercrime, while only 17.24% of the respondents said that they were not aware of the cyber laws. This realization shows that most citizens in the UAE and the Middle East consider trust as one of the critical aspects in developing continued usage intentions amongst the general public. Moreover, the study showed that most citizens are not aware of the security measures implemented by the government in order to curb the occurence of cybercrime within the country. This aspect might be one of the major factors hindering adoption of e-commerce platforms amongst the general population.

Conclusion and recommendations

Most countries in the Middle East such as the UAE have appreciated the importance of ICT in enhancing economic growth. Subsequently, the Middle East governments are progressively enhancing their e-readiness by improving their ICT infrastructure. Despite the benefits associated with e-government and e-commerce in enhancing operational efficiency within the private and public sectors, the adoption and development of continued usage of the e-government and e-commerce platforms is greatly threatened by the high rate of cybercrime, which affect development of trust amongst the general population on the implemented e-commerce and e-government platforms.

Cybercriminals are increasingly using the cyberspace in stealing confidential information from governments and the public by using complex e-crime technologies, which enable them to infiltrate their target computer systems. The literature review shows that cybercrime is prevalent across the world. Moreover, cybercrime has led to remarkable financial losses amongst individuals and governments.

The UAE is one of the Middle East countries that is characterized by a high rate of Internet penetration. The study confirms the hypothesis that continued usage of the e-commerce and e-commerce platforms implemented by the government might be affected by the high rate of cybercrime within the country. Therefore, the importance of government in the UAE implementing effective measures in order to enhance the adoption of e-commerce amongst the governents and business entities should not be underestimated. Subsequently, most citizens in the UAE and the Middle East region are reluctant to use online platforms in consuming services from the governemnt and corporate entitieis. Therefore, the UAE government should deal with cybercrime as one of strategic aspects in enhancing the country’s global competitiveness as an investment destination. In order to achieve this goal, it is imperative for the UAE government to formulate effective measures to track, identify, and thwart cybercrime activities. Some of the measures that the UAE government should consider are outlined below.

  1. The government should formulate and enact strict cybercrime laws that will be aimed at punishing cybercrime perpetrators.
  2. The UAE government should establish a team of e-forensic experts, which should be charged with the responsibility of identifying and eliminating cybercrime activities.
  3. Considering the borderless nature of cybercrime, it is imperative for the UAE government to collaborate with other GCC and ASEAN countries in curbing cybercrime. This move will aid in dealing with cybercrime at an international level.
  4. The government should also compel businesses and other agencies to implement effective Internet security measures within the country’s ICT infrastructure. The government should also encourage individuals, government agencies, and private entities to update their internet security continuously in order to minimize occurrence of cybercrime.
  5. In addition to the above aspects, it is imperative for the government to curb the prevalence of software piracy in order to minimise the spread of cyber security threats through spread of viruses, Trojans, and malware amongst other types of cyber attacks.

References

Abbad, M., Abbad, R., & Saleh, M. (2011). Limitations of e-commerce in developing countries: Jordan case. Education, Business and Society: Contemporary Middle Eastern Issues, 4(4), 280-291.

Alzahrani, A., Stahl, C., & Prior, M. (2012). Developing an Instrument for e-public services’ acceptance using confirmatory factor analysis: Middle East context. Journal of Organizational and End User Computing (JOEUC), 24(3), 18-44.

Basamh, S., Qudaih, A., & Ibrahim, J. (2014). An overview on cyber security awareness in Muslim countries. International Journal of Information, 4(1), 21-24.

Beaudry, A., & Pinsonneault, A. (2005). Understanding user responses to Information technology: A coping model of user adaptation. MIS Quarterly, 29(3), 493-524.

European Travel Commission: Internet Usage. (2014). Web.

Fernandes, L. (2013). Security and trust in electronic business transactions-A study in the Middle East. ZENITH International Journal of Multidisciplinary Research, 3(2), 142-148.

Gupta, K., & Gupta, M. (2012). E-Governance Initiative in Cyber Law Making. International Archive of Applied Sciences & Technology, 3(2), 97-101.

Jewkes, Y. (2013). Crime online. London, UK: Routledge. KPMG: Issues monitor; cybercrime- a growing challenge for governments. (2011). Web.

Kshetri, N. (2011). Cybercrime and cyber security in the global south. Basingstoke, UK: Palgrave Macmillan.

Loader, D., & Thomas, D. (2013). Cybercrime: Security and surveillance in the information age. London, UK: Routledge.

Marchany, C., & Tront, J. (2002). E-commerce security issues’. In System Sciences, 2002. HICSS. Proceedings of the 35th Annual Hawaii International Conference on, 3(3), 2500-2508.

McGraw, G. (2013). Cyber war is inevitable (unless we build security. Journal of Strategic Studies, 36(1), 109-119.

Moukhallati, D. (2014). . Web.

Oriesek, D. (2004). Maximising corporate reputation through effective governance; a study of structures and behaviors. Boca Raton, FL: Upublish.Com.

Oxford Business Group. (2007). The report; Dubai 2007. London, UK: OBG.

Ray, S. (2011). Emerging trend of e-commerce in India: some crucial issues, prospects, and challenges. Computer Engineering and Intelligent Systems, 2(5), 17-35.

Saini, H., Rao, S., & Panda, T. (2012). Cyber-crimes and their impacts: A review. International Journal of Engineering Research & Applications (IJERA), 2(2), 202-209.

Sinrod, J., & Reilly, W. (2000). Cyber-crimes: A practical approach to the application of federal computer crime laws. Santa Clara High Technology Law Journal, 16(2), 177-232.

Preparing a Computer Forensics Investigation Plan

How to prepare a windows-based computer for a forensic investigation

Forensic investigators use specific hardware and software to examine computer systems. The increased adoption of Windows operating systems has made computer forensic investigators use Windows-based platforms as sources of digital evidence. The first step involves taking the image of the computer suspected to have crucial digital data.

If crucial evidence is suspected to be held in volatile storage, then a live analysis is conducted, but a dead analysis is performed when the evidence is thought to be contained in permanent storage disk locations. A Windows-based computer would require retrieval of information before shutting down the computer. However, if the information is thought to be contained in the permanent storage, then a computer has to be shut down before transporting it to a laboratory for forensic analysis.

A computer forensics expert should be careful not to change data held in non-volatile storage when powering down the computer. When using a Microsoft Windows system, the information stored in non-volatile storage could be prevented from interference by removing the power cord from the socket (Nelson, Phillips & Steuart, 2010; Easttom, 2014).

The first step in the laboratory examination would involve analysis of the status and setup of the computer. The computer should be booted and BIOS setup selected. Caution should be taken so that the Windows-based computer does not use internal digital devices to boot.

Alternatively, internal drives should be disconnected so that they would not interfere with the intended booting procedure (Nelson et al., 2010; Taylor, Haggerty, Gresty & Lamb, 2011; Easttom, 2014). At this point, information could be retrieved from the computer for forensic analysis.

How to handle digital evidence

Digital data could be changed easily, and this could interfere with the integrity of digital information. Also, alteration of digital data could make it difficult to differentiate original data from copied data. There are four principles that are followed when handling digital evidence (Easttom, 2014). First, digital evidence should be collected in a manner that does not cause changes in the form of data. If the data are changed, then the integrity of the data could be compromised.

Secondly, only trained persons should be allowed to handle digital evidence. Persons who are trained could handle digital evidence professionally and be responsible for breaching ethical, legal and professional standards (Nelson et al., 2010). Also, digital evidence that is professionally handled by trained personnel could have higher chances of being admissible in court than digital evidence handled by untrained persons.

Third, all processes used to analyze digital evidence should be well documented and stored for reviews in the future. There should be clear reasons for any changes that are done on the digital evidence. This helps to hold professionals responsible for their actions. Fourth, computer forensic experts should examine copies of original files suspected to contain evidence (Easttom, 2014). In other words, original files should not be examined or manipulated.

Gathering data

The quality of evidence gathered in computer forensics greatly depends on the law enforcement and procedures used when gathering the evidence (Nelson et al., 2010). The law is clear about specific legal guidelines that should be followed when handling forensic evidence. For example, the Health Insurance Portability and Accountability Act prohibits professionals from disclosing clients’ information without their permission (Easttom, 2014).

Therefore, it would be illegal for a computer forensics professional to disclose private information about a person who is being investigated without his or her permission. Gathering data in computer forensics is also expected to follow standard procedures that aim to promote quality of the evidence. Standard evidence gathering procedure requires forensic experts to use tested and accepted tools for data collection.

Some of the tools may include boot software, computer forensic software, analysis software and intelligence analysis software, among others. General practices and procedures also require that all personnel involved in gathering evidence should be aware of the best procedures and practices. This helps to maintain the integrity and authenticity of forensic evidence (Nelson et al., 2010; Easttom, 2014).

Privacy issues

Privacy issues are common in the field of computer forensics. Legal and ethical standards require that computer forensic experts should uphold the privacy of client organizations. In some cases, leakage of a client’s information may result in media attention that could negatively impact a business organization.

Code of ethics prohibits persons from disclosing assets of an individual when conducting forensic investigations. It is also against the code of conduct to disclose an individual’s information on the internet during forensic investigations (Nelson et al., 2010; Taylor et al., 2011).

How to use data as evidence in a criminal proceeding

The data collected from the computer system would act as evidence in a criminal proceeding only if it meets the standard requirements (Taylor et al., 2011; Easttom, 2014). First, there must be proper documentation to show that the data was collected using standard legal and ethical procedures.

Second, it should be shown in a court that the data being presented as evidence have not been altered to affect their integrity. Third, it must be shown that the persons handling the data at various stages are trained for that purpose. Once the three conditions are met, the data would be used as standard evidence in a criminal proceeding.

References

Easttom, C. (2014). System forensics, investigations, and response (2nd ed.). Burlington, MA; Jones and Bartlett Learning.

Nelson, B., Phillips, A., & Steuart, C. (2010). Guide to computer forensics and investigations. Stamford, CT: CengageBrain. com.

Taylor, M., Haggerty, J., Gresty, D., & Lamb, D. (2011). Forensic investigation of cloud computing systems. Network Security, 2011(3), 4-10.

Computer Forensics and Investigations

Principles of computer forensics

Principles of computer forensics are standard rules that govern how digital evidence is handled to make it admissible in court (Nelson, Phillips & Steuart, 2010; Taylor, Haggerty, Gresty & Lamb, 2011; Easttom, 2014). Many countries and states had their principles of computer forensics.

However, efforts have been made to align several principles in order to have internationally accepted principles that can be applied across the world (Taylor et al., 2011). The standardization efforts have resulted in the adoption of four key principles. First, digital evidence should be collected in a manner that does not allow alteration of crucial data. This principle attempts to uphold the integrity of evidence (Taylor et al., 2011).

Second, the processes of collecting, storing and analyzing digital data should be fully documented, and reasons should be given for any manipulation done. This principle aims to make professionals handling digital evidence responsible for their actions. Third, digital evidence should only be accessed by forensically competent persons. This principle ensures that non-competent persons do not interfere with digital evidence (Nelson et al., 2010; Taylor et al., 2011).

Fourth, it should be ensured that the right procedures are followed during computer forensic investigations. If the law and principles of computer forensics are followed, then digital evidence would be admissible in court. Admissible evidence is crucial in promoting justice and fairness in criminal proceedings (Nelson et al., 2010; Taylor et al., 2011; Easttom, 2014).

The role of computer forensics as it relates to other IT disciplines

Computer forensics is the integration of computer science and law. It is crucial in the investigation of crimes that are related to the manipulation of computer systems (Easttom, 2014). All IT applications rely on the use of data that are analyzed, stored and retrieved for particular uses (Nelson et al., 2010).

Computer forensics could be used in legal matters to solve criminal issues in all other IT applications. Therefore, forensic science with regard to computer systems plays crucial legal roles in relation to other IT application (Taylor et al., 2011; Easttom, 2014).

History of computer forensics

Crimes related to the use of computers came to the limelight in 1978 in Florida after legislation was adopted to prohibit unauthorized changes of data preserved in computers. Federal laws recognized crimes related to the use of computers in the 1980s. History of computer forensics can be categorized into three distinct phases (Easttom, 2014). First, the ad-hoc stage was marked by lack of clear frameworks for dealing with computer crimes.

The phase was also characterized by many legal issues that revolved around the applications of computer systems to handle digital evidence used in court. Second, the structured phase involved the adoption of specific tools and procedures in digital crime investigations and prosecutions. Third, the enterprise phase (the current phase) involves fast collection of digital evidence, creation of sophisticated tools and many companies offering forensic services (Nelson et al., 2010; Easttom, 2014).

How to use computer forensics in criminal investigations

For digital evidence to be admissible in court, investigations should be conducted in a manner that adopts the principles of computer forensics (Easttom, 2014). The following steps are involved in computer forensics investigations:

  1. A computer system containing crucial evidence is secured to ensure that data are safe.
  2. All files in a computer system that are not encrypted are copied.
  3. Deleted information is retrieved.
  4. Contents of hidden files are revealed using specific software to identify hidden data.
  5. Protected files are decrypted and accessed.
  6. Inaccessible parts of computer disks are analyzed to locate files that could contain crucial data.
  7. All steps of the procedure are documented.

Constitutional protections and laws covering investigations

Computer forensic investigations are protected by the US constitution and various federal and state laws. Therefore, computer forensic investigators need to conduct investigations within confines of the law. Federal computer crime laws protect various aspects of investigations.

Some of the federal computer crime laws include Health Insurance Portability and Accountability Act, USA Patriot Act, Child Pornography Protection Act, and Communications Decency Act 1986, among others. Case laws are based on verdict given by judges in computer crimes, and they are adopted as legislation that protects computer forensic investigations (Nelson et al., 2010).

Ethics

The code of ethics requires computer forensic investigations to be conducted using accepted ethics (Taylor et al., 2011). Some computer forensic issues include privacy, impact on society and intellectual property rights (Nelson et al., 2010; Easttom, 2014). Computer forensic professionals should protect the secrecy and privacy of clients’ information (Easttom, 2014). A high degree of secrecy and privacy could be achieved when personnel adhere to ethical standards.

Computer forensic professionals should follow standard ethical procedures when conducting investigations. If the standards are followed, then the evidence would have a high degree of accuracy and authenticity. Adherence to standard ethical procedures also goes a long way in preventing alteration of crucial forensic evidence that would be admissible in court.

References

Easttom, C. (2014). System forensics, investigations, and response (2nd ed.). Burlington, MA; Jones and Bartlett Learning.

Nelson, B., Phillips, A., & Steuart, C. (2010). Guide to computer forensics and investigations. Stamford, CT: CengageBrain. com.

Taylor, M., Haggerty, J., Gresty, D., & Lamb, D. (2011). Forensic investigation of cloud computing systems. Network Security, 2011(3), 4-10.

Basic Operations of Computer Forensic Laboratories

National standards

National standards provide a platform upon which computer forensic laboratories operate in the US (Nelson, Phillips & Steuart, 2010; Easttom, 2014). They are aimed to achieve practical and realistic computer forensic laboratory goals. All computer forensic laboratories in the US have to adhere to the national standards before they could be certified (Easttom, 2014).

The standard 1.3.3.1 provides essential information that is crucial for developing technical skills for personnel. The standard 1.4.2.6 outlines emerging technical procedures that should be fulfilled by computer forensic laboratories. The standard 1.4.2.8 provides a framework within which samples are handled in a computer forensic laboratory.

The standard emphasizes documentation that is aimed to maintain a high degree of the validity of the laboratory procedures. The standard 1.4.2.11 offers approaches that should be adopted to certify laboratory equipment and instruments. The standard also aims to ensure that adequate instruments are utilized to carry out laboratory procedures. The standard 1.4.2.12 offers guidelines that should be adhered to when maintaining computer forensic laboratory equipment and/or instruments.

All instruments and/ equipment should be maintained in a way that promotes safe and valid analysis. All testing laboratories should be certified to operate upon meeting the requirements of the standard 1.4.2.13 that offers the framework for calibration of equipment and/instruments. Finally, the standard 2.11.4 aims to ensure that all technical personnel of a computer forensic laboratory pass a mandatory competency test before a laboratory could be certified (Easttom, 2014).

Laboratory components

There are 5 main categories of components that are used in computer forensic laboratories (Nelson et al., 2010; Easttom, 2014). First, computer forensic laboratories should have specific facilities that are utilized to ensure secure working environments.

The environments could be achieved by adopting controls that prevent unauthorized access to digital information stored in computer systems. Second, laboratory configuration is an essential component of computer forensic laboratories that aim to put in place the required furniture and furnishing.

The following examples of configuration components are common in many computer forensic laboratories: desktops, bookcases, evidence safe or locker, LAN and server stations, storage shelves, and forensic software. Third, the equipment used in a computer forensics laboratory may depend on the type of operating systems, storage capacities of computer hard disks, tape media, and the type of forensic investigation mainly conducted in a laboratory.

Fourth, the software components used in the laboratory could be designed locally or purchased from commercial software developers. These are crucial programs that are used in data capture and analysis, among other uses. Fifth, reference materials offer excellent resources that professionals refer to when in need. The resources provide relevant answers to questions with regard to digital evidence and procedures (Easttom, 2014).

Working conditions

Working conditions of personnel in computer forensic laboratories differ from one facility to another. Technicians are involved in collecting and analyzing digital evidence. They could either investigate crime in the field or in the laboratory (Nelson et al., 2010). In most cases, forensic science technicians spend a considerable amount of time writing reports in the laboratory.

Although computer forensic experts work during normal business hours, they could be called upon to investigate urgent crimes within their areas of jurisdiction outside normal working hours. Crime scene investigators and experts in computer forensics appear in court as expert witnesses who provide detailed and specialized evidence regarding computer-related crimes (Easttom, 2014).

Standard laboratory equipment

Standard computer forensic equipment is used to support standard procedures and conditions in the laboratories. The equipment makes it possible for many computers used within the context of digital evidence investigations to be used along similar methods on each occasion (Nelson et al., 2010).

A mobile forensic workstation is used to collect digital evidence in the field. The equipment is also utilized to analyze suspected computer data. The rapid imaging device is an essential device used to copy suspect hard drives found in computers used to commit crimes. The equipment copy and retain the integrity of the data found in the hard disks. Interceptor equipment supports wireless networks that support airborne communications.

The equipment captures crucial contents of airborne communications in static and mobile locations. This is important because computer forensic experts have adopted the use of wireless networks to gather, analyze and store computer evidence (Taylor, Haggerty, Gresty & Lamb, 2011). In addition, forensic workstations could be used in the laboratory for the analysis of data obtained from the laboratory (Nelson et al., 2010; Easttom, 2014).

Tools

Computer forensic investigations involve the use of specific tools used in the analysis of computer memory (Easttom, 2014). The analysis is important because it identifies digital evidence hidden in computer memory devices like hard disks. MemGator interrogates files in a computer in order to isolate crucial evidence.

It gives a report to an investigator who decides the value of the information obtained. Memoryze is used to obtain memory from Microsoft Windows-based computers. In addition, the tool analyzes live memory in a running computer. Computer forensic investigators use PTFinder to search a memory of a computer that uses a Windows operating system. It identifies important threads and processes that can be placed into a file for further analysis.

References

Easttom, C. (2014). System forensics, investigations, and response (2nd ed.). Burlington, MA; Jones and Bartlett Learning.

Nelson, B., Phillips, A., & Steuart, C. (2010). Guide to computer forensics and investigations. Stamford, CT: CengageBrain. com.

Taylor, M., Haggerty, J., Gresty, D., & Lamb, D. (2011). Forensic investigation of cloud computing systems. Network Security, 2011(3), 4-10.

Cybersecurity in the Energy Industry

It is obvious that whenever cyber crimes are talked about, people immediately direct their minds to the financial sector of the economy. However, it is important to note that almost each sector uses computerized systems in its operations. Consequently, every sector of the economy is exposed to cyber criminals.

In recent times, the energy sector has been the target of cyber criminals (Egan, 2012). Unfortunately, the energy sector does not take into consideration the probability of cyber crimes when advancing its systems. Consequently, no proper mechanisms have been put in place to take care for these eventualities.

Industries in the energy sector have been computerizing their services at a very high rate. Therefore, internet has become a crucial ingredient in the operations of this sector. While the energy industries are working hard to streamline their activities with the current technology, criminals are also trying their level best to get access into these systems.

The energy sector is at risk because its industries usually have large number of sensors through which people can gain access to the system. On the same note, industries in the energy sector usually hire many third party contractors who are given access to the systems (Egan, 2012). Similarly, the energy sector heavily depends on basic information technology (IT) platforms and IP-based networks which can easily be hacked. Furthermore, security of the systems is not given much attention in the energy sector.

As it is now, the energy sector is not prepared to deal with cyber crimes. The systems are weak and it is easy for criminals to hack into them. About 30,000 work stations were affected when Saudi Aramco was attacked by a virus (Egan, 2012). The third parties that are given access to the systems cannot to be trusted.

Given the weakness of the systems, it is almost impossible for the industry to defend itself from these attacks (Clayton, 2013). In this regard, in the event that a cyber attack is launched against the energy sector, it is bound to have far reaching consequences. The effects of a cyber attack on the energy sector will be worse given the fact that the industry has a single corporate and operational system. Unfortunately, the computer system is very weak and can be brought to a halt any time.

In order to be safe, the energy industry will need to take several steps. To begin with, there is need to separate the corporate networks from the operational networks. This will not only reduce accessibility of the system, but will also minimize the effects in case an attack is launched.

On the same note, since the infrastructure required to put into place an up-to-date security systems is expensive, it will be beneficial for the firms in the industry to pull resources together (Casey, 2011). This will be cheaper than it would have been if each firm incurred the cost individually.

Moreover, the energy sector will have to come up with good and strong software to use for its security services instead of the basic platforms it uses. Furthermore, the firms in the energy sector need to focus on cyber crimes and invest enough resources in research of ways to counter it.

Additionally, industries in the sector will need to use different systems at different levels of production to ensure that an attack does not bring the entire system to a standstill (Casey, 2011). These industries should also have a department to deal with cyber security and employ specialists who will help in ensuring that their systems are safe.

References

Casey, E. (2011). Digital Evidence and Computer Crime: Forensic Science, Computers and the Internet. Waltham: Elsevier incorporation.

Clayton, Mark. (2013, January 7). Energy Sector Cyberattacks Jumped in 2012. Were Utilities Prepared? The Christian Science Monitor. Retrieved from

Egan, Matt. (2012, September 21). Energy Industry is a Tempting Target for Cyber Evildoers. Fox Business. Retrieved from

The Role of U.S. Government in Cybersecurity

Introduction

Cybersecurity refers to the application of technological processes with the aim of protecting networks and computers from attacks by unauthorized users (Kostopoulos 35). Effective eradication of cybersecurity requires application of information systems that enhance information security, disaster recovery of important data, network security, and education of end users. According to the government of the United States, cybersecurity is among the most serious economic and security challenges that the government needs to deal with.

Cyber crimes are widespread because of poor preparation and inefficient cybersecurity strategies. In order to protect and secure information and communications infrastructure, it is imperative to enhance cybersecurity. This requires the establishment of legislation to fight cyber crimes. Eradicating cyber crime is an important aspect of developing all the economic sectors because technology has been integrated into industries that are vital to the wellbeing of the economy (Kostopoulos 35). For instance, in order for businesses to improve their bottom line, they should fight cyber crime. The Department of Homeland Security (DHS) has done a lot towards improving cybersecurity and securing computer networks.

Provisions of a U.S. government cybersecurity law

One of the most important roles played by the U.S. government is the enhancement of cybersecurity through enactment of cybersecurity laws. Past efforts by lawmakers to pass cybersecurity bills has proved futile owing to resistance from civil rights groups and online privacy advocates (Theohary par. 2). Cybersecurity laws should have two main goals. First, to protect the national infrastructure and second, to enhance information sharing between the government and state departments, the government and various industries, and among internet users.

Such a law should include provisions that protect companies from any form of liability resulting from dissemination of protected information, and enhance sharing of information regarding potential cyber threats among businesses (Theohary par. 2). In addition, the law should contain provisions that facilitate the dissemination of any information that could enhance cybersecurity even though it is described as classified by security agencies.

A cybersecurity law should include provisions that authorize security departments to share threat reports with businesses and authorize all businesses to develop and implement cybersecurity enhancement programs (Amoroso 52). The law should also authorize security agencies to develop cyber-risk reduction frameworks that should be applied by all businesses based on the guidelines offered by the involved security agencies. In order to enhance the security of national infrastructure, the cyber security law should contain provisions that promote cooperation between federal and state governments, as well as private businesses and public departments. It is also important for such a law to include provisions to protect companies from liabilities whenever they give information to government agencies (Kostopoulos 43).

Privacy laws prevent the access and dissemination of certain information. Therefore, the cybersecurity law should include provisions to facilitate dissemination of information that is protected under privacy laws. One of the reasons that civil rights groups oppose enactment of a cybersecurity law is the financial costs and unfair regulation that the law will impose on businesses (Mazmanian par. 4). In order to eradicate such opposition, provisions to facilitate business funding by the federal government should be included (Amoroso 54).

The government should set aside a certain amount of money in its cybersecurity funding program in order to cover the expenses that could result from enactment of the cybersecurity law. Finally, a provision to enhance consumer privacy should be part of the law. Civil rights groups such as the Center for Democracy and Technology (CDT) and the Electronic Frontier Foundation (EFF) oppose enactment of a cybersecurity law because they claim that it would infringe on the privacy of consumers. In order to end such resistance, the cybersecurity law should include clauses that enhance and guarantee consumer privacy with regard to information sharing between businesses and security agencies (Mazmanian par. 6).

Another important provision to include in a cybersecurity law is a framework to facilitate information sharing between government and businesses. The federal government has numerous departments and agencies that fight cyber crime. Therefore, information about cyber threats should be shared with other industry players. Consumer security is an important factor to consider when passing a cybersecurity law. Many privacy advocates have opposed past efforts to pass cybersecurity legislation because of poor privacy provisions. A cybersecurity law should contain provisions that limit the government with regard to the use of information received from businesses (Amoroso 57). For instance, obtaining data from telecommunication companies without the consent of users has been criticized for violating consumer privacy laws. This has derailed efforts by security agencies to protect private entities from cyber attacks.

The role of U.S. government in cybersecurity

The government is responsible for fighting cyber crime. For that reason, it plays several key roles in enhancing cybersecurity. First, the government improves cybersecurity by enhancing counterintelligence capabilities and providing better security services through establishment and funding of security agencies (Andreasson 48). For instance, several government departments exist to fight cyber crime. These include the National Cybersecurity and Communications Integration Center (NCCIC), the United States Computer Emergency Readiness Team (US-CERT), the Industrial Control Systems Computer Emergency Response Team (ICS-CERT), and the Software Assurance Program.

They work together with business owners in order to enhance cybersecurity by fighting cyber crime. Other government departments that fight cyber crime include the Federal Bureau of investigation (FBI), the Federal Trade Commission, the Federal Communications Commission, and the Department of Commerce (Andreasson 58). These departments play different roles. For instance, the Department of Commerce offers guidelines regarding appropriate selection of information technology products. In addition, it organizes workshops and operates a computer security resource center. Second, the government creates awareness regarding network vulnerabilities by cooperating with state governments and private partners.

Individuals are taught how to act swiftly in order to reduce the extent and frequencies of network breaches. The Department of Homeland Security protects the country’s infrastructure against cyber attacks (Andreasson 41). The NCCIC serves as the center from which all cybersecurity matters are coordinated and integrated into the national cybersecurity system (The White house par. 6). The centre works together with state governments, security agencies, the federal government, and international agencies that fight cyber crime. In addition, it creates awareness with regard to vulnerabilities of networks, ways of implementing recovery strategies, ways of reporting incidents, and methods of preventing cyber attacks (The White house par. 6).

ICS- CERT collaborates with private entities in strengthening and coordinating cybersecurity initiatives. The Computer Emergency Readiness Team offers guidelines and strategies to end users regarding the improvement of cybersecurity (Andreasson 56). Third, the government enhances cybersecurity by funding cyber education and research undertakings that study and develop effective ways of fighting cyber crime. This involves creating strategies that aim to discourage malicious activities and operations in cyberspace. In 2010, the government set aside more than $13 billion to improve cybersecurity.

Fourth, the government enacts legislation to counter cyber crime. Fifth, it coordinates the activities of different players whose main goal is to enhance cybersecurity. In 2008, George W. Bush launched the Comprehensive National Cybersecurity Initiative (CNCI) that was aimed at improving cybersecurity (The White house par. 7). In 2009, President Obama ratified the recommendations of a commission constituted to develop strategies and offer recommendations regarding the improvement of cybersecurity. The Cyberspace Policy Review culminated in several recommendations that included the formation of an executive branch whose role was to coordinate all the activities of government agencies and private entities involved in fighting cyber crime.

Conclusion

Cyber crime is one of the challenges facing the U.S. government. In order to eradicate it, the government funds and oversees the activities of several security agencies and departments that improve cybersecurity. For example, the Department of Homeland Security plays the role of protecting the country’s infrastructure against cyber attacks. government departments that enhance cybersecurity include the National Cybersecurity and Communications Integration Center (NCCIC), the United States Computer Emergency Readiness Team (US-CERT), the Industrial Control Systems Computer Emergency Response Team (ICS-CERT), and the Software Assurance Program.

Past efforts to pass cybersecurity legislation have been futile because of opposition from civil rights activities and privacy advocates. They argue that such laws would infringe on the privacy of consumers and internet users. In order to eradicate such opposition, cybersecurity legislation should contain several provisions that protect the privacy of consumers. Other important provisions include provisions that authorize security departments to share threat reports with businesses and authorize all businesses to develop and implement cybersecurity enhancement programs. Effective eradication of cybercrimes will involve cooperation between the government and other stakeholders such as end users, businesses, and private entities. Enhancement of cybersecurity is important because cyber crimes have severe consequences on the nation’s economy.

Works Cited

Amoroso, Edward. Cyber Security. New York: Silicon Press, 2007. Print.

Andreasson, Kim. Cybersecurity: Public Sector Threats and Responses. New York: CRC Press, 2012. Print.

Kostopoulos, George. Cyberspace and Cybersecurity. New York: CRC Press, 2012. Print.

Mazmanian, Adam. Lawmakers: Leaks Slowed Cybersecurity Legislation. 2013. Web.

Theohary, Catherine. Cybersecurity: Current Legislation, Executive Branch Initiatives, and Options for Congress. New York: Diane Publishing, 2010. Print.

The White house: The Comprehensive National Cybersecurity Initiative. Web.

Computer and Digital Forensics and Cybercrimes

Computer forensics

Within the last decade, computer forensics has solved so many cases that if it was not for this technology the situation would have been worse. This has been mainly enhanced by the ability of computer and digital devices to store data (Goode, 2009). Luckily, these are the same gadgets that criminals use to perpetrate their crimes and therefore it has been become easier to trace criminal activities through digital platforms. For these reasons, computer forensics has become one of the most used tools of investigation. However, it faces numerous challenges especially the aspect of privacy and the right to private information.

Challenges and opportunities

Computer forensics can benefit greatly from the current digital developments. This includes the use of GPS devices in vehicles and the use of Smartphones. With the numerous use of electronic gadgets such, computers, cameras, gaming devices and music players that contain storage media is a sign of a good opportunity for computer forensics to develop. However, the major challenge faced by the police and computer forensics department is that information on forensics countermeasures is found easily and freely online. This has greatly affected the success of computer forensics and it is the main drawback in this area.

In addition to avoiding forensics specifications, forensics counter software also can hide terrorists’ activities form the authorities’ surveillance. Nonetheless, coming up with new techniques in computer forensics has positively and negatively affected the world at large. The world is now safer due to the increasing usage of computer forensics in court cases. In essence, the use of computer forensics has enhanced the justice system by ensuring that culprits and perpetrators of criminal activities are brought to book.

Due to the increasing use of computer forensics, more criminals are being convicted from the evidences gathers from digitals gadgets. Currently, the use of conventional telephones and the use of letters as a mode of communication have become obsolete. Modern criminals are using highly sophisticated communication gadgets and this is a great opportunity for computer forensics. Most of the modern equipment used today in communication have the storage media capability. Most of the communication electronics today have a camera and a recording system and their connectivity is linked through centralized networks.

This means that forensics teams are capable of accessing such data as evidence before a court of law. However, even with the expansive surveillance resources, there is yet another major drawback for the forensics department. Most of the internet service providers have very limited data retention periods. A data retention period is the timeline that specific data has before it is permanently deleted to create more room for newer information. With the limited data reinvention periods, some vital information can be lost or inaccessible.

This is a major drawback for the forensic department because it can affective or inhibits evidence. Unfortunately, this cannot be changed since some of the data stored consumes a lot of pace. For example, CCTV in the streets and around the cities collects data all day for months. After some time, the data collected may be deleted from the servers to create more room for recent recordings.

Improving Computer forensics

Data storage capabilities

One of the most effective ways of improving forensics includes enhancing and increasing data storage capabilities (Taylor, Fritsch, & Liederbach, 2014). As noted earlier, forensics is facing a challenge due to the limited time of storage or rather the retention period. As data keeps on being removed from the database, it becomes very difficult for the investigators to follow leads and to prove the occurrence of a crime. Some of the criminal activities are purely arranged and planned using the internet. To stop such crimes, the computer forensics needs to monitor the flow of information from one terrorist to another for some time. This is considering some of these attacks have been planned for some time. With the lost data over such long periods, computer forensic evidence may not be sufficient to prove a felony.

Partnership between forensics and the state

Computer forensics cannot work sufficiently without the cooperation of the state/government. For computer forensics to succeed, there must be a substantive and sustainable program to govern and enhance a strategic alliance between the stakeholders. A good example of a working agency partnership is the Indiana state police’s partnership with the Purdue University Department of Computer and Information a technology (Goode, 2009). This is not the only interagency collaborative program that the Indiana state police have engaged in. The police also have a partnership program with the National White Collar Crime Center (Goode, 2009).

These partnerships have been developed to pursue one agenda which is to hare unique skills and attributes to enhance computer forensics. Computer forensics is mostly very useful in financial crimes. This is why the NW3C is important in this process. The NW3C is a federally funded organization that is responsible for training the police on matters involving financial crimes (Goode, 2009). The organization has been very useful in training the police on computer forensics relevant to the banking industry and financial markets.

It has also been very instrumental in training the police on various cybercrime investigations (Goode, 2009). Since this is a partnership based on mutual benefits, the police have to return the favor to the organization for the training received. Therefore, as a way of showing its appreciation, the police provide subject matter experts with the platform to experience the real-world situation in crime (Goode, 2009). This gives the organization the advantage of tasting their developed courses to see their effectiveness (Goode, 2009).

Ultimately, the organization gets a platform to practice and utilize their developed forensic skills. Students at the Purdue University IT department are also benefiting from this partnership by getting access to the practitioners in this field. In return, the school offers its best brains in research and the digital forensic field. With the highly intelligent students and researchers from Purdue, the Indiana state police have been able to develop one of the most effective forensic networks in the world.

The concept of Bring Your Device

In recent developments, the concept of Bring Your Device has been increasingly utilized in many organizations. BOYD is a special concept that allows employees to use their electronic gadgets to access classified and privileged company information (Sridhar & Govindarasu, 2014). There are several challenges that the adoption of this concept experiences. Supporters of this concept argue that the ability for workers to perform their duties from any location is good for business.

While such flexibility may be advantageous, there are also several risks involved. One of the fundamental risks that the BOYD concept exposes companies and organizations is the fact that sensitive company information can easily fall into the wrong hands (Sridhar & Govindarasu, 2014). When employees are allowed to access the company’s database using their gadgets, such information can easily be accessed by an authorized person. Devices such as phones, tablets, laptops among others can be stolen and the information stored in them accessed.

This can put the company at greater risk. BOYD can result in a massive and dangerous data breach hence compromising data security (Sridhar & Govindarasu, 2014). Another way that the company risks a data security breach is when an employee who was using his or her gadget to access the company data leaves the organization. When they do so, they leave with their gadgets and the company’s data they had stored in their devices. This also can create a very serious data security breach.

Dealing with digital threats created by the BOYD concept

Dealing with digital threats resulting from BOYD CONCEPT the ICT departments need to be on high alert. In every organization today, ICT has been significantly incorporated in the daily organizational functions. In a situation where a fired or an ex-employee is using a password-cracker to gain access to restricted information in an organization, an appropriate measure must be taken to secure the incident. To secure the scene, one requires software like Log2timelieme (Taylor et al., 2011). This software is used to identify the timelines from system logins.

However, for this particular occurrence, an incident response software is the most appropriate to address the issues. Volatility is one of the best software available for such a function. The software is designed to address incidences and malware analysis and it allows the investigator to extract digital artifacts from RAM dumps (Chung, Park, Lee & Kang, 2012). This software allows one to extract information from the current running process and also from the cached registry hive, process IDs among another process (Chung et al., 2012).

Steps in dealing with the situation

The initial steps to follow when investigating a digital crime scene involve obtaining authorization to search and seize the facilities used by the suspected perpetrator. After gaining authorization from the organization management, the next step to secure the area of or the crime scene would be the most prudent action. This helps to avoid an instance where colluding colleagues can tamper with the evidence to influence a favorable forensic outcome. The entire items that were seized during the investigations must be documented and recorded and if any transportation of the confiscated equipment and evidence is to be made, safety should be a priority. Acquiring the evidence from the equipment should be done using forensically acceptable methods.

After the evidence is acquired, the forensic images should be used to analyze the data and come up with interpretations based on the collected facts (Garfinkel, 2010). Presenting the analysis and findings of the investigation must be simplified even though complex methods of analysis have been used. The results must be presented in simple easy to understand language and in a written report. The evidence is thereafter presented in a courtroom under an affidavit.

Extracting evidence with the volatility software

First, one needs to identify a folder or folders he or she needs to investigate. After identifying the folders, one only needs to place the Volatility-2.1 standalone.exe and open a command prompt window (Garfinkel, 2010). From this window, one needs to click on the executable file and type the name of the software, the plugging name, and the profile name. The plugging name is the name of the file the investigator wants to extract information from. The software does the rest automatically.

Admissibility

To enhance the admissibility of evidence, the original copies of the collected evidence should be copied. The collected evidence must be authenticated through an electronic process to prove that the said crime and presented evidences are genuine (Goode, 2009). The evidence must meet the relevance threshold to be admissible in a court of law. In addition to this, an affidavit is required to hold the investigator directly responsible for the evidence provided. Evidence provided must be extracted from the gathered information and not from outside sources (Goode, 2009). These are some of the highest steps that should be taken to ensure that the investigation is legitimately carried out in all fairness to both the defendant and the plaintiff.

System upgrading plan

In every organization, system evaluation is very important for the success of the company. In the banking industry, security checks a regularly required to ensure the bank has the latest system to enhance its security. The growth of ICT has further increased the necessity of systems evaluation on a regular timeframe to enhance security. This paper seeks to discuss the different evaluation strategies for a bank, appropriate monitoring of the system’s progress and evaluation of success and failure methods.

Systems evaluation strategies

Test and evaluation is vital before an upgrade is carried out in any organization. This enables the company to evaluate the present system and identify the loopholes therein. With this knowledge, appropriate measures can be taken in the upgrading procedures. The system evaluation strategies involve testing the bank’s vulnerability in terms of outside infiltration. This requires the bank’s IT department to try and hack their systems to see whether it is possible to steal data from outside (Ammenwerth, Brender, Nykänen, Prokosch, Rigby & Talmon, 2009). Using the system’s protocols, the IT personnel can try to create overrides to determine the vulnerability of the bank’s system.

What evaluation methods could be used?

To evaluate a system may also require the administration to authorize an operation that aims at bringing out the risks of that are unforeseen in a system. Appropriate strategies include a call by value, partial evolution and applicative order (Ammenwerth et al., 2009). In banking, speed is very important and so is accuracy. Upgrading requires the IT department to identify the issues raised about the current computers. Banks require high-speed computers and enough memory for data storage. If the company’s needs are not effectively met by the current desktops, then the most product auction would be to upgrade to higher performance desktops.

Monitor progress and methods of evaluation of success/failure will you use?

To monitor the progress of a network system in a bank requires time and patience. One cannot determine the extent of a failure in a system if the system is not put in use for long enough for these issues to begin arising (Ammenwerth et al., 2009). Therefore, monitoring a system has to be a gradual process aimed at identifying the underlying issues and risks that a system may expose the bank to. Monitoring the performance of the computers, the software installed and the servers to see determine whether they match or compete with the recent technologies in the market. The method of evaluation appropriate in determining the failure or success of the systems would be the call-by-value strategy (Ammenwerth et al., 2009).

Recommendations

As a group we recommend a complete overhaul of the entire analog system to be replaced with new technologies. High-speed desktop no less than a dual-core and new installation of modern servers to support the company’s network data should be reconstructed. For efficient services to clients, the bank must enhance its banking service through other platforms such as social media, mobile banking, and online banking.

Such improvement requires very sophisticated data control systems to ensure they are secure. ICT is a major component in the banking industry and the sooner banks adopt the trends the better for business. This paper has critically analyzed the process involved in upgrading a system in a bank. System evaluation processes have been outlined in the paper as well as strategies for monitoring progress in the systems.

Understanding the risk assessment methodologies and its applications is important in that it makes one able to create a more secure computing environment. However one of the challenges is that professionals in information face difficulty due to the fast rate of change in technology. Various tools are used for risk assessment. A good one is the Operationally Critical Threat Asset and Vulnerability Evaluation (Sridhar & Govindarasu, 2014). This helps organizations protected from information security risks. Although OCTAVE is workshop based and not tool-based.

Threat Modeling is in simpler terms a procedure which is used to optimize network security. It does this by checking for vulnerabilities and counters the mechanisms of the vulnerabilities or threats to the system. In this case, a threat is a malicious act that is directly harmful and can cause damage to your system. The point here is to go through the whole system and find where the most effort should be applied or the riskiest area which should be taken care of first to keep the system safe and secure. The technique it uses is it changes with the change in the development of new factors.

Risk assessment is being able to control and manage the potential risks or dangers and taking the necessary steps to make sure they are managed and well taken care of. In other words, it’s the act of controlling the risks and potential dangers. Risk assessment is important in that it protects various aspects of an organization such as its assets. The most important thing to consider in risk assessment is identifying the potential dangers. Risk assessment entails various processes such as qualitative and quantitative risk assessment (Sokolov, Mesropyan & Chulok, 2014). Octave consists of phases and each phase contains several processes. For example phase, one contains processes such as identifying senior management knowledge and creating threat profiles. Phase 2 consists of identifying key components and evaluating selected components.

References

Ammenwerth, E., Brender, J., Nykänen, P., Prokosch, H. U., Rigby, M., & Talmon, J. (2009). Visions and strategies to improve evaluation of health information systems: Reflections and lessons based on the HIS-EVAL workshop in Innsbruck. International journal of medical informatics, 73(6), 479-491.

Chung, H., Park, J., Lee, S., & Kang, C. (2012). Digital forensic investigation of cloud storage services. Digital investigation, 9(2), 81-95.

Garfinkel, S. L. (2010). Digital forensics research: The next 10 years. Digital Investigation, 7(1), 64-73.

Goode, S. (2009). Admissibility of Electronic Evidence. Rev. Litig, 29(1), 134-138.

Gordon, L. A., Loeb, M. P., Lucyshyn, W., & Zhou, L. (2014). Externalities and the Magnitude of Cyber Security Underinvestment by Private Sector Firms: A Modification of the Gordon-Loeb Model. Journal of Information Security, 6(01), 24.

Sokolov, A., Mesropyan, V., & Chulok, A. (2014). Supply chain cyber security: A Russian outlook. Technovation, 34(7), 389-391.

Sridhar, S., & Govindarasu, M. (2014). Model-based attack detection and mitigation for automatic generation control. Smart Grid, IEEE Transactions on, 5(2), 580-591.

Taylor, M., Haggerty, J., Gresty, D., & Lamb, D. (2011). Forensic investigation of cloud computing systems. Network Security, 1(3), 4-10.

Taylor, R. W., Fritsch, E. J., & Liederbach, J. (2014). Digital crime and digital terrorism. New York, NY: Prentice Hall Press.

Usha, M. (2014). A Study on Forensic Challenges in Cloud Computing Environments. Journal of NanoScience and Nanotechnology, 2(1), 291-295.

Cyber Security in Private and Public Sectors

Information privacy is the privacy of personal information within organizations, and their attempts to define content of information stored on computer systems that third party can also access. Data masking, encryption, and authentication are some of the ways of protecting data from the public so that only authorized personnel can access such information (Rouse, 2013).

Organizations always use this aspect of information technology (IT) to increase confidentiality within the management in order to reduce vulnerability and exposure of their systems to unauthorized segment. Information on finance, medical data, criminal records, and business information are some of the personal data that require continuous privacy.

The United States, for instance, has different legislations on data privacy that deal with specific sectors given the different needs that emanate from them. Data usage by unauthorized persons is illegal in most parts of the globe. Therefore, concerned parties must come up with relevant protective measures to address the possibilities of such pieces of information of finding their way on the wrong hands.

Patients’ records are essential in managing health facilities by ensuring that they offer quality services to the clients. For instance, a patient’s medical history is essential in determining the types of medication to administer to the patient. Such data remain confidential, and should only be used for treatment purposes only. As a way of preventing information leakage, which may result in stigma to a patient, the management must ensure that pieces of information on all patients are kept securely to maintain confidentiality.

The US has the Health Insurance Portability and Accountability Act (HIPPA) that ensures that patients’ data remain accessible only to the authorized segment of the staff. HIPAA uses electronic data interchange to give patients’ information unique identifiers that the unauthorized group cannot interpret. Users are given privileges under strict laws to access all medical records, and, at the same time, have to maintain data integrity and confidentiality on information that may lead to identification of a patient (Rouse, 2013).

Websites also have confidentiality policies that guide their service provision. Some organizations have put tracking measures in place to identify those accessing their websites for security purposes. For example, when one accesses such sites, the computer stores cookies automatically. This move prevents hacking of information by third parties as the organizations can trace all their users.

This issue of cyber security has been contentious, with opponents arguing that it is against the privacy policy to allow organizations to track their users through cookies. However, proponents hold that even though the move infringes on the privacy of the public, it has impressive impacts on guarding the security of organizations. That is, loss of data by an organization has great impacts on society as compared to tracking individuals.

The US citizens use cyberspace to travel, power their homes, communicate, provide essential government services, and run their economy. The overreliance on the network has posed serious attacks thus causing more information vulnerability. Organizations should work towards limiting data breaches that may arise from information hacking. Using password-protected data is one way of improving the security of online data (Zhan, 2009).

Markedly, choice of passwords is key in limiting data loss. In cybercrimes, one does not need to break into a physical property to steal information or use force to access the materials. For example, bank frauds have been on the rise with the coming of this new technology.

In addition, cases of information confidentiality is worrying, as other internet savvy people can access such information, a recent example is the Wikileaks. These cases prompted US to pass legislations that could help in eradicating this menace. Since many departments and organizations use this modern technology, fighting the vices is a shared responsibility (Raab & Mason, 2002).

The private and public sectors are collaborating to create awareness on cyber security among the internet users. With the high rates of cybercrimes, financial institutions, for instance, have to use complex mechanisms to enhance the security of their data, as fraudsters can easily transfer funds through the online platform to their accounts. In this aspect, the browsing history of users is significant in enhancing information security for the benefit of both the users and website owners.

Internet security has made most users to maintain anonymity while online. A study by Pew Research Institute revealed that 86% of Americans prefer being anonymous to keep their data private (Gorodyansky, 2013). They protect their IP addresses, encrypt emails, and delete cookies frequently from their computers. Information privacy remains a controversial issue in the US given the recent phone-tapping move by the federal government.

The government has also gained access to emails of prominent personalities as a way of enhancing the overall security of the country. Instances of terrorist attacks similar to the 9/11 that led to loss of lives and destruction of properties have been common with the manufacture of nuclear weapons by some Middle East Nations. In security line, the US can breach the information security policy in order to enhance the safety of its citizens and the entire world.

References

Gorodyansky, D. (2013, October 13). . Wired.com. Web.

Raab, C. D., & Mason, D. (2002). Privacy, Surveillance, Trust and Regulation. Information, Communication & Society, 5(2), 237-241.

Rouse, M. (2013, August 5). . SearchCIO. Web.

Zhan, J. (2009). Information Privacy: Security and Integrity. International Journal of Information Privacy, Security and Integrity, 1, 55-83.

Online Predators and Childrens’ Cybersecurity

Recent statistics compiled by leading news agencies, the Federal Bureau of Investigation, and the U.S. Department of Justice revealed disconcerting facts about online predators. For example, it was discovered that in a survey of young Internet users – between the ages of 10 and 17 – one in five reported they had “receive unwanted sexual solicitations online” (ABC News, 2015, p.1). Also, at least 4,000 cases were reported to authorities in which online predators utilized chat rooms to prey on minors.

However, the most disturbing insight regarding this revelation is the realization that the number of victims is much higher, because in this type of cyber crime, related incidents are not reported to the police. To win the battle against online predators it is important to craft laws that were created by people with a thorough understanding of how perpetrators utilize information systems and the Internet to commit sexually-related cyber crimes.

Information Systems

Ignorance regarding the technical nature of information systems and the Internet will only result in the creation of laws hampered by loopholes and weaknesses that are easily exploited by online predators. It is important to point out that a typical information system is comprised of “a set of interrelated components that collect, manipulate, store, and disseminate data and information and provide a feedback mechanism to meet an objective” (Stair & Reynolds, 2014). In simpler terms, gaming chatrooms, Google, Facebook, Instagram and other variations of social media sites are good examples of information systems.

The existence of an appropriate information system or IS enables people to share information and transmit messages. If a particular IS combines its attributes with the Internet, the applications are countless. More importantly, people can communicate with voice messages, share personal information in a cost-efficient manner. Also, distance is no longer a limiting factor, because digital information travels at the speed of light (Stair & Reynolds, 2014).

It is imperative to point out that social media sites and gaming chatrooms enable people to communicate without the need for a face-to-face interaction. Communication is possible even without uttering a single word, because the system enables the transmission of text messages or an SMS-type of sending greetings, ideas, or personal information.

It is possible to access social media sites and gaming chatrooms from anywhere in the world as long as an Internet connection is available. Since face-to-face interaction

is not required in a typical communication process people can pretend to be someone they are not. Thus, online predators have a convenient way to lure their targets. Before the advent of the Internet, Facebook, chatrooms, Vine, and Instagram, sex offenders frequent parks and school premises to select targets. However, in the present time, they can victimize children and teenagers without the need to share the same physical space. Safeguarding children and minors from online predators became a more difficult challenge when mobile devices and game consoles allowed users to communicate with one another via the Internet.

The Law

Most parents and guardians are unaware that game consoles and mobile devices enable children and minors to communicate with strangers. They are unaware about the fact that sex offenders are patient and determined in their desire to gain the confidence of their victims. It imperative to ratify laws that will make it more difficult for online predators to communicate with their prospective targets.

It is not an easy task to legislate a legal framework that will prevent sex offenders and unscrupulous individuals from using the Internet. Two major factors severely limit law enforcement agencies from preventing the activities and apprehending online predators. First, policymakers do not have a clear understanding of how information systems work. Second, sexual offenders and online predators’ freedom of expression and other related rights are protected under the law.

The impact of these twin factors was manifested in a state legislature, when New York Governor David Paterson signed into law the Electronic Security and Targeting of Online Predators Act or e-Stop in May of 2008 (Saleh, Grudzinskas, & Judge, 2014). In this piece of legislature, the State of New York compels sex offenders to register all of their Internet accounts and other Internet-related identifiers with New York’s Division of Criminal Justice Services (Saleh, Grudzinskas, & Judge, 2014).

As a result, the DCJS has the power to release the said information to various online services providers and social media sites to prevent them from using the site’s services. Also, the law compels the said online service providers to notify law enforcement agencies if a sex offender violated the said terms of use. Finally, level 3 sex offenders are not allowed to use the Internet (Saleh, Grudzinskas, & Judge, 2014).

There are two problematic areas in the said law. First, it seems like lawmakers have no clear understanding of how an IS or an Internet works. It is relatively easy for sex offenders to change Internet accounts, email accounts and other forms of Internet identifiers. Second, the law violated the rights of the individuals to communicate and express their opinion (New York Civil Liberties Union, 2016).

More importantly, the law severely limits the income-generating capability of certain individuals. Lawmakers must realize that the Internet and social media sites are no longer restricted to a few activities. In the present time, the Internet and social media sites are critical information highways that enable people to increase their capability to find jobs and to increase their earning potential. It is not fair to deny people this right and privilege. To defeat online predators, parents, guardians, and teachers must not only rely on the work of legislators. In this context, the best defense is the best offense, because they need to work together and educate children regarding the potential threats that emanate from the unsupervised use of the Internet and social media sites.

Conclusion

Sex offenders and online predators found a way to exploit the far-reaching capability of information systems when it comes to drawing people closer in a virtual environment. Ease of communication, cost-efficiency, and other positive attributes makes it easier for unscrupulous people to use social media sites and gaming chatrooms for nefarious reasons. The problem is not in the absence of potent laws, but it is the need to balance the need to protect children and minors and the need to honor people’s constitutional rights. Also, tougher laws are useless against people with criminal intent, because the nature of the Internet and social media sites enable them to change their identities as a chameleon changes its colors. It is best to solve the problem from another angle, and that is to increase the involvement of parents, guardians, and teachers in monitoring the online activities of children and minors under their care.

References

ABC News. (2015). . Web.

National Sex Offender Public Website (2016). Raising awareness about sexual abuse. Web.

New York Civil Liberties Union. (2016). . Web.

Saleh, F., Grudzinskas, A., & Judge, A. (2014). Adolescent sexual behavior in the digital age. New York: Oxford University Press. Web.

Schneiderman, E. (2015). Initiatives. Web.

Stair, R., & Reynolds, G. (2014). Fundamentals of Information Systems. Boston, MA: Cengage Learning. Web.

Automotive Industry’s Cybersecurity and Threats

Background Information

Cybersecurity is focused on computer systems that is why the representatives of the general population rarely associate it with the automotive industry. However, the connected car was not a part of sci-fi for a long, and it is offered by 15 brands already (Francisco, 2014). Many people can experience the advantages provided by in-car infotainment systems today. With the help of Wi-Fi and Bluetooth-enabled devices, drivers can use additional functions and adapt the environment around them to their needs (Griffor, 2016). Cybersecurity in the automotive industry also deals with connected parking and after-market services, etc. Thus, it must ensure privacy and security. Not so long ago, it was revealed that hacker groups attacked smartphones, which influenced the connected car (Francisco, 2014). These issues attracted the attention of professionals and made them reconsider the extent of cybersecurity threats.

Threat Assessment

The Vehicle Software

Explanation

The infotainment system represents the main set of computer systems that can be found in the vehicle. It gathers both hardware and software, which means that different security approaches are to be addressed. This system has a low barrier to entry, which makes it vulnerable to attacks. Users have an opportunity to download and install software themselves, gathering it from those websites that do not guarantee a high-quality product.

Risk

Cars tend to have a lot of sensors that make them more vulnerable. The attack surface increases, which makes it easier for hackers to find a gap in security. In addition to that, the software installed by the owner may contain an electronic threat, alter sensitive data, affect the productivity of the system negatively or even remove some significant for proper operation software.

Recommendation

With the help of a trusted secure boot, professionals can ensure that their clients’ software that is already installed is good enough and does not require any changes. It is better to partition operating systems so that if hackers affect one of them, others remain secure. If some updates are needed with time, it is significant to make sure that owners can use virtualization and software containers. In this way, they can alter individual functions and do not implement changes in the whole system. It may also be beneficial to make it impossible for the owners to add/delete the software. However, the possibility to develop some kind of assessment tool for new software seems to be more advantageous because it will not deprive the owners of their privileges but will still ensure security. Authentication is used to make sure that a car is used by its owner but not by some other person. It gathers one’s individual information and provides access on its basis. A physical key that is still often used in the automotive industry cannot provide such benefits, which proves the value of this alternative.

Network Security

Explanation

The majority of hackers who have experience of exploiting desktop systems have no difficulties with targeting the automotive industry focusing on its software. That is why it is often given the greatest priority. A vehicle can be affected through Wi-Fi and Bluetooth connectivity, which means that the attack can be maintained from a distance. It is significant to ensure the security of this system because it focuses not only on the audio and video entertainment but also allows to control navigation system and manipulate the behavior of the car. Hackers do not even need to get close to a vehicle if they want to move wheels, for instance.

Risk

The Internet attacks are currently treated as something ordinary so that the representatives of the general public do not consider them to be very critical. The usage of unsecured legacy protocols can affect the integrity and authenticity of data. Among the main vulnerabilities in the implementation of Bluetooth technology. With its help, a car can be aligned with a smartphone, which is a great advantage for the owner because it simplifies the usage of network systems. However, the device used for the connection can belong to a hacker as well. To minimalize this issue, the majority of companies that operate in the automotive industry use the CANbus network, which is focused on the behavior of a car. However, it fails to provide total security, making it possible for hackers to manipulate a vehicle and threaten people’s lives (Francisco, 2014).

Recommendation

Organizations should maintain monitoring of the behavior of a car. It will be advantageous to implement anomaly detection. In this way, it will be possible to see if a car was approached by a hacker. In addition to that, updated models of network encryption should be used because they are likely to protect the data that is critical for the safety of clients. Device authentication should be maintained because it ensures that a vehicle is approached by its owner. It can be beneficial to restrict network communications. Defining preferred behavior, a client will be able to see if something unusual happened.

The Vehicle Hardware

Explanation

Companies must ensure that the vehicle hardware is well-protected. The way the software operates depends greatly on the condition of hardware and its security. Hackers can obtain access to a vehicle and damage seatbelts or airbags. In addition to that, they can affect the engine firewall.

Risk

Some hardware components have no built-in security features, which means that it can be easily accessed by hackers (Auto Alliance, 2017). If the auto control system is not isolated, it can be approached through other systems. What is more, hackers can affect communications-based functions like navigation and satellite radio.

Recommendations

Focus on boot and software attestation can prevent unauthorized changes and invalid files from influencing client security. It requires the digital signature and product keys that cannot be easily hacked. The usage of the trusted prosecutor module can be advantageous in this perspective because it identifies a proper code and arrests other attempts to get into the system. Tamper protection also focuses on intellectual property. It allows professionals to avoid reverse engineering. It is possible to use Intel Enhanced Privacy ID technology that ensures client anonymity (Intel Security, 2016).

Cloud Security

Explanation

The majority of hackers are ready to deal with basic security when they start working. However, they are not ready to deal with additional security services, which can help to identify and correct those threats that are waiting for a vehicle.

Risk

Lack of collaboration between the stakeholders and poor maintenance of additional support services can lead to the disclosure of critical information and the possibility of obtaining hacked software updates (AUTO-ISAC, 2016). When vulnerabilities are discovered with time, the recall may be needed which can be extremely expensive for the organization.

Recommendation

It is significant to ensure the possibility of remote monitoring and updates, etc. The cloud should be approached with the help of an authenticated channel. The stakeholders should develop proper collaboration so that they can quickly share the information, respond to attacks, and prevent their repetition. The possibility of over-the-air updates should be ensured because it allows reducing expenditures needed to fix the product (CybeRisk, 2016).

Conclusion

Thus, it can be claimed that the current automotive industry is tightly connected with computer systems so that its cybersecurity is to be ensured. Vulnerabilities of connected cars can be found when focusing on their hardware and software systems as well as on network and cloud security. This issue occurs because the infotainment system that is implemented in a vehicle has much in common with desktop systems that are already thoroughly explored by hackers. The majority of risks come from the network system because it deals with the connection of cars to other devices. However, the significance of other weaknesses cannot be neglected. Professionals who operate in the automotive industry should think of the best practices that can help them to prevent hacker attacks or at least respond to them properly. In this way, both clients and companies will be protected.

References

Auto Alliance. (2017). Cybersecurity. Web.

AUTO-ISAC. (2016). Automotive cybersecurity best practices. Web.

CybeRisk. (2016). Automotive cybersecurity – vulnerabilities, challenges, industry response. Web.

Griffor, E. (2016). Handbook of system safety and security. Amsterdam, Netherlands: Elsevier.

Francisco, C. (2014). Web.

Intel Security. (2016). Web.