CyberCrime
Introduction
Cybercrime is one common method of blackmailing, threatening and stealing organizations that are increasing at a high rate in the whole world. The crime is affecting confidentiality, availability, and integrity of the information technology environment in various organizations. General methodologies in risk analysis may be used in making entire cyber risk cartography. It is (cartography) important for the progress of business managers as they judge whether the recent cyber mitigation risk measures comply with the organization risk tolerance.
The crime affects the professional, government and customer’s confidence in an organization. Even though the company’s financial and corporate objectives are not an exact target, they are, however, not a significant risk. Potential risks such as being bankrupt are evident in several organizations. Several preventive measures are used in fighting cybercrime causes from the cause. On the other hand, the managers working on the business continuity are very much interested in identifying the measures that could be taken in reducing the loss of information technology systems, data, and documents in cases of cybercrime (Danny & Marc, 2013).
The society as well as economy is very much dependent on the ICT technologies. The reliance has continued to grow to the extent such that several crucial and critical business processes are done using the web connections and IT systems. Managing these processes in the business means that the management team is involved in managing a database that is quite huge which comprise of confidential and critical data with access to confidential documents.
On top of that, several industrial processes are very much controlled, managed and monitored using the ICT. Technologies, equipment and complex systems that are indispensable in the management of industrial processes are connected and in a position to coordinate, communicate, take action and cooperate without the human intervention need. The applications of the machine to the machine are common in the sectors of critical infrastructure.
The effectiveness and availability of the complex information technology systems are crucial in operating the critical infrastructures like transport, finance, health sector, and water. If the ICT infrastructure for all these sectors is unavailable or is damaged, it could have very significant consequences on organizations, society, individuals and even to the economy at large. It is, therefore, very important for safe internet that is in place for 24 hours in a day, seven days a week to be made available (Danny & Marc, 2013).
Business managers have, therefore, come up with contingency measures that do not make use of ICT systems. The measures are only in a position to guarantee all services that stakeholders and customers require and except for a short period. The continuity plans for the business that is essential when there are disasters rely on the ICT tools.
The cyber risk, therefore, is not anything to ignore in a business. The paper, therefore, aims to discuss research carried out on cybercrime demonstrating the cybercrime originality, general risks and the ways to curb them. The paper also discusses the available evidence for private expenditure on cybersecurity. Predictions on ordinary firms such as the online retailers in a competitive market have a chance to investigate the optimal amounts socially in the cyber defense. On the other hand, the strategically important companies in the uncompetitive markets like the public utilities have a likelihood of under investigating.
Literature Review
Cyber is an environment that is man-made for network devices. The machines range from CCTV cameras, mobile phones, and computer servers. Cybersecurity is an important aspect of the current world. The chances of attacks are evaluated based on the perceived threat other than using hard data (Hult & Sivanesan, 2013). The attacks are behavior focused, and individuals are mainly the key targets. Cybercrime is an increasingly common strategy of stealing blackmailing and threatening organizations in the whole world.
Some examples are discussed below; several personal computers such as private consumer computers are frozen by viruses such as ransomware that will always demand cash so as to unlock the system. On the other hand, companies also get affected by this cyber blackmailing. For instance, a banking institution was affected by such cybercrime and a financial ransom was claimed from the bank so that the client’s data is not made public.
Several types of online banking attacks have been evident in the last five years. Some of the attacks are based on botnets such as social engineering and phishing web and also the Trojan horses. The botnets which affect the networks and infected computers comprise an infrastructure made use of by the cyber attackers who use it in distributing spam, customer spying, system interruption, server sabotage and executing fraudulent transactions. Destruction can also be done through attacks such as a distributed denial of service (DDOS).
Nowadays, anyone can be involved in cybercrime. It is so easy such that even individuals can operate on their own and become attackers (Hult & Sivanesan, 2013). The tools and knowledge required are easily accessible on the internet. It gives an opportunity for spying, subversion, sabotage, propaganda, military operations in cyber and executing fraudulent transactions. Today’s technology makes individuals be able to hide the identity such that control and subversions by authorities are difficult.
New threats are, on the other hand, coming up as mass hacktivism for ideological and political reasons that are aimed at publishing information that is confidential. Hacktivism aims at networking and social media. It is very fast and therefore does not have time for response. The group involved in the crime does not have a formal structure. They, however, have an advantage of umbrella brand name such as anonymous.
Other developments are cyber spying for political and economic reasons. These spies work to steal patents, strategies and data stocks in huge companies and centralized departments in all the countries. The spying could go for several months without being detected.
Another development in cybercrime is immobilizing or destabilizing essential and critical infrastructure. Certain malware gives way for data and systems to be managed by individuals from outside and even making some industrial facilities be sabotaged. This targets the national authorities.
To reflect on the possible continuity plans in the business for the cyber crimes, attacks, and incidents the examples are divided into three cyber crime types which affect the availability of the business process.
One, a cyber attack which blocks the access from as well as to the internet cloud, especially the DDoS attacks. All the IT internal systems, applications, database, and tools, are in good working condition, though the employees are not in a position to communicate with the world outside. The clients, however, are not able to contact the organization. Second, the cyber attack in a situation where a cybercriminal can penetrate in the IT system as well as being in a position to destroy and erase the necessary aspects of operating tools, databases and applications. Third, the cyber attack in a situation where the criminals involved in the cyber attacks succeed in entering through the IT systems even with no intention to destroy or erase the data. However, they alter or steal the information contained in the databases and documents.
The next aspect involves the continuity plans involved in tackling the cyber crimes include; tools involved in reducing the type one cyber attacks. The tools are involved in blocking wiping or diverting the criminal traffic and also trying to finish the bandwidth completely connecting the IT infrastructure of the organizations with the internet. Making use of various network technologies which are different from the internet could also be used.
On type two cyber crimes, the main BCP will comprise of backups with tools, operating systems, databases, applications, and other offline independent support media which is addressed directly by cyber attackers. The backups would be in a format which allows startup from the beginning in a short period of time as compared to MTO of several time-critical processes in the business.
On the third type, it is thought that the confidentiality and integrity are necessary notions in the risk mitigation and risk analysis measures, plans on business continuity are not required in such cyber attacks due to the availability which is not affected. With the knowledge that it would a long period of time for individuals to detect the type of cybercrime, this means that the attackers have had a long period of time to penetrate deeply the IT environment. This will make the experts of information technology security to maybe suggest that the entire environment of IT is placed fat from the external access with the aim of analyzing a high level of infection and penetration. To make the situation more complex, they are not able to guarantee the required time for disinfection. The process could take several hours, days or weeks depending on the cybercrime complexity.
The network segregation could help because it makes it hard for cybercriminals to join the entire information technology environment. The cleansing, enabling analysis and isolation may be organized in layers. The situation will not suggest the unavailability of the business process during the same period.
Other options though of are reopening of connections to the internet for various processes in time-critical business during the period when the experts in information technology are not very much convinced that the traces of cyber attacks are cleaned. The situation means one is not in a position to exclude a possibility that, for instance, malware is going to restart the operation to reinfect the information technology environment.
Methodology
The case study aimed at investigating claims of fraud by several victims. In order to examine each subject within the population, the researcher used an interview to analysis each subject, the interview was used as the most applicable tool of data collection since it was able to obtain the in-depth information required by the study. In addition, the study employed the use of case study design as it was able to exhaust all the subjects in the population in terms of data collection. The research further noted that the interview method did go hand in hand with the case study since most of them gave room for probing of each item in the questionnaire. The study also involved a review of documents, information analysis and dialogues with perpetrators.
The researcher identified a population; a sample was then obtained and used as a representative of the population. In order to avoid bias opinions of the subjects (perpetrators), the subjects were made to understand the nature of the data required and its intended use at the start of the interview session (Silverman, 1997; 1). On the other hand, the population characteristics consisted of individuals who have fallen as victims for a specified period of time and was perceived to possess the information required. The study believed that sample used had similar characteristics with the population and such was considered a true representative of the fraudsters and victims.
To convert the data obtained from the field into useful information, data were analyzed by use of simple statistical measures of tendency such as standard deviation as well as computer programs like statistical package for social scientist (SPSS). After the information was obtained, it was interpreted and presented in form of charts, graphs, and percentages, the researchers believed that the above-highlighted method of analysis better suited the research objectives (Silverman, 1997; 1). In addition, the use of the presentation methods employed was of high frequency and the most used in many research studies.
Limitations
When picking the individuals to interview, several people wanted to participate and we had to convince them that we only wanted a sample of ten individuals. However, the language was a problem and we had to be very keen to hear what the participants were saying. Sometimes we had to get someone to interpret for us. Time was also a limiting factor. If we had more time, the research could have been more extensive.
Results
Research showed that a large scale cyber attach in Russia would target the privately held infrastructures which are critical, for instance, the telecommunication carriers, power companies, banks among others whose compromise causes widespread harm. 85% of America’s infrastructure owned by private companies face intrusions constantly. The defenses on the private sector are said to be inadequate. These companies are on their own in aspects of protecting the computer systems from cybercrime. The research continues to show that the poor state of cyber defenses in America is to some extent due to the incomplete analytical framework that helps in explaining the situation.
The policy and law of cybersecurity are under-theorized. All the approaches of legal scholarship cybersecurity from a criminal law standpoint or armed conflict law. With these analytical commitments, the situation is inevitable for the lawmakers and academics to favor the military solutions and law enforcement to the problems of cybersecurity.
Efficient cyber security level
National security depends on critical infrastructure security. Cyber attack on the assets some of which are private companies could be very much devastating. Few keystrokes and the adversaries hack onto the banks to corrupt the data for customers, control the power plants so as to get rid of the electricity grid, take offline the telecommunications network, open the dam’s floodgates among others. Despite the threat magnitude, conventional wisdom is described in a manner that the private sector is not very much protecting itself (Alexander, 2013).
When asked whether individual companies, as well as the entire society, are investing in the cyber defense, participants mentioned that the companies are under-investing. They ate far away from what could be said to be the right cyber defense. One participant mentioned like previous research which says that the response of the private sector is like ‘unmitigated failure’ there is little empirical data made available but a consensus view is one of the anecdotal support. Studies done by McAfee in 2009-2011 in a computer security company showed low levels of cyber defense investment.
The studies revealed that several companies view cybersecurity as a small case or the last thing they could think of. They also neglect the security because they tend to think it is very expensive. McAfee noted that the companies comprise of a weak authentication requirement tool which is able to verify when an individual is accessing the system, his identity and whether he or she is authorized or not. Some have systems able to monitor network activity to identify any anomalies.
Other studies showed that other companies have poor defenses and they are not able to identify when they are attacked. Verizon also noted that 75% of intrusions investigated studied were noted by people and not victims. 66% of victims never knew of the intrusion that happened on the system. A study done in 2011 by Ponemon Institute noted that 73% of the surveyed companies were hacked, however, 88% of there spend extra cash on coffee as compared to securing the web applications (Alexander, 2013).
Whether the company is able to make a socially optimal investment on the security of cyber as well as related issues of who is supposed to pay for the cyber defense company is a question that many should ask themselves. First, it is important to understand what a company is defending and who the anticipated attacker is. The x-axis is shown in fig 1. shows companies which could be subject to cybercrime. A strategically significant company can be said to be one whose compromise can lead to substantial social harm.
For instance, when insignificant companies which are in a competitive market where several companies provide the same services or goods whereby the consumers who are a disappointing defect from one company to another. For instance, online retailers such as Amazon .com. towards the right side are financial institutions which have a high rate of strategic significant scale. Former national intelligence director predicted a situation where an attack on one bank could cause a greater magnitude on order of magnitude which would have an impact on the global economy. The banks, however, are in a fair and competitive market and the consumers are able to take their accounts from one company to another.
A step to the right one finds the Internet Service Providers (ISPs) together with telecommunications carriers (Alexander, 2013). These are very much significant. When Russia was involved in crippling Georgia’s communication system in the 2008 war, the citizens were not able to connect to any news from informed outside sources. They could also not be in a position to send an email to other countries. The markets, in this case, are not competitive and therefore the consumers only have few internet providers as well as telephone companies which they can choose from.
On the far right, there are public utilities and power companies. The companies rate very high when it comes to the strategic scale. Cybercrime on the power grid could cause a catastrophe. The SCADA or industrial control system which the utilities and power plant are internet connected. The hackers could be in a position to exploit the connectivity in disrupting the power generation leaving the millions of individuals an in dark for several months. They could, on the other hand, destroy all the key systems such as turbines.
In the year 2009, the most sophisticated cyber weapon ‘Stuxnet worm’ which had ever been deployed caused the same physical damage in the nuclear program in Iran. The utility markets, on the other hand, are seen to be uncompetitive (Alexander, 2013).
They axis, however, shows the assailants which could commit a cyber attack. These are arranged to start from the bottom to the top following the order of increasing sophistication. The so-called sophisticated attacker can compromise the very secure systems. On the other hand, the unsophisticated attackers are in a position to compromise the unsecured systems. Activists, on the other hand, are above this. They are little more skilled hackers who make use of cyber intrusion to improve an official agenda. They do not keep themselves in groups of formal organizations.
For instance, the ‘Anonymous’ loose association which launched the DDOS attacks in 2010 on financial institutions which did not allow the customers to use WikiLeaks in sending money. Others include the organized syndicate crimes like the one working out of Russia. These are involved in cyber intrusions which are structured organizations for financial gain. The international terrorists could also be placed in this category even if they have demonstrated little enthusiasm and aptitude for the cyber attacks hence its far.
The curve predicts the combination of the attackers and victims who have high chances of occurring. The fourth quadrant comprises of low severity and high-frequency attacks. The retailers, as well as other insignificant firms, are targeted fairly by the recreational hackers who are comparatively unsophisticated. They could also be targeted by sophisticated activists. The second quadrant has attacks which are high severity and low frequency (Alexander, 2013). The most strategically significant companies such as public utilities and ISPs face attacks from very intelligent services and sophisticated militaries as well as organized syndicate crimes where they first seek extract blackmail.
Quadrant 3 has the hacktivists and recreational hackers probably launching the attacks towards the utilities as well as significant enterprises. The targets, however, are less attractive as they are to the intelligence services and foreign militaries. Quadrant 1 is where the foreign governments having low chances of targeting insignificant companies like retailers. The reason is that they do not gain much by compromising the firms even if the organized crime could, however, do this for the purpose of blackmailing.
Research showed that cybercrime is the criminal activity which involves computer network as the tool or place where crime takes place. The worst experience with the damaging electronic virus which corrupted all the documents such that they could not access them. Some participants identified the denial of service attack which made the system to deny all the authorized users a chance to access the system.
The government is doing all that it can to control the cybercrime. There are emergency call numbers such as 111 where people should report whenever there is a crime. Police will come and assist where they can. They also pointed out that the International Criminal Court should exercise their mandate on the issue of electronic crime so as to reduce the electronic crime. Once an individual is caught and there is enough evidence, he or she should be jailed. Some of the criminals serve for months and even years in jail. The cybercrime has made people avoid using the internet for various transactions as they fear crimes such as fraud, forgery among others (Alexander, 2013).
Research shows that cybercrime is also an antitrust problem. The main goal of antitrust is to promote consumers welfare. This is achievable when the business is restrained from being involved in anticompetitive conduct. The law on antitrust therefore is involved with the possibility which the companies will take to coordinate actions which undermine the competition or an agreement which divides the market. The antitrust is, on the other hand, apprehensive on the sharing of information with competitors like exchanges which is feared as it would cause unilateral oligopolistic behavior or anticompetitive collusion.
In the context of cybersecurity, several information and coordination sharing could assist the companies to defend themselves on intrusions. This would prevent the consumer from making losses. Companies in a certain industry could decide to exchange information on the threat. An ISP which discovers that it was victimized by malware could then alert others so as to be keen for similar threats. On the other hand, the company could share the information which is vulnerable. A power plant which could compromise a SCADA system could be compromised by certain intrusion types which would tell the other firms of the vulnerability. The companies also could share also the countermeasure information.
A company could especially discover a better way to defend itself on the DDOS attack. However, it could also inform others so that they make use of the same method. Towards the end, the industry could agree to come up with uniform cybersecurity set standards. The standards could be together with enforcement and monitoring mechanisms to make sure all the members implement the measures agreed upon. They could as well form a cartel (Alexander, 2013).
Research further showed that this could cause a great problem as coordinating the cyber defense could cause anti-trust liability. The companies could, therefore, be reluctant to adopt common standards of security or share information. The fears of liability are widespread as another research done in the year 2002 showed that in the private sector, the main concern on the total communicating cyber vulnerabilities it the antitrust action which is against the cooperating companies. In the report on the year 2009, the American Bar Association recounted concerns on various firms where it was reported that the laws on antitrust created a barrier on forms of cybersecurity information sharing (Alexander, 2013).
Research also showed that cybersecurity is a problem with cyber liability. The law is ready to compensate all the consumers who are injured by-products which were not able to perform as per the expectations. On the other hand, the products liability law makes use of the risk of money damages on the incentive companies to have reasonable precautions especially when manufacturing and designing products. In the case of design defect, the theory is simply that the design which is intended for a product line is very much inadequate and very much dangerous.
The court is able to detect and determine whether it is the manufacturer who had fault when producing a certain product which is found to have defects by using the risk utility test. This compares the product’s risk as it is designed over the cost used in making safe the product. Goods and which are internet related have been found to have design defects which are vulnerable to the so-called cyber attacks. For instance, Microsoft Windows. The software for the Operating system which is known to account for 90% of the PC market is full of vulnerabilities. The Microsoft services are produced in millions and therefore it is inevitable that the programmers could make several mistakes which are not easily detected for repair (Alexander, 2013).
Discussion
In this part, we highlight aspects of the security vulnerabilities, potential attacks countermeasures, In-depth analysis of security risks and regulating cybersecurity.
.
Security vulnerabilities
Attackers use methods in order to be able to utilize the vulnerabilities in achieving the goal. The vulnerabilities can be defined as the loopholes or weak points in security that the attackers make use of to access a network and resource. Some of these weak points are;
Passwords. These will continue to be contentious until the users make a point of selecting one. The issue here is to remember the correct password from several that the user is supposed to remember. Due to this reason, the users decide to choose a common password so that they do not have problems with remembering them. The users will tend to use their birth dates, names of their loved ones and also the date of marriage. This becomes a vulnerability in that other people are given the opportunity to guess the password and use the account(Cleveland, 2006).
Protocol designs. These communication protocols also have weak points. For example, the TCP/IP has weak points that give access to the spoofing of IP address and request attacks of TCP connection. The attackers will make use of them to obtain information hence obtain access to the systems.
Telnet protocol. This is mainly used in administering the systems that run UNIX and MS Windows 2000. If the user is utilizing the telnet client in connecting from a UNIX system to Microsoft or the other way round, the passwords and usernames are transmitted.
File Transfer Protocol. Is abbreviated as FTP. When the user wants to retrieve or send information from a certain location which is secure, the passwords and usernames are transmitted as clear text just like in the Telnet protocol (Cleveland, 2006).
The commands that reveal the information of the user. It is possible to come across the interoperability of UNIX versions and the Microsoft products. The commands that reveal the system and command information is a big threat in that cracker could be able to use the information in breaking onto the system. Some of the ways that can be used are; one, the finger client on Windows 2000 and MS Windows NT may be used in connecting a finger daemon running on a computer using systems based on UNIX. This may show the information concerning the user.
The information about the user who had logged in is displayed in the system when the finger program is running without arguments. The other one is Rexec. This is a utility that is provided as a client on Windows 2000 and MS Windows NT. The client utility paves way for the UNIX system remote execution running with rexecd service. The user sends a message that specifies the password and username as well as the command name to execute. The program is prone to abuse as it may be used in probing a system with names of valid accounts.
Asynchronous transfer mode. IS abbreviated as ATM. This is compromised by “manhole manipulation.” This is a situation where individuals are using has direct access with connections and network cables in parking garages underground and in elevator shafts. The Frame relay is also similar to the ATM.
The device is administration. The routes and switches are managed easily by the command line or HTTP interface. When the passwords are weak, the system allows individuals with little technical knowledge to access the device.
Modems these have currently been a common feature on the desktop computers. Unauthorized modems are a very serious concern to security. Individuals nowadays use them not only to access the internet but to have a connection with their office and maybe work while still at home. The main danger with the modem is that it is a method used to bypass ‘firewall” which offers protection to intruders. However, if a hacker uses war dialer to obtain the telephone number of the modem or uses password cracker to destroy or break the passwords that are weak, he or she will access the system. As a result of the computer networking nature, if a hacker can connect to a computer, it becomes easy to do the same to the others which are in that network (Bishop, 2003).
Potential attacks
We are in an era where technology is inevitable. The work we do is using technology. The system of computer forms the very main part of the technology. This is because all the technical work is done using computers. Most of the data for example in the bank, post office, army and others have all been digitized. This requires much security in the systems.
There are many types of attacks to a system of a computer. They are divided into two. These are active and passive attacks. The active attacks, for example, the virus, cause damage or harm in the system. It has codes which infect programs by attaching itself to them and replicating. When the program that is infected becomes executed, the code of the viral also becomes executed. This code can be uploaded to another person and the code randomly selects files and looks into whether they are executed. It uses certain strings to attach to programs (Bishop, 2003). The passive attack, for example, the Trojan horse does not have any harm in the system attacked. However, they take some information from that system. The attacker only tries to look into unauthorized information.
Countermeasures
Some of the countermeasures that can be used are;
The solution to reducing the risk of DoS is by failing to run a server that seen in the world at a close level to the capacity. Keep the operating system patches that are security related updated all the time using service packs that are latest, and make use of packet filtering that prevents the entry of forged packets in the space of network address. Some of the forged packets are the ones that claim to be from own hosts (Cleveland, 2006).
Sniffing also called eavesdropping can be prevented by using physical security that is strong and also does proper segmenting to the network. Sniffing controls local collecting of traffic. One can also encrypt the communication completely and add the authentication credentials. It regulates the usage of sniffed packets by attackers. Examples of encryption solutions are IP Security and SSL.
To countermeasure spoofing, one needs to filter all incoming packets which seem to be coming from the internal address of IP. One should also filter all the outgoing packets that seem to come from a local invalid IP address.
In the case of Trojan horses, viruses and worms, the user should be updated with current operating systems as well as the software patches. The user should also block the unnecessary ports at host and firewall, disable the unused functionality such as protocol, services and harden the default and weak configuration settings (Cleveland, 2006).
In the case of password cracking, the user should make use of strong passwords for the various account types; make use of lockout policies to the accounts of the end user. The situation is to reduce the retry attempts which are used in guessing the passwords. The user should never make use of account names that are the default. The user should also audit all the failed logins to reduce the attempts of password hacking.
Countermeasures for the unauthorized access are, locking down the folders and files with unauthorized NTFS permissions, configure all the web permissions to be secure. It is also important to make use of control mechanisms of the NET framework within the applications of ASP.NET and URL authorization as well as the demands of principal permission.
In-depth analysis of security risks
Recently in the headlines, there were security breaches on cyber happening all over the world. These were the Federal Reserve and Energy Department breaches. The Federal Reserve had noted that the information had been obtained as a result of exploiting a vulnerability of the product on the website (Ericsson, 2010). The incidences motivate the urgent need for identifying the assets at risk on the networks of the user as well as patching and reacting as soon as the breach has happened.
The security routers provide various security technologies aimed at protecting the mobile users, remote offices and teleworkers. Some of these technologies are the VPN remote access and site to site technologies. They provide data integrity, privacy, intrusion prevention, identity and trust protection capabilities, features of foundational security and premier security. Cisco security routers provide these securities. They make sure that the ownership total cost is low making sure the solution adds value as time goes (Ericsson, 2010).
The main elements which make routers be critical devices in the security network are security connectivity, identity, and trust, the foundation of Cisco network protection and integrated threat control.
Regulating cybersecurity
Having looked at all this, it is very important that we point out that companies should have an effective cybersecurity regime. The research showed that there are four main components used in regulating cybersecurity (Alexander, 2013). One is surveillance and monitoring so as to detect the malicious codes, the second involves hardening all the vulnerable targets. It is also important to make them be in a position to defeat the intrusions. The third is building resilient systems that could function during an attack. These could recover easily and fast. Fourth is responding in the aftermath or after an attack.
The main objective, in this case, is to prevent intrusion from occurring and making the companies be in a position to cope with the intrusions that take place. The very strong defenses will offer an obvious and first-order level of protection, which states that better defense is an indication that there will be less damage. On the other hand, they could also provide a second-order level of protection which states that strong defenses are only able to achieve deterrence. When the victims are enabled to survive, defeat and recover from the cyber attacks, the measures are able to increase the costs expected for an intrusion to the attacker. It also decreases the benefits expected.
Recommendations
The regulatory commands should not just mean solutions of command and control. In actual sense, to promote better cybersecurity, the community together with other organizations should plead with companies to have cybersecurity. They should Encourage them to have their defenses (Alexander, 2013). That should be done through providing subsidies and immunizing them from liability other than sanctioning when during the times they fail to have the defenses. The companies should utilize things like public health laws which are distributed with the aim of collecting as well as sharing information on cyber crimes.
On the other hand, the private sector is supposed to be actively involved in coming up with industry-wide cybersecurity standards. This is because it frequently does so in environmental law as well as regulatory contexts. The offers threats of liability and immunity could also be used in encouraging the companies to make use of the standards agreed upon.
In the case of infected computers, they should be disconnected from the internet temporarily. The disconnection prevents spreading of malware and is also done to improve the critical system ability with the aim of surviving intrusions (Alexander, 2013). The companies, on the other hand, should be advised to build systems that have access capacity as remote backups and reserve bandwidth which may be called into service in cyber attacks.
Conclusion
The cyber threats will never stay away from us. As much as the community continues to rely on the networked infrastructure as in the power grid, banks among others, we will come to realize that they will always continue to attack the digital assets. It is, therefore, very important that we think of cybersecurity making use of the analytical framework which can account for all the challenges in its complexity. As the research has shown, the cybersecurity is very much essential and intricate such that it cannot be left to criminal law as well as armed conflict law.
The paper has, therefore, successfully identified new approaches required to account for the systematic tendency of several private companies to under-invest in the defense of cybercrime. Most of the companies have failed to invest in systems against the attackers as they do not seem to bear the total cost of intrusions resulting in (Alexander, 2013). The harms are to some extent externalized on the third parties. On the other hand, companies tend to neglect the so-called cybersecurity as by improving their defenses could be security for other company’s systems. These benefits are, therefore, partially externalized, and this offers chances for freeriding.
References
Alexander, N. S. (2013) Regulating Cyber –Security. Northwestern University School of law USA. Vol. 107. No. 4
Bishop, M. (2003). What is computer security? Security & Privacy, IEEE, 1, 67-69.
Cleveland, F. (2006). IEC TC57 Security Standards for the Power System’s Information Infrastructure-Beyond Simple Encryption. Transmission and Distribution Conference and Exhibition, 2005/2006 IEEE PES, IEEE, 1079-1087.
Danny V. & Marc, V. (2013). Cyber Crime: Can a Standard Risk analysis help in the challenges facing business continuity managers?National Bank of Belgium, Belgium.
Ericsson, G. N.( 2010). Cybersecurity and power system communication—essential parts of smart grid infrastructure. Power Delivery, IEEE Transactions on, 25, 1501-1507.
Hult, F & Sivanesan, G. (2013). Introducing Cyber. Journal of Business Continuity & Emergency Planning Bank of England Threadneedle Street, London UK, Volume 7 No. 2.
Silverman, D. (1997) Qualitative Research: Theory, Method and Practice. (ed.), London: Sage Publications
Appendix
Figure 1 (Alexander, 2013)
Get Professional Assignment Help Cheaply
Are you busy and do not have time to handle your assignment? Are you scared that your paper will not make the grade? Do you have responsibilities that may hinder you from turning in your assignment on time? Are you tired and can barely handle your assignment? Are your grades inconsistent?
Whichever your reason is, it is valid! You can get professional academic help from our service at affordable rates. We have a team of professional academic writers who can handle all your assignments.
Why Choose Our Academic Writing Service?
- Plagiarism free papers
- Timely delivery
- Any deadline
- Skilled, Experienced Native English Writers
- Subject-relevant academic writer
- Adherence to paper instructions
- Ability to tackle bulk assignments
- Reasonable prices
- 24/7 Customer Support
- Get superb grades consistently
Online Academic Help With Different Subjects
Literature
Students barely have time to read. We got you! Have your literature essay or book review written without having the hassle of reading the book. You can get your literature paper custom-written for you by our literature specialists.
Finance
Do you struggle with finance? No need to torture yourself if finance is not your cup of tea. You can order your finance paper from our academic writing service and get 100% original work from competent finance experts.
Computer science
Computer science is a tough subject. Fortunately, our computer science experts are up to the match. No need to stress and have sleepless nights. Our academic writers will tackle all your computer science assignments and deliver them on time. Let us handle all your python, java, ruby, JavaScript, php , C+ assignments!
Psychology
While psychology may be an interesting subject, you may lack sufficient time to handle your assignments. Don’t despair; by using our academic writing service, you can be assured of perfect grades. Moreover, your grades will be consistent.
Engineering
Engineering is quite a demanding subject. Students face a lot of pressure and barely have enough time to do what they love to do. Our academic writing service got you covered! Our engineering specialists follow the paper instructions and ensure timely delivery of the paper.
Nursing
In the nursing course, you may have difficulties with literature reviews, annotated bibliographies, critical essays, and other assignments. Our nursing assignment writers will offer you professional nursing paper help at low prices.
Sociology
Truth be told, sociology papers can be quite exhausting. Our academic writing service relieves you of fatigue, pressure, and stress. You can relax and have peace of mind as our academic writers handle your sociology assignment.
Business
We take pride in having some of the best business writers in the industry. Our business writers have a lot of experience in the field. They are reliable, and you can be assured of a high-grade paper. They are able to handle business papers of any subject, length, deadline, and difficulty!
Statistics
We boast of having some of the most experienced statistics experts in the industry. Our statistics experts have diverse skills, expertise, and knowledge to handle any kind of assignment. They have access to all kinds of software to get your assignment done.
Law
Writing a law essay may prove to be an insurmountable obstacle, especially when you need to know the peculiarities of the legislative framework. Take advantage of our top-notch law specialists and get superb grades and 100% satisfaction.
What discipline/subjects do you deal in?
We have highlighted some of the most popular subjects we handle above. Those are just a tip of the iceberg. We deal in all academic disciplines since our writers are as diverse. They have been drawn from across all disciplines, and orders are assigned to those writers believed to be the best in the field. In a nutshell, there is no task we cannot handle; all you need to do is place your order with us. As long as your instructions are clear, just trust we shall deliver irrespective of the discipline.
Are your writers competent enough to handle my paper?
Our essay writers are graduates with bachelor's, masters, Ph.D., and doctorate degrees in various subjects. The minimum requirement to be an essay writer with our essay writing service is to have a college degree. All our academic writers have a minimum of two years of academic writing. We have a stringent recruitment process to ensure that we get only the most competent essay writers in the industry. We also ensure that the writers are handsomely compensated for their value. The majority of our writers are native English speakers. As such, the fluency of language and grammar is impeccable.
What if I don’t like the paper?
There is a very low likelihood that you won’t like the paper.
Reasons being:
- When assigning your order, we match the paper’s discipline with the writer’s field/specialization. Since all our writers are graduates, we match the paper’s subject with the field the writer studied. For instance, if it’s a nursing paper, only a nursing graduate and writer will handle it. Furthermore, all our writers have academic writing experience and top-notch research skills.
- We have a quality assurance that reviews the paper before it gets to you. As such, we ensure that you get a paper that meets the required standard and will most definitely make the grade.
In the event that you don’t like your paper:
- The writer will revise the paper up to your pleasing. You have unlimited revisions. You simply need to highlight what specifically you don’t like about the paper, and the writer will make the amendments. The paper will be revised until you are satisfied. Revisions are free of charge
- We will have a different writer write the paper from scratch.
- Last resort, if the above does not work, we will refund your money.
Will the professor find out I didn’t write the paper myself?
Not at all. All papers are written from scratch. There is no way your tutor or instructor will realize that you did not write the paper yourself. In fact, we recommend using our assignment help services for consistent results.
What if the paper is plagiarized?
We check all papers for plagiarism before we submit them. We use powerful plagiarism checking software such as SafeAssign, LopesWrite, and Turnitin. We also upload the plagiarism report so that you can review it. We understand that plagiarism is academic suicide. We would not take the risk of submitting plagiarized work and jeopardize your academic journey. Furthermore, we do not sell or use prewritten papers, and each paper is written from scratch.
When will I get my paper?
You determine when you get the paper by setting the deadline when placing the order. All papers are delivered within the deadline. We are well aware that we operate in a time-sensitive industry. As such, we have laid out strategies to ensure that the client receives the paper on time and they never miss the deadline. We understand that papers that are submitted late have some points deducted. We do not want you to miss any points due to late submission. We work on beating deadlines by huge margins in order to ensure that you have ample time to review the paper before you submit it.
Will anyone find out that I used your services?
We have a privacy and confidentiality policy that guides our work. We NEVER share any customer information with third parties. Noone will ever know that you used our assignment help services. It’s only between you and us. We are bound by our policies to protect the customer’s identity and information. All your information, such as your names, phone number, email, order information, and so on, are protected. We have robust security systems that ensure that your data is protected. Hacking our systems is close to impossible, and it has never happened.
How our Assignment Help Service Works
1. Place an order
You fill all the paper instructions in the order form. Make sure you include all the helpful materials so that our academic writers can deliver the perfect paper. It will also help to eliminate unnecessary revisions.
2. Pay for the order
Proceed to pay for the paper so that it can be assigned to one of our expert academic writers. The paper subject is matched with the writer’s area of specialization.
3. Track the progress
You communicate with the writer and know about the progress of the paper. The client can ask the writer for drafts of the paper. The client can upload extra material and include additional instructions from the lecturer. Receive a paper.
4. Download the paper
The paper is sent to your email and uploaded to your personal account. You also get a plagiarism report attached to your paper.
PLACE THIS ORDER OR A SIMILAR ORDER WITH US TODAY AND GET A PERFECT SCORE!!!
