Topic 2

The big issue

The objective of this topic is to:

- examine the key cyber security issues that concern us, both as individuals and organisations,
regardless of the inherent threats, vulnerabilities or the actual impacts or consequences.
- We will also look at all the issues, they tend to resolve themselves into one of four areas of
cyber security; a) cybercrime b) cyber harassment or cyber bullying c) cyber warfare d) cyber
surveillance.

Cyber Crime

Cybercrime can affect anybody, regardless of whether or not they are online. Once a criminal acquires
your bank or credit card details, they can spend your money, even if you have never used a computer.
Here are examples:

a) Financial Theft

Online criminal gangs can target specific groups of individuals by advertising on legitimate websites non-
existent vehicles for sale. After agreeing to purchase the vehicle via email with the fraudsters, buyers
then receive an email purporting to be from an organisation such as Amazon stating that their money
will be held in an escrow account, and that once the buyer has confirmed that they agree with the
arrangement, the money will be released to the seller, therefore offering ‘buyer protection’. In reality of
course, once the money has been transferred by the buyer into the ‘escrow account’, the transaction
ends with no vehicle in sight.

b) Web defacement

Web defacement is the work of a hacker; breaking into other people’s computers for fun, revenge or to
make a statement of some form – often on political, ethical or environmental matters, and some
hackers will simply deface a website (usually its ‘landing’ page) in order to make their point.

c) Planting the Flag

Some hackers will simply break into a system ‘because it’s there’, and ‘because they can’. There is little
merit in this, other than to demonstrate to their peers how clever they are and how poor the target’s
security is. This intrusion, sometimes called ‘planting the flag’, is to show they have been successful, and
will (they hope) gain them the admiration of their peers.

On occasion, this form of hacking is relatively benign, and can result in defacement of website pages.
Hackers of this type are often so-called ‘script kiddies’, who take advantage of software and techniques
they have discovered in the darker areas of the world-wide web, and although they may mean no real

Notes written by Onkabetse Baitshenyetsi. Source: Cyber Security a practictioner’s guide by David
Sutton
harm, serious damage can easily result since their knowledge and ability to use the software and tools
may be very limited.

d) Copyright violation and intellectual property (IP) theft

Copyright violation is a major industry, but often brings little direct reward, other than ‘free’ goods for
the recipient. Infringement of copyright can include music, films, books, photographs and computer
software. Whilst the copyright holder normally still retains ownership of the material, illegal copies are
made and the owner therefore is deprived of the benefit they may have earned from it.

Copyrighted material is often distributed using file sharing websites, such as The Pirate Bay, using so-
called ‘torrent’ files that link users back to the particular file or files to be downloaded. As more users
join the sharing process, the downloaded material becomes shared between them and distribution is on
a peer-to-peer basis. This also makes it impossible to identify the individual who originally hosted the
material, since many copies will have been made in a very short space of time. Whilst exchanging files by
torrent is not illegal, the content may well be, especially if it is someone else’s copyright and they have
not agreed to its being shared in this way. Losses to various industries are estimated to be in excess of
US $50 billion per annum.

More examples of Cybercrimes on page 16

CYBER HARASSMENT OR CYBER BULLYING

Cyber harassment or bullying is simply the act of harassing or bullying a person or group of people using
cyber-based methods such as social media, text messaging and the like.

Cyber harassment is intended to make the victim aware that something very specific might happen to
them. The person making the threats might be known to the victim, or they may be unknown, and
targets can be widened to include organisations that the person making the threats feels have caused
them or someone else some injustice.

a) Cyber stalking

As with conventional stalkers, cyber stalkers operate in two slightly different ways. First, they can follow
the movements and activities of their victim by stealth, and not alert them to the fact that someone is
following them. Second, they can still follow the movements and activities of their victim, but this time
rather more openly, with the victim being aware they are being stalked, but usually without knowing the
identity of the stalker. Sometimes the victim will be a person known to the stalker.

b) Cyber trolling

The activity of cyber trolling is a form of verbal abuse designed to intimidate or offend the victim in
some way. Cyber trolls make confrontational or abusive statements online and differ from cyber stalkers
in that cyber trolls rarely make much effort to hide their identity. Cyber trolling also differs from cyber

Notes written by Onkabetse Baitshenyetsi. Source: Cyber Security a practictioner’s guide by David
Sutton
bullying or harassment in that it is carried out quite openly, possibly in the hope that others will support
the cyber troll’s point of view, designed to cause distress to the victim.

Cyber trolls will often use social media or online discussion forums to post inflammatory comments,
designed to provoke a reaction or response from the victim, which will invariably seed the troll with
further opportunities for posting comments, and this can easily escalate into a full-blown online fight.

Current wisdom suggests that ignoring comments posted by cyber trolls is by far the best way of dealing
with them, since their activities will soon peter out if there is no reaction, response or exchange.

CYBER WARFARE

The term cyber warfare describes the process by which one nation state or politically motivated group
conducts an attack against some aspect of another – possibly its critical infrastructure (CI), its
government’s political process or indeed the offensive or defensive capability of its armed forces.

a) Espionage

Espionage is the capability to obtain secret information without either the permission or the knowledge
of its owner. Governments routinely spy on one another. They have done so for centuries and will
doubtless continue to do so for many more. Sometimes, the espionage is concerned with finding out
what another government has – for example, its nuclear missile capability – whilst at other times it is
concerned with another government’s intentions, which may be more difficult to discover, but which
might be deduced, given sufficient data.

c) Surveillance

Surveillance is slightly different from espionage – perhaps not in the way it is carried out, but in its aims
and objectives. Surveillance focuses on keeping track of people’s activities, communications and
contacts, and in cyber warfare terms, could be described as being more akin to investigations into
terrorism.

This is where there is a particular crossover in the techniques used by security agencies and the military,
since both need to co-operate in order to track down suspected terrorists.

CYBER SURVEILLANCE

Whether or not we are conscious of the fact, we are continually under surveillance. There are two quite
distinct types of cyber surveillance. The first that readily springs to mind is that of intrusive or invasive
snooping, which particularly since the Snowden revelations11 is usually associated with surveillance by
the security services. The second, which on the surface is much less intrusive, is the collection and use of
data about us by organisations with whom we interact on a daily basis.

Notes written by Onkabetse Baitshenyetsi. Source: Cyber Security a practictioner’s guide by David
Sutton
 a) Cookies

It’s not only search that leaves a digital trail – whenever you visit a website, it can leave a small file on
your computer known as a ‘cookie’. Many cookies are essential to being able to use the website – for
example, when you are shopping online, the store needs to be able to link your shopping basket with
your computer so that you buy what you actually want. Other cookies are less helpful to you, and may
record which pages you have opened, which flights you’ve examined or which camera you’ve
investigated.

b) Smartphones

Many people now have moved away from the conventional mobile phone. All it can do is make and
receive calls and text messages. Along came the iPhone and changed all that. Now all the major mobile
phone vendors have jumped on the smartphone bandwagon, and the amount of data they can collect
from you is absolutely staggering.

WHY WE SHOULD CARE

From a business perspective, there are four key reasons why we should take notice of cyber incidents,
plan to defend ourselves and our organisations against cyber-attacks, and be prepared to respond to
them if they occur.

• Manage risk, and that includes the risks of cyber-attacks, whether these are accidental or
deliberate; whether as individuals or businesses.

• Customers have a right to expect organisations to safeguard their information when they provide it to
them for whatever reason, and they need to trust that they will not misuse it – in other words, robust
adherence to data protection legislation.
• In highly regulated sectors, organisations may need to be able to demonstrate compliance with national
or international standards, such as ISO/International Electrotechnical Commission (IEC) 27001,
• Organisations should be able to demonstrate good security practice as a means of achieving competitive
advantage.

WHAT MAKES CYBER SECURITY DIFFICULT?

Unfortunately, life is not as simple as we would like it to be, and there are a number of inhibitors or
barriers to our achieving our expectations about privacy and security, especially for individuals, smaller
organisations or SMEs.

a) Cyber security knowledge and skills i.e. Organisations of all sizes frequently do not possess the
people resources they can allocate to this kind of work.

More examples on page 31

Notes written by Onkabetse Baitshenyetsi. Source: Cyber Security a practictioner’s guide by David
Sutton