An Examination of Some of the Greatest Security Threats

At this point in society, technology has reached the point where it is now used by just about everyone. As such, there are now a large number of criminals who have permeated the world of technology and now pose serious security threats to the rest of the technology-using population. Although the number of cyber security threats are numerous, there are a small handful that are more widespread, and more dangerous, than others.

The first of these is perhaps the most infamous of all: identity theft (sometimes referred to as "phising"). Identity theft, quite simply, is the process of a hacker acquiring, or attempting to acquire, confidential documents, then using these documents to gain access to sensitive information of the user, such as bank accounts and government websites. There are many causes for identity theft, the most common being simple financial gain. It can also be done as a simple malicious attack against someone for whom the hacker holds a personal grudge. The best way to combat identity theft is to first understand exactly how hackers manage to steal information. An article by Markus Jakobsson and Steven Myers (2007) explains that identity theft is a multi-stage process. First, the hackers use what Jakobsson and Myers call “the lure.” This is where the hackers send out a mass number of email messages that appear to be from legitimate sources, such as a bank or cell phone service provider. The next step is called “the hook.” Here, the hackers must encourage the user to go to a specified website and enter sensitive and identifying information (such as passwords, bank account information, or answers to security questions). The final step, “the catch,” is where the hacker uses this information to actually hack a user’s account by using information gained in the previous two steps to impersonate them. Oftentimes, if a hacker has already reached step three, it is too late to do anything about it save for changing passwords. However, this does not mean there is nothing to be done about identity theft. An article by Neil Chou, Robert Ledesma, Yuka Teraguchi, and John C. Mitchell (2004) explains a few common solutions that can help the average consumer identify phishing attempts.

The most obvious line of defense is simple observation. Examining the URL of a webpage can expose phishing attempts easily, as explained in the article. “An @ in a URL causes the string to the left to be disregarded, with the string on the right treated as the actual URL for retrieving the page. (Chou et al., 2004, p. 4)” This means that it is possible to identify phishing attempts simply by looking for an @ symbol in the URL bar. If it does, it may be necessary to take other preventative measures to determine if a URL is a phishing attempt. This step, according to Chou et al. involves using a program called SpoofGuard, which is a plug-in that can scan pictures in potential phishing emails to determine if those same pictures have been reported in other identity theft cases. The last resort for a victim of identity theft is to quickly notify all credit and banking agencies of the identity theft in order to minimize the financial damage done. Because of these measures taken, identity theft is becoming less and less of a problem, and, thus, no real sweeping change is necessary to deal with it. It will, however, require constant vigilance on the part of technology users, but that much was established already.

The second cyber-threat is what is known as cyberbullying. Cyberbullying is a serious threat in the world of technology because, while it is not a physical form of bullying, it can have effects equal to or even greater than "normal" bullying, and it is no longer limited to just children and teenagers, either, terrorist organizations now use cyberbullying as a coercion tactic regularly. Cyberbullying is the act of someone using the internet to perform traditional bullying tactics such as extortion, threats, or simple humiliation. Cyberbullying is more of an issue than people think, especially in this day and age. Studies show that about 20% of teenagers aged 11-18 reported being cyberbullied at least once, although that number could be as high as 40% (Hinduja & Patchin, 2011). The effects of cyberbulling on teenagers are profound. Namely, it increases thoughts of suicide, as well as attempts at suicide, by a large margin. “In our recent research involving approximately 2,000 randomly selected middle --schoolers from one of the most populous school districts in the United States, 20% of respondents reported seriously thinking about attempting suicide (19.7% of females; 20.9% of males), while 19% reported attempting suicide (17.9% of females; 20.2% of males)” (Hinduja & Patchin, 2011). In terms of solutions to cyberbullying, there are a few, but they mainly rely on prevention, rather than taking any sort of action after the fact. The best way to prevent cyberbullying is simply to never visit websites where cyberbullying takes place. If one observes cyberbulling taking place to themselves or others, the best strategy is to simply cease using the site. However, in more serious cases of cyberbullying, it is possible for law enforcement to pinpoint where a particularly troublesome cyberbully is operating from and take him or her into custody, although these measures are taken in only the most extreme cases of cyberbullying (Hinduja & Patchin, 2011). Once again, enacting any sort of legislation to prevent cyberbullying would be difficult, and largely ineffective, since the very nature of the crime means that it is fluid and difficult to contain.

Cyber threats have evolved a great deal in the last few decades, but so too have the methods used to combat it. The unity that the internet has brought the world is also its biggest weakness, as cybercrime is only becoming more and more widespread as the internet continues to increase in prevalence across the world. Both these hackers and law enforcement must be constantly updating ways to subvert each other’s defenses in the never-ending war on cybercrime. There are always ways to combat it, though, such as by being vigilant with anti-virus software, and keeping abreast of the latest news regarding tactics that hackers are using. Cybercrime relies primarily on ignorance of fear of its victim in order to be effective, and these are the easiest things for users to change

References

Chou, N., Ledesma, R., Teraguchi, Y., & Mitchell, J. C. (2004,). Client-Side Defense Against Web-Based Identity Theft. In NDSS. 3-5

Jakobsson, M., & Myers, S. (Eds.). (2006). Phishing and countermeasures: Understanding the increasing problem of electronic identity theft. Wiley. com.

Patchin, J. W., & Hinduja, S. (2011). Traditional and nontraditional bullying among youth: A test of general strain theory. Youth & Society, 43(2), 727-751.