Cyber Security Threats

Introduction

Cyber warfare, cyber-crimes and cyber thievery are a reality in the 21st century. In the past year, 26% of Americans have had their data breached. Such security breaches reduce the trust the citizens have in the government. This is because citizens lose the confidence they have in the government’s role in protecting their confidential data and information. In addition, security breaches add an extra cost to the government.

Today, hackers exploit any areas with potential weakness in a system in order to breach the security. Traditional security breaches zones of computers have long expanded to now mobile phones and social network sites (Ye 17). Cyber security threats are an increasing menace and it has become pertinent that every individual protects themselves from these security breaches and stay safe when online by using firewalls of established providers and avoiding potentially dangerous sites. It is believed that more than three-quarters of all threats are driven by a financial motive (Douligeris126).

Cyber Security is facing an ongoing challenge to protect and keep secure information that is placed on computers or computer systems usually through the Internet from theft, damage or unauthorized access. The problem we are seeing is that the threats are evolving faster than the processes used to protect these attacks. The cyber security threats facing us are dynamic and continue to increase in number and complexity on a daily basis. A discussion of the top ten cyber security threats by 41st Parameter, a leading company in online fraud intervention, is discussed.

Data Breaches

A data breach, data leak or data spill as it is popularly known entails the intentional or unintentional release of information that is secured to an environment that is not trusted or to a person who has no authorization to access such information. Data breach incidents range from attacks by black hat hackers as organized crime or backing by national governments to exposure of data storage devices resulting from the careless disposal of computer devices containing such storage and information (Dowd and John 16).

A data breach entails the copying, transmission, viewing and stealing of or having unauthorized access to protected, confidential and sensitive data or information. It may involve the information contained in credit and debit cards, bank details, trade secrets, intellectual property and information on personal health to mention but a few (Shareef, Norm and Shantanu 150). A data breach may include incidents of loss or theft of digital media like hard drives, computer tapes, laptops and personal computers and tablets that contain storage of unencrypted information. A data breach may occur if an individual posts such sensitive information on a website database or a computer that is accessible to the internet without credible security precautions. This poses the information liable to breach by a hacker (Douligeris 126).

Security breaches occur in instances where a user having secured their information in a file, folder or database with a weak password (Baccas and Kevin 8). Such a password is said to be weak if it is easily predicted by a third party. A weak password may have minimal characters or is easily predictable. For instance, a user having their name or date of birth as their password is considered to have a weak password. This is considered to be a weak password since a person trying to breach the individual’s security will start by trying to figure out the password from such clues as the individual’s personal information. Weak passwords are prone to guesses, cracks and brute force attacks (Douligeris 126).

To avoid this threat, users are encouraged to create passwords that are random, long and accommodate a number of characters including symbols and numbers (Bathurst, Russ and Alijohn 102). Systems should be created that store passwords securely to prevent a breach of passwords themselves by hackers. In addition, systems should be tested for vulnerabilities to ensure that passwords are validated and the guess effect of passwords is minimized.

A back door is a security breach where an individual bypasses the required authentication securing remote access to a computer or a computer system illegally (Dowd and John 21). Hackers using this weakness in the system try to remain unknown by embedding the backdoor to installed programs or subvert the entire system with a rootkit. Backdoors gained popularity when multi-user interfaces and networking of computer OS became adopted by many individuals and firms.

A backdoor is carried out in a login system in the form of a user name and password that is hardcoded (Dowd and John 22)This combination then gives the hacker access to the system. These hard codes of username and password combinations are usually inserted in the system during design and creation that will give the programmer access to the system on a future date when they want to access the system.

Another way of implementing a backdoor without changing the source code is through rewriting the entire compiler enabling it to recognize the code when the program is being compiled and subsequently triggering a backdoor to be included in the final output after compilation. The compromised compiler upon finding such a code recognizes it as normal and inserts a backdoor such as a routine for password recognition. The individual upon providing the specified input gains access to the program or certain aspects of the system.

Backdoors are not easily detected or removed. They cannot be uninstalled like a normal program and sometimes reinstalls them after uninstallation. The best way to prevent one from attacks by backdoors is by the use of antispyware software that performs scans on the computer for detection of backdoors. An individual should regularly scan their computers for malware and Trojans (Sikorski and Andrew 231). In addition, an individual should install security updates on their computer as regular update of the system improves the overall security.

To prevent these threats of data breaches in general, patching may be used. This entails installing software that is designed to fix problems and bugs including security vulnerabilities and update the system.

Data encryption may also be used to secure sensitive data (Sikorski and Andrew 9). Encryption entails encoding the information in a manner that unauthorized personnel cannot read the data. When used, the data is encrypted by the use of an algorithm that turns the entire data into a ciphertext which is unreadable thereby preventing the hacker from understanding the information.

Malware

A Malware is a program or software that is used by an attacker to damage computer operations, gain access to computer systems or gather sensitive information. A worm is a type of malware program that spreads itself to many computers through self-replication. Worms spread through computer networks across computers by targeting computer vulnerability and security failures in these computers (Baccas and Kevin 73). Worms unlike viruses do not attach themselves to programs but rather associate freely with the target. Worms may cause harm to a network through consuming bandwidth. Worms are designed to spread across computers without corrupting the systems.

The worms, however, cause disruptions of the networks by increasing network traffic and causing undesired effects on the network. A Trojan is a type of malware that is not self-replicating but with hacking capabilities. Trojans gain access to an OS, usually privileged, through cheating the system with an appearance of performing desirable functions but rather implements a payload that is malicious (Baccas and Kevin 75). These malicious payloads include backdoors. They are often invisible to an average user and tend to slow down a computer. Trojans may harm computer systems hosting them. They may also steal information. Trojans are commonly embedded in games and software or downloads from the internet. Once a user installs such a program, they install both the Trojan and the intended program without knowledge of the existence of the Trojan.

A computer virus is a kind of malware that executes itself through replication of copies of itself and injection into other programs and computer files (Bathurst, Russ and Alijohn 25). This replication may occur in files containing data, hard drives in the computer and boot sectors of the system. Successful replication results in infection in these areas. Viruses execute harmful activities on the host computer including stealing of hard disc space and even CPU time (Baccas and Kevin 72). In addition, the viruses may also corrupt data, access secured information and display messages on the screen. Programmers who write viruses exploit the knowledge they have on security vulnerabilities (Bathurst, Russ and Alijohn 80) and social engineering concepts to gain access to the resources of the host. The majority of the viruses made target machines running on Microsoft’s OS Windows as many users of computers use it (Baccas and Kevin 72). Most viruses are designed to attack and infect the host computer stealthily without detection by antivirus systems. This is achieved by the use of complex anti-detection codes and algorithms in the virus’s source code. Virus writers write viruses with the aims of obtaining profits, sabotage, and point out vulnerability in programs, broadcast messages or for personal amusement.

A rootkit is a type of malicious software designed to work stealthily and hide or bar the existence of certain programs and processes (Pfleeger and Shari 18). The rootkit enables continuous and privileged access to a computer through evading normal detection measures by the computer. Installation of a rootkit can be automatic or manual once an attacker obtains administrator or root access to a computer. This access is usually obtained through a direct attack of the system after exploiting known system vulnerability or through a data breach.

To prevent against malware, one should avoid downloading files that they do not trust or from suspicious sites (Pfleeger and Shari 30). An individual should also install a good antivirus and update it frequently. In addition, an individual should update their browser and ensure it is patched to ensure errors are corrected and that it is updated to deal with new threats (Pfleeger and Shari 30). A user should also install a strong firewall on their computer and also make backups of their data.

DDoS

A Distributed Denial of Service (DDoS) is an attack where several compromised systems launch attacks to a single target causing a denial of service to that system. The DDoS causes a temporary or indefinite interruption of services (Vacca 47). These attacks are often channeled to web servers of high profile such as payment gateways of credit cards and bank systems.

DDoS attacks are usually carried out through the consumption of computational resources such as disk space, bandwidth, and memory disk space and processor time. The attacker may also disrupt configuration information such as routing information. The attacker also disrupts state information by resetting TCP sessions (Vacca 68). In addition, the attacker may disrupt the communication of media between the intended user and the victim. Without adequate communication, there is vulnerability in the system and the attacker can launch a threat or a DDoS attack on the system.

To prevent against DDoS, an individual or entity can increase their bandwidth to ensure sufficient bandwidth is allocated to core functions. Administrators of networks and systems should also be vigilant to ensure they identify DDoS attacks early enough (Vacca 71). The administrators should then plan ahead to ensure they are ready for any attacks or have measures in place to handle attacks if any arise in the future.

Mobile Threats

Mobile threats are attacks on portable devices such as mobile phones, tablets, and any other wireless device. Attacks on mobile devices occur through exploiting weaknesses of smartphones and tablets through Bluetooth connection of devices, Wi-Fi access points (Nichols & Panos, p. 64) and through means of communication such as multimedia messages, short messages, and the entire GSM. In addition, attacks on web browsers installed on these mobile devices and general attacks on the operating systems (Dunham and Saeed 10).

Mobile threats are carried out by attackers who exploit the weaknesses existent in tablets and smartphones as a result of the means of communication that these devices use. Communication via Bluetooth, SMS, MMS, Wi-Fi, and GSM leaves these devices susceptible to attacks. In addition, they exploit software vulnerabilities that arise from using web browsers and software vulnerabilities (Bathurst, Russ and Alijohn 82). The attackers use malicious software that the average user cannot recognize easily.

To prevent mobile attacks, resources need to be monitored and network surveillance carried out periodically to ensure the safety of users. A mobile user should also remove or uninstall any unneeded software on their devices. Users should also install strong antiviruses and firewalls to ensure threat attacks and malicious software is detected and prevented from harming their mobile devices (Vacca 55). Lastly, service providers should install a network intrusion system (Nichols and Panos 73) to ensure the general safety of their subscribers (Dunham and Saeed 10).

Industrialization of Fraud

The industrialization of fraud is the act of individuals engaging in fraudulent acts against information systems. The majority of these frauds occur over the internet and target transaction websites. Hackers con individuals online and solicit payments from them. Attackers use spams, malware, phishing and manipulation of search engines to carry out frauds online.

Users can prevent themselves online from fraud by recognizing the different devices and establishing the relationship between these devices before connecting with them or sharing information as many have fallen victim to traps.

Individuals should also implement measures that search for signs of repeated accounts of user or account surveillance. These are key pointers to monitoring or spying of an individual and once detected, a user should avoid visiting such unsafe websites or install a strong firewall on their computer.

Businesses are also required to create systems that deal with spikes and alerts of fraud. They should ensure the safety of their customers online through encrypting sensitive web pages and ensuring that money transactions happen on secured connections.

Consumers and users of the internet are supposed to be pro-active and vigilant when online to ensure they protect their identity against theft and other sensitive information. They should avoid suspicious websites at all times. In the event of suspected threats online, users should change their user names and passwords especially those of credit cards and electronic money transfer systems.

Email Vulnerabilities

Email vulnerabilities are the different securities threats that users of email systems encounter when they use emails. These threats are implemented by an attacker over a network who acts remotely. Email threats increase on a daily basis and many attackers are interested in this area as emails mainly store and have sensitive user information and links of access to other websites and portals online (Bradely 8).

Email threats occur in different ways. For instance, SPAM, is a type of email threat. SPAM in emails entails the bulk sending of unsolicited messages to users indiscriminately. Attackers use this method to send worms, viruses and malicious software randomly to users. This is a preferred method as they send emails that contain these threats arbitrary to anyone. Once a user opens these emails or clicks on the links I the email, the attacker then breaches the security of that user by accessing their personal computer remotely or jamming their network (Bradely 8)

Phishing is the attempt by a hacker to acquire user information electronically in a network by presenting themselves as trustworthy. This information includes usernames, passwords, email addresses, and even credit card numbers. The attackers usually lure their victims by faking their communication to appear legit from rusted providers. For example, an attacker may send a link via email to a user that redirects the user to a web page of a bank, online payment portal or login page to a system such as a school or work portal (Skoudis and Lenny 165). These links redirect the user to websites infected with malware. The links may also redirect the user to a different website but with the source code of the legit website thereby displaying the webpage as though it is legit. Once such a user inputs the data, it is saved on that malicious website. Attackers use such tricks to deceive innocent users online (Bradely 8).

Viruses can also be sent via email to victims by attackers. The viruses may not appear explicitly on the emails as viruses but are rather disguised for instance Trojans or embedded to pictures, music files or generally any file attached and sent via email. These viruses then attack the computer of the user once the user downloads and open the infected files (Bradely 14).

To prevent email vulnerabilities, users are encouraged to install strong antiviruses on their computers that have strong firewalls to ensure email attacks are detected and prevented. In addition, they are required to update these frequently to ensure the latest system updates are implemented on the systems they have installed as outdated anti-viruses as good as useless.

Users may also use a DNS-based Blackhole List (DNSBL) to prevent email threats. The DNSBL contains a list of all IP addresses published on the DNS that are queried in real-time. The DNSBL will then publish all addresses from computers and networks linked to spamming of mail services and configured to reject and flag messages and emails sent from these listed sites or computers. This is an effective method in preventing email attacks as spam messages and malicious emails from unwanted zones are blocked from the user’s email. In the event that they are not blocked, they are flagged and the user is alerted of such malicious emails.

Greylisting is also used to prevent email vulnerabilities. Greylisting entails the defending of email users in a system against spamming. It is implemented by mail transfer agents. Greylisting enables the system to reject emails and messages from unrecognized senders. Legitimate emails will be passed by the server after successful authentication of their validity. Greylisting is effective in preventing email threats as it records the connecting host’s IP address, the envelope of the recipient and senders address. The internal mail server’s database then records the timestamp of the email and dismisses the email temporarily as an error until authenticated for successful delivery. Unknown emails and suspicious emails are rejected by the greylisting system ensuring they do not get delivered to the recipient.

Spam traps are like honeycombs used to collect spams (Skoudis and Lenny 167). These email addresses are not created for communication purposes but rather as agents of luring spams. Emails sent to this address are considered as unsolicited as the user does not use this email for communication purposes but rather as a spam trap. The user then blocks all addresses that sent emails to the spam trap as they are considered unwanted. This ensures that the user does not receive emails as spams from these addresses.

Simple mail transfer protocol (SMTP), is a standard used by the internet for the transmission of emails across networks (Skoudis and Lenny 171). To prevent email vulnerabilities, the SMTP has included various tools and protocols that detect and prevent spamming ensuring the safety of users.

Web Browsing Vulnerabilities

The web is highly susceptible to vulnerabilities and threats. Web browsers are highly vulnerable to threats. This is because through the web, many computers are connected and it becomes easy for a hacker to exploit the user in the network when they are online. Hackers exploit users on the web through various forms. It is particularly of concern that the majority of fraud is dispensed online.

Through the web, Trojan software is freely circulated. This Trojan software is malicious in nature but appears disguised to an average user posing to be harmless. Trojan software is usually hard to detect. They are prevalent in the website and a user accessing the internet is prone to attack by the Trojan software especially from data sharing sites and through file transfers.

On the internet, during web browsing, a user may encounter malicious code in sites such as social networks or even via email. This malicious code is usually written with the intent and purpose of causing harm to the computer of the user once executed.

On the web, spyware software is extensively used. These spywares are used by attackers to monitor user activity and behavior of a user remotely on their computers. The spyware software once installed in a system acts remotely without the knowledge of the victim. The attacker may use such software to access the webcam of the victim when online or tap into the microphone of the victim’s computer to here conversations of the victim. Spyware software may also give an attacker access to text files and all inputs by the victim into their computer including sensitive information such as user names and passwords.

Adware is a type of software package intended for rendering advertisements to users in order to generate revenue for the developer. This useful avenue can be exploited by a malicious person with the intent of attacking an unsuspecting innocent user. The adware collects user information when online and then displays a relevant advertisement to that user but exploitation of such an avenue by a hacker may enable the hacker collect other sensitive information of the user such as credit card numbers, pins, and passwords for exploitation.

To prevent web vulnerability, a user having a computer with sensitive information is advised not to surf the web with that computer at all. The user may access the internet using other computers but avoid the access of the internet with such a computer.

Users should also install security patches on their computers to ensure that they are secure from web vulnerabilities. These patches when installed will fix bugs in the browsers and other additional security vulnerabilities. The patches have an additional advantage of improving the performance of the browser and computer.

Installing system updates and software updates on a regular basis goes a long way in ensuring the security of a user. These updates come with the latest improvements of the system and software and ensure that vulnerabilities of previous versions are addressed. A user with a well-updated computer system minimizes greatly the risk of attacks and vulnerabilities on the web as their systems have increased immunity and tolerance to threats.

Lastly, to militate against web vulnerabilities, users should use the latest browsers in the market that allow encryption by a 128-bit system. This is because 128-bit encryption is secure and will ensure that vulnerabilities of the web are addressed. Users of web browsers should also upgrade their browsers to support this encryption.

Windows OS Exploits

An exploit is a software, data or sequence of commands that take advantage of the vulnerability of a system in order to cause erratic behavior to occur on the computer hardware or software. Exploits usually take advantage of system glitch and bugs to cause undesired, unanticipated and unintended behavior on computers. Exploits and such related behavior include the intrusion of a computer by the attacker.

The Windows OS has a number of vulnerabilities that can be exploited by an attacker. For instance, when on a network, an individual may be susceptible to attacks remotely by other users on the network or the entire web. This is because the Windows software allows access to one’s local files as they are visible and displayed on the network unless the user deliberately hides them or protects this file with a password (Dunham and Saeed 10).

Local exploits on Windows can also cause threats to a user. The format and syntax of programs and executable files on windows are the most popular as majority of computer users worldwide use Windows. This high number of people using Windows makes it an area of target. Attackers create backdoors in Windows on their victim’s computers or exploit the already known backdoors and vulnerabilities that exist in Windows (Dunham and Saeed 10).

Hackers may also access files of users without authorization on a network or locally. This is because, by default, the files on windows do not have a privacy option with them. The user is required to set the property of these files and folders manually to ensure there is no unauthorized access. When the permission and sharing options of a folder have not been secured by a user, an intruder without authorization can access the content of these folders if they are using the victim’s computer.

Windows has a vulnerability or bug error that allows an attacker to arbitrarily execute a command on the target computer or process. Attackers use software known as arbitrary code executer which aids them in executing the arbitrary codes of choice. The attacker injects codes and executes shellcodes that ease the process or running arbitrary commands and codes. In addition, an attacker can execute arbitrary code remotely on a victim's computer when on the same network such as on a LAN or WAN. In windows, these vulnerabilities are the worst bugs as they allow an attacker to completely have control of the vulnerable process and a number of this exists in Windows.

To prevent these exploits in windows, a user should frequently install updates on their computers. Microsoft frequently updates the source codes of their operating systems and encourages users to install these updates on their computers. These system updates strengthen the immunity of computer systems. In addition, vulnerabilities of the operating system and existent backdoors and bugs are usually addressed in these updates. Once installed, the overall security and also performance of the windows OS is improved ensuring a user is kept safe and protected (Carpenter 21).

Users should also use a password to secure their files, documents, and folders. Protection of data is essential as an intruder is barred from accessing the user’s information since it is secured (Carpenter 8). In addition, when on public networks and the internet, a user should secure access to the local files and drives on the computer by keeping them hidden from the network or using a password to secure access to these drives.

Frequent scanning of a computer will keep a user safe from attacks on vulnerabilities of the Windows OS (Carpenter 16). Through scanning, malware, rootkits, backdoors, Trojans and viruses that generally breach, exploit or cause harm to the system are identified and proper measures to fix these are undertaken. This reduces the susceptibility of attack to a user in as much as the system may have a general vulnerability.

Lastly, to prevent against exploit in Windows OS, a user should ensure they have proper systems and control in place to authenticate, validate and control user access. This way, minimal threats are channeled to the user of a Windows OS.

Office Software Vulnerabilities

Microsoft office is one of the most used software today. Due to this fact, it has a number of security vulnerabilities that cause a wide array of problems to its users. Threats to Microsoft Office include unauthorized access to files. The default option for saving files in Microsoft Office does not save the files with password access. The files can be opened and shared freely by an individual having access to a computer.

Active X was introduced to the computer world in 1996 with Windows as the most common operating system that uses it. It is a software framework registered under Microsoft that takes the form of its preceding Object Linking and Embedding and Component Object Model technologies for any information acquired from a network especially the World Wide Web. It can be activated or deactivated through the IE security option found in the Settings panel. Web designers and programmers design this framework to create more functionality since simpler scripts and standard HTML lack the ability to perform. A threat is crested to the security of the information since Active X control systems are exposed to information from websites that are malevolent in nature (Skoudis and Lenny 143). Most developers of Active X and similar frameworks design them without the knowledge that only the control’s class identifier is needed for any website to use the control panel. They also assume that the designed control is will only be used by web pages with good intentions hence create a vulnerability to cybercrime.

As opposed to other software frameworks like Java which have means of ensuring java applets do not harm the computer system, Active X lacks such security measures hence has the potency to do just about anything to the system. Moreover, objects developed for Active X usually have statements that outline that they are virus-free and any other suspicious components in their certifications thus leaving an extra step of the consumer verifying the safety of code; something that increases vulnerability when misjudged. Users are, therefore, left at the users at the risk of exploitation and collateral harm from malicious websites (Knapp and Kenneth 6).

Hyperlinks serve as extra reference points to information found in a website that can be directly followed to a whole new document or to just a portion of the web site. Even though hyperlinks create a platform for easier navigation of a web site and serve as shortcuts for accessing specific or additional information, they also have security threats and vulnerabilities related to them. An example is an instance where spammers use hyperlinks as a channel for their illegal activities on the internet. Since there has been software used to enhance the creation of hyperlinks on web sites without the knowledge of the web site owners, hyperlinks lead to unexpected pages on the internet. They are used as means of creating cyber baits through provision of a very relevant topic that has been masked to prevent the user from predicting the destination of the link until they click on it; most of the destinations are malicious and lead to automatic installation of destructive software. Hyperlinks are also used as a means through which blacklisted Uniform Resource Locators (URLs) and web sites maneuver blocks placed on them so that they can be accessible by the public. Most of these pages are created by scam developers or pages with serious malware (Knapp and Kenneth 6).

Several ways have been suggested as mitigation measures to such problems, among them, being software patches. A software patch, as the name suggests, is a form of covering to any loopholes in a system. They normally work with the aim of fixing any bugs that have been identified or discovered during development of the patches. They are the solution to security and compatibility issues involved with new protocols or new components of a system resulting in better and safer usage alongside a boost to the system’s performance.

Firewalls can also be installed to regulate network traffic whether it is incoming or outgoing by providing the analysis and determination of whether or not data packets should be engaged or blocked as stipulated by a set of pre-programmed rules. They establish blockages between known, trusted and secured networks and other networks whose properties are unknown for example the sources of information on the internet. Anti-viruses and firewall protection programs also help in the prevention of the effects resulting from cybercrime, but the most basic step is to first change the security settings of the system to high so that the system works at its optimum security alert level and be able to give you warnings and suggestions whenever the system is at risk.

Conclusion

When it comes to information technology, and digital communication methods, every individual, business and government are faced with a test of coping with constantly changing information systems, threats, and needs. The speeds at which information flows in and out of people’s lives today make information systems more complex and hard to keep up with. As we move rapidly into a technology-filled future, people face the challenge of being effective in a global information environment and remaining safe at the same time. One way through which online safety effectiveness is tested is through investing in research, acquiring information from the consumers when it is still relevant, and ensuring that information security is prioritized at all levels and scales.

The issue of cybercrime is not an issue of the current generation rather it has been in existence for quite some time in the history of computers. It has been a major concern and set back to many development activities relating to technology acceptance and ramification. With regard to the trend it has been following, it has the potency of growing and developing into a serious calamity in the future hence we should strive to ensure that this act does not develop.

Cyber warfare, cyber-crimes and cyber thievery, as discussed in the paper, are a real threat to online users, businesses, governments and other stakeholders. They add extra cost at every level of development and implementation. Today, hackers work even harder to always stay ahead of system developers. These threats have expanded to all the areas where the internet is accessible, including smart devices such as phones. Therefore, cyber Security is facing an ongoing challenge to protect and keep secure information, because the problems or threats are evolving faster than the processes used to tame them. However, all is not lost as businesses put their best foot forward to invest in the best information security systems and processes, to protect their online families and other stakeholders.

Works Cited

Baccas, Paul, and Kevin Finisterre. Os X Exploits and Defense. Burlington, MA: Syngress, 2008. Internet resource

Bathurst, Robert, Russ Rogers, and Alijohn Ghassemlouei. The Hacker's Guide to Os X: Exploiting Os X from the Root Up. Burlington: Elsevier Science, 2012. Internet resource.

Bradley, T. Essential Computer Security: Everyone's Guide to Email, Internet, and Wireless Security. Burlington: Elsevier, 2006. Internet resource.

Carpenter, Tom. Microsoft Windows Operating System Essentials. Indianapolis, Ind: John Wiley & Sons, 2012. Internet resource.

Douligeris, C. Network Security: Current Status and Future Directions. Hoboken, NJ: IEEE Press, 2007. Internet resource. 126

Dowd, Mark, and John McDonald. The Art of Software Security Assessment: Identifying and Preventing Software Vulnerabilities. Harlow: Addison-Wesley, 2006. Print.

Dunham, Ken, and Saeed Abu-Nimeh. Mobile Malware Attacks and Defense. Burlington, Mass: Syngress, 2009. Internet resource. 10 13

Knapp, Kenneth J. Cyber-security and Global Information Assurance: Threat Analysis and Response Solutions. Hershey, PA: Information Science Reference, 2009. Print. 27 32

Nichols, Randall K, and Panos C. Lekkas. Wireless Security: Models, Threats, and Solutions. New York [u.a.: McGraw-Hill, 2002. Print. 10 16

Pfleeger, Charles P, and Shari L. Pfleeger. Analyzing Computer Security: A Threat/vulnerability/countermeasure Approach. Upper Saddle River, NJ: Prentice Hall, 2012. Print. 86 114 116

Shareef, Mahmud A, Norm Archer, and Shantanu Dutta. E-government Service Maturity and Development: Cultural, Organizational and Technological Perspectives. Hershey, PA: Information Science Reference, 2012. Print

Sikorski, Michael, and Andrew Honig. Practical Malware Analysis: The Hands-on Guide to Dissecting Malicious Software. San Francisco: No Starch Press, 2012. Internet resource. 231 263 253

Skoudis, Ed, and Lenny Zeltser. Malware: Fighting Malicious Code. Upper Saddle River, NJ: Prentice Hall PTR, 2004. Print.

Vacca, John R. Managing Information Security. , 2014. Print

Ye, Nong. Secure Computer and Network Systems: Modeling, Analysis and Design. Chichester: John Wiley & Sons, 2008. Internet resource. 41