Assignment 1 Cyber Security
14
SPM5440-Cyber Security Essentials Assignment I Submitted by Nikos Bizanis (4417631) Surya Subrahmanyam Nagaraj (4412001) Sulabh Deshmukh (4407466)
description
First report
Transcript of Assignment 1 Cyber Security
SPM5440-Cyber Security Essentials
Assignment I
Submitted by
Nikos Bizanis (4417631)
Surya Subrahmanyam Nagaraj (4412001)
Sulabh Deshmukh (4407466)
Introduction
Modern ICT infrastructures have become a substrate of almost every aspect of modern economic, social and political life. Although the Internet is only a few years old (and it is important to note that it is a network that was not designed, nor intended to be what it is today), we can witness every day more and more of our activities migrating from the physical to the cyber space. Based on our own experience and knowledge we gathered some characteristic examples of those activities, and we present them below, divided into some basic conceptual clusters.
Economic and commercial activities:The GDP growth of countries with increasing internet penetration has been more than 21% increase in last five years. The impact of cyber on GDP growth can be more than that of various other sectors such as sectors. This shows internet is changing the standard of living and it’s doing that in many ways.1
Internet Banking: By the advent of Internet banking most of the banking activities are done securely online, which wouldn’t be possible earlier. Since the introduction of online banking in New York in 1981 the banking world has made best use of cyber technology to lure more and more customers. In the process the banks could expand their customer count and also could save on infrastructure costs. 2
E-Commerce: is purchasing or selling goods online and also advertising. Payments can be made online or as cash on delivery options (In few countries such as India). In Netherlands more than 11 million active users i.e., 92% internet users shop online using the biggest online stores in the Netherlands- Wehkamp.nl, Bol.com, Zalando, Coolblue, H&M, Hema and Thuisbezorgd.nl. 3
1 "The great transformer: The impact of the Internet on economic." 2013. 16 Sep. 2014 <http://www.mckinsey.com/insights/high_tech_telecoms_internet/the_great_transformer>2 "Online banking - Wikipedia, the free encyclopedia." 2004. 16 Sep. 2014 <http://en.wikipedia.org/wiki/Online_banking>3 "Ecommerce in The Netherlands | Ecommerce News." 2013. 16 Sep. 2014 <http://ecommercenews.eu/ecommerce-per-country/ecommerce-the-netherlands/>
Business: Companies depend on internet for making global presence and profitability. Companies and job seekers use professional websites like linkedin.com, mosnster.com, etc.4 Online businesses include Holiday Planning, E-touring, online Jobs, selling online, app selling etc.5
Public administration
Electronic voting: It is a process to collect votes of citizens using electronic voting machines. These machines are connected to a main server to store and calculate the votes.
E-Governance: is the method of providing the services by the government to public and businesses. People can make use of many e governance services like Online tax payment system, Collective decision/ idea making, Public Grievance, Issue of official government documents,e-Tendering, social security services (eg: electronic drug prescriptions) etc. Also e governance makes the government process more transparent.
Corporate Activities
There are whole lot of professional tasks that indefinitely depend on internet. Just to summarize:
4 "The Top 100 Websites For Your Career - Forbes." 2013. 16 Sep. 2014 <http://www.forbes.com/sites/jacquelynsmith/2013/09/18/the-top-100-websites-for-your-career/>5 "How to use the internet to make money - Economic Times." 2012. 16 Sep. 2014 <http://articles.economictimes.indiatimes.com/2012-10-01/news/34198096_1_royalty-payments-app-online-store>
Email Service: All the company’s confidential information is always carried
on emails. Companies use their own VPN or intranets and dedicated server
for communicating through emails.
Webinars: The presentations, meetings and knowledge sharing is usually
done using a dedicated web application (e.g., cisco webex) designed for
collaborative information sharing tasks.
CRM(Customer Relation Management) and ERP (Enterprise Resource
Management) software are used to manage customer relations like sales,
marketing, support, feedback, billing etc., and inventory, cash flow, human
resources respectively.
Virtual Desktop Infrastructure6: Users are connected through secure
internet connection to the remote server (Data Center) where the actual
processing and storage of data is done. This allows for more secure and
flexible computing.
Healthcare and Safety activities
Healthcare practice and operation7, as well as public safety procedures are experiencing a revolution, with the introduction of modern networking. These activities include:
6 "Desktop virtualization - Wikipedia, the free encyclopedia." 2008. <http://en.wikipedia.org/wiki/Desktop_virtualization>7 Ball, Marion J, and Jennifer Lillis. "E-health: transforming the physician/patient relationship." International journal of medical informatics 61.1 (2001): 1-10.
Telemedicine, which is formally defined as “the use of medical information exchanged from one site to another via electronic communications to improve a patient’s clinical health status”8.
The application of the Internet of Things paradigm to medical devices and procedures. That would enable, as a first step, health care practitioners to observe and analyse vital indicators via remote sensing9.
Exercising using networked fitness devices and activity trackers. These wearable devices are used to collect, analyse online and share data concerning physical activities.
Implementation of improved emergency service systems to reduce the time needed for the first responders by using modern ICT infrastructure, e.g. in 10
Emergency warning (e.g. in case of an impending natural disaster) systems are being tested, that will exploit existing communications network infrastructures, e.g. 11.
Malicious cyber activities and counter-measures
Cyberspace faces serious security issues due to low entry barriers and the inherent anonymity of the medium12. We could define several subcategories of malicious cyber activities and forms of cyber-attacks:
8 "What is Telemedicine - American Telemedicine Association." 2014. <http://www.americantelemed.org/about-telemedicine/what-is-telemedicine>9 "How the Internet of Things Is Revolutionizing Healthcare ..." 2013. <http://cache.freescale.com/files/corporate/doc/white_paper/IOTREVHEALCARWP.pdf>10 "City of Madrid - IBM." 2011. <http://www-07.ibm.com/innovation/my/exhibit/documents/pdf/City_of_Madrid.pdf>11 "BBC News - Tests in Glasgow of emergency text ... - BBC.com." 2014. <http://www.bbc.com/news/uk-scotland-24116475>12 Nye, Joseph S. "The Regime Complex for Managing Global Cyber Activities." (2014).
Cyber-crime (e.g. hackers stealing credit card numbers and passwords for
own profit13)
Cyber warfare: Cyber-attacks crossing international borders and involving
at least one nation state. Also, modern communication systems are also
widely used to assist in conventional warfare methods, e.g. see14
Cyber spying, which also includes cyber-espionage and cyber-sabotage.
Cyber-espionage is oftenly state-sponsored15, and it usually comprises of a
theft of trade secrets and/or intellectual property in order to gain commercial
or geopolitical advantage. A characteristic case of cyber-espionage, which
one of the authors of the report, being Greek, is familiar with, is described
in16. It can also take the form of cyber-sabotage of a corporation17. Prominent
recent examples include the NSA PRISM, or collection of personal data,
either from hackers or from other parties, claiming to collect the data
legitimately18 19.
● Cyber security (efforts made by nations and private firms to prevent cyber-attacks and combat the above), which also includes law enforcement and forensics in the cyberspace, which face novel challenges. Legal Enforcement is challenging due to the anonymous and international nature of the
13 "Press Release - Department of Justice." 2013. <http://www.justice.gov/usao/nj/Press/files/Drinkman,%20Vladimir%20et%20al.%20Indictment%20News%20Release.html>14 "Precision-guided munition - Wikipedia, the free encyclopedia." 2003. <http://en.wikipedia.org/wiki/Precision-guided_munition>15 "2011 Report - Office of the National Counterintelligence ..." 2011. <http://www.ncix.gov/publications/reports/fecie_all/Foreign_Economic_Collection_2011.pdf>16 "The Athens Affair - IEEE Spectrum." 2009. <http://spectrum.ieee.org/telecom/security/the-athens-affair>17 "Shamoon - Wikipedia, the free encyclopedia." 2008. <http://en.wikipedia.org/wiki/Shamoon>18 "Backgrounder: Results of the 2014 Global Privacy ..." 2014. <https://www.priv.gc.ca/media/nr-c/2014/bg_140910_e.asp>19 "From APP-laudable to dis-APP-ointing, global mobile app ..." 2014. <http://blog.priv.gc.ca/index.php/2014/09/09/from-app-laudable-to-dis-app-ointing-global-mobile-app-privacy-sweep-yields-mixed-results/>
cyberspace20. Also, law procedures (e.g. evidence collection21) are constantly trying to catch-up with the rapid changing Internet and technology landscape
Communications and socializing
It is common knowledge of course today that a significant part of communications as well as social activities have migrated on the cyberspace. Some examples are:
● Social networking, which consists of the use of cyberspace in order to stay connected to your friends and acquaintances, to meet new people, or to publicly state your opinions, share your feelings or seek information22 23. This is achieved using a plethora of applications, such as Facebook, Twitter, MySpace, Friendster, etc.
● The usage of broadband cellular and mobile networks that have developed over the last few years offer novel ways of mobile and personal communications, beyond the simple voice calls of landline telephony. Today people make heavy use of those offers, like SMS, MMS and mostly mobile Internet connectivity to be connected to the cyberspace everywhere and at any time24.
● Another online activity that gains traction in the recent years is the use of cyberspace to meet potential partners, either for the purpose of the so called “cyber-sex” or to make the introduction for a meeting in the physical world. Examples include the use of applications such as Tinder, OkCupid and Badoo.
20 "LAW ENFORCEMENT IN CYBERSPACE Greg Melick ..." 2002. <http://www.isrcl.org/Papers/Melick.pdf>21 SWAMINATHA, TARA M. "The Fourth Amendment Unplugged: Electronic Evidence Issues & Wireless Defenses." Yale Journal of Law and Technology 7.1 (2005): 3.22 Pempek, Tiffany A, Yevdokiya A Yermolayeva, and Sandra L Calvert. "College students' social networking experiences on Facebook." Journal of Applied Developmental Psychology 30.3 (2009): 227-238.23 Java, Akshay et al. "Why we twitter: understanding microblogging usage and communities." Proceedings of the 9th WebKDD and 1st SNA-KDD 2007 workshop on Web mining and social network analysis 12 Aug. 2007: 56-65.24 Verkasalo, Hannu. "Contextual patterns in mobile service usage." Personal and Ubiquitous Computing 13.5 (2009): 331-342.
● A prominent example of communication in the cyberspace is the use of the Global Positioning System for navigation and search25. What started as a military project has now replaced paper maps completely and it is widely used in stand-alone car devices as well as embedded into smartphones.
Entertainment
Cyber activities can be commonly observed in the entertainment industry. Following are some of the popular cyber activities for the entertainment
● LAN Gaming: where you can play together with the other players around the world.26
● Satellite Content Distribution: Digitisation of the television resulted in the dramatic improvement in the television experience. Satellite radio is a good alternative to the conventional radios.
● Music: new applications such as Spotify and iTunes are the popular choice of people for listening music.
Infrastructure operation systems
Many of our infrastructures uses cyber activities in many forms. Some of the areas where cyber activities are used are
● Smart grids: uses the digital technology to automate various processes to improve the efficiency, reliability, and sustainability.27
● Oil and gas industry uses ICT in production environment28
● Water distribution and purification plants: water is the scarce resource and ICT provide the effective solution in water management.29
25< http://www.gps.gov/ > 26 "New DreamHack records and 2014 dates « Dreamhack ..." 2013. 16 Sep. 2014 <http://www.dreamhack.se/dhw13/2013/12/10/new-dreamhack-records-and-2014-dates/>27 "Smart Grids European Technology Platform | SmartGrids." 2006. 16 Sep. 2014 <http://www.smartgrids.eu/>28 "Huawei ICT Energy Industry Solutions." 2012. 16 Sep. 2014 <http://enterprise.huawei.com/en/solutions/trade/energy/index.htm>29 "ICT for smart water management - Technology | ITU News." 2011. 16 Sep. 2014 <https://itunews.itu.int/en/570-ICT-for-smart-water-management.note.aspx>
● Flood control system uses the cyber activity for flood prevention. Netherlands have developed the robust flood control system such as dikes and sea gates.30
● Intelligent public transport system: Today transport system is equiped with many cyber activates such as Wi-Fi systems, GPS connectivity, and bus tracking systems.
● Air traffic control uses computer monitoring and the radar systems to tack the airplane in the vicinity of the airport.
● weather forecasting : satellite images and sensing technology is used to forecast the weather
Educational activitiesThe use of cyber activities in the education field has increased rapidly in the recent few years. Following is the list of some of the cyber activities in education sector.
● e-Learning: which means learning over the internet has gained popularity . One can dive into the plethora of knowledge with just the help of one click .Some of the famous online education platforms are edx31,coursera32,open learning initiative 33,NPTEL34
● e-exams : many exams are being conducted online such as GRE35,GMAT36
● Digital Library : as we are moving towards the paperless world digital libraries are in demand
● Research Publications: It is convenient to know the latest research happening in your field as researches are published online.37
30 "Water Management in the Netherlands.pdf - Rijkswaterstaat." 2011. 16 Sep. 2014 <http://www.rijkswaterstaat.nl/en/images/Water%20Management%20in%20the%20Netherlands_tcm224-303503.pdf>31 "edX - online courses and classes from the world's best." 2012. 16 Sep. 2014 <https://www.edx.org/>32 "Coursera." 2012. 16 Sep. 2014 <https://www.coursera.org/>33 "Open Learning Initiative - Carnegie Mellon University." 2012. 16 Sep. 2014 <http://oli.cmu.edu/>34 "nptel." 2007. 16 Sep. 2014 <http://nptel.ac.in/>35 "GRE - ETS." 2005. 16 Sep. 2014 < http://www.ets.org/gre > 36 "The GMAT Exam." 2013. 16 Sep. 2014 < http://www.mba.com/global/the-gmat-exam.aspx > 37 "IEEE Xplore Digital Library." 2003. 16 Sep. 2014 < http://ieeexplore.ieee.org/ >
Conclusion:
Doing this report made us wonder how complex and broad is the idea of internet. Cyber space is infinitely vast, it’s like space travel. The possibilities are huge and with ever advancing technology the internet is becoming a much stronger force. Which can collect process and condense information the same way a network in human brain does. In the report we have focused on 8 major regions of the cyber activities viz., Economics, Public administration, Corporate Activities, Health & Safety, Communication & Socialising, Entertainment, Infrastructure, Malicious Cyber activities. After brainstorming together in a meeting about the above mentioned areas and jotting down the cyber activities we made a framework of the report and each of us chose a subset of the aforementioned regions to elaborate on his own. All the individual work is combined to make this final report, which can explain any slight lack of cohesion due to individual writing styles.
