What has been done to stop cyber attackers?

Wireless networks have seen many improvements since it first was introduced in the
1990s. New standards have provided users with better signal strength, changes in frequency, and
more importantly security vulnerabilities from the first version. Stanley Wrong (2013) states that
WEP uses a limited [key] range (0 to 16777215) to choose from and goes on to say that once
the WEP key is revealed, a hacker may transform the [cipher text] into its original form
allowing access to the hacker. Once a hacker obtains the Wi-Fi password, Wrong (2013) states
that they can connect to the Wi-Fi connection and start sniffing packets, by using a method called
a man in the middle (p. 2). A man in the middle is a person who captures all the packets that
travel from a wireless device to the router and acting as an intermediate source of that
information allowing him to see all the information. Luckily for users, the standards changed
slightly in the late 1990s since the new version of Wi-Fi provided better security than the
previous version. Wrong states that Lucent pioneered a 128-bit WEP to extend the WEP key
from 40-bit to 104-bit in order to enhance security (Wrong, 2013, p. 3). This meant that anyone
who was trying to guess the WEP key had to wait longer because a 40-bit password has less
characters than a 104-bit password, so the generator would have to guess those extra characters
that 104-bit supports, making it a bit longer of a process. According to Wrong (2003), a person
wanting to know the Wi-Fi password of a 40-bit could do it with in a couple of minutes or up to
half an hour. That vulnerability meant for a real change, since the intruder could wait however
long he needs for him to know the Wi-Fi password. According to Wrong (2013) networking
companies were aware of this issue and implemented dynamic WEP which consisted of an
idea, to automatically generate short-lived, dynamic broadcast WEP keys and prevent
attackers from eavesdropping the communications (p. 3). Implementing this idea meant that the

router would have to communicate with the device and ask the device for its credentials
depending on the timeframe set, which is why attackers were able to crack WEP keys at first
because that re-authentication was not in place.
On December 10, 2014 the FBI posted a testimony on their website where Joseph M.
Demarest (2014) talks about how his cyber division department plans on stopping cyber threats,
specifically in the financial sector. He states that in the past it was hard to prosecute an attacker
that was outside the US, but now that they have placed employees all over the world it facilitates
their work on tracking down the attacker (Demarest, 2014, para.10). According to Demarest
(2014), hackers use a range of methods to enrich themselves at others expense and their main
target is the financial sector (para.4). Hackers use various methods of stealing such information
which people use on a daily basis, and it can be hard to spot them. For example Demarest (2014)
states that according to Verizons 2014 Data Breach Report it has found skimmers on an
ATM, gas pump, or POS [point of sale] terminal to read credit card data and have been the
cause of 87 percent of skimming attacks in 2013 (para.5). He goes on to say that as mobile
banking has become more and more convenient to use, hackers have used this to their advantage
and have targeted vulnerabilities in peoples phones by creating a malicious app that will allow
them to fetch that persons credit card number or any information that hold any value in the black
market. He states, such was the case of one of the most sophisticated types of malware the FBI
ever attempted to disrupt the app GameOver Zeus that stole peoples financial information
(para. 6). The game was able to illegally wire money to bank accounts, and it is estimated that
the game caused over $100 million dollars in damages. (Demarest, 2014, para. 6). Now that they
have established plans and relationships on how to combat attackers, the FBI now has the lead in
prosecuting any attackers that try to cause harm through cyber-attacks.

NATO, short for North Atlantic Treaty Organization, is a global treaty organization that
focuses on the liberty and wellbeing of each other, which on their website they provide a timelapse of cyber security threats from 1988 to 2013. NATO states that it all started with a worm
called The Morris Worm (NATO, n.d., para.1). The Morris worm attacked many computers all
across the United States in 1988 but was not intended to do any harm at all. NATO (n.d.) claims
that the man responsible for the incident was Robert Tapan Morris, who currently works at MIT
as a professor, and he was just wondering how big the Internet was (para. 1). This vulnerability
slowed down many UNIX computers all across the United States and spread like wild fire
(NATO, n.d., para. 1). Almost, if not all, of NATOs timeline of cyberattacks focuses on attacks
against governments that slow down their services and really show how attackers are able to
successfully deploy such attacks.

References
Demarest, J. M. (2014). Cyber security: Enhancing coordination to protect the financial sector.
Washington, D.C.: FBI Government.
T. h.-a. (n.d.). About NATO review. Retrieved from NATO:
http://www.nato.int/docu/review/2013/cyber/timeline/EN/index.htm
Wrong, S. (2003, May 20). The evolution of wireless security in 802.11 networks: WEP, WPA
and 802.11 standards. Retrieved from SANS Information Security Training:
http://www.sans.org/reading-room/whitepapers/wireless/evolution-wireless-security80211-networks-wep-wpa-80211-standards-1109