Critical Issue in Information Technology 1

Cyberattacks and Cyberterrorism

Critical Issue in Information Technology
Prepared for
CEOs and Information Security Professionals
Prepared by:
Antonio Aguilar
Central Washington University
December 9th, 2016

Table of Contents
Executive Summary.................................................................................................... 3
Findings...................................................................................................................... 3
Problems................................................................................................................. 3
Solutions................................................................................................................. 4
References.................................................................................................................. 8
Appendix A................................................................................................................. 9
Appendix B............................................................................................................... 10

Critical Issue in Information Technology 2

Executive Summary
Cyberattacks and Cyberterrorism fall in a large category of Cyber problems. These topics
can affect multiple associations. These threats can affect: businesses, education systems, medical
centers, financial institutions, government agencies and more entities. What exactly is
Cyberterrorism and what is a Cyberattack? Understanding the full scope of cyberterrorism and
cyberwarfare must entitle us to understand what these terms mean. Going more in depth into

Critical Issue in Information Technology 3

these cyber threats, we must also acknowledge that there are threat enabling vulnerabilities
within the internet that criminals can take advantage of. Minimizing and preventing cyber-attacks
is something that must be closely analyzed to help mitigate these issues. Companies need to
come together as a whole and understand that threats will affect everyone.
Findings
Problems
In order to fully understand the capabilities of Cyber threats we must first analyze the
term cyberterrorism. This word is comprised of cyber and terrorism. Cyber coming from the
word cyberspace and terrorism as we know- pre planned attacks motivated by violence, money,
religion or political motivation. Cyber-attacks come in many different shape, sizes and can have
different outcomes. A cyber-attack is delivered through the use of computer technology. The
internet itself is no longer a free flow of information. Human error can account for hundreds of
these cyber-attacks. Social engineering is more and more common especially at the workplace
and it needs to be addressed more effectively. (Minei, Matusitz 2012).
Threat enabling vulnerabilities are always going to continue to exist. Something that has
come across very knowingly is the fact that many people lack the knowledge necessary to coop
with these vulnerabilities. Vulnerabilities can affect entire critical systems that allow our nations
to function. Threats in SCADA systems should be taken seriously. SCADA systems are often not
monitored enough. Another problem within SCADA systems is the fact that these systems can
often be connected to technology that is much older or newer ("Common SCADA System
Threats and Vulnerabilities", 2015). It is interesting to think about what cyber criminals will start
to do in order to execute more threats. Well, it has been foreseen that more sophisticated attacks
were going to be carried out on social media streams. This is huge. Social media affects millions

Critical Issue in Information Technology 4

of people including businesses. What can we do as society to help each other be safer on the
internet protecting ourselves from cyber-attacks?
Solutions
In order to mitigate and prevent internet vulnerabilities, it is necessary to educate the
public. It has been proven that education that some people receive is only through the media.
That should not be a primary source of information. Society itself can be a vulnerability
especially through the term grape vine. Information can travel large distances and if this
information can benefit society, this will definitely have an impact. We as a society rely so much
on the internet that we may not be able to function properly without the internet. Some
businesses may not deem necessary to spend money implementing security around their
computer systems.
It is essential for companies to invest on their technology. Apart from having security on
computer systems, businesses need a group of specialized technicians who can manage security,
manage network traffic, and manage servers. Through monitoring, businesses can quickly detect
irregularities on their networks and manage to mitigate these risks. Businesses need to also
upgrade as new technology continuous to evolve. It is important to keep SCADA systems with
the latest updates since lack of updates can result to vulnerabilities (Adams, 2015). So, what can
we do as a society to help mitigate and prevent cyber-attacks?
It is important to always keep each other accountable and it is important to look out for
one another. Creating an internal policy is essential. Sometimes, cyber threats come within a
companys own employees. Lack of informed employees can lead to vulnerabilities. An example
of this are phishing emails. There will be some employees who will fall for these scams and open
up more vulnerabilities. It is important to have an internal policy approach education attempts to

Critical Issue in Information Technology 5

ensure employees are staying up to date with newest information. Staying up to date with the
latest cyber threats is also essential. A lot can be learned from mistakes of other companies and it
is also important to share this information between companies. Keeping computers up to date is
also an essential task.
The technical crew must check to ensure all software is up to date, and check operating
systems to ensure they are receiving updates. Within the operating system, malware scans should
be conducted frequently. Companies should have incident response plans in case of a widespread
of malware attacks. In place with these incident response plans should also be up to date security
risk assessments. Something that is probably left out frequently is checking browsers. Browsers
in themselves can have a multitude of vulnerabilities. It is essential to keep browsers up to date
and if possible, installing pop up blockers. There are some malicious extensions that can attack to
a browser. Some of these extensions or programs need human approval so it is also important for
employees to watch what they download and what they are clicking on. Closely reading and
analyzing is crucial because you may allow some potentially unwanted programs to get installed.
According to Microsoft Security Intelligence Reports, over 24 million household users are
victims of Spam. It is also important to not share personal information online especially when
visiting websites that do not have added security such as SSL and HTTPS.
Keeping company data is really important. Having a backup system in place is crucial in
order to minimize data loss and corrupted files. Cloud computing is also something on the rise.
Storing data on remote servers can have benefits. (Manning, 2015).
The dependence society has on technology is enormous. Staying safe on social media is
extremely important since we interact more and more with social media. In order to be safe on
social media, we must not share personal information to the public. If we do decide to share

Critical Issue in Information Technology 6

information with our friends, we must ensure that we know who are friends are. There have been
many instances of cyber -attacks through social media outlets. Malware can be distributed
extremely fast if it reaches social media. Just with a click of a button or an opening of a page,
social media users can be infected and not even know it. A great recommendation is for
employees to not be mixing their work and social media. There is even malware that can trick a
user to click like on something only to have gained access to information on the computer.
This is otherwise known as likejacking.
Buying online is also a huge area of concern and we must be educated on ways to stay
safe. Being able to recognize scams is something we should all be trained to do. Fake offers have
little trails and signs throughout its listing. Wherever these listings are made, it is important to
read up on the companys user agreement and company statements. Purchasing through these
companies should be ultimately safe, as long as their user policy is followed. In 2013, fake offers
made up the largest number of social media attacks. Companies should address these concerns
and keep employees trained. Keeping a well thought out and aggressive social media policy will
be essential (George,2015).
Final Thoughts
Threat enabling vulnerabilities should not have to take over companies and society
should not suffer. It is important to keep well thought out plans for threat mitigation and it is
important to keep these up to date. Investing financially into creating continuity plans, system
upgrades and system maintenance is essential and will save a company from major disasters on
the long run. Protecting ourselves from cyber threats does not have to be all that extensive. If we
can follow these recommendations, we can become more educated and more protected.
Companies should come together, share ideas and recommendations in order protect one another

Critical Issue in Information Technology 7

against threats. Cyber threats and cyber-attacks will continue to be on the rise especially as
technology advances and we become much more reliant on technology, especially on the
internet.

References
Clarke, R., & Knake, R. (2010). Cyber war: The next threat to national security and what to do
about it. New York: Ecco.
Dewayne Adams (2015). Common SCADA System Threats and Vulnerabilities. http://patriottech.com/common-scada-system-threats-and-vulnerabilities/
George, T. (2014, December 1). The Next Big Cybercrime Vector: Social Media |
SecurityWeek.Com. http://www.securityweek.com/next-big-cybercrime-vector-socialmedia

Critical Issue in Information Technology 8

Katrina, Manning (June 15, 2015). 8 Ways Businesses Can Prevent Cyber Attacks.
http://www.business2community.com/cybersecurity/8-ways-businesses-can-preventcyber-attacks-01251164#y3U2J3pJ4WIJf2He.97
Microsoft Security Intelligence Report, Panda Security, Consumer Reports September 3, 2016
Minei, E. & Matusitz, J. Poiesis Prax (2012) 9: 163. doi:10.1007/s10202-012-0108-3

Critical Issue in Information Technology 9

Appendix A

Figure 1 Computer Virus Statistics

Appendix B

Figure 2 Threats by Type

Critical Issue in Information Technology 10