Monday, April 26, 2010

A real case in Middle East for Cyber terrorism

In the previous posts I’ve explained the main issues in cyber terrorism and two real cases which happened in the Cyber space.

As we know recently the discussion of cyber-terrorism has focused on events in the Middle East, where the Oslo Peace Process has broken down and violence has resumed between Palestinians and Israelis.

A new dimension to this recent Intifada (the term “Cyber-Intifada” fits more closely with the terminology being used to describe the physical conflict between Palestinians and Israelis of which this cyber-conflict is a direct outgrowth.) has been the use of Internet by both sides in the furtherance of their goals. Some have called this the “first full-scale war in cyberspace, and “the first example of a cyber-war between people fighting on the ground.

Proclamations indicate that recent events in the Middle East have further fuelled pre-existing concerns by large and small countries alike that new information technology (IT), especially Internet, poses a dangerous new security threat.

Therefore, one should do several things to accurately evaluate such claims by:

1) Examining how in fact Internet has been used in the recent Intifada.

2) Understanding the different types of threats that may emerge from cyberspace.

3) Comparing the Cyber-Intifada to these different threats.

The cyber terrorism will be broken up into several categories:

1. the different types of attacks that have been used will be outlined

2. the reaction from policymakers to the attacks

For the first issue the different types of attacks have been used such as Defacing Attacks and cyber-terrorism attacks.

These types of attacks consist of different phases which can be used in order to steal and alter the nature of the information which exist on the specific Web sites.

Minor attacks come in the form of "data diddling", where information in the computer is changed. This may involve changing medical or financial records or stealing of passwords. Hackers may even prevent users who should have access from gaining access to the machine. Ethical issues in this case include things like invasion of privacy and ownership conflicts.

Prevention Policies:

Two strategies can be used in order to prevent attacks in real cases:

1. Build Strong Firewalls: A good firewall system can protect networks from many of the above vulnerabilities - even when the other best practices are not followed. Firewalls now exist for personal or single-system use as well as the traditional network appliance. These personal firewalls provide a great deal of protection for mobile users or users who do not operate their systems behind an adequate corporate firewall system.

2. Enact and enforce strong policy: Staff members with access to or control over critical information should undergo rigorous background checks and should comply with strong security policy. Verifying users via strong authentication practices and making sure that all activity is logged are keys to prevention and accurate forensics in the event of an attack.

Even though these strategies cannot supply us 100% accuracy in order to prevent from any attacks but they are the ways which can help users and organizations protect themselves from undesirable attacks.

In next posts I’ll describe the different kind of attacks in detail which are used in real cases as mentioned between Palestinians and Israelis.

No comments:

Post a Comment