Crime, Terror, and War without Conventional Weapons

All of the following sections of this piece are included in Uda’s (2009) book titled Cybercrime, cyberterrorism, and cyberwarfare: Crime, terror, and war without conventional weapons.  Within this piece, I discuss some basic tenets of information security, security management, cyberterrorism, cyber-attacks, network security, and user security (Uda, 2009).

Fighting Cybercrime, Cyberterrorism, and Cyberwarfare

This is only a brief overview of some basic principles of information security.  I encourage you to develop a greater understanding of the principles of information security and how they relate to the security of the organization.  Review additional, comprehensive information security resources for more thorough coverage of the subject (Todd, 2009).

Integrated Efforts in Fighting Cyberterrorism

Over the past 20 years, good work has gone on in cyber security and in mitigating vulnerabilities in critical infrastructures.  It took some catastrophic events to gain the attention of lawmakers and policy setters.  The pendulum currently swings in the right direction for reliability and necessary security to be designed into future systems.  Care must be taken to watch opportunists who take unfair advantage of vulnerabilities to support their hidden agendas.  Support for strong systems should come from top-down.  All governing and non-governing bodies, both private and public, must focus on the needs of protecting CI systems.  The bottom line is that we must learn from the mistakes of others (Shervey, 2009).

Large-scope collaborations are relatively new in American history.  It is difficult for national, state, and local organizations to work harmoniously together.  The Internet presents opportunities for perpetrators to take advantage of others.  Initially, the Internet wasn’t designed with security in mind.  A certain amount of “trust” resides with computer users.  Integration of converged systems with critical infrastructure (CI) goes unabated with the guiding goal of efficiency.  Careful, thoughtful, and substantive planning must be the priority as we move forward.  All private and public (national, state, and local) entities must be part of a collaborative effort to ensure that we move in a direction that maintains our existence (Shervey, 2009).

Contemporary technology advances at an astounding rate.  This advancement offers many new ways to implement public infrastructure services.  One needs only to look back a couple of decades to see remarkable differences between old and new CI systems.  Unfortunately, inherent vulnerabilities in these systems provide opportunity for perpetrators to take advantage of victims.  For the Internet to remain a global conduit, the United States must maintain a more global involvement in the policy equation.  This requires international and national communities to embrace closely all aspects of cyber security (Shervey, 2009).

Computer Security, Forensics, and Cyberterrorism

Cybercrime, cyberterrorism, and digital forensics are all relatively new phenomena.  As such, local and international governments struggle to remain effective in proposing and passing digital crime legislation.  Current consensus fosters the spirit of strict processes in the collection and analysis of digital evidence.  At local levels, nations strive to bolster legal prosecution of many new types of digital crime.  At the international level, nations are realizing the need to cooperate with other nations to mitigate transnational violations.  As technology continues to advance, all peoples of the world will be at risk and will need to be involved in mitigating cybercrimes (Shervey, 2009).

Cybercrime, cyberterrorism, and CI protection present many challenges.  Over the past 25 years, much work has been performed in these areas.  However, moving forward, more work needs to be done.  We must establish and understand common definitions at all levels.  We must identify and prioritize (by importance) real vulnerabilities.  We must establish clear groups of authority, and these groups must recognize and perform their responsibilities.  We must establish strong talent pools in the public sector venue.  We must provide these employees with genuine support.  We must strengthen program and project management with qualified individuals who can cope with diversity.  International collaboration must be part of the culture.  Finally, a strong effort must be made to handle all legal issues related to cybercrime, cyberterrorism, and CI protection (Shervey, 2009).

Protecting Our Critical Infrastructure

In the past, infrastructures were far less sophisticated than they are today.  With passage of time, populations have grown throughout the world.  Concurrent with population growth, a rising need exists to provide additional, required infrastructures to support society.  Meanwhile, computers grow more powerful and are continually integrated with infrastructures for improvement.  In the United States, both private and public sector organizations heavily rely on computers, information systems, and Internet connectivity as primary components of critical information systems.  As these infrastructures grow in complexity, they are scrutinized by those who desire to undermine them.  As a result, organizations must work hard to remain ahead of maliciousness.  Hence, as infrastructures become more complex, so do efforts to guard and keep them operating safely (Shervey, 2009).

The United States and the world have seen dramatic changes in the way people operate and maintain CIs.  Many CIs share a close relationship with using computers, systems, and connectivity.  If we were to eliminate these new mechanisms, supporting national security and public needs would become difficult and maybe impossible.  Critical infrastructure threats loom greater and more numerous than in the past.  Going forward with CI protection requires significant investment by public and private organizations.  The government must allocate resources that support more robust CIs.  They must strive to create an environment that provides the private sector with investment incentives (Shervey, 2009).

Cyberterrorism is a new phenomenon.  In the past 30 years, significant changes have transpired in computer and communications technologies.  A global connectivity network provides individuals, organizations, municipalities, states, countries, and national bodies with opportunities to create more efficient and effective infrastructures.  This evolution is not without it danger, however.  Cyberterrorism presents a clear and present danger to users of CIs.  Authoritative governing bodies must catch up to these developments using financial investments and appropriate incentives to public and private sector organizations.  When we understand how vulnerable and fragile infrastructures can be, we then realize that there is much more work to be done (Shervey, 2009).

Undoubtedly, the United States and the world must recognize this new battleground, which is far different than previous war zones.  Critical infrastructures, information systems, telecommunications, computers, and all operations and controls have converged.  It’s a modern marvel how they integrate and perform in such a transparent and seamless fashion.  Mankind relies on critical systems to perform flawlessly.  People who inflict suffering on the masses by damaging/destroying CIs exist in the world.  The United States and other nations must understand CI vulnerabilities.  However, a clear understanding is just the start.  As we move forward, focus must be given to protecting and sustaining CIs and the reliable services they provide (Shervey, 2009).

Security of Handheld Devices

Mobile devices and communications networks allow access to information at any time and from anywhere.  Organizations are rapidly adopting mobile device technology and seeing major productivity benefits of keeping workers fully functional when mobile.  However, cybercriminals target the business user as a passageway into corporate data centers.  Thus, security for mobile devices and the software that drives them become critical in protecting organizational information (Chicone, 2009).

I hosted a meeting in June 2009 where the topic of the meeting was a discussion about mobile device security.  The people in the meeting were CEOs and chief technology officers (CTOs) of organizations both outside and within the United States.  All those present were very knowledgeable about mobile device applications and mobile device security.  Their companies use mobile devices, and companies they support or sell to also use mobile devices.  The organizations they do business with range from very small to very large enterprises including government organizations.  Everyone agreed that most organizations, unless they must be compliant due to regulatory requirements, implement mobile security measures as a reactionary rather than a proactive function.  Additionally, many agreed that something major and newsworthy must first happen before organizations will truly understand the consequences and take things seriously.  For example, one person in the meeting felt that mobile device security will not be taken seriously until someone hacks President Obama’s BlackBerry and leaks confidential information (Chicone, 2009).

Protecting an organization’s information remains crucial in today’s digital information age.  In their design and architecture, handheld devices represent complex computers as do the wireless networks in which they operate.  Using handheld devices without correct security prevention measures exposes an organization to risks that could potentially cause an expensive security breach or cyber attack.  By implementing these guidelines, organizations can take the necessary steps to protect handheld mobile devices, users, and proprietary information (Chicone, 2009).

Conclusion

In conclusion, Cybercrime, Cyberterrorism, and Cyberwarfare provide students and researchers with thoughts and ideas for protecting the United States from cybercriminals, cyberterrorists, and cyberwarriors.  We must educate ourselves and know our enemies.  We must develop, understand, and be prepared to use all of the countersecurity strategies, tactics, plans, and weapons against all criminals, terrorists, warriors bent on destroying the USA.  We will be fighting a good cause, which is to protect our families, religions, homes, property, and American way of life.  As long as we are fighting for what is right and good, we will never go wrong and be defeated.  We will always come out on top (Uda, 2009).

References

Chicone, R. G. (2009). Security of handheld devices. In R. T. Uda (Ed.), Cybercrime, cyberterrorism, and cyberwarfare: Crime, terror, and war without conventional weapons (pp. 187-201). Bloomington, IN: Xlibris Corporation.

Hickey, A. R. (2007). Mobile security breaches inevitable, study says. Retrieved from http://searchmobilecomputing.techtarget.com/originalContent/0,289142,sid40_gci1272948,00.html.

Shih, D., Lin, B., Chiang, H., & Shih, M. (2008). Security aspects of mobile phone virus: A critical survey. Industrial Management & Data Systems, 108(4), 478-474.

Shervey, W. (2009). Integrated efforts in fighting cyberterrorism. In R. T. Uda (Ed.), Cybercrime, cyberterrorism, and cyberwarfare: Crime, terror, and war without conventional weapons (pp. 145-156). Bloomington, IN: Xlibris Corporation.

Shervey, W. (2009). Computer security, forensics, and cyberterrorism. In R. T. Uda (Ed.), Cybercrime, cyberterrorism, and cyberwarfare: Crime, terror, and war without conventional weapons (pp. 157-166). Bloomington, IN: Xlibris Corporation.

Shervey, W. (2009). Protecting our critical infrastructure. In R. T. Uda (Ed.), Cybercrime, cyberterrorism, and cyberwarfare: Crime, terror, and war without conventional weapons (pp. 167-186). Bloomington, IN: Xlibris Corporation.

Tauschek, M. (2008). Mobility policies: Security. Retrieved from http://viewer.bitpipe.com/viewer/viewDocument.do?accessId=7500007.

Todd, D. L. (2009). Fighting cybercrime, cyberterrorism, and cyberwarfare. In R. T. Uda (Ed.), Cybercrime, cyberterrorism, and cyberwarfare: Crime, terror, and war without conventional weapons (pp. 121-143). Bloomington, IN: Xlibris Corporation.

Uda, R. T. (2009). Cybercrime, cyberterrorism, and cyberwarfare: Crime, terror, and war without conventional weapons. Bloomington, IN: Xlibris Corporation.

###