Due to heaps of confidential data available on the media stores, the news organizations are the most tempting targets for the hackers. These types of attacks usually take place due to the inquisitiveness of the hackers to know the internal affairs of the internal politics or hinder any upcoming elections. As said by Casey Ellis, CEO and founder of Bugcrowd quoted “Hackers have been going after the press the whole time… It’s only now that either a) they’ve become more focused, b) they’ve been more successful, or c) we’ve figured out how to catch them in the act. I suspect it’s a combination of all three”.
Giving an example of an incident to prove why the news organization is more vulnerable to hackers is: multiple attacks against news outlets were attributed to the Syrian Electronic Army, whose lengthy list of victims included. (Times, 2013) In 2015, stock traders and hackers working in cahoots were able to access press releases from three major distributors and trade on that information before those announcements hit the wire. (Times, 2015).
Now comes the explanation and motive of the hackers for breaking into these organizations and what is the damage they can sought:
a) Influence: A hacker can influence an election by either defacing, delaying or even deleting certain stories in the name of political defaming. For instance, an anti-Clinton campaign can expose the internal information of the party which can tarnish the image of the campaign and the leader.
b) National Security: The biggest motivation of the hackers to infiltrate the news organizations to check on the internal discussions, emails, voice calls which has detailed discussions with well-placed personnel in government and other important organizations which would impact the National security big time.
These factors are enough to show how prone are the news organizations to the vulnerable hackers.
1. Could an insider use the fact that news feeds are scanned for trading decisions to manipulate the stock market? How?
Anything that has to do with investments will always have high risk and return. Usually the higher the risk makes it higher the return. The stock market has always been in the influence of insiders as not only do they know how the business is done but they also know where there would be a risk, which not only manipulates the stock market but also the users. Any Insider with the help of the news feed would also be able to acquire a large position in the company. He may use options to disguise his activities without catching another investors attention. These insiders can also use options to hide their activities, these are when they see an opportunity of a company making a more than expected profit, instead of buying or accumulating the shares of their company, they would buy call options of their company. The same thing can be done when the company is going into losses the insider would use his put option, where when the losses are announced, the price of underlying security will go down and they can have a price option. These are few of the examples where we can see how an insider can manipulate the stock market (Kong, http://www.marketoracle.co.uk, 2012)
2. How can changes in social media pose threat to organizations?
Social media has gone majorly popular over the recent years, where millions of users are sharing data, information and products and hugely affecting the way organisations are building their businesses around connected people. Organisations today have a major information intensive environment that enable as well as constrain any action of the organization. Social media in an organization offer areas to explore relations between modes of communication and the internal process which contribute to the knowledge of knowing how is communication structured in the organisations infrastructure. Any change in the social media, which is not communicated to the people in the organisation can be a huge threat, where anything which mismatches the setting can back fire and make the organisation more prone to attacks. Thus, being a very user-friendly mode of communication, any changes in the structure of social media sure can pose a great threat to the organization. (KAKROO, 2015)
3. Could a subcontractor with weak security practices make a corporation more vulnerable? How?
In today’s world companies need to work hard to stay secure during a time where cybercrime is rampant, and many organizations stay vulnerable to the attacks. Few organisations today do not have a solid defence role against the hackers thus making it prone to the attacks. The Cybercriminals spend a lot of time, effort and money to defeat a technology, thus targeting the security practices via the employees and the subcontractors is an easy target for them. In terms of hackers getting in, the most common issues are misuse of social networking, weak passwords and password re-use, privilege creeping, malware and lack of system patching. But the real issue are the subcontractors who are unaware of internal security policies or the ones that unfortunately do not care enough and are careless and incompetent.
4. Why should interdependence of information systems be a concern for IT security?
In today’s world increasing number of companies rely on high tech information network. Due to this any kind of defence against the cyber-attack is complicated because of the interdependence of information security decisions of the firms. The interdependency of information security risks often includes the firm to invest inefficiently in information technology security management. While the major use of information technologies has proved to have great benefits to organizations, for instance in the form of increased productivity, it sure has also escalated their exposure to IT security breaches. There have been major malicious activities which involve hacking, phishing, spread of viruses and worms and pharming, that compromises the working of an organizations security.
5. What kinds of threat related to data theft does an organization face?
Cybercriminals are discovering new techniques to hack the most sensitive networks in the world. Protecting business data today is a big challenge but awareness from the organizations end is the first step. The following are the biggest threats to an organization today:
a) Targeted cyber-attacks – The targeted attacks do not need the hacker to gather the information in one go, these attacks can keep extracting data over a longer period of time.
b) Data Breaches – Any breach where either a frustrated employee is involved, or any laptop of the organisation is misplaced, the data is escaping from the organisation.
c) Cloud computing – Cloud computing makes the companies to give their security control to outside party which setups a new security concern thus making it a threat.
6. How can malware writers adapt to software detection techniques?
Malicious code developers, for example exploit authors, write malware, viruses, backdoors, spyware, worms, trojans and other damaging code with an intent of hiding itself from anti-virus and other detection mechanisms. This is called obfuscation. Whereas on the other hand security researchers spend a lot of time on the other end of the spectrum, writing signatures and other behavioural analytics programs to detect the code that malicious developers write. This is the de-obfuscation part of the equation. Around huge percent of web-connected malware became much significant when anything malicious is downloaded within the first sixty seconds of the infection. The remaining malware which is web connected is processed more cautiously thus, postponing any further Internet activity by minutes, hours, or weeks. It is usually a deliberate attempt to bypass defenses that rely on short-term sandboxing analytics. (Barth, 2016)
7. Discuss the non-economic impacts of the Twitter incident.
The following are the non-economic impacts of the twitter incident-
a) Reputational Impact – Not only was the reputation of the Associated was tarnished but there was a huge impact on the trust with the company.
b) Physiological Impact – A streak of fear in people’s mind when they heard there could be an explosion in white house.