Brian Wrote :
There is a wide range of
cybersecurity initiatives that exist on the international level through
collaborative efforts between the Department of Homeland Security (DHS) and
numerous organizational units (UMUC, 2012). According to UMUC (2012),
some examples of these initiatives are:
- Federal Law Enforcement Training Center
- National Cyber Security Division
- National Communications System
- Office of Infrastructure Protection
- Office of Operations Coordination
- Privacy Office
- U.S. Secret Service
- U.S. Immigration and Customs Enforcement
- Organization of American States Assistance
“The National Cyber Security
Division works to secure cyberspace and America’s cyber assets in cooperation
with public, private, and international entities” (UMUC, 2012). This is
done using several strategic plans and directives, such as the Presidential
Decision Directive 7, the Information Technology Sector Specific Plan, the
National Strategy to Secure Cyber Space, National Infrastructure Preparedness
Plan, and the National Response Plan (UMUC, 2012). A challenge that the
National Cyber Security Division faces in providing an effective deterrent to
cybersecurity threats are the constant evolving technologies. These
include for both good and bad. Cyber attacks are constantly evolving and
so are the technologies use to protect from them. In order for the
National Cyber Security Division to effectively deter them not only do they
have to stay up-to-date but also so do all of the strategic plans and
directives that they use.
Another initiative is the Federal
Law Enforcement Training Center (FLETC) that emerged in the 1980s. This
initiative puts forth “efforts to counter international hijackings and
financial crimes” (UMUC, 2012). It now also extends law enforcement
abroad to help against terrorist activity, international crime, and
drug-trafficking (UMUC, 2012). It does those with the partner of
Department of State. A challenge that the FLETC faces in providing an
effective deterrent to cybersecurity threats are their international
limitations. All though they have partnered abroad with select foreign
nations they still have restrictions and limitations as to what exactly they
can do.
Justin Wrote:
Mutual Legal Assistance Treaties
(MLATs) are established between two or more nations and provide a formal means
of exchanging evidence and information pertaining to criminal acts or cases
that occur outside of a nation’s legal jurisdiction. The primary issue
associated with MLATs and cybercrime is the inconsistency of host nation laws.
Many nations feel that the idea of a global anti-crime initiative may
contradict a nation’s fundamental principles (Finklea&Theohary, 2012,
p.24). There is no standardized definition for cybercrime which means that one
nation may view a virtual act as a crime and the other, with which the MLAT
exists, may not. If the two nations agree on the legality of the act then the
requesting nation may submit for assistance (Brenner &Schwerha, 2004,
p.112). The host nation may determine to what extent the requesting nation may
receive and view case evidence and pursue and prosecute the perpetrator.
The
theft of individual financial data from Target databases this past November and
December was believed to have originated from a heating, ventilation, and air
conditioning company that had a financial account established with the company.
It was later discovered that the HVAC company was the victim of a cyber-attack
and was used as a gateway into Target’s databases. The perpetrators used the
account to upload malicious software designed to steal credit and debit card
credentials and pin numbers. In a matter of days, the software moved across
Target’s global customer base, exposing over 40 million accounts (Krebs, 2013).
Investigators have traced the card data to multiple destinations; one drop
being in Brazil. The U.S. government has submitted an MLAT to the Brazilian
government to gain access to Target data on the exploited server. U.S.
officials are still unclear as to the origination of the software and
investigators are skeptical that a perpetrator will be found, at least within
the United States.
MLATs
play a critical role in solving international crimes and they provide a
reasonable foundation for international cooperation and collaboration among law
enforcement agencies. In 2003, a police officer in Denmark discovered
disturbing pictures on the Internet of a child being sexually abused. The
officer transmitted the pictures through an INTERPOL database which led to the
arrest of Brian Schellenberger of North Carolina. Because of the officer’s
diligence, five of Schellenberger’s victims were found and rescued. In
Australia, 2005, a Queensland officer had infiltrated a U.S. citizen who had
been distributing child pornography. The officer contacted the Federal Bureau
of Investigation which led to the arrest of Walter J. Kemic. The Australian
officer had just completed an online investigation course at the FBI offices
prior to returning to Australia (Bell, A.E., 2007). Due to mutual legal
assistance, law enforcement officials were able to collect the evidence
necessary to prosecute the perpetrators.
Larry
Wrote:
What are the elements of the Risk Management Framework?
According
to the National Infrastructure Protection Plan (NIPP), the Risk Management
Framework (RMF) is described as follows: (DHS,
2013)
· Set Security Goals
· Identify assets, systems, networks and functions
· Assess risks
· Prioritize
· Implement protective programs
· Measure effectiveness
These guidelines can help an organization protect their
assets while helping to maintain a strong security posture. It is also the
responsibility of the organization to conduct their due diligence and utilize
all available avenues in trying to secure their infrastructure and information.
The NIPP RMF document is also very similar to the National Institute of
Standards and Technology (NIST) Special Publications (SP) 800-37 which is the
Guide for Applying the Risk Management Framework to Federal Information
Systems. This document is primarily used within the DoD and federal government
to help protect their networks and systems.
B. Why should organizations consider the use of that framework
for a cybersecurity program?
One of the
biggest concerns within our public and private sectors is the security of our
critical infrastructure. This infrastructure consists of our power grid, water,
transportation, communications, financial and medical systems to name a few.
These areas are prime targets for the hacker and/or hacktivist as they try and
infiltrate these networks. There have been several cases showing that these
systems are very vulnerable and can be easily attacked. In 2007, there was a
“computer glitch” that occurred within the systems that control the updating of
Dow Jones Industrial Average. The glitch caused a delay in the updates which required
switching to the backup system. Once the update was completed, massive sell-off
had occurred and the Dow had its biggest loss since after 9/11. (McCarthy, Burrow, Dion, & Pacheco, 2009)
This issue was never identified as a cyber-attack but this example just goes to
show how damaging a simple computer glitch can be to our infrastructure.
The
previous issue could have turned out to be a major issue if it had indeed been
some sort of criminal cyber-attack. Many of our critical infrastructure
programs are under constant attack and need to be protected from many of these
cyber-criminals, hackers, hacktivists or other actors. By implementing and
using the guidelines associated within the RMF, organizations will be in a
better position to detect, deter, prevent and reduce any of the vulnerabilities
that can be exploited by any known or unknown cyber-criminal.
John
Wrote:
Cyber security
awareness and education programs are an important step to take for risk
mitigation because cyber threats exist at every user level. In effort to bring
awareness and education to the business sector and also make this information
available to all U.S. citizens, the Department of Homeland Security advertises
and distributes cyber security information under National Initiative for
Cybersecurity Education (NICE). One recent NICE outreach program,
Stop-Think-Connect, utilizes the internet, public forums, and promotes training
tools to use for cybersecurity education programs. The NICE webpage (hosted on
the DHS website) gives the program mission statement as follows, “The
Stop.Think.Connect. Campaign is a national public awareness campaign aimed at
increasing the understanding of cyber threats and empowering the American
public to be safer and more secure online” (DHS, 2010). The tenants
of this campaign are as follows: (1) Stop: Before you use the Internet, take time to
understand the risks and learn how to spot potential problems; (2) Think: Consider how your actions online could
impact your safety, or your family’s; and (3)Connect: Enjoy the Internet with greater confidence,
knowing you’ve taken the right steps to safeguard yourself and your computer.Clearly,
the intended audience is the individual user.
The NICE program
spawned out of the Cyberspace Policy Review, issued by President Obama in 2009.
It is of important and relevant note to highlight the goal of the Cyberspace
Policy Review, which is to “become the blueprint from which our nation's
cybersecurity foundation will transform into an assured and resilient digital
infrastructure for the future” (DHS, 2010). A major element of the NICE
public awareness campaign is the promotion of Cyber Security Awareness Month,
occurring annually in the month of October. Education and training programs
disseminated through Cyber Security Awareness Month support the NICE outreach
program efforts by distributing national cybersecurity awareness through public
service events; delivering formal cybersecurity education at the public schools
level, from K-12 to Vocational/Technical schools; providing a federal
cybersecurity workforce structure; and hosting cybersecurity workforce training
and professional development for federal government civilian, military, and
contactor personnel (The White House).
No comments:
Post a Comment