Targeted Capabilities | EssayIvy.com

Running head: TARGETED CAPABILITIES 1

Targeted Capabilities

Name

Institution

TARGETED CAPABILITIES 2

Targeted Capabilities

In the current landscape of cyber-security, it is hard to curtail all breaches. The present

cyber attackers have significant funding, are sophisticated and patient. Besides, they tend to

target vulnerabilities in processes, people, and technology. Furthermore, organizations are much

depending on digitized information and sharing vast amounts of data across the universe. These

tendencies have made firms easier targets for an array of diverse types of threats, meaning that

each enterprise’s daily data, operations, and intellectual property are intensely at risk, that is why

it is essential to come up with cyber-security measures. After all, a cyber-attack does not only

destroy the organization’s reputation and brand, but it may also lead to loss of competitive

advantage, create regulatory/legal noncompliance and cause a substantial financial damage (EY,

2014).

Cyber-security Threats

In a bid to comprehend precisely how technology becomes a target of cybercrime, it is

essential to understand the type of threats and the way they exploit technological systems. Most

people may ask the reason technology is rendered vulnerable at all, and the simple response is

trust. From the time it was developed, Internet driving protocols were not modeled for a

tomorrow that included exploitation. There was an insignificant expectation at its establishment

that one day there would be a need to mitigate attacks such as distributed denial of service

(DDoS).

Cybercrime entails various forms that range from websites denial of service attacks all

the way to blackmail, theft, manipulation, extortion, and destruction. The tools used are varied

and may envelop ransomware, malware, social engineering, spyware, as well as alterations of

physical devices such as ATM skimmers. Thus, it is not a surprise that the small scope of

TARGETED CAPABILITIES 3

possible attacks is broad, a problem increased by what is commonly referred to as the attack

surface, which is the size of vulnerability that software and hardware presents. For instance, if an

exploit of hacking targets Apple iPhones and all the employees in that company are in possession

of one, then the attack surface will be determined by the number of workers in that business.

Additionally, software and hardware offer a wide array of vectors for attacks. For instance, an

iPhone may have a varied range of vulnerabilities that can be exploited and used together to hack

a device (ACS, 2016).

Consequently, the embedded systems that power infrastructure including electricity,

transport, and communications are also targets for cyber-attacks. Here, threats tend to be

targeted, but the impacts are considered even more dangerous. For instance, turning off an

electrical grid can lead to a life-threatening outcome (ACS, 2016). A vital point to note is that an

attack can be appreciated as targeted if it meets the criteria of scope, persistence, and level of

effort. Scope means that instead of making attempts to victimize as many people as they can,

attackers concentrate on a particular organization or group of companies in a specific industry.

The attack scope may further be reduced to individual employees in a firm (O'Leary, Grahn, &

Poarch, 2017).

Persistence, on the other hand, means that attackers prioritize on outlined and coordinated

activities that lead to the achievement of specific goals, instead of racing through an attack with

the idea of outpacing cyber-security efforts put in place. Staying undetected is a significant

priority- a slow-and-low approach is used majorly. Lastly, the level of effort means that the

cyber attackers spend substantial resources, time and attempts performing the attack. Moreover,

targeted threats are mostly unearthed long after the breach, when a confidential customer,

security, and corporate data have been stolen. Therefore, they are not only an IT security issue,

TARGETED CAPABILITIES 4

but also a business challenge that may devastatingly affect an organization’s brand reputation,

financial performance, and customer loyalty (O'Leary, Grahn, & Poarch, 2017).

The Internet of Things (IoT)

IoT envelopes the many and varied devices that are on sale today, or that will soon be on

the market, which will also get connected and remain on the internet fulltime. Typically, they

include products such as smart TVs and webcams. Such an environment increases the cyberspace

that can be attacked and the situation will even get worse once everything shortly gets hooked to

the internet for more comfortable sharing of information and communication. The increased

connectivity of products is risky because of the botnet armies. A bot (also referred to as a

‘zombie’) is a remotely –compromised and controlled- unknown to the owner – device of

computing that’s linked to the internet. Moreover, most of these gadgets are modeled with only

necessary security that attackers can easily bypass, enabling them to input malware and remotely

control the device (ACS, 2016).

Autonomous Systems

Independent systems are modeled to blend with the society; hence, they become the

second nature. However, relying on these systems make their abuse outcome very devastating.

Additionally, these technologies are integrated into the critical infrastructure such as systems of

payment and autonomous cars in the transport network (NAP, 2007). Hence, to avoid adverse

effects of cyber-attacks, cyber-security should be focused on safeguarding them.

Consequently, the present era is experiencing driverless cars take the limelight away from

autonomous systems. There may not be any written case of willful misuse of driverless vehicles,

but hacking has been witnessed with autonomous cars being controlled remotely. Therefore, to

secure individuals using the transport sector, improved security is essential. Furthermore, credit

TARGETED CAPABILITIES 5

cards have been targeted by fraudsters, spurring the creation of RFID chips and additional

safeguarding technology in the ecosystem of banking. However, security is an arms race and

threats such as skimming are currently a universal phenomenon that makes it possible for data

cards to be read and wirelessly transmitted in real time from ATMs and point of sale (POS)

devices. Moreover, systems of POS are an entire sub-category of cybercrime infiltration, and it is

the weakest payment processing point. Therefore, it is not surprising to get malware individually

modeled to retrieve data from embedded systems in the POS (ACS, 2016).

External and Internal Factors that Lead to Successful Breach

The key elements that enhance the success of development of targeted attacks on IT

technologies are reduced to five major factors. The first one is lack of capabilities to prevent and

an over-optimistic idea of today’s perimeter security. The second aspect is the low awareness of

employees on the risks of information security. The third factor is lack of visibility on the IT

environment and especially network routing. Four is outdated and proprietary operating systems

and software. The last is lack of a qualified security team on matters of digital forensics, malware

research, threat intelligence, and incident response (Kaspersky, 2017).

Recommendations

Cyberspace security should be a team effort if the targeted capabilities are going to be

successfully safeguarded. Precisely, it is from the formation of partnerships that interagency

coordination and information sharing is made possible. Information sharing is critical because it

informs all the relevant parties about potential or malicious cyber activities. Partners can also

share detailed insights on the lessons learned and the best practices of cyber-security. Secondly,

the government should construct bridges that link them to the private sector, given that the

private sector develops the IoT that eventually become targets for cyber threats. Hence, it is vital

TARGETED CAPABILITIES 6

for the State’s cyber-security branch to work closely with the private sector to commercialize and

validate new cyber-security ideas for the Department (DoD, 2015).

Thirdly, if organizations are going to combat cyber-attacks successfully, they ought to

move from a perimeter-based mentality to an active-comprehensive approach that concentrates

on several layers of analytics, defense, and incidence response. Also, organizations should

outline the critical elements of a strategy of defense, and this includes a clear understanding of

what needs protection, security posture analysis, data classification, training and security

awareness, enhanced capabilities of detection, and proactive plans of incidence response

(O'Leary, Grahn, & Poarch, 2017).

Conclusion

Cybercrimes have become a significant concern both at an individual and organizational

level. From the above arguments, it is clear that more technological innovations augment

cyberspace attack. The new novelties come with primary security measures that can easily be

bypassed by determined cybercriminals. Moreover, the lack of awareness of security risks for

most internet users increases their chances of being compromised. In this regard, cyber-security

should be modeled to not only combat but also safeguard the targeted hardware and software

from potential attacks.

TARGETED CAPABILITIES 7

References

ACS. (2016). Cybersecurity: Threats, Challenges, and Opportunities. Sydney: ACS.

DoD. (2015). The Department of Defence Cyber Strategy. Washington, DC: The Department of

Defence.

EY. (2014). Cyber threat intelligence - how to get ahead of cybercrime. Ernst & Young Global

Limited.

Kaspersky. (2017). Advanced Threat Defense and Targeted Attack Risk Mitigation. Retrieved

from https://media.kaspersky.com/en/business-

security/enterprise/kl_kata_whitepaper_og.pdf

NAP. (2007). Chapter 5: Cyberterrorism and Security Measures. In NAP, Science and

Technology to Counter Terrorism: Proceedings of an Indo-U.S. Workshop. Washington,

DC: National Academy of Sciences.

O'Leary, D., Grahn, A., & Poarch, D. (2017). How to Successfully Combat Targeted Cyber

Attacks. Retrieved from http://focus.forsythe.com/articles/268/Combating-Advanced-

Persistent-Threats

Place new order. It's free, fast and safe

Paper type

Deadline

Page count

550 words

Total price: $ 15.00

Our customers say

Jeff Curtis

USA, Student

"I'm fully satisfied with the essay I've just received. When I read it, I felt like it was exactly what I wanted to say, but couldn’t find the necessary words. Thank you!"

Ian McGregor

UK, Student

"I don’t know what I would do without your assistance! With your help, I met my deadline just in time and the work was very professional. I will be back in several days with another assignment!"

Shannon Williams

Canada, Student

"It was the perfect experience! I enjoyed working with my writer, he delivered my work on time and followed all the guidelines about the referencing and contents."