Posted by Stanley Bukowski.
On August 6, 1991 was when the internet, also known as the “World Wide Web”, became available to the public. At that time, cyber-attacks ever occurring, never crossed anyone’s mind. Since the launch of the World Wide Web, cyber-attacks and IT threats continue to significantly grow each year. Even though they are known to be threats to business/organizations/firms/universities, they are most importantly a threat to individuals themselves. Even though business/organizations/firms/universities may lose financial resources from cyber- attacks, individuals lose their sense of total personal privacy. Personal Privacy is a concept that is cherished and treasured for four main reasons (Brey). The first reason is that privacy must be well-adjusted to national security and public order. Secondly, it is known to be a condition that is necessary for autonomy, which allows individuals to develop their own personality through personal experiences. Thirdly, privacy is known to be a safeguard to us which shields them from external threats of exclusion and/or blackmail. Lastly, it can also provide social value as well.
In the field of computer security, one will see that it is the process of being able to counteract and detect illegal usage of a computer. Computer security deals with having the ability to act as a safeguard by fighting off cybercriminals/identity thieves that are trying to get a hold of our personal resources that we have stored on our computers. Basically, the main goal for computer security professionals is to provide the protection that is needed for the valuable information and resources that are stored on our computers. The two types of computer security systems that exist are: System Security, which protects the software and hardware of a computer from mischievous programs and Information Security, which protects three different types of data such as availability, confidentiality, and integrity (Brey).
On June 11, 2017 the University of Virginia was silently blind-sided with a cyber-attack from China, where several attackers that operated together to successfully wire transfer $996,000 to what was first an unknown, untraceable location. This attack was successful due to the fact that there was a breach of information that leaked out information that the University of Virginia was upgrading their security system and also due to the fact that the thieves stole a computer from the university that belonged to the comptroller (U.VA). Once the thieves had a hold of this information and the computer, they implanted a virus into the university’s entire IT system, which allowed them to gain access to the University’s accounts at BB&T Bank. When the virus ultimately completed the job that it was created for, they were able to steal the universities online banking credentials, commencing them to successfully complete a single wire transfer to the Agricultural Bank of China.
To most people, this would set off a red flag, especially since it was a wire transfer from a United States university to a random, unheard of bank located in China. Not only should that have been a red flag, but a red flag should also have gone off seeing that the University of Virginia had no prior records in their transfer history to wire transfer money to the bank in China. Regardless of the fact that most universities in America purchase their school supplies from across seas, they tend to always use reputable banks, where they have several prior transactions in their transfer history. Even though there is a good chance that the university may retain most of its lost, they will not receive the entire amount that was stolen.
Believe it or not, most thieves today are known to be what we call “cyber hackers.” Thieves that commit these types of crimes are the individuals, co-workers, friends, family members that you would least likely expect to commit such a crime. Before we continue any further, the next four descriptions that are listed below, are the characteristics that management of business/organizations/firms/universities should look for when trying to identify a thief (Singleton).:
- Reputable CharacterStudies show that you will never find a thief that disrupts the regular flow that happens daily at the working environment that they are a part of. These types of thieves will have the type of reputation at work where nothing ever seems to bother them. They will never portray or converse towards others or with others dishonest behavior and will never discuss their own personal financial issues. By doing so, management will never be suspicious that they would or ever think of stealing from the company.
- Collaborate with AdministrationYou will find thieves to always be individuals that continually help their co-workers out with projects. The only plot twist is–they will only help them to the point where they will not be exposed to information that management could possibly use against them. Thieves use reverse psychology and have a relaxed personality when dealing with auditors. They tend to put on a poker face and give auditors everything they need in order for the auditors to be able to complete their jobs. Thieves believe in the fact that if they behave like they have nothing to hide, auditors/management will never become suspicious of them.
- Work-a-holicsTaking a vacation from work will lead thieves down a one-way road, known as jail. If a thief were to take a vacation and the IRS/Auditor just happened to start an investigation while they were gone, will red flag them as the first source of why financial resources are missing. By not taking a vacation while the IRS/Auditor are conducting their investigation, there is a slimmer chance of the IRS/Auditor blaming them.
- Norm: SecrecyThieves know that to successfully commit corporate fraud, they need to follow the norm of secrecy. Thieves know not tell anyone within or outside the company about the future corporate fraud they are about to commit. The percentages of successfully completing corporate fraud diminish the more individuals that the thief would inform. No matter if it is their best friend, wife, brother, etc., thieves know that to successfully complete the operation, they must act as an assassin, working silently alone.
I believe that business/organizations/firms/universities that implement Biometrics Security Systems will not completely bring cyber-attacks to an end, but it will certainly decrease them to the bare minimum because it is a form of access control. Biometric Security Systems are known to be as a technique of entry in which users/individuals are recognized based on their physical individualities, personal/behavioral/biological features. Having a wide variety of alternatives to choose from, business/organizations/firms/universities have a large selection pool that they may elect from to incorporate a the type of biometrics of their choice. For example, fingerprint, retinal, & palm scanners and face recognition are just a few of the types of biometrics available. Fingerprints are now being used as access controls for smartphones because in order to unlock their phone with their fingerprint, the fingerprint must be equivalent to the fingerprint that was previously stored on the smartphones system. This prevents thieves from getting their hands on private information that is on the device. The same exact notion can be applied to the corporate world. (Lombard0).
Information of the advancement of Biometrics is spreading amongst many individuals today and is becoming more of a topic of discussion due to its popularity due to it replacing passwords with login credentials. The most recent examples of biometrics security systems is now used when individuals take the GMATS. Before entering to take the standardized test, the proctor uses a palm vein reader upon entry to ensure that the exam is not being taken by a random individual and that it is being taken by individual who signed up for the standardized test.
Years ago it would cost a business/organizations/firms/universities tens of thousands of dollars to implement such a finger print scanner into their building but today it only costs about $200 dollars to have a finger print scanner implemented into a desktop, $2,200 for a retinal scanner to be implemented at limited access doors, and $250 for a palm scanner for each room for an employee to enter their office. For example, if the company has 5,000 employees:
A. 5,000 employees * $200 finger print scanner laptop = $1,000,000 B. 5,000 employees *$250 palm scanner entrance to office room = $1,250,000 C. 5 retinal scanners * $2,200 enter limited access door = $11,000 D. 10,005 Installment fee for Scanners *$300 (avg of all three) = $3,001,500
E. Yearly Maintenance of all three Biometric Units = $25,000