Computer Science Technology
Telecommunications merged with computers in the late 1970’s and 1980’s creating an information revolution. Over the last decades, computers and information systems have been integrated into every aspect of human life including health, education, security management, financial and banking services, business, social communication and manufacturing. Therefore, technology has created numerous benefits and opportunities. However, at the same time technology has created several threats including cyber security or ability by individuals to interfere with the system. Cyber security is a major dilemma facing governments, private institutions, and individuals. Cybercriminals have access to sophisticated technologies that facilitate attacks on systems and also personal devices. Cyber security is a new challenge that caught business, governments and individuals unaware. Construction of secure systems, monitoring, and surveillance of cyber activities is critical to ensuring cyber security with the revolution of information management by digital systems.
Types of Tools Used by Cyber Criminals
Hackers or cybercriminal use a variety of cyber tools to explore and exploit vulnerabilities in systems. The results are always catastrophic including loss of data, damaged systems or data corruption mainly by malicious tools. Types of malicious software’s used to carry out attacks on systems include worms, Trojans, viruses, and botnets. Viruses and worms are the commonly known types of malware programs used to attack systems. A virus is a computer program that spreads by replicating the original code several times infecting all computer files. The effect of viruses on systems includes denial of service, data corruption or complete loss of data. Viruses attack executable files and remain inactive until the user clicks on the file and the virus is activated. Worms replicate like the viruses but do not need to attach to executable files to operate. Worms spread through social engineering or exploring system vulnerabilities such as the lack of an anti-virus system. Worms target information exchange in the system and are used to steal data. Famous types of worms in computer history include Mydoom, Sobig, Conficker, SQL slummer, and Stuxnet. Example, the Stuxnet worm was believed to have been built by the American and the Israel intelligence services to target SCADA systems. The worm could target industrial systems such as nuclear power plants and waste processing systems. The administrators could then monitor and control the vulnerable system without the knowledge of the operators. The worm was used to damage a nuclear enrichment facility in Iran. Trojans create backdoors into the user system facilitating entry of virus and worms but have no replication power. Bots are used to gather information and interact with users. However, bots are used by attackers to gain control of systems gather data, analyze packets and launch denial of service attacks.
Other types of attacks include spear phishing a target attack method that involves tricking users to open infected links on their emails. Second, Ransomware refers to the type of malicious software that take control of the user system and force them to pay a ransom to have the system to decrypt.
The Budapest Convention
The Budapest Convention or the Convention on Cybercrime refers to a binding international binding treaty or instrument aimed at cybersecurity and management. The Budapest Convention signatories primary includes members of the Council of Europe and non-European members including United States, Japan and South Africa. The Convention is significant because it is the first international treaty dealing with computer crimes or cyber crimes. The main focus of the Budapest Convention includes computer-related fraud, child pornography, violation of network security and infringements of copyright. The primary objective of the Convention is to pursue a common cybercrime policy and protect the entire society from the growing threat of cybercrime. The Budapest Convention identifies that only by international cooperation and adopting strict legislation can the governments tackle cyber crime. International cooperation is necessary to deter attacks on integrity, confidentiality, and availability of computer networks, systems, and computer data.
The Budapest Convention components include 48 articles addressing several issues and terms are related to cyber crime. The legislation requires that each party adopts legislative measures against cybercrime offenses at the domestic level and cooperate at the international level. The main components of the articles include article two, requires states to take action against illegal access to networks and computer systems. Article three discusses illegal interception of data while on transit using a variety of tools such as data packets sniffers. Article four discusses data interference with intent to cause harm either by deletion, alteration or suppression. Article five of the Budapest Convention discusses data interference, similar to article four the article warns against manipulation of computer systems and data. Article six of the convention requires parties to regulate misuse of devices and tools used to commit cybercrimes. The article prohibits against production and distribution of computer software with lethal capabilities such as network intrusion and control.
Article nine addresses offenses related to child pornography. Offenses include producing, sharing, selling, procuring and possessing child pornography in a computer system or storage medium. The Convention requires states to prosecute and share intelligence relating to child pornography production and also distribution. Article ten of the Convention provides guidelines for offenses relating to infringement of copyright. The legislation requires state parties to protect against domestic intellectual property infringement. Article ten further requires that member parties adhere to international treats on intellectual property including the Rome Convention and International Convention for the Protection of Performers. Article eleven of the requires member states to cooperate against crimes that include attempt, aiding or abetting of computer crimes.
United States Cyber Security Agencies
Several agencies in the United States have the responsibility of protecting the country against domestic and external cyber attacks. The agencies comprise the Federal Bureau of Investigation (FBI), Central Intelligence Agency (CIA), National Security Agency (NSA), and Cyber Threat Intelligence Integration Center (CTIIC). All the agencies are under the Federal Government and perform sometimes overlapping functions to ensure the security of the United States and her infrastructures. The Federal Bureau of Investigation (FBI) is under the Department of Homeland Security. The FBI leads the National Cyber Investigative Joint Task Force (NCIJTF) and works with other intelligence divisions to protect against Cyber attacks and threats. The Central Intelligence Agency (CIA) has no domestic mandate and is responsible for security on the international frontier. The CIA is directly under the federal government and is responsible for ‘Convert Operations.’ The CIA neutralizes international targets that pose a threat to the United States infrastructures. The National Security Agency is under the Department of Defense (DOD). The NSA is tasked with gathering and also analysis of foreign communication data with an aim of identifying potential threats to United States Security. The NSA, FBI, and the FBI, the primary bodies responsible for U.S. cyber security, are members of the United States Intelligence Community. Each of the bodies is led by a director appointed by the President and approved by the Senate.
The U.S. cyber command is directly under the Department of Defense. The Cyber Command protects the entire DOD network, operations, and system from any form of attack. The operations include military activities and operations globally. After the attack on Sony in 2015, Cyber Threat Intelligence Integration Center (CTIIC) was formed. The CTIIC will be responsible for analyzing data to identify patterns and work in conjunction with National Cybersecurity and Communications Integration Center (NCCIC).
Global, Regional and Bilateral Structures
Countries have established several bilateral agreements to combat Cyber Crime. The United Nations Group of Governmental Experts (GGE) is an international advocate group. The group advocates to major powers include Japan, United States, European powers, China, and Russia to take a unified position on Cyber Crimes. The International Telecommunications Union (ITU) is a global body bringing together major telecommunication players globally. The ITU is under the United Nations and is responsible for allocating radio spectrum and satellite orbits and setting standards for engineering. The ITU is a brokerage unit that ensures that countries adopt compatible cyber and engineering standards. The World Trade Organization acts as an arbitrator on global conflicts involving cyber technologies and crimes. Example, the United States has accused China before the WTO of cyber espionage and of targeting United States facilities and infrastructures. The Budapest Convention is a major global cooperation treaty on Cyber Crime. The Budapest Convention signatories include United States, European Union and Asian nations China and Japan. The Council of Europe established the Budapest Convention or Convention of Cybercrime to ensure states cooperation in tackling the growing threat of Cyber Crime. The World Intellectual property Organization (WITO) solves patent conflicts and also registers new patents to prevent infringement.
In Asia, the Asia-Pacific Economic Cooperation (APEC) is responsible for making bilateral arrangements on Cybercrime. Asian powers include Korea, Japan, Taiwan and China are members of the APEC. APEC regulates several issues related to Cyber technology including intellectual property and also data privacy. Russia and China formed a cyber-security pact in 2015 promising to cooperate in all matters relating to cyber welfare including security and sharing of Cyber technologies. Russia and the United States also signed the Cybersecurity confidence-building agreement in 2013. The agreement allows for sharing and cooperation to handle emerging threats through the nuclear hotline system established between the two countries.