Papers

Saichand Mekala IS660 Fall 2014 opinion paper 4 In the real world, we are facing a huge downtime for about 12-18 months in the Information security field. The question is what happened over the last year or so that caused all these issues. I will start with the threats that we face and who are the people that are coming after us. If I consider large corporations, they are facing three types of threats, “first of them is the disruption of commerce, we usually think about people who are hacktivists”. Hacktivists are anyone of those who hate big companies or who hates America or who hates individual companies, they tend to do denial of service attacks or website defacement or some other nuisance. “The second group tend to be people that are much more focussed on stealing money i.e, identity theft or fraud”. This is one serious problem but we know how to deal with. Traditionally, this is been the province of organized crime of Eastern european nations etc. About five years ago, we saw significant increase in the nations state sponsored cyber attacks, people that were really focussed on stealing intellectual property for example, what’s the latest chip designed by Intel or What’s the latest technology used in the fighter plane etc. The challenge we have seen recently is the coupling of the first group and second group. Now a days, it is migrating from disruption to destruction(the third threat), so when we think about what changed in a year is the couple of things, one is increase in the pace, sophistication, complexity and impact, two is change in the motivation. The motivations are moving from inconvenience of theft to espionage alter destruction. Instead of compromising the computers, they are compromising people and letting them to interpret between their job and other factors. They target people by using spear phishing attacks and other attacks with the help of root kits. These two are the main reasons why Information security fails.