Cyber Crime and Corporate Security Insights Research Paper

CYBER CRIME AND CORPORATE SECURITYAbstractIn the past, various businesses have lost huge sums of money to cybercriminals, while others have experienced severe service disruptions. This has been the case as cyber criminals execute schemes meant to advance certain agendas. For this reason, cybercrime is increasingly being seen as one of the most serious challenges that business enterprises (as well as government agencies) face today. Various surveys conducted in the past indicate that the problem could be worsening. The problem is aided by the emergence of what could be deemed as cybercrime facilitating factors such as crypto currencies. The dynamic nature of cybercrime, i.e. in relation to variations in the methodology and conduct of attacks, also makes it difficult for this particular challenge to be effectively dealt with. It is with this in mind that various interventions have been floated in the past to reign in this particular challenge. However, to a large extent, the success of such interventions has hugely varied. For this reason, there may be need for the formulation as well as implementation of a coherent cybercrime policy intervention. Such an intervention would ideally bring together various stakeholders and seek to incorporate certain theoretical perspectives so as to maximize chances of success.Cyber Crime and Corporate SecurityIntroductionThere are many challenges that organizations and agencies operating in todays world face. One such challenge happens to be cybercrime. Over the last few years, the number of organizations that have suffered at the hands of cyber criminals has gone up drastically. This is particularly the case as businesses increase their reliance upon computers and the World Wide Web to not only enhance efficiency and productivity, but to also pursue a competitive advantage. To a large extent, cybercrime could be conceptualized as the utilization of a computer system as the primary tool in the commission of an offense. In basic terms, such an offense could range from mere access to unauthorized data or information to theft of hundreds of millions of dollars. Multiple organizations within the country have fallen victim to cybercrime over the last one decade. While some of these organizations only ended up experiencing minor disruptions, others lost huge sums of money at the hand of cybercriminals. Still, others had their reputations irreparably tarnished as a consequence of data breach. It is likely that going forward, there will be marked increase in cybercrime rates as technology advances and as more businesses scale down their brick and mortar locations and take their operations online. It is likely that criminals will continue to deploy even more sophisticated approaches in an attempt to exploit vulnerabilities across various platforms.It would be prudent to note that there are various kinds of specific cyber security threats and challenges that corporations or enterprises grapple with today. This text will concern itself with four such challenges. More specifically, the challenges that will be addressed on this front are: ransomware, denial of service attacks (also referred to as DoS attacks), data breaches/theft, and hacktivism. With cybercrime being a growing concern, the relevance of deploying effective interventions to reign in the vice cannot be overstated. Many interventions have been proposed by various practitioners and commentators in the past. These are inclusive of the deployment of the creation of robust mechanisms for IT security. In this write up, prevention efforts will be assessed from the perspective of policy interventions.DiscussionTheoretical BackgroundIn seeking to develop better understanding of this particular phenomena i.e. in relation to its nature and conduct - there will be need to deploy one of the major crime and deviance theories. The theory that will be deployed in in this case is the social strain theory. It should be noted that there is no standard definition for this particular theory. This is more so the case given that various definitions to the same have been floated in the past. According to Moon, Blurton, McCluskey (2007), this particular theory makes an observation to the effect that persons could be pressurized to engage in criminal behavior by social structures. This is to say that an individual could be pressured into committing crime, including computer hacking and system intrusion, by societal structures. As Moon, Blurton, McCluskey (2007) further observe, the theory was first proposed by Robert K Merton in 1938. This theory appears to be the most ideal in the context of this discussion. We could speculate that those who engage in computer hacking, system intrusion, cyber terrorism and other formats of cybercrime usually cave in to social pressures to deploy their skills and capabilities to make money or pursue other non-profit agenda. To a large extent, most Hollywood movies and cinemas glorify such a course of action and routinely project characters who brilliantly hack into systems as heroes. This is the very same perspective that has gained considerable acceptance in the public domain especially when it comes to some formats of cybercrime such as hacktivism (Alexopoulou and Pavli, 2021). Continued engagement in cybercrime could, on the other hand, be explained in terms of the formation of communities with shared values. This is more so the case given that as Soderberg and Maxigas (2021) point out, there are three key pillars upon which the hacker community autonomy is founded. One of these pillars happens to be shared values. It would be prudent to note that as the authors in this case further observe, there are various formats under which the cultivation of shared values occurs. One such format happens to be regular online mass interactions. The said interactions could occur in a wide range of settings including, but not limited to; chat rooms and mailing lists. Shared values could also be cultivated via the embrace of symbolic signs and emblems. With this in mind, we could argue that individuals who engage in deviant behavior, and in this case in cybercrime, are motivated to do so by the societys embrace of this kind of behavior as a mark of brilliance, and subscription to the hacker culture. It would be prudent to note that familiarity with this school of thought could come in handy in efforts to deploy the most effective interventions to reign in the problem.Overview of IssuesAs has been pointed out in the introductory section of this text, some of the key cybersecurity challenges that businesses enterprises grapple with today are inclusive of ransomware, denial of service attacks, data breaches/theft, and hacktivism. Ransomware could simply be defined as a computer program designed to encrypt data effectively making the said data inaccessible to those who need it with the sole intention of demanding some form of payment so as to decrypt the affected data. It is for this reason that the term ransom is used, as in essence, there is a demand for the payment of money for the release (decryption) of data which is in this case the asset held captive. On the other hand, denial of service attacks (otherwise referred to as DoS attacks) happen to be malicious attacks on a network, service, or server with the intention of making such counters unavailable. The objective in making such counters unavailable is to ensure that users are unable to access crucial data, information, services, or execute certain commands.Third, we have data breaches/theft. As the name suggests, data theft happens to be the stealing of data which could in this case be available in a wide range of formats, i.e. in form of reports, statements, statistics, figures, or even simple document profile. In this realm, the said theft of data happens to take place via the utilization of computer systems and is perpetrated with malicious intent. One such intent could be gaining access to information that would otherwise be unavailable to unauthorized third parties (i.e. confidential competitor information). Further, the intention could be utilizaion of stolen confidential info as a bargaining chip for some form of payment with the threat of release of such information to the general public if the payment is not made.Lastly, yet another cybercrime concern that ought to be taken into consideration is hacktivism. It is important to note that hacktivism happens to be a relatively new phenomenon in the cyber security realm. To a large extent, unlike the other cybercrime concerns I have highlighted above, hacktivism is not necessarily profit-oriented. Instead, it is a kind of cybercrime activity meant to advance a certain political or social agenda. This does not make it any less of a criminal offense. For instance, a cybercriminal could break into a website of a political party and post statements loaded with a certain social or political agenda. The subsequent sections of this text will discuss the highlighted cyber security issues in greater detail. This is more so the case in relation to their execution and the impact that they have on business enterprises.Synthesis of Literature Reviewi. RansomwareRansomware happens to be one of the various kinds of malwares. According to Faruki et al., (2014), the other kinds of malware are inclusive of, but they are not limited to; spyware and virus. To a large extent, this happens to be one of the most frequent cybersecurity concern affecting businesses (Reshmi, 2021). This is more so the case given that that the deployment of the said malware happens to be rather lucrative. Reshmi (2021) indicates that of all the malware attacks that businesses encounter, most enterprises deem ransomware as being the most damaging or demanding from a financial perspective. Businesses that find themselves on the receiving end of ransomware often find themselves between a rock and a hard place with the choices in this case being either the loss of critical data or the payment of the sum demanded. It is important to note that to a large extent, crypto-currencies have enabled and/or facilitated ransomware attacks. This is more so the case given that thanks to crypto-currencies, cyber criminals can demand and receive ransom and leave no trace of their location or identity (Reshmi, 2021). According to the author, this makes it difficult to trace the said criminals. In addition to crypto-currencies, offenders also actively make use of platforms that are anonyimized to cover their tracks (Connolly and Wall, 2019). Also, as Connolly and Wall (2019) indicate,…

Some parts of this document are missing

Click here to view full document

…monetary losses, businesses have in the past suffered damaged reputation and lost productivity as a consequence of successful cyber-attacks. Romanosky (2016) indicates that multiple authors, agencies, as well as commentators have indicated that one of the greatest threats facing the country is cyber threats. Indeed, the White House (as cited in Romanosky, 2016) has in the past indicated that one of the most significant national security threats that the country faces today is cyber threats. Further, according to Comey (as cited in Romanosky, 2016) cyber threats happen to be of serious concern and could grow exponentially going forward. There are a number of policy interventions that have been deployed in the past in an attempt to reign in the challenge of cybercrime. One such intervention was the 2013 executive order signed by the president to ensure that the critical infrastructure of the nation was secured from these kinds of attacks. This particular executive order, as Romanosky (2016) indicates also called upon the National Institute of Standards and Technology (NIST) to come up with the relevant systems and structures to promote information security best practices. The all important question on this front remains; has significant progress been made in efforts to reduce instances of cybercrime? As has been indicated elsewhere in this text, available data indicates that instances of cybercrime, across all counters, have been on an upward trend over the last few years. This effectively means that there is need for more robust measures, on the policy front, to address this exponentially growing threat.In my opinion, the government and its various agencies happens to be a crucial stakeholder in efforts to protect businesses and citizens from cybersecurity risks. Thus, the role of government is not only limited to securing critical infrastructure from the said threats. Any policy intervention to secure the nation ought to be anchored in cyber security laws that are substantive and robust.There would also be need to weave the social strain theory into efforts to combat cyber threats via various policy measures. Interventions in this case ought to cognizant of the role that social pressures play in motivating persons to engage in cybercrime. As has been indicated elsewhere in this discussion, persons who engage in cybercrime are likely to have caved in to the expectations of peers, i.e. in as far as the deployment of their skills and capabilities in hacking activities is concerned. To a large extent, such behavior is in some scenarios considered pleasant and encouraged. With continued engagement in cybercrime, perpetrators of the said kinds of activities end up being held hostage by the shared values of hacking communities. There would be need to, thus, incorporate sensitization/education initiatives and rehabilitative factors into policy interventions meant to reign in this particular challenge. In as far as sensitization/education is concerned, learning institutions and various youth forums could be roped in to offer instruction on the nature, conduct, and harms of cybercrime. On the other hand, rehabilitative factors could seek to offer to reform those who have been engaged in various cybercrime activities, i.e. by inviting them into collaborative forums to explore ways to end the vice.A policy initiative also ought to cognizant of the dynamic nature of technology. This is to say that it should factor in the fact that technology changes on a constant basis. Thus, provisions should be made for interventions to be refreshed from time to time so as to ensure that new formats of cybercrime are captured.In the final analysis, there is also need for governments to embrace a collaborative format in their efforts to not only craft, but also deploy national cybersecurity defense strategies. Other key stakeholders with whom to collaborate are inclusive of, but they are not limited to, cyber security experts, businesses and enterprises, other governments, etc. This is especially given that as has been indicated elsewhere in this text, cybercrime is largely indiscriminative in its conduct. Further, it is transnational in nature. Collaboration would thus be instrumental in efforts to not only share intelligence on emerging threats, but also in knowledge-exchange about best approaches in efforts to combat the challenge.ConclusionCybercrime has in this text been described as one of the key issues that organizations face today. It is clear from the discussion above that organizations continue to suffer from the actions of cybercriminals who have been keen to exploit various vulnerabilities so as to advance their nefarious agendas. Available evidence indicates that the situation could be getting worse. This is more so the case given that cybercrime has been on an upward trend across all the counters highlighted in this text. The counters that have been extensively discussed in this write-up are; ransomware, denial of service attacks (DoS attacks), data breaches/theft, and hacktivism. For this reason, the relevance of deploying strategies meant to reign in the challenge cannot be overstated. The need for robust policy interventions has been restated in this write-up. It is also clear from the discussion above that no policy interventions can succeed outside of a collaborative framework. Towards this end, the suggestion is made that all stakeholders be roped in at both the design…