Research Paper on Effects of Cyber-Attacks

Introduction

A cyber-attack can be defined as a malicious and intentional attempt to breach the computer system, network, or technology-dependent enterprise of an individual or organization. The attacker uses a certain code to change computer data or logic, usually seeking some kind of benefit from breaching the victim's network. Cyber-attacks result in disruptive consequences capable of compromising data and leading to various cybercrimes such as identity theft. According to Hirshfield et al. (2019), cybercrime has been on the increase in recent times as hackers try to benefit from vulnerable computer systems. Attackers often seek monetary ransom although others have ulterior motives such as intentional sabotage of systems and data for various causes. Due to the damage and devastation that they cause, cyber-attacks have a significant impact on individuals, business, and government agencies.

Is your time best spent reading someone else’s essay? Get a 100% original essay FROM A CERTIFIED WRITER!

Order now

Research Questions: The paper attempts to answer the following questions: What are the various types of cyber-attacks? What causes cyber-attacks? What happens in the course of a cyber-attack? What are the effects of cyber-attacks on individuals, private businesses, and government agencies?

Research Objective: The objective of this research paper is to gather the available literature on cyber attacks, identify the various domains of research, and extract any guidelines and recommendations contained in the literature.

Literature Review

To understand the impact of cyber-attacks, it is worth looking at some common types of attacks and the terms associated with them. Malware is malicious software that includes viruses, worms, ransomware, and spyware. Breaches linked to malware access a computer network through certain vulnerability, usually when a user clicks on an infected email attachment or website link that then automatically installs malevolent software. Once the malware is inside the system, it can trigger a code that prevents access to key network components, or install additional harmful software. It can also trigger spyware that covertly accesses information by transmitting data from the system's hard drive, or disrupt certain components to render the system inoperable(Hirshfield et al., 2019).

A botnet is a network of connected devices infected with certain malicious software. Hackers can access a botnet without the network owner's knowledge in order to boost the severity of their attacks. Such a botnet is often used to overwhelm systems when orchestrating a DDoS (denial-of-service) attack. Phishing is a process whereby fraudulent communications are sent in such a way that they appear to originate from a reputable source, typically via email. The practice is meant to access sensitive data such as login and credit card information, or install malicious software into the victim's network (Amir, Levi, & Livne, 2018).

MitM (Man-in-the-middle) attacks, also referred to as eavesdropping attacks, involve attackers crashing into in a two-way transaction. As soon as they interrupt the traffic, they can then filter and access sensitive data. According to Amir, Levi and Livne (2018), a common entry point for MitM attacks is unsecured public Wi-Fi where an attacker can get in between the network and a user's device. The user then unknowingly passes all sensitive information via the network. Another entry point involves using malware to breach a device whereby an attacker installs software that can process all of the target's information.

A DDoS attack floods networks, servers, or systems with traffic in order to exhaust bandwidth and resources. This makes the system unable to fulfill valid requests. Hackers can also launch this attack using multiple compromised devices. A SQL (Structured Query Language) attack involves an attacker inserting malicious codes into a server that utilizes SQL, forcing it reveal information that it should not. Hacker can do this by merely submitting a malicious code into a susceptible website search box. A zero-day exploit attack occurs just when certain vulnerability in a network is announced but a solution is yet to be implemented. The attacker takes advantage of the disclosed vulnerability within this window of time.

Discussion

Cybercrime is always on the news as major attacks and huge data breaches occur at large business organizations, corporations, companies, and business agencies. All in all, cyber-attackers are not just restricted to big companies and national governments. Hackers target individuals just as relentlessly as they do large organizations. A major company can afford to hire an efficient and dedicated cyber security team. Hoover, the average person is mostly on their own when it comes to securing their computers, networks, devices, and personal data. Such a situation means that there are millions of potential targets out there that are vulnerable to cyber-attacks. The targets can range from the kind of ransomware and data theft that hackers orchestrate towards corporations, to more personal attacks simply meant to cause chaos and distress.

Cybercriminals continue to scale their activities and attacks. Ordinary citizens need to know that their devices and networks can be protected from breaches just as well as corporations. Recent studies indicate that many individuals are not even aware of the risks posed by cyber-attacks. A significant percentage cannot distinguish a phishing email from a legitimate one. While some think that they may be likely targets, the vast majority of them have experienced a phishing attack at one time or another. Top cybersecurity companies often report that attacks on mobile devices are on the increase, with Trojans being popular entry points. Hackers can easily disguise this malware by marketing it in trusted app stores where it can seamlessly blend with legitimate apps (Hirshfield et al., 2019). Social media and unpatched software are other common examples, given how the interactive nature of social networking websites makes it easier for malicious software to spread. Many people are just not aware of the threat that cybercriminals pose, a situation that hackers are too happy to take advantage of.

Cyber-attacks and breaches at any level can be quite destructive. However, it is individual who often bear the blunt of it since they often do not have the resources to recover from a damaging attack. A big company can be insured and less likely to go bankrupt after a breach. A hacker does not necessarily have to still all the victim's bank-deposited money to cause damage. According to Tariq (2018), the average ransomware is about $1,000, which could be a drop in the well for a major corporation. But to the average person, that is a lot of money that can cater for various household expenses for some time. Some cybercriminals do not carry out attacks for monetary gains. They just want to cause chaos as a form of entertainment or as a way of protest. With more and more accounts and apps being connected to the World Wide Web today, it is easier for hackers to access them and wreck havoc into an individual's life just because they think it is fun.

References

Amir, E., Levi, S., & Livne, T. (2018). Do firms underreport information on cyber-attacks? Evidence from capital markets. Review of Accounting Studies, 23(3), 1177-1206.

Hirshfield, L., Bobko, P., Barelka, A. J., Costa, M. R., Funke, G. J., Mancuso, V. F., ... & Knott, B. A. (2019). The role of human operators' suspicion in the detection of cyber attacks. In Cyber Law, Privacy, and Security: Concepts, Methodologies, Tools, and Applications (pp. 1482-1499). IGI Global.

Tariq, N. (2018). IMPACT OF CYBERATTACKS ON FINANCIAL INSTITUTIONS. Journal of Internet Banking and Commerce, 23(2), 1-11. Retrieved from http://www.icommercecentral.com/open-access/impact-of-cyberattacks-on-financial-institutions.pdf