Sniffer allows individuals to capture data as it is transmitted over a network. This technique is used by network professionals to diagnose network issues, and by malicious users to capture unencrypted data, like passwords and usernames. If this information is captured in transit, a user can gain access to a system or network.

Phishing is a cyber-attack that uses disguised email as a weapon. The goal is to trick the email recipient into believing that the message is something they want or need a request from their bank, for instance, or a note from someone in their company and to click a link or download an attachment.

Pharming is a scamming practice in which malicious code is installed on a personal computer or server, misdirecting users to fraudulent Web sites without their knowledge or consent. Pharming has been called "phishing without a lure.

Spoofing is a type of scam where an intruder attempts to gain unauthorized access to a user's system or information by pretending to be the user. The main purpose is to trick the user into releasing sensitive information in order to gain access to one's bank account, computer system or to steal personal information, such as passwords.

 

 

 

 

1)Secure Sockets Layer (SSL): SSL and its successor Transport Layer Security (TLS) enable client and server computers to establish a secure connection session and manage encryption and decryption activities.

2) Secure Hypertext Transfer Protocol (S-HTTP) is another protocol used for encrypting data flowing over the Internet, but it is limited to individual messages.

Cyber warfare refers to the use of digital attacks like computer viruses and hacking -- by one country to disrupt the vital computer systems of another, with the aim of creating damage, death and destruction. Future wars will see hackers using computer code to attack an enemy's infrastructure, fighting alongside troops using conventional weapons like guns and missiles.

Computer forensics is the practice of collecting, analyzing and reporting on digital data in a way that is legally admissible. It can be used in the detection and prevention of crime and in any dispute where evidence is stored digitally. Computer forensics follows a similar process to other forensic disciplines, and faces similar issues.

1) Firewall 

A firewall is a network security device that monitors incoming and outgoing network traffic and decides whether to allow or block specific traffic based on a defined set of security rules. They establish a barrier between secured and controlled internal networks that can be trusted and untrusted outside networks, such as the Internet. A firewall can be hardware, software, or both.

An intrusion detection system (IDS) is a system that monitors network traffic for suspicious activity and issues alerts when such activity is discovered. While anomaly detection and reporting is the primary function, some intrusion detection systems are capable of taking actions when malicious acitivity or anomalous traffic is detected, including blocking traffic sent from suspicious IP addresses.

Antivirus software is a type of utility used for scanning and removing viruses from your computer. While many types of antivirus (or "anti-virus") programs exist, their primary purpose is to protect computers from viruses and remove any viruses that are found. Most antivirus programs include both automatic and manual scanning capabilities.

General structure. They help ensure the reliability of data generated by IT systems and support the assertion that systems operate as intended and that output is reliable. Usually include the following types of controls: 

·  Control environment, or those controls designed to shape the corporate culture or "tone at the top."

·  Change management procedures - controls designed to ensure the changes meet business requirements and are authorized.

· Source code/document version control procedures - controls designed to protect the integrity of program code

·  Software development life cycle standards - controls designed to ensure IT projects are effectively managed.

Application controls are fully automated (i.e., performed automatically by the systems) designed to ensure the complete and accurate processing of data, from input through output. These controls vary based on the business purpose of the specific application. These controls may also help ensure the privacy and security of data transmitted between applications. Categories of IT application controls may include: 

·Completeness checks - controls that ensure all records were processed from initiation to completion.

· Validity checks - controls that ensure only valid data is input or processed.

· Identification - controls that ensure all users are uniquely and irrefutably identified.

· Authentication - controls that provide an authentication mechanism in the application system.

 

1)       Spyware
Spyware is any technology that aids in gathering information about a person or organization without their knowledge. On the Internet (where it is sometimes called a Spybot or tracking software), Spyware is programming that is put in someone's computer to secretly gather information about the user and relay it to advertisers or other interested parties. Spyware can get in a computer as a software virus or as the result of installing a new program.

2)       Virus
A virus is a program or programming code that replicates by being copied or initiating its copying to another program, computer boot sector or document. Viruses can be transmitted as attachments to an e-mail note or in a downloaded file, or be present on a diskette or CD

3)       Worm
A worm is a self-replicating virus that does not alter files but duplicates itself. It is common for worms to be noticed only when their uncontrolled replication consumes system resources, slowing or halting other tasks.

4)       Logic bomb
A logic bomb is programming code, inserted surreptitiously or intentionally, that is designed to execute (or "explode") under circumstances such as the lapse of a certain amount of time or the failure of a program user to respond to a program command. It is in effect a delayed-action computer virus or Trojan horse. A logic bomb, when "exploded," may be designed to display or print a spurious message, delete or corrupt data, or have other undesirable effects.

Most large organizations have their own local computer network, or intranet, that links their computers together to share resources and support the communications of employees and others with a legitimate need for access. Almost all of these networks are connected to the Internet and allow employees to go "online." Information technology security is controlling access to sensitive electronic information so only those with a legitimate need to access it are allowed to do so. This seemingly simple task has become a very complex process with systems that need to be continually updated and processes that need to constantly be reviewed. There are three main objectives for information technology security: confidentiality, integrity, and availability of data to the organization. For example last year, stuxnet 20 times more complicated virus code capabilities. For example it can turn off oil pipeline, It also have a real clearance that stolen from most capable technologies company in the word. It is also known as a zero days. Which data can be sold at net market for 100 000 dolar. So stuxnet took advantage of twenty zero days.

 

 motive changes when the source of the attack is discovered, with outsiders far more likely to be incentivised by financial gains than insiders. While outsiders use DDoS attacks or malicious USB drops, insiders have knowledge of systems, can physically steal data and, more often than many would care to admit, cause problems due to basic human error. People should aware to whom they should give their information and don not share any unnecessary information unless you have to and unless you trust that person. This is because, Sony PlayStation hacked; Data stolen from 77 million users. 

 

 

According to zappos which is one of the biggest online retailer company urges the customer to change their password because the hacker might know all the information for example, name, address, 4 digit of the last credit card, phone number and other. So zappos have sent email to 24 million customer to change their password to avoid hacker know more about their information.

 

 

 

Cyberwarfare is a serious problem  because Non-state actors such as terrorist ore criminal groups can mount attacks, and it is often difficult to tell who is responsible. Cyberwarfare poses a unique and daunting set of challenges for security experts, not only in detecting and preventing intrusions but also in tracking down perpetrators and bringing them to justice. Less than two weeks later, Qatari natural gas company, Rasgas, was forced to shut down its website and e-email systems in an attack initially also attributed to Shammon. An investigative team concluded it was likely a copycat attack trying to look like the same perpetrator. U.S. government officials blamed Iranian hacker. Israeli officials attributed both attacks to Iran’s Cyber Corps, formed after Stuxnet. Previously released malware is recoverable and can be adapted and reused by both nation-state foes and unaffiliated cyber criminals. Stuxnet code has been adapted for use in financial cybercrime. Another drawback is uncontrollability. About 60 percent of known Stuxnet infections were in Iran, but 18 percent were in Indonesia, 8 percent in India, and the remaining 15 percent scattered around the world. In November 2012, Chevron admitted that its network had been infected with Stuxnet shortly after spread beyond Iran. So cyberwarfare is a serious problem because it can lead to other country from attack each other due to this virus that being spread.

 

 

 

 

Congress is considering legislation that would require all critical infrastructure companies to meet newer, tougher cybersecurity standards. As cyberwarfare technologies develop and become more advanced, the standards imposed by this legislation will likely be insufficient to defend against attacks.

·         Secretary of Defense Gates ordered the creation of Cybercom, the first headquarters designed to coordinate government cybersecurity efforts. It was activated in May 2010. It will coordinate the operation and protection of military and Pentagon computer networks. It will coordinate efforts to restrict access to government computers and protect systems that run the stock exchanges, clear global banking transactions, and manage the air traffic control system. Its ultimate goal will be to prevent catastrophic cyberattacks against the U.S. Some insiders suggest that it might not be able to effectively organize the governmental agencies without direct access to the President, which it currently lacks.

 
 

·         Because spy agencies like the CIA are prohibited by law from acting on American soil, some people are proposing to entrust some of the cyberwarfare work to private defense contractors. There is no effective way for a domestic agency to conduct computer operations without entering prohibited networks within the U.S. or even conduct investigations in countries that are American allies. Preventing terrorist or cyberwar attacks may require examining some email messages from other countries or giving intelligence agencies more access to networks or Internet service providers.