|
WWIII3
Cyber Nuclear Holocaust is an original John Storm political thriller.
Malware, viruses, and worms are all
cyber security threats. While they are each different things, the threats they pose intersect in important ways.
Malware is a general term that encompasses all software designed to do harm. You can compare the term “malware” to the term “vehicle.” All software-based threats are malware, just like all cars and trucks are vehicles.
However, similar to vehicles, there are many different kinds of malware. In other words, you can have a car, an SUV, and a truck, and you would have three vehicles. But not every vehicle is a car, a truck, or an SUV. Similarly, viruses and worms are both malware, but not all malware is a virus or a worm.
Viruses can be spread from one computer to another inside files. For the virus to be activated, someone has to trigger it with an external action. For example, a virus can be embedded inside a spreadsheet. If you download the spreadsheet, your computer will not necessarily be infected. The virus gets activated once you open the spreadsheet.
With a worm, there is no need for the victim to open up any files or even click on anything. The worm can both run and spread itself to other computers. Because a worm has the ability to automatically propagate itself, you can get a worm in your computer just because it is on the same network as another infected device.
MALWARE
Malware refers to any kind of software that is regarded as malignant or malicious, no matter how it works, what it intends to do, or how it is issued. A virus is very specific in the sense that it self-replicates by adding its code to other applications.
In a comparison of malware vs. worm, malware is more dangerous because it encompasses both worms and all other software-based threats, such as spyware, ransomware, and Trojans. The same can be said of the malware vs. virus conversation. Trying to ascertain which is more
dangerous - malware, viruses, or worms - is like trying to figure out which is better at transporting people: vehicles, cars, or trucks.
On the other hand, the "virus vs. worm" discussion is a little more nuanced. Both viruses and worms can do significant damage to your
computer, but the ways in which they spread and are activated can make one a more significant danger than the other. In many cases, it depends on how your network is structured.
WHY A WORM IS DANGEROUS ?
If your network consists of many computers connected to each other in a ring formation, then a worm may be a bigger threat than a virus. The same could be said of a network set up in a hub formation with a server in the middle that serves all the computers in the network, particularly if the server does not have adequate
anti-malware defenses.
In these kinds of architectures, a worm, once introduced to one computer, can replicate itself and spread to the other computers in the network. This can give one worm the power to infect the entire network. If a virus is introduced to an unprotected hub-and-spoke network or a ring network, users will still have to send the virus to each other and then open the file for each computer in the network to get infected.
WHY IS A VIRUS JUST AS DANGEROUS ?
On the surface, a worm, which is also referred to as a worm virus, will appear more dangerous than a virus, but because
computers within an organization's network interact with the internet often more than they do with each other, viruses can be just as dangerous. For example, a single website that several users visit can download a virus to their computers, and when they open the file containing the virus, all of them can get infected.
In many situations, a worm's functionality can also work against itself. Because the worm is designed to spread from one computer to another, it risks the chance of exposing itself with each lateral move. If, for example, a worm has to go through a firewall as it tries to go from one computer to the next, the firewall may detect it. At that point, system administrators can use relatively basic forensic analysis to figure out where the worm came from.
This is not the case with viruses. Several users can download the same or different viruses, and figuring out where they came from, especially if they did not come from the same emails or websites, can present a significant challenge.
Therefore, the difference between malware and a virus is not as much of a factor as is the difference between a virus and a worm. The same can be said of the difference between malware and worm because malware encompasses worms.
CYBER
TERRORISM
Cyberterrorism is the use of the Internet to conduct violent acts that result in, or threaten, the loss of life or significant bodily harm, in order to achieve political or ideological gains through threat or intimidation. Acts of deliberate, large-scale disruption of
computer networks, especially of personal
computers attached to the Internet by means of tools such as computer viruses, computer worms, phishing, malicious software, hardware methods, and programming scripts can all be forms of internet terrorism.
Cyberterrorism is a controversial term. Some authors opt for a very narrow definition, relating to deployment by known terrorist organizations of disruption attacks against information systems for the primary purpose of creating alarm, panic, or physical disruption. Other authors prefer a broader definition, which includes cybercrime. Participating in a cyberattack affects the terror threat perception, even if it isn't done with a violent approach. By some definitions, it might be difficult to distinguish which instances of online activities are cyberterrorism or cybercrime.
DEFINING CYBER TERRORISM
Assigning a concrete definition to cyber-terrorism can be hard, due to the difficulty of defining the term terrorism itself. Multiple organizations have created their own definitions, most of which are overly broad. There is also controversy concerning overuse of the term, hyperbole in the media and by security vendors trying to sell "solutions".
One way of understanding cyberterrorism involves the idea that terrorists could cause massive loss of life, worldwide economic chaos and environmental damage by hacking into critical infrastructure systems. The nature of cyberterrorism covers conduct involving computer or Internet technology that:
- is motivated by a political, religious or ideological cause
- is intended to intimidate a government or a section of the public to varying degrees
- seriously interferes with infrastructure
The term "cyberterrorism" can be used in a variety of different ways, but there are limits to its use. An attack on an Internet business can be labeled cyberterrorism, however when it is done for economic motivations rather than ideological it is typically regarded as cybercrime. Convention also limits the label "cyberterrorism" to actions by individuals, independent groups, or organizations. Any form of cyberwarfare conducted by governments and states would be regulated and punishable under international law.
The Technolytics Institute defines cyberterrorism as:
" the premeditated use of disruptive activities, or the threat thereof, against computers and/or networks, with the intention to cause harm or further social, ideological, religious, political or similar objectives. Or to intimidate any person in furtherance of such objectives."
The term appears first in defense literature, surfacing (as "cyber-terrorism") in reports by the U.S. Army War College as early as 1998.
The National Conference of State Legislatures, an organization of legislators created to help policymakers in the United States with issues such as economy and homeland security defines cyberterrorism as:
" The use of information technology by terrorist groups and individuals to further their agenda. This can include use of information technology to organize and execute attacks against networks, computer systems and telecommunications infrastructures, or for exchanging information or making threats electronically. Examples are hacking into computer systems, introducing viruses to vulnerable networks, web site defacing, Denial-of-service attacks, or terroristic threats made via electronic communication."
NATO defines cyberterrorism as " cyberattack using or exploiting computer or communication networks to cause sufficient destruction or disruption to generate fear or to intimidate a society into an ideological goal".
The United States National Infrastructure Protection Center defined cyberterrorism as:
" A criminal act perpetrated by the use of computers and telecommunications capabilities resulting in violence, destruction, and/or disruption of services to create fear by causing confusion and uncertainty within a given population, with the goal of influencing a government or population to conform to a political, social, or ideological agenda."
The FBI, another United States agency, defines "cyber terrorism" as "premeditated, politically motivated attack against information, computer systems, computer programs, and data which results in violence against non-combatant targets by subnational groups or clandestine agents".
These definitions tend to share the view of cyberterrorism as politically and/or ideologically inclined. One area of debate is the difference between cyberterrorism and hacktivism. Hacktivism is "the marriage of hacking with political activism". Both actions are politically driven and involve using computers, however cyberterrorism is primarily used to cause harm. It becomes an issue because acts of violence on the computer can be labeled either cyberterrorism or
hacktivism.
TYPES OF CYBER TERROR CAPABILITY
In 1999 the Center for the Study of Terrorism and Irregular Warfare at the Naval Postgraduate School in Monterey, California, defined three levels of cyberterror capability:
- Simple-Unstructured: the capability to conduct basic hacks against individual systems using tools created by someone else. The organization possesses little target-analysis, command-and-control, or learning capability.
- Advanced-Structured: the capability to conduct more sophisticated attacks against multiple systems or networks and possibly, to modify or create basic hacking-tools. The organization possesses an elementary target-analysis, command-and-control, and learning capability.
- Complex-Coordinated: the capability for a coordinated attack capable of causing mass-disruption against integrated, heterogeneous defenses (including cryptography). Ability to create sophisticated hacking tools. Highly capable target-analysis, command-and-control, and organization learning-capability.
MOTIVATION FOR
CYBER ATTACKS
There are many different motives for cyberattacks, with the majority being for financial reasons. However, there is increasing evidence that hackers are becoming more politically motivated. Cyberterrorists are aware that governments are reliant on the internet and have exploited this as a result. For example, Mohammad Bin Ahmad As-Sālim's piece "39 Ways to Serve and Participate in Jihad" discusses how an electronic jihad could disrupt the West through targeted hacks of American websites, and other resources seen as anti-Jihad, modernist, or secular in orientation (Denning, 2010; Leyden, 2007).
Many of the cyberattacks are not conducted for money, rather the cyberattacks are conducted due to different ideological beliefs and due to wanting to get personal revenge and outrage towards company or individual, the cybercriminal is attacking. An employee might want to get revenge on a company if they were mistreated or wrongfully terminated.
Other motivations for cybercriminals include:
- Political goals
- Competition between companies
- Cyberwarfare between two countries
- Money
Political goals motivate cyber-attackers because they are not happy with candidates and they might want certain candidates to win the election, therefore, they might alter the election voting to help their preferred candidate win.
Competition between two companies can also stir up a cyberattack, as one company can hire a hacker to conduct the attack on a company as they might want to test the rival company's security. This will also benefit a company because it will force their competitor's customers to think that the company is not secure due to them getting cyber attacked effortlessly and they don't want any of their personal credentials getting leaked.
Cyberwarfare is motivation for countries that are fighting each other. This is mainly used to weaken the opposing country by compromising its core systems and the countries data and other vulnerable information.
SABOTAGE
Non-political acts of sabotage have caused financial and other damage. In 2000, disgruntled employee Vitek Boden caused the release of 800,000 litres of untreated sewage into waterways in Maroochy Shire, Australia.
More recently, in May 2007 Estonia was subjected to a mass cyber-attack in the wake of the removal of a Russian World War II war memorial from downtown Tallinn.
CHAPTERS
| CHARACTERS
| MEDIA
|
MOVIE REF |
SCREENPLAYS
|