Cyber-warfare conjures up images of information warriors unleashing rancorous attacks against an unsuspecting opponent’s computer networks, wreaking havoc and paralyzing national security standards. This is a frightening scenario, but how likely is it to occur? What would the effects of a cyber-attack be on a potential opponent? Cyber-attacks, network security and information pose a very complex problem that reach into new areas for national security and public policy.
As the new age approaches, we are living in a society that is increasingly dependent upon information technology. However, whilst technology can deliver a number of benefits, it also introduces new vulnerabilities that can be exploited by persons with the necessary technical skills. Hackers represent a well-known threat in this respect and they are responsible for a significant degree of disruption and damage to information systems. However, they are not the only criminal elements that have to be taken into consideration. Evidence suggests that technology is increasingly seen as a potential tool for terrorist organizations. This is leading to the emergence of a new threat in the form of ‘cyber terrorists’, who attack technological infrastructures such as the Internet in order to help further their cause.
This article relatively discusses the problems posed by these groups and considers the nature of the responses necessary to preserve the future security of our society. According to Clifford A. Wilke, “The ultimate threat to computer security is the insider.”
It is now a well-known fact that most cases of security breaches happen from inside the organizations. Hence cyber terrorism can also happen in the form of electronic attacks by authorized insiders, where the terrorists have obtained inside access to networks and systems via various means such as employment with the particular organization and others. This type of internal attacks is much more dangerous than the external ones because of the obvious difficulties in detecting them.
Besides direct internal attacks from insiders, insecure arrangements with outsourcing companies that employ or have been infiltrated by terrorists can prove to be dangerous as well. Hence it is imperative that efforts to tackle cyber terrorism effectively should start from the roots, which means establishments need to place equal, if not more importance on securing themselves internally as well as externally.
Establishments should also ensure that they develop and deploy a tested set of best security practices appropriate explicitly for their own operations. These activities will require a lot of coordinated efforts from all parties in the organization because security procedures should be followed by every department. The developed list of the best security practices should cover all the aspects involved in information security. As a starting point, it would as well be a very good idea to adopt existing international security standard guidelines for compliance in information security such as ISO 27001. These standards provide the detailed steps that should be taken to secure organizations from an information security perspective. The organizations can later modify or improve on the provided guidelines and adapt it based on their own operations and needs in order to obtain the best results.
However, the implementation of strategic security measures and improved working relationships among the various bodies including the industry, the government and the general public provide all of us a strong hope of winning the battle of illegal cyber activities. The fact that remain is, cyber terrorism and other related activities is here to stay and we still have a long way to go in protecting the nations, businesses’ and our interests effectively against it. The good news though, with the various strategic plans in place, we are getting closer to achieving our main objective which is to have a highly secure and productive working environment.
Now let us look at the other aspect of illegal cyber related activities like scamming activities, etc. You know, criminals often hunger for your National Identity number, Social Security number, date and place of birth, mother’s name, and other details that can personally identify you. So they go on to siphon information from data breaches, the dark web and public sources such as social media sites and employee directories. They often use method like subterfuge(deceit used in order to achieve one’s goal). They have no reservations at all about trying to pry it directly from you as well. This personal data they get from you is what fuels a long list of cybercrimes that we hear today. For instance, there are few methods mostly used by these scammers to fool their victims to perpetuate this fraudulent activities and this methods ranges from spoofing attacks where the criminal spoof your identity, also phishing, fake profiles, fake photos, fake entities, fake claims, fake names, credentials and badge numbers, computer pop-ups, robocalls, lead lists, secrecy, persuasion and so on. And after this is carried out successfully, the fraudster is able to get the personal information of the victims then the victims become vulnerable for exploitation.
This attack is often prevalent in Nigeria today, but one question that often comes to mind as a specialist is, why is it more prevalent in Nigeria and what is Nigeria doing regardless of this?
Ibenu Jr. works with BusinessDay as an IT Engineer and currently a part-time Associate lecturer of computer studies in the Institute of Human Resource Management affiliated to Escae University.
