Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

Identity theft, computer fraud, online phishing and Nigerian scams are just a fe

ID: 2246595 • Letter: I

Question

Identity theft, computer fraud, online phishing and Nigerian scams are just a few examples of cybercrime. Every year millions of individuals are victims of some type of cybercrime. Each year, the Computer Security Institute (CSI) in partnership with the United States Federal Bureau of Investigations (FBI) puts together a Computer Crime and Security Survey. This survey analyzes common cybercrime trends and also helps promote awareness of cybercrime activities.

To assist you with this assignment you will need to locate a CSI Computer Crime and Security Survey. A paid membership is required to access the most recent versions of this survey. However, you can access previous surveys free of charge by visiting the archive here:

http://www.isaca.org/cyber/Documents/State-of-Cybersecurity_Res_Eng_0415.pdf

Your assignment is to write an analysis of the results of a CSI Computer Crime Security Survey of your choice. Your analysis should include the following elements:

1. Estimate The Number of Total Respondents and Total Loss Due to Cybercrime, Summarize The Surveyed Industries.

2. Identify the top five types of attacks that occur in the report.

3. Use your understanding of computer security to evaluate the details regarding the top five types of attacks and describe how they likely occurred.

Your report should be four to five pages long.

Explanation / Answer

Cyber security threats are increasing rapidly. More than three-quarters of respondents reported an increase in attacks over previous year and they expect numbers to rise again next year. The report data reveal that almost 25 percent of respondents are experiencing phishing attacks daily and 30 percent are dealing with insider damage and theft of IP at least quarterly. Additionally, the majority (over 82%) of respondents expect to experience a cyber-attack next year.

Below is listed a sample of total respondents and total loss due to cybercrime:

Industry

Total Respondents

Aerospace

9

Education

23

Financial

186

Government/Military

78

Health Industry

36

Insurance

25

Legal

8

Manufacturing

40

Mining/Petroleum

15

Pharmaceutical

7

Public Accounting

3

Retail/Wholesale

16

Technology

178

Telecommunication

52

Transportation

12

Response from respondents show the motivation of attack was based on type of Industry. Financial gain remains the most frequently cited motivation by respondents in industries such as education, banking/financial services and transportation, while a very different picture is painted by respondents in industries such as government, telecommunications and utilities, who selected disruption in service as the leading motive. Out of 688 respondents from above Industries, Motivation of cybercrimes involved and linked to above listed industries were:

Industry

Financial Gains

Intellectual Property Theft

Theft of Classified Data

Theft of PII

Disruption of Service

Aerospace

3

2

2

2

0

Education

8

6

1

4

4

Financial

102

15

20

19

30

Government/Military

10

8

15

12

33

Health Industry

8

4

3

13

8

Insurance

12

1

1

7

4

Legal

1

2

1

2

2

Manufacturing

9

19

6

1

5

Mining/Petroleum

9

4

0

0

2

Pharmaceutical

1

3

2

0

1

Public Accounting

1

1

0

0

1

Retail/Wholesale

7

0

0

2

7

Technology

47

54

20

17

40

Telecommunication

14

7

8

4

19

Transportation

6

1

1

0

4

Almost 59% respondents confirmed that their organization has been a victim to cybercrime. However 20% responded that they are not aware if enterprise was a victim to cybercrime. This shows lack of Information Security Awareness. It was also reported that many companies do not conduct security awareness programs.

Top five attacks that occur in report listed below:

1. Phishing

2. Malware

3. Hacking Attempts

4. Social Engineering

5. Loss of mobile threats.

Out of 704 respondents of the attacks, below listed number of people faced above attacks.

Phishing - 481 people

Malware - 468 people

Hacking Attempts - 353 people

Social Engineering - 327 people

Loss of mobile threats - 309 people

Phishers often utilize social engineering techniques to insert malware into a person’s computer or network. Phishing involves attempts by Internet fraudsters to access and obtain personal and sensitive information, such as usernames, passwords, and financial information, by utilizing social engineering techniques. To accomplish this, hackers impersonate legitimate businesses in order to trick users into divulging personal and often highly sensitive information.

Malware can be targeted through infected emails, instant messaging or attachments or file sharing with infected code. It’s quite easy to spread malware's may be through Social network or pirated software’s/removable media. There is no end to the channels through which malware can attack your computer and once inside your system, these spread automatically and disrupts internet traffic as well. But you can protect yourself by using good anti-malware/antivirus and IDS/IPS softwares. The most recent malware was a ransomware - Wannacry - due to vulnerability in Windows.

Social Engineering is very common nowadays. It involves psychological manipulation, fooling people and convincing people to handle their confidential or sensitive data. Social Engineering emails involve urgency or fear or similar emotions in the victim, which persuades the victim to immediately respond with its sensitive information.

My recommendations to above attacks will be:

1. NEVER open an Email from untrusted source - If you suspect a email from any of your acquaintances, contact him/her before opening the email.

2. Attack may lure you through very attractive offers or some big prize money. Never be bait to such things.

3. Lock your devices whenever you are away. Don’t leave your devices unattended.

4. Protect your device. Install Antivirus/IPS/IDS/etc. to protect yourself from various attacks.

5. NEVER allow access to anyone if he/she is not allowed to have the access.

Industry

Total Respondents

Aerospace

9

Education

23

Financial

186

Government/Military

78

Health Industry

36

Insurance

25

Legal

8

Manufacturing

40

Mining/Petroleum

15

Pharmaceutical

7

Public Accounting

3

Retail/Wholesale

16

Technology

178

Telecommunication

52

Transportation

12

Related Questions

Identifying acids and bases by their reaction with water Some chemical compounds
Question #303990
Identifying and Analyzing Financial Statement Effects of Cash Dividends On its F
Question #2551592
Identifying and Analyzing Financial Statement Effects of Dividends The stockhold
Question #2454794
Identifying and Analyzing Financial Statement Effects of Dividends The stockhold
Question #2468465
Identifying and Analyzing Financial Statement Effects of Dividends The stockhold
Question #2508931
Identifying and Analyzing Financial Statement Effects of Dividends The stockhold
Question #2538129
Identifying and Analyzing Financial Statement Effects of Dividends The stockhold
Question #2555785
Identifying and Analyzing Financial Statement Effects of Dividends The stockhold
Question #2557265
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
Identity theft refers to all types of crimes in which someone wrongfully obtains
Next
Identlfy whether each scenario is a characteristic or an example of a stock or b

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.