Term Paper on "Cybersecurity Recent Case Studies of Cybersecurity Breaches"
Term Paper 16 pages (4325 words) Sources: 6
[EXCERPT] . . . .
CybersecurityRecent Case Studies of Cybersecurity Breaches in the United States: The Event, the Method, and the Response
The Russian (?) Moonlight Maze Attack
Perhaps one of the most infamous cyber-attacks on the United States occurred in the late 1990s, codenamed Moonlight Maze by the FBI investigation team that evaluated the extent of the infiltration into the Department of Defense by unknown individuals. First detected in 1998, a series of coordinated infiltrations of sensitive U.S. computer networks was conducted (Kitfield, 2000). At this stage, it is still uncertain who conducted these cyber-attacks, though there is some circumstantial evidence linking the attacks to parties based in Russia (Bridis, 2001). As one of the most extensive attacks on data sensitive to the national security of the United States with perpetrators still unknown, Moonshine Maze stands as a testament to the extreme damage that can be wreaked by the concerted efforts of hackers who attack information systems controlled by the United States government.
Moonlight Maze is one of the most significant cyber-attacks in U.S. history. Though the immediate suspects were Russian, there has been no definitive proof that Russia as a nation had anything at all to do with the attacks on the Department of Defense computer systems. It could have easily been civilians in Russia, another nation cleverly obscuring its tracks, or an individual anywhere in the world bouncing through a computer server in Russia before launching the attack (Vistica, 1999; Bridis, 2001). All that is know for certain is that huge quantities of data was extracted from the government computer sy
Continue scrolling to
stems, amounting to millions of pages of downloaded text. The entire email in-box of one colonel was entirely extracted by the hackers. As far as could be immediately determined, no classified information was uncovered by the hackers, though there is plenty of sensitive information to be found on the unclassified systems. Department of Defense computer networks routinely handle records about military logistics, personnel information, emails, and planning. More extreme is the possibility that the unearthed data could include very sensitive information such as classified naval codes and information on missile guidance systems (Vistica, 1999; Drogin, 1999; Bridis, 2001).download full paper ⤓
The hackers were apparently working from a location in Russia, though this could not be definitively established due to the nature of the infiltration. All that is known for certain is that the hack into Department of Defense computers had been going on for more than a year and that it is entirely unclear how much information was made off with during that time. This is due in part to the fact that in addition to raiding information directly from the Pentagon, the hackers also used that point of entry to enter other sensitive systems throughout the U.S. government. These included networks at nuclear research labs associated with the Energy Department, NASA, and numerous university research facilities (Drogin, 1999). Investigators reiterate that the attackers obtained no known classified information, but the general uncertainty surrounding Moonlight Maze makes this claim dubious at best.
As to the identity of the attackers, investigators had little to go on. Circumstantial evidence seemed to point to a Russian operation probably originating in an office complex somewhere near Moscow. The computers used in the attack were tied to Internet servers about twenty miles outside of Moscow, and the pattern of intrusions suggests someone who worked on the project on weekdays between 8am and 5pm, excluding Russian holidays. This pattern of attack led many investigators to the possible conclusion that the attacks were coordinated and possibly sponsored by a Russian intelligence agency (Drogin, 1999). Whether or not this is actually the case is unclear. After all, as will be clear when we consider some of the methods the hackers employed, it seems relatively careless that they would provide such an easy path back to the actual point of origin of the attacks. It is just as likely that the true attackers bounced their efforts through Russian servers and timed the attacks to make them seem as if they were coming from a geographically localized position. The reality is that even years later, investigators are still uncertain.
The attacks against the United States government systems were apparently coming from a Russian computer system just outside of Moscow. Despite this discovery, no definitive determination could be made that the Russians were actually behind the attack. After all, there could have been someone physically sitting in Russia using computer resources there who was working for an entirely different party. It is also entirely feasible that the attackers simply bounced their efforts off of a computer system in Russia and that investigators were unable to determine the actual point of origin (Interview, 2003). This makes identification of responsible parties and intent incredibly difficult. In either eventuality, a Russian origin or not, the long-range nature of the attacks -- occurring over a period of years -- and the systematic way in which they were conducted suggests supreme planning and organization by the attackers themselves. It is doubtful that those responsible for the cyber-assault were random hackers looking for notoriety or another challenge. It is much more likely that this represents the coordinated efforts of an individual or group with interests that run contrary to the national security of the United States.
While it is unclear who was sitting on the other end of that computer or what their interests were, some information has been reconstructed about the methods and techniques employed by the hackers to gain access to the Department of Defense computer networks. In the spring and summer of 1999, the U.S. Navy first documented the use of low bandwidth attacks by unknown parties, to which they responded with recommended cyber-countermeasures (Drogin, 1999). In the course of the investigation regarding the intensely coordinated and wide-ranging attacks, the FBI unearthed a number of techniques and methods used by the hackers to not only gain access to the systems, but also to cover their tracks quite effectively.
Unfortunately for the national security, the computer networks at the Department of Defense were not effectively protected against cyber-attack at that time. Most of the material taken by the hackers was data that had been cued up to print on a networked printer. This means that it is not behind a secure firewall or not encrypted in any fashion (Interview, 2003). In other words, no matter how securely encrypted or protected sensitive data might have been at the attacked computer networked -- and there's little indication that this was the case -- much of the stolen data was simply taken without any difficulty from storage points at networked printers, the proverbial weak link in the cybersecurity system. Security specialists were convinced that the firewalls between the unclassified and classified sections of the Department of Defense network would have prevented any active mining of classified information, but this is unclear. The extent of the attack is not fully known and, what's more, classified information often makes its way into unclassified systems. By simply sifting through the information that was taken, it could be possible to construct information regarding classified and sensitive data (Vistica, 1999). In short, this attack opened the Department of Defense wide and laid bare many of its most sensitive secrets and documents.
The hackers obscured their presence in the system by using easily obtainable software known as Loki, after the Norse god of mischief. The software cleverly masks infiltrations to make them appear to be nothing more than web browsing by internal users (Bridis, 2001). This makes it more difficult for system administrators and security specialists to even notice that there is a problem occurring. Any attack will simply appear to be regular use by authorized users. Further, much of the attack was automated -- rather than actively check the government system to see if new data had been found and was ready for download, the hackers installed software sensors within the network that would notify the hackers of changes by modifying a private website that was hosted in Britain. Rather than expose themselves to Department of Defense security administrators, the hackers simply checked the innocuous website periodically and then only actively invaded the compromised system when it was absolutely necessary to retrieve newly gleaned information (Bridis, 2001).
As a final testament to the sophistication of this operation, investigators came to believe that the hackers had even gone to such lengths as to install eavesdropping software into university systems as early as 1997. The universities chosen were ones at which some researchers worked on sensitive defense contracts that would give them access to military labs via the Internet. The eavesdropping software allowed these hackers to glean usernames and passwords of these researchers and then pose as them to gain deeper access into government systems (Bridis, 2001). By approaching the government systems in this roundabout fashion, the attackers took advantage of generally less secure university systems and then used the information found there to piggyback themselves into more secure government sites, from which information sensitive to national security… READ MORE
Quoted Instructions for "Cybersecurity Recent Case Studies of Cybersecurity Breaches" Assignment:
“Master*****s Level Case Study: The use of information technology (IT) by the United States government for data acquisition, process control, information management systems, and numerous other cyber-based activities, continues to grow. This also means that if these systems are not secured a cyber intruder can gain access to sensitive government documents and systems.
Research two different cases where U.S. cybersecurity was breached through information systems that could have jeopardized national security. (needs to be 16 pages in length, approximately 8 pages on each case give or take)
Explain in detail what happened in the case and the method by which the hacker/intruder breached cybersecurity (worm,virus,hacking, etc.). Then explain how the agency addressed the security breach (installed new firewalls, stronge passwords, etc)
Example Case 1: A hacker stole a file containing the names and Social Security numbers of 1,500 people working for the Energy Department*****s nuclear weapons agency, scary eh? The data theft occurred in a computer system at a service center belonging to the National Nuclear Security Administration in Albuquerque, New Mexico. The file contained information about contract workers throughout the agency*****s nuclear weapons complex.
Example Case 2: After allegedly hacking into NASA websites *****” where he says he found images of what looked like extraterrestrial spaceships *****” the 40-year-old Briton faces extradition to the United States from his North London home. If convicted, McKinnon could receive a 70-year prison term and up to $2 million in fines. McKinnon, whose extensive search through U.S. computer networks was allegedly conducted between February 2001 and March 2002, picked a particularly poor time to expose U.S. national security failings in light of the terror attacks of Sept. 11, 2001.
(These are just examples to give the ***** an idea of what types of cases I am looking for)
This paper will be run thru a plagiarism software scanning system, so all sources need to be cited accurately. I do not need to receive the paper until Tuesday May 8, 2007 after lunch. Any questions call 804-643-0347 or email mcshaun@msn.com with Case Study in the subject heading.
The Journal of Information Systems Security and other Homeland Security journals are good resources. The format is left up to the ***** as long as it a standard type like APA or MLA. Someone with a strong II background would be a good candidate to write this.
KEYWORDS: cybersecurity, cyberterrorism
How to Reference "Cybersecurity Recent Case Studies of Cybersecurity Breaches" Term Paper in a Bibliography
“Cybersecurity Recent Case Studies of Cybersecurity Breaches.” A1-TermPaper.com, 2007, https://www.a1-termpaper.com/topics/essay/cybersecurity-recent-case-studies/4837678. Accessed 3 Jul 2024.
Cybersecurity Recent Case Studies of Cybersecurity Breaches (2007). Retrieved from https://www.a1-termpaper.com/topics/essay/cybersecurity-recent-case-studies/4837678
A1-TermPaper.com. (2007). Cybersecurity Recent Case Studies of Cybersecurity Breaches. [online] Available at: https://www.a1-termpaper.com/topics/essay/cybersecurity-recent-case-studies/4837678 [Accessed 3 Jul, 2024].
”Cybersecurity Recent Case Studies of Cybersecurity Breaches” 2007. A1-TermPaper.com. https://www.a1-termpaper.com/topics/essay/cybersecurity-recent-case-studies/4837678.
”Cybersecurity Recent Case Studies of Cybersecurity Breaches” A1-TermPaper.com, Last modified 2024. https://www.a1-termpaper.com/topics/essay/cybersecurity-recent-case-studies/4837678.
[1] ”Cybersecurity Recent Case Studies of Cybersecurity Breaches”, A1-TermPaper.com, 2007. [Online]. Available: https://www.a1-termpaper.com/topics/essay/cybersecurity-recent-case-studies/4837678. [Accessed: 3-Jul-2024].
1. Cybersecurity Recent Case Studies of Cybersecurity Breaches [Internet]. A1-TermPaper.com. 2007 [cited 3 July 2024]. Available from: https://www.a1-termpaper.com/topics/essay/cybersecurity-recent-case-studies/4837678
1. Cybersecurity Recent Case Studies of Cybersecurity Breaches. A1-TermPaper.com. https://www.a1-termpaper.com/topics/essay/cybersecurity-recent-case-studies/4837678. Published 2007. Accessed July 3, 2024.
Related Term Papers:
Analyzing the Cyber Security Phenomenon Essay
Dean, who equally has some accounting background, made more than 10-K records for Sony SNE 2.83%, Target TGT 0.84% and Home Depot HD 1.49%, after their new well-advertised security breaches.… read more
Essay 6 pages (2266 words) Sources: 6 Topic: Philosophy / Logic / Reason
Risk Minimization and Loss Prevention in Small Term Paper
Risk Minimization and Loss Prevention in Small Business in the Post-9/11 ERA
Chapter 1, Introduction,
Chapter 2, Literature Review,
Chapter 3, Methodology,
Chapter 4, Data Analysis,
Chapter 5, Summary, Recommendations… read more
Term Paper 59 pages (16256 words) Sources: 1+ Topic: Business / Corporations / E-commerce
Cyber-Citizen, USA Cyber-Citizen USA the Debate Research Paper
Cyber-Citizen, USA
Cyber-citizen USA
The debate over systems security
"If you see something, say something," the U.S. Department of Homeland Security (DHS) promotes the use of internet communications to warn… read more
Research Paper 20 pages (5130 words) Sources: 12 Topic: Terrorism / Extremism / Radicalization
Computer Security Research Paper
Computer Security
Information Warfare (IW) is one of the latest forms of threats that poses great security risk to the national peace and order in the U.S. In this paper… read more
Research Paper 20 pages (5531 words) Sources: 25 Topic: Military / Army / Navy / Marines
Measuring Awareness Term Paper
Measuring Awareness
Business Information Systems - Measuring Awareness
Measuring Awareness in the Organization
Theoretical Perspectives Measuring Awareness
Awareness Measuring Techniques
Managing Security As Part Of Efficient Awareness
Measuring Awareness Vs.… read more
Term Paper 12 pages (3182 words) Sources: 1+ Topic: Computers / IT / Internet
Wed, Jul 3, 2024
If you don't see the paper you need, we will write it for you!
Established in 1995
900,000 Orders Finished
100% Guaranteed Work
300 Words Per Page
Simple Ordering
100% Private & Secure
We can write a new, 100% unique paper!