Vulnerabilities and responsibilities: dealing with monsters in computer security

Purpose – The purpose of this paper is to analyze information security assessment in terms of cultural categories and virtue ethics, in order to explain the cultural origin of certain types of security vulnerabilities, as well as to enable a proactive attitude towards preventing such vulnerabilities.\ud \ud Design/methodology/approach – Vulnerabilities in information security are compared to the concept of “monster” introduced by Martijntje Smits in philosophy of technology. The applicability of different strategies for dealing with monsters to information security is discussed, and the strategies are linked to attitudes in virtue ethics.\ud \ud Findings – It is concluded that the present approach can form the basis for dealing proactively with unknown future vulnerabilities in information security.\ud \ud Research limitations/implications – The research presented here does not define a stepwise approach for implementation of the recommended strategy in practice. This is future work.\ud \ud Practical implications – The results of this paper enable computer experts to rethink their attitude towards security threats, thereby reshaping their practices.\ud \ud Originality/value – This paper provides an alternative anthropological framework for descriptive and normative analysis of information security problems, which does not rely on the objectivity of risk

Ransomware in High-Risk Environments

In today’s modern world, cybercrime is skyrocketing globally, which impacts a variety of organizations and endpoint users. Hackers are using a multitude of approaches and tools, including ransomware threats, to take over targeted systems. These acts of cybercrime lead to huge damages in areas of business, healthcare systems, industry sectors, and other fields. Ransomware is considered as a high risk threat, which is designed to hijack the data. This paper is demonstrating the ransomware types, and how they are evolved from the malware and trojan codes, which is used to attack previous incidents, and explains the most common encryption algorithms such as AES, and RSA, ransomware uses them during infection process in order to produce complex threats. The practical approach for data encryption uses python programming language to show the efficiency of those algorithms in real attacks by executing this section on Ubuntu virtual machine. Furthermore, this paper analyzes programming languages, which is used to build ransomware. An example of ransomware code is being demonstrated in this paper, which is written specifically in C sharp language, and it has been tested out on windows operating system using MS visual studio. So, it is very important to recognize the system vulnerability, which can be very useful to prevent the ransomware. In contrast, this threat might sneak into the system easily, allowing for a ransom to be demanded. Therefore, understanding ransomware anatomy can help us to find a better solution in different situations. Consequently, this paper shows a number of outstanding removal techniques to get rid from ransomware attacks in the system

Ransomware in High-Risk Environments

In today’s modern world, cybercrime is skyrocketing globally, which impacts a variety of organizations and endpoint users. Hackers are using a multitude of approaches and tools, including ransomware threats, to take over targeted systems. These acts of cybercrime lead to huge damages in areas of business, healthcare systems, industry sectors, and other fields. Ransomware is considered as a high risk threat, which is designed to hijack the data. This paper is demonstrating the ransomware types, and how they are evolved from the malware and trojan codes, which is used to attack previous incidents, and explains the most common encryption algorithms such as AES, and RSA, ransomware uses them during infection process in order to produce complex threats. The practical approach for data encryption uses python programming language to show the efficiency of those algorithms in real attacks by executing this section on Ubuntu virtual machine. Furthermore, this paper analyzes programming languages, which is used to build ransomware. An example of ransomware code is being demonstrated in this paper, which is written specifically in C sharp language, and it has been tested out on windows operating system using MS visual studio. So, it is very important to recognize the system vulnerability, which can be very useful to prevent the ransomware. In contrast, this threat might sneak into the system easily, allowing for a ransom to be demanded. Therefore, understanding ransomware anatomy can help us to find a better solution in different situations. Consequently, this paper shows a number of outstanding removal techniques to get rid from ransomware attacks in the system

An overview of ADSL homed nepenthes honeypots in Western Australia

This paper outlines initial analysis from research in progress into ADSL homed Nepenthes honeypots. One of the Nepenthes honeypots prime objective in this research was the collection of malware for analysis and dissection. A further objective is the analysis of risks that are circulating within ISP networks in Western Australian. What differentiates Nepenthes from many traditional honeypot designs it that is has been engineered from a distributed network philosophy. The program allows distribution of results across a network of sensors and subsequent aggregation of malware statistics readily within a large network environment

Smallpox and Bioterrorism: Why the Plan to Protect the Nation Is Stalled and What to Do

The Iraq war is over, no weapons of mass destruction (WMD) have yet been found, and the president's smallpox plan, though sound, is running out of steam. Instead of being well on the way to protecting the nation's civilian population by vaccinating up to 10 million health, emergency, and public safety workers, we are stalled at 37,971 vaccinated civilians while the military has successfully and safely vaccinated more than 450,000 people. Moreover, whether or not WMD are found in Iraq, it is only one of a number of nations on the list of suspects. Of all biological weapons, smallpox has the greatest potential for doing widespread harm. Given that the risk of death or serious harm to anyone from any form of terrorism is very low, we should live our daily lives normally, not in fear. However, to do that we need to be sure that our government is taking effective steps to reduce the chances of terrorism and, when it occurs, to minimize its consequences. Even though there is enough vaccine for everyone, we are ill prepared to rapidly contain smallpox after a bioterrorist release. Although Centers for Disease Control and Prevention (CDC) guidelines have recently improved, they continue to overstate the risk of side effects of the vaccine and erroneously suggest that, after an attack, the techniques used decades ago to eradicate smallpox will work well today. Medicine and public health are very risk-averse professions in our risk-averse culture. We have not yet realized the complexity and difficulty of vaccinating millions of Americans rapidly after an attack. Nor have we come to grips with the need to make rapid, possibly draconian, post-attack decisions based on limited data of uncertain quality. That type of decisionmaking runs counter to the culture of public health. The Bush administration needs to revitalize our preparations for a smallpox bioterrorist event

The Legislative Response to the Evolution of Computer Viruses

On July 19, 2001, and again on July 31, 2001, the United States Government was attacked by a worm. The Code Red worm, a malevolent computer program, spread across the Internet impacting thousands of computers globally. The initial target of the Code Red worm was the White House website. Just days after the terrorist attacks in New York, Washington D.C., and Pennsylvania on September 11, the Nimda virus was unleashed on the Internet. By consuming up to ten percent of the Internet\u27s capacity, Nimda quickly received the distinction as the worst computer infestation to date