Weekly Writing Assignment, Week 14

5 thoughts on “Weekly Writing Assignment, Week 14”

1. To: Prof. Ellis
   From: Mamadou Sakho
   Date: December 8, 2021
   Subject: Contribution

   The portion of my group’s work delegated to me is to talk about how to prevent cyber-attacks and why it is important to prevent them. Cyber-attacks are calculated attacks initiated by malicious hackers intended to do harm to peoples’ or companies or government computers or network systems. Along this process, several things happen such as theft of personal information, medical information, personal assets/financial, etc. These attacks are sometimes enabled by governments in order to attack another government or in reply to an attack. The result of these attacks can be devastated. For example, when a person’s valuable information is stolen, that person can be blackmailed. In order to get back the stolen information, the person has to pay the ransom, or his/her information is sold to the black market. It could be even worse when infrastructures such as hospitals or nuclear sites are targeted because it could result in a lot of lives being lost. For example, if a hospital’s power is turned off, people may die, and electrical materials may be destructed. For these reasons and other similar reasons, cyber-attacks are to be taken seriously and invested in fighting them. Anti-virus is good in fighting cyber-attacks but there are several steps to be taken prior such as having a qualified person to deal with upcoming threats in addition to having anti-virus software.

   Draft:
   Cyber-attacks are complex issues that the world is facing which require diverse measures to counter them. These measures involve a combination of political and technological responses. Since cyber-attacks are a global issue that every nation is facing, it requires a global solution. Therefore, the first measure to prevent cyber-attack is to develop a liaison between governments on the issue. This agreement needs to happen in all sectors private or public. The importance of sharing information across entities or governments is because cybercriminals have the tendency of working alone or in a small group which can be easier to identify. It is also significant in curving the threat of cyber-attacks through planning on how to deal with cyber threats. For example, the Budapest Convention on Cybercrime reaches an agreement on criminal activities in cyberspace. Another example within the United States’ response to prevent cyber-attacks is the creation of information sharing and analysis organizations, strengthening information and analysis centers, and managing the response to cyber-attacks under the Obama administration [6]. The vulnerability to cyber-attack varies across different organizations. Sectors such as banking, firms, aviation, and utilities are in direct line with attacks which means that they should be developing countermeasures like monitoring of accounts because the attack on one sector can easily spill over onto the other sectors. The second measure is to create a link or communication channel through which information can be shared rapidly in a simplified way which helps stop the spread of malware, speedily detects upcoming threats, and ease the attribution process [6]. Moreover, it is of utmost importance to have an equipped human capital that can develop, understand, and take appropriate measures to respond to upcoming threats. These are qualified personnel who will deal with the threat and contain it within the company to prevent any spillover to the other companies within the same environment. Indicators serve as early warnings which enables the human capital to respond quickly [6]. Between the government and organizations, the classification of documents delays the process of responding in a timely manner to the threat of cyber-attacks. Therefore, information needs to be declassified with assurances that no party could use it against the other as long as no crime is committed [6]. The goal of the above measures is to build a network that reacts in a unified way that minimizes threats and their impact within a whole sector not only one individual company.
   One of the first lines of defense as some of the cyber experts would call it is assessment. It is imperatively necessary to predict potential attacks and where they might come from in order to prevent them. However, this could be a challenge since hackers use proxy servers to hide their identities. Therefore, the option available is to trace the location where the attack originated from [7]. The above steps are necessary to protect your devices, network from cyber-attacks in addition to having strong anti-virus software installed in your devices. Anti-virus software protects your network by taking several measures. The software can prevent attacks. It automatically scans your devices, detects oncoming threats, and deletes any virus present in your device. Most of the anti-virus software runs automatically in the background which allows them to provide protection at all times. Any effective anti-virus software protects your files and hardware from malware like worms, Trojan horses, and spyware. It can also provide customizable firewalls and block suspicious websites. There is different anti-virus software available in the market such as Norton and AVG. For example, AVG was proven effective to block web-based threats and malware. It provides full protection against ransomware and phishing attacks and does wi-fi inspector. This anti-virus provides a file shield meaning that it automatically scans new files and put aside any suspicious file detected. Anti-virus software provides web protection that would block web-based threats and suspicious downloads. Also, your emails are protected from unsafe attachment which sometimes contains links that once you click on them, open a backdoor for attacks to take place [8]. Having the right defense mechanism in place to defend against these critical cyber-attacks is crucial. Cyber-attack can lead to access of personal information, medical information/status, financial/loss of money, damage on computer and network systems, and ransom payments. It would be devastating should critical infrastructures like hospitals, nuclear power sites be attacked. For example, if the power of a hospital is shut down or the temperature in a nuclear cooling tower is disturbed or attacking the features in electric cars while in motion [9]. All these underlined examples would have catastrophic outcomes. For these reasons and reasons alike, cyber-attacks are to be combatted.

   [6] Henry, S., & Brantly, A. F. (2018). Countering the Cyber Threat. The Cyber Defense Review, 3(1), 47–56. http://www.jstor.org/stable/26427375

   [7] David, M. W., & Sakurai, K. (2003). Combating Cyber Terrorism: Improving Analysis and Accountability. Journal of Information Warfare, 2(2), 15–26. https://www.jstor.org/stable/26502765
   [8] Paul, Ian. “Avg Antivirus for Mac: a Good Free Option.” Macworld – Digital Edition, vol. 37, no. 7, July 2020, pp. 25–28. Academic Search Complete, EBSCOhost, http://citytech.ezproxy.cuny.edu:2048/login?url=https://search.ebscohost.com/login.aspx?direct=true&db=a9h&AN=143690640&site=ehost-live&scope=site. Accessed 5 Dec. 2021.
   [9] Daş, Resul, and Muhammed Zekeriya Gündüz. “Analysis of Cyber-Attacks in IoT-Based Critical Infrastructures.” International Journal of Information Security Science, vol. 8, no. 4, Dec. 2019, pp. 122–133. Academic Search Complete, EBSCOhost, http://citytech.ezproxy.cuny.edu:2048/login?url=https://search.ebscohost.com/login.aspx?direct=true&db=a9h&AN=141353031&site=ehost-live&scope=site. Accessed 6 Dec. 2021.

   Log in to Reply

2. My team and I team have selected the following topic: Increased Cyber Attack During the Pandemic. For this topic, we have created 6 subtopics. We have assigned 1 to each group member. My responsibility is researching the different types of cyber attacks.
   I will add the rest of my draft including my reference to this post:

   According to Ahmed, “ In the first quarter of the year 2020, the total number of reported DDoS attacks was 242, and in the second quarter, the number was increased to 300 [12] [13]” [1, p. 14].
   Phishing is another common cyber attack. Phishing attack is when hackers send users emails with links to web pages that collect personal data. With many workers going remote during the pandemic, communication through email has increased significantly. Attackers exploited this opportunity to send out more phishing emails. According to Tushar, “During March 2020, amongst 4,67,825 phishing emails, a total of 9,116 were related to COVID-19, which is almost 02% of the total phishing emails [14]” [1, p. 15]. Phishing over the phone was also common. But of all the phishing attacks, 96% was via email, 1% over the phone and 3% being malicious websites.
   Malware attacks were also common during the Covid-19 pandemic. Malware is a software that is designed by cyber criminals that can harm devices, services or networks. It is commonly used to extract data that can be used for financial gain. The data itself can range from healthcare records, access to personal email, passwords, and more. Many attackers use Malware to take control of the user’s computer and carry out attacks like DDoS. Often, malware attacks can lead to identity theft as hackers gain a variety of personal data. Malware can come in the form of viruses which can be sent as email attachment. Scareware is also a common type of attack where hackers trick the users into thinking that users’ computers are infected by viruses and convince them to purchase malicious applications. Spyware is a common type of malware. It’s a program that is installed in the computer, without the user’s knowledge, that tracks the activity of the users over the internet. This can be used to capture internet browsing habits which reveal sensitive data. Other types of malware are worms, trojans, adware, and fileless malware which ultimately captures sensitive information.
   Password attack is a common type of attack that is not only used by hackers but also common people. This type of attack saw an increase during pandemic which was used to carry out large attacks and also smaller attacks for personal reasons. By accessing a person’s person, an attack can gain confidential data. Hackers might attempt to access someone’s password for a financial account, whereas a common person might want access to a social media account. Many attackers use the dictionary methods where they use a list of common passwords to attempt to gain access to the user’s computer, network or personal account. More advanced hackers might use softwares that they designed themselves to retrieve passwords from the users. Many hackers are knowledgeable in programming which can allow them to create different applications to carry out their intended attack.

   [1] J. Ahmed and Q. Tushar, “Covid-19 Pandemic: A New Era Of Cyber Security Threat And Holistic Approach To Overcome,” 2020 IEEE Asia-Pacific Conference on Computer Science and Data Engineering (CSDE), 2020, pp. 1-5, doi: 10.1109/CSDE50874.2020.9411533.

   Log in to Reply

3. TO: Prof. Ellis
   FROM: Gani Graceni
   DATE: 12/17/2021

   SUBJECT: Contribution Updated
   I have consumed some time researching and creating a rough draft to contribute on the 4,000 word team project. My team and I were able to break down the main topic of our project. Based on the number of the participants we decided to have 4 sub topics so each can choose one and elaborate based on reading and research. For our group the main topic is “IC Chip and Processors shortage”. I created a draft on the reasons why the chips are shorted and how the inactivity in the industrial sector creates delays and shortages to manufacturing processes. My draft will be revised and discussed with the team mates on the next virtual meeting that is taking place shortly. We will revise and then include a revised version of each sub topic draft into the main project. Chip shortage is something that concerns almost all main sections of many industries and being that situation does not seem to get better the million dollar question is that is it going to be better or worse. I wanted to talk about some of the reason that led and are still affecting this bad outcome for the chip production and delivery. I also wanted to touch different aspects on how we can see this phenomena getting worse and what is needed to be done so it is solved and the situation does not get any worse. To go more over the option of a possible solution I would wanted to talk about more measurements on how to cope with the virus which is the main cause of the chip shortage but that is left to the health administration and if things are done the right way I am almost sure that that will help on solving the existing problem by a lot. See below the sub section I have been working on.
   Draft:
   The Covid-19 pandemic and various infection control measures have made a great impact on the global integrated circuit companies causing the “IC chip shortage” [1]. The tech world is suffering a lack of its main components and it’s getting harder and harder to push them to the manufacturers that deliver to various costumers around the globe. Pandemic is a key reason why the chip shortage is happening but this research points out some other related reasons why chips are shorted. There are reasons like the demand for chips. The demand for chips has been significantly increasing. [2]. Covid-19 or not the manufacturers keep improving their product and that means more automation. The automated and latest device products need more IC chips and better performing processors. The high demand from various industries makes it harder for the IC chip industry to keep up with production especially at these pandemic times. Another main which is an effect of the Covid-19 pandemic is the inactivity of these IC chip production facilities [3]. This inactivity based on the lack of workers and supervisors of these facilities and equipment due to having been infected with the virus or by taking measures to not be present at the job. Even though the chip production is mostly automated the facilities still need the workforce to be present so the processes are completed. The completion of the production cannot happen without going through all the stages. There is more to the list which covers why there is a chip shortage such as the international control and cooperation. Being that the chip production and transport to manufacturers is a long industry chain the mother production companies should cooperate to strengthen and overcome this challenge. This will lead to solving the chip shortage issue earlier and taking the right measurements to prevent the lack of the chips in long term.
   The Covid-19 pandemic made it extremely hard for IC chip production. This was even a greater hit mentioning that the IC chip production and its workers are located mostly in Asia and that part was where the virus had its outburst and left many workers at home while the demand for the chips kept increasing on the other hand. When the pandemic spread all over the globe and these IC chip manufacturing companies stopped working people had started remote work, use of more PC’s and use of cars instead of mass transportation use of high speed data and communication that all work of Microprocessors and are depended on IC chips. The demand went as high as the prices went high and the production was far behind. The inactivity of the IC chips production came as a result of the pandemic and the lack of the chips became much of a problem as the demand for them increased. On the other hand there are more reasons why there is still a chip shortage. With the new technologies evolving and requiring more sensors and processors also the collaboration of the production facilities with similar facilities and organizations is required. So it is a lack of the production facilities asking for help and involving interacting with other similar companies or organizations. This actually becomes a cause if efforts are not taken [4]. If there are not international cooperation the chip shortage issue will still be a problem to now day’s technology. The chip industry mostly based in Asia should take efforts to strengthen international relations and improve their production performance by getting help on the research design and technical performance to prevent the risk of this global chip shortage issue

   Wu, Xiling, Caihua Zhang, and Wei Du. “An Analysis on the Crisis of ‘Chips Shortage’ in Automobile Industry ——Based on the Double Influence of COVID-19 and Trade Friction.” Journal of physics. Conference series 1971.1 (2021): 12100–. Web.

   “Asia Trade Brief: The Global Chip Shortage.” Country Report: Singapore (2021): n. pag. Print.

   Shen, Yuelin, and Sean P Willems. “Modeling Sourcing Strategies to Mitigate Part Obsolescence.” European journal of operational research 236.2 (2014): 522–533. Web.

   Karkaria, Urvaksh. “No Summer Break for the Chip Shortage; Factories Must Juggle Shutdowns, Supplies.” Automotive news 95.6991 (2021): n. pag. Print.

   Log in to Reply

4. To: Prof. Ellis
   From: Mamadou Sakho
   Date: December 20, 2021
   Subject: Contribution
   During the covid-19 pandemic, not only the virus attacks that happen globally but also a lot of cyberattacks start to increase during the pandemic. Now in time that people, companies, businesses, shortage of material. Technology nowadays needs to understand how to protect files, personal computers, prevent cyberattacks and malicious viruses, malware, virus. In general, understand how to protect your pc or computer with cybersecurity. The pandemic, there has also been a large amount of phishing and ransomware. “As a result, so-called ransomware-as-a-service is on the rise. Before the pandemic, criminals were forced to invest time and resources into investigating targets.”3 paragraph line 4. But there are ways to protect yourself “There is no simple solution to cybercrime, but security experts recommend a few simple steps to help reduce the risk of a data breach. Avoid reusing passwords. Instead, use a password manager to store long and unique passwords for each site. Enable two-factor authentication on email, social networks, and work sites. Enable a Virtual Private Network before you access sites that contain sensitive information.”. paragraph 7 line 1. These are just some securities I suggest taking and it is better to change the password every 3 months. Another article that read about the covid pandemic is As Hackers Take Down Newfoundland’s Health Care System, Silence Descends it about there was a cyberattack on how there was a cyberattack that affected the health care worker from working. There was another attack that happened, but the companies quickly recovered because they had a cybersecurity agency. Recovering the data and providing more service to investigate the attack to prevent it from happening again created strong security. “The cybersecurity agency confirmed that it is providing Newfoundland with digital forensics services, data recovery, and general guidance.” Now they believe that cybersecurity is important and should be on top to prevent any problems or issues while online or working on the internet. COVID-19 pandemic cybersecurity issues the article talks about what happened during the pandemic and how it affects society and everyone else. “By moving to an online environment, organizations and companies worldwide have implemented the work-from-home (WFH) business model that increases attack vectors and risks to the internal data.” “The healthcare sector has been one of the main targets of cyber-attacks during the pandemic.” The cyberattacks that happen during the pandemic are: Scams and Phishing, Malware, computer viruses, worms, a Trojan horse, spyware, and ransomware, Distributed Denial-of-Service (DDoS). “Ensure all devices firmware is up-to-date: Ensure that all devices and equipment firmware/OS are up-to-date and Ensure that up-to-date anti-malware software is activated in all network-connected devices.” Why remote working leaves us vulnerable to cyber-attacks is about how during the pandemic a lot of things have happened and the technology world as well. “When you do that, it’s likely you don’t have any sort of two-factor authentication. This then makes it easier for attackers to exploit that data. If data is leaked, attackers compromise it, and it can end up in the wrong hands.” Important things that people and companies should take are methods of using a combination of capital and lower-case letters, numbers, and symbols.Changing password regularly, never using it for multiple accounts, using two-factor authentication. Put up a firewall. Our employees have a responsibility to help keep your business secure. Make sure that they understand their role and any relevant policies and procedures and provide them with regular cyber security awareness and training.” It is important to have the understanding to learn and be more informed about cybersecurity and using steps to prevent cyberattacks in the future.

   [10] Austen, Ian. “As Hackers Take down Newfoundland’s Health Care System, Silence Descends.” The New York Times, The New York Times, 13 Nov. 2021, https://www.nytimes.com/2021/11/12/world/canada/newfoundland-cyberattack.html.

   [11] Dan, Dan. “Cybercrime Is Thriving during the Pandemic, Driven by Surge in Phishing and Ransomware.” CBS News, CBS Interactive, 19 May 2021
   https://www.cbsnews.com/news/ransomware-phishing-cybercrime-pandemic/.

   [12] Pranggono, Bernardi, and Abdullahi Arabo. “Covid‐19 Pandemic Cybersecurity Issues.” Wiley Online Library, John Wiley & Sons, Ltd, 14 Oct. 2020, https://onlinelibrary.wiley.com/doi/full/10.1002/itl2.247.

   Log in to Reply

5. TO: Prof. Ellis
   FROM: Pape Diop
   Date: December 21, 2021
   SUBJECT: Contribution

   The portion of my group’s work was to do research on what happens when you are a victim of phishing, and steps that you need to take to keep your accounts safe. I wrote about 600-words on my research with some articles step by step on how to keep your computer safe when being targeted in case of phishing. I pretty much went on writing my section although came in late in the project. This research on phishing has taught me a lot about how to protect my accounts as my devices throughout this writing.

   Draft:

   Phishing can be defined as one of the most common crimes we are living in in our society at this moment in time. Phishing is a type of crime where it involves technology, email scams, computer hacking and even revealing the sensitive information of a victim by sending them fake links to get access into their devices.

   So what happens when you’re phished? When you are phished, all the contents and information stolen by the attacker can be sold or used anywhere they decide to. Therefore it is dangerous. The scammer can also create accounts under your name depending on the amount of information they get from the phishing. But many top security agencies have come up with steps to take when you have been phished. According to Yael Grauer in her article “What To Do When You’ve Been Phished” at Forbes, “1. Get your computer completely offline, 2. Save everything on a USB, 3. Change passwords for your apps, but do it from a phone or a different laptop, 4. Restore your original software, 5. Run anti-virus software, 6. Restore your latest backup.”[1]. Yael came up with very important steps on what you need to do immediately when you realize that you have been phished from your computer.

   First, getting your computer completely offline; is important because it disables all online communication and activities. This way the attacker will not be able to send or receive anything from your computer. Second, saving everything on a USB drive; saving everything to a USB drive can save your data to a secure location. As the author explains that ransomware may be tempting to save everything on an external hard drive. It can be dangerous for hackers to get access to your data and to save them in the external drive. In addition, saving your data to a USB is useful because you can later store them on another computer safely. Third, Changing passwords for your apps, but from a phone or a different laptop; it is important to change all of your passwords that you used on the computer because if the attacker gets access to them, they can open your accounts from any device. But this has to be done using another device because as the step number listed, your computer must be completely offline to prevent them from seeing any changes you make. Fourth, restore your original operating software; by following this step, you will get security software for your computer since the previous has been modified by the attacker. It is also important to get the latest version of your preferred software for security updates. Fifth, running anti-virus software; anti-virus software can spot any insecure files on your computer and help you get rid of them. And finally restoring your latest backup; I agree with the author on this final step because you only want to retear your latest backup when you are sure that your computer is safe to use.

   I do believe that these steps are important and necessary to take immediately after being phished because the more time the attacker has access to your contents the greater the damage can be. We are living in a society today where mostly everything is connected with technology. It is a great invention but also some people use it to make a lot of damage and to ruin people’s lives. Phishing someone is stealing that person’s identity, information, and their lives, taking away their freedom. Technology should be the tool to make our lives easier, to reach the needy and connect people, NOT to diverge or create cyber attacks towards anyone. We must be careful about how we use this technology because it can be a weapon against us, people.

   Reference:

   [1] Yael Grauer, “What To Do When You’ve Been Phished”
   available: https://www.forbes.com/sites/ygrauer/2017/01/30/so-youve-been-phished/?sh=61e9520f3a61

   Log in to Reply