Many users around the world depend on Information and communication technologies (ICT). It provides access to information through telecommunications which focuses primarily on communication technologies which includes internet, wireless networks, cell phones and other communication mediums. Depending too much on ICT can cause many security risks like information theft, unauthorised access and network attack. Akhgar and Arabnia (2014) found that the problem is further worsen by the nature of cyber system operations which involves numerous interactions between people and technologies. In this essay, will be discussing the threats users faced by the technologies such as internet threats, email threats, mobile device threats and cloud services and the different solution to avoid the threat.
The first threats that users faced that will be discussed is the Internet threats. It uses multiple type of malware and fraud, all of which utilize HTTP or HTTPS protocols but may also employ other protocols and components such as malware attachments or on servers that access the web. The first cause is the malware. It is a malicious software that infects your computer such as computer viruses, worms, trojan horses, spyware and adware. According to CSA (2017), of the more than 400 malware variants detected in 2017, five were observed to have caused most of the infections. Malware can take control of your computer and intimidate users with scareware where a pop-up message will tell users that the computer has a security problem. In addition, they can reformat the hard drive of the computer cause the users to lose all their sensitive information. By avoiding any malware threats, do an automatic update turned on to get security updates. The second cause is the keyloggers. It refers to a malicious computer program that captures and records your keystrokes and it is every word, character and button and press on your keyboard. They can scrape up password, credit card and banking information, personal details and more to use for identity theft and other malicious deeds. According to Spring.T (2016), more than 100 compromised sites have identified but the number could be in thousands. Users can consider additional security tools like KL-detector as it is tool that will alert the computer to the keyloggers presence, but it is up to the users to remove. The third cause is Rogue security software. It is known as scareware which manipulates victims through fear. It often launches pop-ups window with false or misleading alerts that ask users to download trojan horses disguised as browser plug-ins or free service to steal information. By preventing the threat from happening, install a firewall and keep it turned on to protect users from the rogue security software.
The second threat users faced that will be discussed is threats by email. Email is one of the most up to date electronic technologies with billions of messages sent every day. An email user is likely to encounter malware through email as it is the most common infection method as email users will receive malicious attachment or links to malicious web pages in their email and it has been increasingly used by hackers.
The third threat that users faced which will be discussed is threats from using mobile devices. The number of mobile phones users around the world will exceed to five billion by 2019. Your computer can be affect like viruses and spyware likewise your mobile device can be also affect with the different security threats. Mobile device is divided into several categories such as application-based threats, web-based threats, network-based threats and physical threats. One of the threat from using mobile device is ransomware. It is a form of malware that can affect the mobile devices by stealing sensitive data when the malware has downloaded into the mobile devices and it will show a fake message accusing the victim of unlawful engagement before encrypting file and locking the phone. After the payment is processed, the ransomware will send a code before unlocking the device. People can be tricked into downloading mobile ransomware through social media schemes. According to Trend Micro (2017), there had already been over 235,000 detections for Android mobile ransomware in first half of 2017 alone. Use a robust mobile security solution to safeguards your online privacy and it come with features like App Advisors which can check whether the Android apps is safe to download. In addition, always back up all files so that when your device is held for ransom, users would not lose or damage your phone. Another cause is unsecured Wi-Fi Public Wi-fi is available everywhere, from coffee to hotels and malls. Most of the public networks are legitimate but not secure as there are many fake networks as well. Although public Wi-fi has made our lives a little easier but it can also cause risk to your personal information available on your mobile devices as users may require making an account by filling out an online form. This make it easier for the attackers to gain email addresses and passwords, as well as monitor your internet usage. According to Norton Cyber Security (2016), 19% of people in the US never use a VPN when connect to public Wi-Fi. You can create unique passwords for every new account users create when using your mobile devices because hackers tend to think that victims uses the same password for everything. Another cause is Drive-by downloads. It works by exploiting vulnerabilities in web browsers, plug-ins or other components that work within browsers. On mobile devices, there usually little or no mobile antivirus protection so users will click on malicious in text message when it pops up on the screen. The most common mobile drive-by downloads are exploiting mobile browser vulnerabilities. They enable crooks to remotely run commands within the phone’s operating system and change the ways it works. Make sure that your mobile operating system and application are up to date and make sure the users have a proper mobile antivirus protection on your phone to safeguard your mobile device.
The fourth thread that users faced which will be discussed is cloud service. According to networkworld (2017), We expect 2018 will see more individual and state-sponsored attacks aimed at undermining the security of cloud infrastructures. The first caused is data breaches. It happens daily, in too many places at once and it might be the primary objective of a targeted attack or simply the result of human error or poor security practices. It might involve any kind of information that was not intended for public release such as personal health information, financial information, personally identifiable information and intellectual property. The second cause is denial of services. It is simple for attackers to execute if they have control of a botnet and it is growing in popularity on the dark web. It is an attack method used to deny access for legitimate users of an online service and the service could be a bank or any other type of network service. An attacker can make a fake request look like random garbage on the network and make the attack look like the exactly like a real web. On the other hand, if the attack has sufficient computing resources at their disposal, they can direct enough traffic to overwhelm the target’s bandwidth. Use an intrusion detection system to protect system for this attacks by using connection verification methods and by preventing request from reaching enterprise servers. Furthermore, the system can also be configured to detect a threat and take corrective actions to prevent it. The third cause is malicious insiders. It is becoming popular and more dangerous due to the ability to provide dynamic scalability and different type of resources at reasonable price. It can threaten the confidentiality, integrity and availability of cloud’s system data and services which they may have access to sensitive information. Implement internal safeguards and data exfiltration control to detect and mitigate the risk of malicious insiders.
T. (n.d.). Best Practices: Securing Your Mobile Device. Retrieved from https://www.trendmicro.com/vinfo/ph/security/news/mobile-safety/best-practices-securing-your-mobile-device
Blaisdell, R. (2015, March 16). How to counter DDoS attacks in Cloud Computing. Retrieved from https://rickscloud.com/how-to-counter-ddos-attacks-in-cloud-computing/
Blue, V. (2017, June 28). Keyloggers: Beware this hidden threat. Retrieved from https://www.pcworld.com/article/3199020/security/keyloggers-what-you-need-to-know-about-this-hidden-threat.html
C. (2018, June 19). Cyber threats in Singapore grew in 2017 mirroring global trends. Retrieved from https://www.csa.gov.sg/news/press-releases/cyber-threats-in-singapore-grew-in-2017-mirroring-global-trends
B. (n.d.). Mobile drive-by downloads – Dangers and safety measures. Retrieved from https://www.bullguard.com/bullguard-security-center/mobile-security/mobile-threats/mobile-drive-by-downloads.aspx
N. (n.d.). Public Wi-Fi is not as safe as you think. Retrieved from https://sg.norton.com/internetsecurity-privacy-public-wi-fi-is-not-as-safe-as-you-think.html
F. (2018, August 01). The Dangers of Using Unsecured Wi-Fi | How Bad is it, Really? Retrieved from https://www.finjanmobile.com/the-dangers-of-using-unsecured-wi-fi/
C. (2018, January 23). Threats to Your Mobile Device Security – Hacker Noon. Retrieved from https://hackernoon.com/threats-to-your-mobile-device-security-938467bcab3f
K. (n.d.). What is Spam and a Phishing Scam – Definition. Retrieved from https://www.kaspersky.com/resource-center/threats/spam-phishing
Akhgar, B., Arabnia, H., & Arabnia, H. R. (2014). Emerging Trends in ICT Security. Pg.5
Retrieved from https://books.google.com.sg/books?id=ndqwAAAAQBAJ&printsec=frontcover&dq=risk of using ICT&hl=en&sa=X&ved=0ahUKEwj7wdfH2cTdAhXRfCsKHfWCC_0Q6AEIRzAF#v=onepage&q=risk of using ICT&f=false