Essay on the Growth and Increases in Hackings and Potential Counter Measures

I. Abstract

This case study focuses on the trends, factors and counter-measures for the growth and increase in hacking. The main question being addressed is why there has been a growth and increase in hacking, what its key trends are, and how hacking has grown and increased. Furthermore, the case study also investigates factors for increased hacking, and evaluates a number of counter-measures to combat increase and growth in hacking that have been adopted by the industry. The case study ends by detailing future trends for increase and growth in hacking.

This case study is important because increase and growth in hacking is rising among developed countries, which puts millions of consumers at risk of security breaches and privacy infringements. This case study will seek to outline the basic trends of increase and growth in hackings and their key driving factors, alongside trends and counter-measures for hacking incidents. This case study will be supported by a comprehensive literature review of recent literature.

II. Introduction

Increase and growth in hackings have grown in recent years. This has grown from the perspective of consumers, governments, enterprises and institutions.

From the consumer perspective, supported by a growing middle class with rising disposable incomes, consumers have rapidly increased their adoption of digital solutions amid greater consumer awareness of the convenience, quality and utility of digital solutions. Digital solutions typically feature upgraded versions of existing devices such as locks, televisions, ovens and refrigerators, which contain embedded software and operating systems that allow them to run applications over an internet connection to provide additional services. These services may include monitoring, remote optimization, content streaming and access control functions. Increase and growth in hackings are also characterized by their connection to a wireless network, which allows the user to conveniently access and manage all devices from a limited number of platforms. Digital consumer solutions may also include softwares and applications for workflow management, energy optimization, healthcare, education banking, finance, personal transportation and other consumer areas.

However, the embedded software and operating systems in these digital solutions may contain vulnerabilities that could be used by a malicious third party to gain access to the device, and to use the device to gain access to other home networks. For example, hackers could use unauthorised access to change readings on health monitors such as carbon monoxide alarms, which create health and safety issues for households. Hackers could also compromise smart digital solution systems to broadcast illicit, obscene or inappropriate content to unsuspecting users, or film users in their own homes through the pinhole cameras installed in webcam-enabled devices such as Smart TVs. Other reports by security research firms found that it only took up to 20 minutes to initiate and complete a home device attack that gave an attacker complete control over a increase and growth in hacking network.

III. Review of research questions

Research questions on the area of increase and growth in hackings typically fall into two categories: the reasons for the increase and growth in hackings, and the measures to combat the increase and growth in hacking. This case study will combine the two types of research questions to investigate why hackings have increased and grown, and what measures can be taken to reduce the risk of hacking.

IV. Literature Review

The literature on increase and growth in hacking security is growing but fragmented. A large body of the literature is dedicated to exploring how increase and growth in hacking security vulnerabilities manifest from a technical point of view. These include Bachy et al. (2015), Michele et al. (2014), Niemietz et al. (2015) and Schwartz et al. (2018).

Another segment of the literature on increase and growth in hacking security involves the proposal of novel frameworks to deal with increase and growth in hacking security vulnerabilities. These include Jacobsson et al. (2016), Kang et al. (2017), Lee et al. (2014), Plachkinova et al. (2016), and Bitdefender (2017). These reports focus on how to create risk management frameworks, security frameworks, security architectures and regulatory certifications to enhance the state of security surrounding the increase and growth in hacking. [4]

V. Trends of increase and growth in hacking

As previously discussed, the increase and growth in hacking market has grown rapidly in recent years. This has led to a number of key trends in increase and growth in hacking.

Foremost, manufacturers are under increasing market pressure to turn out new products, which means pilot and beta-test products are often released into market lack the industry-standard encryption protocols, access control mechanisms and other such measures necessary to prevent hacks into increase and growth in hackings.

Finally, there has been growing regulatory concern over consumer safety in the wake of increased consumer demand for smart consumer devices, but a lack of sufficient policy responses to safeguard consumer interests.

VI. Causes for increase and growth in hacking

Causes for the increase and growth in hacking can be broadly grouped into a number of categories: access control, authentication protocols, encryption, connected networks and sensitive data.

Foremost, access control issues in the form of insecure password choices, password leaks, unauthenticated user access and man-in-the-middle breaches allow third parties to gain access to increase and growth in hacking systems.[6] Access control can also occur in systems such as the debugging interface, where manufacturers do not implement sufficient access control restrictions to limit the number of users able to access the debugging interface, which is where a hacker could execute commands directly to the device.[7]

Secondly, device producers do not implement sufficient authentication protocols, such as two-factor authentication and https, to ensure that user authentications are conducted in a secure manner.

Thirdly, encryption of increase and growth in hackings is typically neglected, with the communications between the device, cloud servers, content providers and internet service providers frequently occurring over an unsecured network.

Fourthly, connected networks, which form a crucial part of increase and growth in hackings, create additional network vulnerabilities that allow hackers to intercept incoming or outgoing transmissions between stakeholders such as the user and their content or internet service provider. This is an especially acute vulnerability if the network is not secured using protocols such as WPA2 and WEP.

Finally, sensitive data transmitted within networks, such as use statistics and user demographics, is often a major issue that has fuelled the increase and growth in hacking. As the data is stored in centralized servers, the compromising of one device can often lead to an entire range of user information being leaked to third parties.[8]

VII. Impacts of increase and growth in hacking

The increase and growth in hacking has led to a host of severe consequences for its victims. These include identity theft, data leaks, compromising of devices for malicious intent, ransomware attacks, service disruptions and surveillance.

Foremost, the increase and growth in hacking may lead to identity theft and data leaks. Devices typically collect user demographic data, identification data and use statistics for their consumer market studies and program analytics.[9] If compromised, such data could be damaging to a user’s reputation, and could lead to further hacks on their other digital assets, such as bank accounts and insurance accounts. This is because the data stored on digital devices is typically highly sensitive, and may reflect a user’s identity, health, location and other such information. At a national level, this could

Secondly, hackers are able to compromise devices for malicious intent, such as the direct broadcasting of illicit or obscene content into children’s rooms, or the pranking of increase and growth in hacking users. However, manipulation may also take on more severe forms, such as the manipulation of air pollution statistics on a smart air pollution filter, the alteration of electricity voltages on a smart refrigerator, and the changing of heart rate and blood pressure sensor readings on a FitBit. These could result in consequences that are highly injurious to human health and safety. Furthermore, terrorists could launch anonymous remote attacks such as pressure cooker bombs through the remote manipulation of devices such as gas stoves and rice cookers.

Thirdly, increase and growth in hacking hacking may lead to a rise in service disruptions and ransomware attacks.[10] Increase and growth in hacking hackers are able to use their control over increase and growth in hackings to disrupt much-needed services such as television broadcasting, internet access, utilities, entry access, and healthcare monitoring and management devices. This allows them to launch ransomware schemes to extort their victims for financial benefit.

Fourtly, increase and growth in hacking hacking has led to an increase in unauthorized surveillance. Third party hackers could easily compromise the webcams and pinhole cameras embedded in increase and growth in hackings such as Smart TVs, and film the occupants of the smart home unbeknownst. This has serious implications for privacy and individual security.

VIII. Factors for increased hacking: vulnerabilities that lead to an increase and growth in hackings

This segment of the case study will discuss factors for increased hacking incident rates from a technical perspective. From a technical incident perspective, according to Bitdefender, a leading cybersecurity research software firm, the leading vulnerabilities are Denial of Service attacks (42%) , Overflow access errors (21%), code execution attacks (10%), information retrieval attacks (7%) and memory corruption and deletion (4%).[11] The easiest devices to hack are typically lower-level, low-security devices and networks.

From a technical vulnerability standpoint, vulnerabilities can be classified into the following categories: user-based vulnerabilities, device and software vulnerabilities, and network vulnerabilities.

Foremost, user based vulnerabilities are vulnerabilities that individual users are responsible for. These include access control errors, and weak consumer awareness of basic security protocols, failures to update firmware, and inappropriate password use. The area of password use is a particularly significant issue, given that many users randomly use passwords, never change their passwords, or use too few passwords, which allow hackers easy vulnerabilities by which to access increase and growth in hackings. Another major issue in user vulnerabilities is the collection of user data. Users often have to opt-out of the collection of personal information such as user statistics and user demographics, which therefore means that most of their data is collected without their conscious knowledge or consent.[12] Afterward, this data is often stored on unsecured servers and liable to data breaches.

Secondly, device and software vulnerabilities are vulnerabilities that are embedded within software and devices that lead to an increase and growth in hacking. In this area of vulnerabilities, devices and software can be compromised at any one of their four layers (application layer, application framework, module core library, and Linux kernel layer). [13] For example, the device system is often not fortified to withstand the insertion of malicious software applications or alterations to software functions. Developers and manufacturers often fail to use the hash function or digital signature for critical data. In another common area of breaches, the device is not fortified round-the-clock to ensure that breaches do not occur during system downtime. This allows an attacker to steal data from the device and deteriorate the user’s device availability when the device is unsecured during limited periods.

Separately, in the area of device authentication, there is frequently a lack of security protocols to ensure that authentication is conducted in a rigorous manner. This leaves devices vulnerable to attacks such as a denial of service (DOS), distributed denial of service (DDOS) and trojan horse attacks. Occasionally, devices also lack login authentication protocols entirely, by enabling auto-login for the sake of user convenience. This dramatically increases the odds of an increase and growth in hacking.

Finally, network based vulnerabilities pose unique challenges and risk factors for increase and growth in hacking, given that the field of network security is fairly new. There is a frequent lack of security protocols such as secure socket layer (SSL) protocols to ensure that third parties cannot access transmissions in networks. Furthermore, device producers frequently store configuration information on a commercial cloud service that is Internet accessible, which can be cracked through default passwords. This vulnerability is made worse through the lack of encryptions on cloud-based communications, or the lack of security for the use of a virtual private network.

In addition, producers often fail to secure and isolate network information from commercial search engines. For example, a digital reporter from Forbes discovered that databases of products supplied by Insteon could be trawled by commercially available internet search engines, which allowed malicious third parties to access private devices such as fans, televisions and water pumps by searching for the appropriate links on Google and accessing said devices. Information such as IP addresses, real identities and locations were also included in these web searches that can be trawled.

IX. Review and evaluation of counter measures for increase and growth in hacking

This segment of the case study will review counter measures for increase and growth in hacking hacking from the perspective of four stakeholders: the producer, the enterprise, the government and the user. This case study contends that all three stakeholders have a crucial role to play in ensuring that increase and growth in hackings remain secured from third party attacks.

From the producer perspective, several strategies can be undertaken to secure increase and growth in hackings. Producers refer to the manufacturers of digital devices and electronic products, whose security vulnerabilities have led to a rising rate of increase in hackings. Foremost, producer can reform the setting-up process for security, through forcing consumers to choose hard passwords. The producer can also devote sufficient resources to improving risk management protocols. For example, producer can create tutorials to educate customers about ransomware, DDOS and phishing attacks when first installing the device, and increase customer support and notification system in event of a increase and growth in hacking security breach.[15]

Producers should also consider access control measures such as biometric authentication, through the use of heart rate variability measuring, iris scans and fingerprint scans, or limiting access to sensitive systems such as the debugging interface.[19] Producers can also integrate security from the design stage. This may be achieved through the building of modular networks that can contain security breaches in the event of an isolated breach, or investing in blockchain enabled security framework to ensure confidentiality, integrity, availability. [16]

The use of innovative blockchain frameworks to circumvent issues such as high resource demand, high latency and low scalability would also create a robust and efficient system to combat the rising risks from a growing rate of hacking. [17] Producers could also isolate devices from cloud and WIFI networks when not needed, silo segments of a increase and growth in hacking network, and implement network encryption for mobile devices and communications networks. [18] Producers should also do more to combat the increase and growth in hacking on the data front, by regularly clearing consumer data caches to limit the scope of a data breach and decentralizing data storage systems.[20] Finally, manufacturers could pursue collaboration with content providers and ISPs to combat the increase and growth in hacking, by pursuing a holistic, multi-stakeholder approach to create defensive measures against hackers.

Enterprises are also to be held responsible for the increase and growth in hacking, and should engage in the following measures to reduce the risk of increase and growth in hacking. Foremost, enterprises need to patch security flaws in a timely manner, and configure system setups and access control to restrict unauthorised access. Enterprises also need to convince their C-Suite, senior management and board of management to prioritize cybersecurity as a corporate priority, and devote sufficient resources to perform internal audits, due diligence and disclosure procedures for risk factors. In particular, enterprises should endow an independent audit team to thoroughly audit their cybersecurity management plans, to ensure that they are in full adherence to industry standards and can withstand an increase in hacking incidents. Enterprises also need to prioritize the creation of an emergency response plan and a customer service mechanism to ensure that their clients are protected in the event of a hacking.

The government has a clear and vested interest to safeguard its own security against hackers, as well as the security of the consumers and enterprises that form part of its electorate. The government may do so by issuing clear guidelines on data and privacy, implementing regulation to ensure producer compliance to cybersecurity norms, increasing penalties for producers and enterprises who are found to be negligent in implementing cybersecurity products, creating a list of trusted certifications for increase and growth in hacking products, and encouraging collaborations between research institutions and increase and growth in hacking manufacturers to test and probe for vulnerabilities in devices. [21]

Finally, the user, as the stakeholder most affected by the increase and growth of hackings, has the greatest interest in protecting themselves from such attacks. The user should regularly perform firmware updates and run antivirus software on increase and growth in hackings. The user could also limit risk by buying devices from reputable manufacturers, refraining from purchase of second-hand devices which may already be infected with malware.[22] In the area of access control, the user should use strong passwords, avoid using the same passwords across multiple devices, isolate user accounts and reduce the use of linked devices, and implement two-factor authentication on all increase and growth in hackings where possible. In the area of network security, the user should be aware of how to close access to open ports through firewalls, hard-wire the device to the Internet if possible, set alerts to notify the user if access is abruptly revoked from a Wi-Fi connection, disconnect the device from the internet unless necessary, and use WPA2 or WEP encrypted networks at minimum.[23] Finally, in the area of data collection, the user should regularly delete user cache data and deactivate voice and video recording devices when not in use.

In general, the manufacturer’s measures are the most effective at reducing the risk of increase and growth in hacking hacking, although governments and users have a significant and oft-understated role to play in reducing the risk of increase and growth in hacking security breaches.

X. Future trends for increase and growth in hacking security

The trend of increase and growth in hacking is likely to remain dynamic and growing in the coming years. The following are some key trends made by observers on the future of increase and growth in hacking.

Foremost, the risks of increase and growth in hacking security breaches will continue to proliferate. Secondly, governments are slow to regulate affected devices on a global basis, which suggests a need for an increased role for progressive regulation and compliance to combat the increase and growth in hacking.[24] Thirdly, consumers are increasingly aware of risks from increase and growth in hacking, and need to mobilize more effectively to demand greater cybersecurity measures from producers and enterprises who provide such devices.[25] Fourthly, in an increasingly competitive digital market which is increasingly at risk of hacking attacks, device producers are moving to secure their devices as a competitive advantage. This suggests that device producers may have a natural market incentive to increase the implementation of innovative security features, as a way of distinguishing themselves from their competition. Fifthly, researchers are increasingly observing that an integrated approach to cybersecurity, which comprises access control, network, device, firmware and software security protocols, is necessary to ensure complete security against an increase and growth in hacking. Finally, analysts predict that increase and growth in hacking will be an albatross for digitalization if security vulnerabilities are allowed to proliferate.

XI. Conclusion

The trend in increase and growth in hacking remains likely to persist, and as this case study has addressed by reviewing trends, factors and counter-measures for increase and growth in hacking, the state of countermeasures against increase and growth in hacking is still poor. Furthermore, the case shows that more active strategies by stakeholders such as the government, users, enterprises and producers are necessary to mitigate the risk of increase and growth in hacking.

XII. References

Ayyagari, Ramakrishna. “An exploratory analysis of data breaches from 2005-2011: Trends and insights.” Journal of Information Privacy and Security 8, no. 2 (2012): 33-56.

Filip Truta, ‘The Top Five Cybersecurity Incidents of 2018.’ Bitdefender, December 28, 2018. Accessed March 1, 2019. https://businessinsights.bitdefender.com/the-five-key-security-incidents-of-2018

Fossi, Marc, Gerry Egan, Kevin Haley, Eric Johnson, Trevor Mack, Téo Adams, Joseph Blackbird et al. “Symantec internet security threat report trends for 2010.” Volume XVI(2011).

Gilman, Nils. “Hacking goes pro [engineering security].” Engineering & Technology 4, no. 3 (2009): 26-29.

Kevin Delsh, ‘Worst cybersecurity breaches and data leaks in 2017.’ TechTalks, December 26, 2017. Accessed February 28, 2019. https://bdtechtalks.com/2017/12/26/worst-cybersecurity-breaches-data-leaks-2017/

Libicki, Martin C., David Senty, and Julia Pollak. Hackers wanted: An examination of the cybersecurity labor market. Rand Corporation, 2014.

Lily Hay Newman, ‘The Biggest Cybersecurity Disasters of 2017 so far.’ Wired, July 1, 2017. Accessed March 1, 2019. https://www.wired.com/story/2017-biggest-hacks-so-far/

Minnaar, Anthony. “‘Crackers’, cyberattacks and cybersecurity vulnerabilities: the difficulties in combatting the’new’cybercriminals.” Acta Criminologica: Southern African Journal of Criminology 2014, no. Special Edition 2 (2014): 127-144.

Park, Dea-Woo. “Analysis of mobile smishing hacking trends and security measures.” Journal of the Korea Institute of Information and Communication Engineering 19, no. 11 (2015): 2615-2622.

Security Intelligence, ‘Cybersecurity Incidents Doubled in 2017, Study Finds.’ Security Intelligence, January 30, 2018. Accessed March 1, 2019. https://securityintelligence.com/news/cybersecurity-incidents-doubled-in-2017-study-finds/

Symantec, ‘Internet Security Threat Report (ISTR) 2019.’ Symantec, February 28, 2018. Accessed February 25, 2019. https://www.symantec.com/security-center/threat-report

Taylor, Robert W., Eric J. Fritsch, and John Liederbach. Digital crime and digital terrorism. Prentice Hall Press, 2014.