UNIVERSITY
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Cyberterrorism<br />
FIGHTING THE DARK SIDE OF THE<br />
INTERNET<br />
viu.edu<br />
Johnson Kinyua, PhD is the Dean of the School of Computer<br />
Information Systems at VIU. He has been published widely in<br />
peer-reviewed journals and international conferences.<br />
By Dr. Johnson Kinyua<br />
The recent data breach at Target<br />
involving at least 70 million customer accounts<br />
(pundits estimate that this figure<br />
could be over 100 million) has again focused<br />
our attention on the risks that we<br />
face in this age of the Internet. The Internet<br />
has revolutionized the way we work,<br />
live, socialize, and conduct businesses.<br />
Today, we have abundant connectivity<br />
through computers at home and at work,<br />
and on our laptops, tablets, smart phones,<br />
etc. Even our cars and homes are finding<br />
ways of getting connected. This Internet<br />
environment is the so-called cyberspace,<br />
and ubiquitous connectivity and the expansion<br />
of cyberspace has resulted in<br />
enormous gains in many sectors. It has<br />
revolutionized the education sectors with<br />
many universities now offering traditional<br />
classes, hybrid classes, and online classes.<br />
You can book your airline ticket without<br />
leaving your home or office and check-in<br />
for your next flight online. You can buy<br />
almost anything via the Internet and have<br />
it delivered to your home or office. You can<br />
buy and sell stocks from anywhere via the<br />
Internet. Applying for jobs nowadays is<br />
conducted almost entirely online. The list<br />
of things you can do is endless. The Internet<br />
is also full of social media: Facebook,<br />
Twitter, LinkedIn, etc.<br />
The common aspect of all Internetbased<br />
interactions and transactions is that<br />
the exchange of information can be personal,<br />
confidential, or financial in nature.<br />
While the benefits of using the Internet<br />
are undeniable, there is also a dark side to<br />
the Internet. Lurking in the same environment<br />
are hackers, hacktivists, and other<br />
malicious entities with different malicious<br />
objectives. Some of these entities want to<br />
steal personal information and use it for<br />
financial gain; others want to cause harm<br />
or damage to other entities or their adversaries<br />
and so on.<br />
Hacktivists use the Internet to promote<br />
political ends, to promote free<br />
speech or human rights, and to achieve<br />
other objectives. Hacktivism traces its<br />
roots back to the late 1990s, when a hacker<br />
collective called Electronic Disturbance<br />
Theater (EDT) protested against Mexican<br />
government policies that were considered<br />
oppressive by staging online versions of<br />
sit-ins. These took the form of distributed<br />
denial-of-service (DDoS) attacks, a technique<br />
using large networks of hijacked<br />
computers to jam up websites with so<br />
much traffic that they crash. The EDT’s actions<br />
shut down several websites, including<br />
that of the Mexican president, igniting<br />
a flurry of concern about the security of<br />
the internet.<br />
Target’s data breach is one of the largest<br />
in the history of the Internet when<br />
compared with the previous two largest<br />
data breaches in history. In August 2009,<br />
130 million credit and debit card accounts<br />
were stolen from the Heartland Payment<br />
Systems servers, and at least 94 million<br />
credit and debit card accounts were stolen<br />
from TJX. In December 2009, 32 million<br />
user accounts were stolen from RockYou.<br />
Data breaches of smaller sizes occur all the<br />
time but most companies would prefer not<br />
to make the violation public for obvious<br />
reasons. It was reported today, as I write<br />
this article, that a data breach involving<br />
27,000 customer records had occurred at<br />
Barclays bank.<br />
When it comes to cybersecurity, it is<br />
unfortunate that companies tend to comply<br />
as minimally as they can with regulations<br />
because improved cybersecurity can<br />
be costly; but a data breach could also spell<br />
the demise of a company. Many Fortune<br />
500 companies are still using outdated<br />
software. Hackers often exploit vulnerabilities<br />
in older versions of popular software<br />
to load malicious programs into computers,<br />
which can then be used to launch attacks.<br />
Hence, there is a crucial need to secure<br />
this cyberspace using several defense<br />
mechanisms to ensure confidentiality,<br />
availability, integrity, accountability, and<br />
non-repudiation (an entity cannot deny<br />
having conducted a transaction); and this is<br />
what cybersecurity is all about. As a result<br />
of the changing nature and sophistication<br />
of attacks, there is a new demand for cybersecurity<br />
specialists to fight cyber terrorism<br />
at all levels of society, from multinational<br />
corporations to governments.<br />
Tech Giants in Court<br />
In a drawn-out case against Google, Oracle has come away<br />
the victor. The lawsuit arose out of Oracle’s claim that Google developed<br />
their Android operating system using code copied from<br />
Oracle’s Java code. Much of the case centered around the use of<br />
application programming interfaces, commonly referred to as<br />
APIs, which allow two different programs to communicate with<br />
each other. For the sake of increasing programs which utilize their<br />
software, companies often share their APIs freely. In this case, the<br />
court has decided that APIs are able to be copyrighted. Oracle won<br />
the case, but it seems the copyright question has not yet been definitively<br />
answered. There are many voices on both sides of the issue<br />
of intellectual property and ownership when it comes to APIs,<br />
software, and coding. Following the case, Google was reported as<br />
saying the verdict is “a damaging precedent for computer science<br />
and software development.” They believe that different software<br />
must be able to communicate for the internet to work. Oracle, on<br />
the other hand, claims it is “a win for Oracle and the entire software<br />
industry.” They believe one company shouldn’t be permitted<br />
to blatantly copy another company’s work. The long-term results<br />
are yet to be seen, but the question remains: How will software<br />
companies create interoperable programs without violating copyrights?<br />
Public’s Right to Information vs. Privacy<br />
A man in Spain recently filed a lawsuit against search engine<br />
giant Google in which the European Union Court of Justice ruled<br />
that Google must submit to an individual’s request to have personal<br />
information removed from the internet if it is no longer relevant.<br />
The ruling bolsters controversy already present about the<br />
ethics of companies like Google collecting and maintaining information<br />
about individuals. The question to be answered is whether<br />
the public’s right to access information is outweighed by the individual’s<br />
right to privacy. The European Union has awarded a big<br />
win to the individuals this time, and headlines reflect the victory.<br />
“EU Court says people are entitled to control their own online<br />
histories” reported The Washington Post.<br />
50 University Magazine, VIU Summer 2014<br />
Summer 2014 University Magazine, VIU 51<br />
Summer 2014 University Magazine, VIU 51