User Account

All Pages

Identify two epolicies the government should implement

Assignment Help Management Theories
Reference no: EM131376663

E-Espionage BusinessWeek magazine probed the rising attacks on America's most sensitive computer networks, uncovering startling security gaps. The email message addressed to a Booz Allen Hamilton executive from the Pentagon was mundane-a shopping list of weaponry India wanted to buy. But the missive was a brilliant fake. Lurking beneath the description of aircraft, engines, and radar equipment was an insidious piece of computer code, known as Poison Ivy, designed to suck sensitive data out of the $4 billion consulting firm's computer network.

The Pentagon had not sent the email. Its origin is unknown, but the message traveled through Korea on its way to Booz Allen. Its authors knew enough about the "sender" and "recipient" to craft a message unlikely to arouse suspicion. Had the Booz Allen executive clicked on the attachment, his every keystroke would have been reported back to a mysterious master at the Internet address cybersyndrome.3322.org, which is registered through an obscure company headquartered on the banks of China's Yangtze River. The email aimed at Booz Allen paints a vivid picture of the alarming new capabilities of America's cyberenemies. The email message was sent to John F. "Jack" Mulhern, vice president for international military assistance programs at Booz Allen.

In the high-tech world of weapons sales, Mulhern's specialty, the email looked authentic enough. "Integrate U.S., Russian, and Indian weapons and avionics," the email noted, describing the Indian government's expectations for its fighter jets. "Source code given to India for indigenous computer upgrade capability." Such lingo could easily be understood by Mulhern. The 62-year-old former U.S. Naval officer and 33-year veteran of Booz Allen's military consulting business is an expert in helping to sell U.S. weapons to foreign governments. The email was more convincing because of its apparent sender: Stephen J. Moree, a civilian who worked for a group that reported to the office of then-Air Force Secretary Michael W. Wynne. Among its duties, Moree's unit evaluated the security of selling U.S. military aircraft to other countries. There would be little reason to suspect anything seriously amiss in Moree passing along the highly technical document with "India MRCA Request for Proposal" in the subject line.

The Indian government had just released the request a week earlier, on August 28, and the language in the email closely tracked the request. Making the message appear more credible still, it referred to upcoming Air Force communiqués and a "Team Meeting" to discuss the deal. But the correspondence from Moree to Jack Mulhern was a fake. An analysis of the email's path and attachment, conducted for BusinessWeek by three cybersecurity specialists, shows it was sent by an unknown attacker, bounced through an Internet address in South Korea, relayed through a Yahoo! server in New York, and finally made its way to Mulhern's Booz Allen in-box. The analysis also shows the code-known as malware, for malicious software-tracks keystrokes on the computers of people who open it.

A separate program disables security measures such as password protection on Microsoft Access database files, a program often used by large organizations such as the U.S. defense industry to manage big batches of data. Global Threats The U.S. government and its sprawl of defense contractors have been the victims of an unprecedented rash of similar attacks, say current and former U.S. government officials. "It's espionage on a massive scale," said Paul B. Kurtz, a former high-ranking national security official. Government agencies reported 12,986 cybersecurity incidents to the U.S. Homeland Security Department in one fiscal year, triple the number from two years earlier.

Incursions on the military's networks were up 55 percent, said Lieutenant General Charles E. Croom, head of the Pentagon's Joint Task Force for Global Network Operations. Private targets such as Booz Allen are just as vulnerable and pose just as much potential security risk. "They have our information on their networks. They're building our weapon systems. You wouldn't want that in enemy hands," Croom said. Cyber attackers "are not denying, disrupting, or destroying operations-yet. But that doesn't mean they don't have the capability." Poison Ivy Commercial computer security firms have dubbed the malicious code hidden inside the email attachment Poison Ivy, and it has a devious-and worrisome-capability known as a RAT, a remote administration tool. RAT gives the attacker control over the host PC, capturing screen shots and perusing files.

It lurks in the background of Microsoft Internet Explorer browsers while users surf the web. Then it phones home to its "master" at an Internet address currently registered under the name cybersyndrome.3322.org . The digital trail to cybersyndrome.3322.org , followed by analysts at BusinessWeek 's request, leads to one of China's largest free domain-name-registration and email services. Called 3322.org, it is registered to a company called Bentium in the city of Changzhou, an industrial hub outside Shanghai. A range of security experts say that 3322.org provides names for computers and servers that act as the command and control centers for more than 10,000 pieces of malicious code launched at government and corporate networks in recent years. Many of those PCs are in China; the rest could be anywhere. The founder of 3322.org, a 37-year-old technology entrepreneur named Peng Yong, says his company merely allows users to register domain names.

"As for what our users do, we cannot completely control it," Peng said. The bottom line: If Poison Ivy infected Jack Mulhern's computer at Booz Allen, any secrets inside could be seen in China. And if it spread to other computers, as malware often does, the infection opens windows on potentially sensitive information there, too. Many security experts worry the Internet has become too unwieldy to be tamed. New threats appear every day, each seemingly more sophisticated than the previous one. The Defense Department, whose Advanced Research Projects Agency (DARPA) developed the Internet in the 1960s, is beginning to think it created a monster. "You don't need an Army, a Navy, an Air Force to beat the U.S.," said General William T. Lord, commander of the Air Force Cyber Command, a unit formed to upgrade Air Force computer defenses. "You can be a peer force for the price of the PC on my desk."

Questions
1. Define information ethics and information security and explain why each is critical to any government operation.

2. Identify two epolicies the government should implement to help combat cyberterrorism.

3. Demonstrate how the government can use authentication and authorization technologies to prevent information theft.

4. Analyze how the government can use prevention and resistance technologies to safeguard its employees from hackers and viruses.

5. Propose a plan for how the government can implement information security plans to ensure its critical info1rmation is safe and protects.

6. Evaluate the information security issues facing the government and identify its three biggest concerns.

Reference no: EM131376663

Questions Cloud

Evaluate the use of complex models of project risk : Locate, synthesise and critically evaluate recent/current information from a wide range of published literature in the area of Project Risk and Procurement Management
How can a company participating in ebusiness : How can a company participating in ebusiness keep its information secure?- What technologies can a company use to safeguard information?
What are the reasons a company experiences downtime : What are the reasons a company experiences downtime?-  What are the costs associated with downtime?
Comparing the dual roles of scientist and practitioner : Write a 700- to 1,050-word paper comparing the dual roles of scientist and practitioner that I/O psychologists play. Include the following in your response: Specific examples of how research advances the field
Identify two epolicies the government should implement : Define information ethics and information security and explain why each is critical to any government operation.- Identify two epolicies the government should implement to help combat cyberterrorism.
Calculate the present values : (a) Calculate the present value of each payment option, assuming the interest rate is 12%. (b) Then, calculate the present values based on an interest rate of 5%. (c) Compare your answers and explain why they are different when the interest rate c..
Describe your top-three fears in competing in global market : As the CFO, describe your top-three fears in competing in the global market, and how you plan to overcome those fears. Provide support for your rationale.
Personal and organization decisions : What is economics? What role does economics play in your personal and organization's decisions?
How the article can enhance your professional decisions : Discuss how the article can enhance your professional and education decisions in the future. Additionally, explain how you will apply the information in the article to your everyday lifestyle.

Reviews

Write a Review

Management Theories Questions & Answers

  How the business is doing relative to the previous year

You have been asked by the top leadership in your organization to develop a PowerPoint presentation on how the business is doing relative to the previous year. This will include a comparison of the following for this fiscal year and the previous ..

  Briefly discuss the economic-political

Briefly discuss the economic, political, educational, family, and marital systems of a country of your choice. Include a response to the following questions in your discussion

  A study by consumer reports showed

A study by Consumer Reports showed that 64% of supermarket shoppers believe super- market brands to be as good as national name brands.

  How your top five strengths relate to your leadership style

Explain how your top five strengths relate to your leadership style. Determine how they relate to the key functions you would need to perform as a manager

  What does the phrase in a category of jobs that is net

What does the phrase in a category of jobs that is net of outsourcing mean?

  What new manufacturing technique is appropriate

What new manufacturing technique is appropriate for this company? -   How should the company prepare for it?

  Proactive risk management

Proactive Risk Management

  Based on the descriptions of sullenberger

Review the Self-Competency feature entitled "Chesley Sullenberger III, Captain of US Airways Flight 1549." Based on the descriptions of Sullenberger, what characteristics of the hardy personality are illustrated?

  Explain the relationship between production function

Explain the relationship between production function and all other functions of the firm.

  Traditional japanese culture benefit matsushita

Essay Question : How did traditional Japanese culture benefit Matsushita during the 1950's-1980's? Did traditional values become more of a liability during the 1990-s and early 2000-s? How so?

  Creating a business plan for a small business

You will be creating a business plan for a small business. You can begin your research for the project by looking at the information on theSmall Business Administration Web site.

  Information and communications for development

More than one billion people take their electrical and telecommunications systems for granted. However, for billions more, the service-on-demand mentality remains a distant dream and Internet access only a rumor. Recognizing the need to promote gl..

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd