1 Introduction
This chapter will present the background to the study, the statement of the problem, scope used in compiling the information and figures consulted to contribute to the study. The structure of the thesis will be delved into and expounded upon.
1.1 Background information
In the modern globalized world of technology, connectivity to the internet has become a basic or otherwise fundamental feature of daily living and work-related activity. Individuals and organizations access the web through multiple devices such as tabs, phone, personal computers and so on and so on. This level of internet connectivity between multiple gadgets has come to be known as the internet of things. These modern-day devices use graphical user interface that makes it easy for an individual to operate them. Applications abbreviated as apps provide the means through which specific functions and tasks can be performed by a computer device.
The interconnectivity poses a security challenge as a DoS attack on one device can spread to the whole system and be remotely susceptible to control by hackers and other entities. As a new report by a cyber security McAfee has shown, two and a half million internet gadgets where infected by Mirai malware in the fourth quarter alone leading up to January this year [3]. Mirai is a malware that attacks interconnected internet of things gadgets and makes them vulnerable to control by a remote host. The gadgets can then be used for large scale coordinated attacks on networks.
The malware by and large targets gadgets running on old versions of Linux and the problem is further exacerbated by the fact that the code used in the malware is freely available online and in hacker forums globally. A further five internet of things gadgets have their IP addresses infected by the malware each minute since the report was published notes the cyber security firm. Despite increases in cyber security expenditures, there has been a 24 per cent increase in malware detected last year alone. Additionally, mobile and tablet malware grew by a massive 99 per cent while 176 new cyber threats per minute where detected[6].
Whereas applications form part of the computer system, most tend to operate autonomously and have rights to access the internet among other rights that most users choose to ignore or are unaware of. Most operating systems today provide a platform that allows their users to safely download apps to their devices. Phone and tablet operating systems such as IOS and android provide Appstore and google play store and as their safety platforms where their users download application software.
However, third party independent applications developers do exist in the market. They provide multiple applications that are increasingly becoming essential to everyday living for most households. They feel a niche that most mainstream may overlook or simply not delve into for commercial reasons. Additionally, they cater to specific consumer needs that may not be feasible enough to be provided on an industrial scale. Users are also tempted by their open-ended user policies that allow certain freedoms such as low to non-existence internet connectivity.
Cyber security industry has overtime come up with measures to curb malware infecting computers. Vendors sell anti-virus softwares that detect viruses by checking the program then comparing it to previously encountered malware. Such malware includes known viruses, trojans, worms, spyware, adware, rootkits among others. Heuristic checking forms part of their arsenal and involves monitoring programs for signs of unusual packets traffic behavior that indicates an unknown malware [6]. YARA tools thereby assist researchers to classify and categorize the detected malware into groups based on their binary or digital footprint for easier identification in future.
Firewalls, a network security system built to prevent access by unauthorized personnel into private networks, provides blanket restriction without discriminating between the different entities i.e. they use the same policy for a large number of users/hosts. Security tools, although important, lack detailed knowledge and finesse of expected traffic to a site therefore are susceptible to being infected by malware. This then leaves the door open for infected hosts to attack other hosts by directing malicious traffic to those sites. Signature-based intrusion detection system has been developed that search computer devices for certain malicious programming sequences that may denote the existence of malware [10]. A majority of security softwares have in built real-time protection feature that monitors malicious malware instantaneous i.e. once it is accessed and notifies the end user if unable to sufficiently deal with the problem.
BGP, an exterior gateway protocol, routes between autonomous systems and contrary to popular belief does not serve any cyber security function. It majorly exchanges routing information and packets between routers in different autonomous systems. Its use is due to its vast scalability of all protocols as well as being the worldwide standard for use by service providers and private networks [3]. Although its purpose has been extended to include route for IPv6 and other data, it still remains just that, a routing protocol not averse with cyber security and actually its use can be viewed as a hack.
CERT activity in multiple countries has alleviated the malware problem in part because of their quick responses to emerging situations and malware attacks alongside Csirt teams. Cyber security vendors cooperate on most fronts but their efforts have remained largely segmented and uncoordinated in large part due to economic reasons revolving around market share and sales volume.
Traditional operating systems that have long been seen as secure have in recent times been culpable after facing multiple cyber threats. For instance, Mac OS malware samples grew by an incredible 254 per cent last year in spite of efforts by developers. The increase has largely been blamed on adware bundling, a software that displays advertisements to consumers while they are surfing the web.
1.2 Motivation
Software developers have from time to time come up with solutions to most security threats. Early May, there was a worldwide ransomware attack on thousands of computers worldwide, its spread was attributed to an instrument that scans the internet for devices with open server message block ports. The worm applied an advanced SMB exploit developed by the NSA to install additional malware to vulnerable internet devices. However, the interesting fact was that it only infected windows operating systems that had not installed the latest security patch work by Microsoft. This provides a template for future security updates by developers, as noted, most users that where infected chose to ignore the security update all together. 67 per cent of the affected computers belonged to organizations which shows complacency by most to update their cyber security systems.
The cyber security industry faces stumbling blocks in their bid to improve internet security through sharing of threat intelligence between the different vendors and entities.
A Network Address Translator (NTA) lets computers in a private network communicate with s...
Request Removal
If you are the original author of this essay and no longer wish to have it published on the customtermpaperwriting.org website, please click below to request its removal:
