The Art of Cyberwar: Security in the Age of Information

Posted by learninghouse on April 10, 2015  /   Posted in Information Technology

The Art of Cyberwar - Sun Tzu Animated GIF

Cybercrime is an increasingly serious issue both in the United States and globally; the estimated annual cost of global cybercrime has reached $100 billion. Almost 560 million people are victims of cybercrime yearly — more than 1.5 million victims a day. The U.S. director of national intelligence has ranked cybercrime as a “top security threat, higher than that of terrorism, espionage and weapons of mass destruction.” As FBI Director James B. Comey recently explained, “The United States faces real cybersecurity threats from criminals, terrorists, spies and malicious cyberactors.”

A Real Threat

“When the enemy presents an opportunity, speedily take advantage of it.”

– Sun Tzu, The Art of War

A recent report by PWC identifies one of the primary reasons for the severity of these threats — to put it simply, cybersecurity professionals are being outgunned. “The cybersecurity programs of U.S. organizations do not rival the persistence, tactical skills and technological prowess of their potential cyberadversaries,” the report says. Attacks are made from all sides, and attempts are constantly being made by criminals and hackers to gain access to intellectual property, private communications and other information assets.

Increasing the effectiveness of these attacks is collaboration among criminals. “The increasing level of collaboration among cybercriminals allows them to compartmentalize their operations, greatly increasing the sophistication of their criminal endeavors and allowing for development of new specialization,” said William Noonam, deputy special agent leading the U.S. Secret Service Criminal Investigative Division. This collaboration is only made easier by the interconnection of billions of Internet-capable devices, from smartphones to automobiles and home appliances.

What Is Cybercrime?

As a relatively new threat, many are unclear as to what exactly cybercrime is. According to the Bureau of Justice Statistics, there are three general categories of cybercrime:

  • Cyberattacks are crimes “in which the computer system is the target. Cyberattacks consist of computer viruses, denial of service (DDOS) attacks and electronic vandalism or sabotage.”
  • Cybertheft refers to crimes in which a computer is used to unlawfully acquire money or other items of value. Examples include “embezzlement, fraud, theft of intellectual property and theft of personal or financial data.”
  • Other computer security incidents include those made through theft of information. They are carried out with the help of adware, spyware, hacking, phishing, pinging, port scanning and more.

INTERPOL states that criminals exploit the “speed, convenience and anonymity of the Internet” to commit these types of crimes. Though the crimes being committed — theft and fraud — are not new, they are made simpler and easier to carry out due to the opportunities presented online.



A Recent History of Cybercrime in the U.S.

“Speed is the essence of war. Take advantage of the enemy’s unpreparedness; travel by unexpected routes and strike him where he has taken no precautions.”

– Sun Tzu, The Art of War

Major cyberattacks are becoming more and more common as these hackers become more skilled. In  2014, four large-scale data hacks have occurred within major U.S. corporations: Target, Home Depot, JPMorgan Chase and Sony. These cybercrimes illustrate the high level of skill that is being cultivated among modern cybercriminals.

Target, Home Depot and JPMorgan Chase Attacks

In December of 2013, hackers gained access to guest credit and debit card information through Target’s website. The attack resulted in the leaking of customer names, mailing addresses, phone numbers and email addresses. Target worked with a third-party forensics firm to investigate the security breach and discovered that it occurred long before it was detected in mid-December. Target was able to close the vulnerable access point and remove the malware that the hackers installed. A similar situation occurred in September of 2014 on Home Depot’s website, affecting almost 60 million customer credit cards.

Even more seriously, in August 2014, cyberattackers hacked into JPMorgan Chase’s information systems and compromised the accounts of 76 million households and 7 million small businesses. This security breach is among the largest ever recorded, according to The New York Times. Because JPMorgan is the largest bank system in the U.S., the financial information it houses in its computer systems is highly sensitive, going beyond credit card details.

The Sony Pictures Entertainment Hack and Global Implications

The Interview Movie Poster
Another highly publicized hack occurred when Sony Pictures Entertainment suffered a large-scale data breach in November of 2014. The information stolen included personal employee data, internal emails, financial information, copies of unreleased films and more. The hackers in this case had a stated agenda: They demanded the cancellation of the release of the film The Interview, a comedy about an assassination plot against North Korean leader Kim Jong-un. When U.S. intelligence officials evaluated the breach, it was alleged that the attack was sponsored by North Korea itself, though the country’s government denied any involvement. That a cyberattack could have repercussions on the international stage indicates the determination and influence of talented hackers, as well as the critical need for highly trained cybersecurity professionals.



The Origins of Hacking

Many use ‘hacking’ to refer to malicious attacks on computer networks, but the actual term for these activities is ‘cracking.’ Outside of academia, it is rare for a distinction to be made between the two terms.

Historically, the term “hacker” referred to clever, non-malicious technical work that was not necessarily related to computers. In fact, a group of engineers from MIT first popularized the term during the 1950s and 1960s, when they completed harmless technical experiments as a way to learn how machines worked. These early hackers were enthusiasts who were primarily interested in modifying and optimizing programs for specific applications. But as the Internet and computer networking became more and more popular, malicious attacks became the norm. No longer satisfied with “benign exploration of systems merely to learn how they worked,” hackers began to use their skills for personal gain.

A Culture Divided

During the 1980s, a turning point occurred in the history of hacking. It was a direct result of the introduction of personal computers by companies such as IBM and Apple. Rather than working strictly within existing networks, hackers could now purchase computers for their own use. This meant that more and more individuals were learning to hack — and a larger number of active hackers created divides within the hacking community. Before this division, essentially all hackers had dishonest motives: to illegally and unethically take control of both computers and networks. However, two distinct types of hackers emerged during the 1990s and still exist today. These “black hats” and “white hats” have very different views of how tech prowess should be put to use.

Black Hat Hackers

Today, “hacker” is a term that can refer to two distinct types of computer users. Black hat hackers, or malicious hackers, are criminals whose common job is to identify vulnerabilities in computer systems and manipulate them for gain. This is the classic definition of a hacker, as it identifies those who purposefully seek to commit theft or vandalize networks. They are gifted but unethical computer experts who seek personal gain. According to AboutTech, black hat hackers are known for the following kinds of cybercrimes:

  • DOS/DDOS attacks that overload servers
  • Attacks that deface websites by hijacking control
  • Theft of individuals’ private information
  • Botnetting, or “taking remote control of dozens of personal computers and programming them as spam botters”

There are many types of these malicious hackers, and each commits its own distinct brand of crime. Professional criminals make up the biggest group of malicious hackers. They use malware and various other exploits for financial gain. Spammer and adware hackers make money through illegal advertising, while advanced persistent threat (APT) agents are well-organized, highly funded groups that want to steal as much intellectual property as possible. This group is different from corporate spies, who usually seek a specific piece of intellectual property or competitive data. Hacktivists are motivated by political, religious or other personal beliefs and seek to embarrass their opponents. Cyberwarriors are employed by city-states and work to disable the military capability of another government. Finally, rogue hackers are those who want to “prove their skills, brag to friends” and engage in unauthorized activities, according to InfoWorld. Also known as “script kiddies,” these are “the petty criminals of the cyberworld.” According to 2013 data from GO-Gulf a leading Web design company, the motives of black hats break down as follows:

Cybercrime - 40%
Hacktivism - 50%
Cyberespionage - 7%
Cyberwarfare - 3%
Ethical Hackers

White hats, or ethical hackers, are one modern answer to malicious black hats. They may be employed by organizations to test computer systems and networks for vulnerabilities. These hackers use the same methods as black hat hackers, but their goal is to fix computer security vulnerabilities and run tests to prevent malicious hacks from being carried out. Although malicious hacking is a crime, penetration testing at the request of the owner of the system or network is not. In fact, these white hats can become Certified Ethical Hackers (CEH), meaning that they take an exam qualifying them to “look for the weaknesses and vulnerabilities in target systems.”



The Demand for Defense

Cybersecurity Professionals on the Front Lines

“It is a doctrine of war not to assume the enemy will not come, but rather to rely on one’s readiness to meet him; not to presume that he will not attack, but rather to make one’s self invincible.”

– Sun Tzu, The Art of War

Though ethical hackers are a source of additional help when it comes to identifying system vulnerabilities, trained cybersecurity professionals are more qualified to protect networks and create secure environments. These experts use a variety of highly technical tools to audit systems — some of which are also used by hackers and cybercriminals. When it comes to security, tools include the following:

  • Firewall analyzers
  • Cracking tools
  • Real-time protection tools
  • Portable anti-virus programs
  • Anti-rootkit tools
  • Sniffing tools

This extensive list of methods available to cybersecurity professionals can be divided into two main categories, according to a recent Forbes article: DDOS mitigation services and email and DNS protection.

DDOS Mitigation Services

DDOS mitigation services enable companies and agencies to prevent distributed denial of service attacks. These services allow websites to recover quickly, as well as preventing these infiltrations from happening in the first place. John Cassidy, branch director of the cybersecurity division at CenturyLink, says that this category of tools is perhaps the most important for organizations of all types. “DDOS mitigation services should be at the top of any organization’s list of required services. [They can] detect attack traffic on the network before it impacts an organization’s infrastructure, [as well as being able to] divert traffic and cleanse it of malicious packets before forwarding it,” he explains.

Email and DNS Protection

Another important type of security service is email and Domain Name System (DNS) protection. The U.S. Department of Homeland Security has provided these protections in the form of Einstein 3 Accelerated (E3A), a program designed for federal civilian agencies, and Enhanced Cybersecurity Service (ECS), which provides crucial protections for critical infrastructure organizations. Services like these “augment … existing security posture and better protect corporate email, DNS and network,” Cassidy says. That the federal government is developing such programs emphasizes the importance of strong cybersecurity measures in today’s tech-driven world.



Impressive Outlook

Cyber Criminal

No matter how useful and high-tech these tools are, however, skilled security analysts are necessary if these tools are to be used effectively to protect companies. It is important for businesses to hire experienced professionals to both monitor networks for attack traffic and work “around the clock during an attack to deploy any available countermeasures to keep sites protected.” This explains why, by the year 2017, the global cybersecurity market is expected to grow to a staggering $120.1 billion.

In fact, the demand for cybersecurity experts is growing at 3.5 times the pace of the overall IT job market — and 12 times faster than the job market overall. Growing concerns about network vulnerability are largely responsible for this demand, with the need for cybersecurity experts growing 73 percent between the years 2007 and 2012. A recent Wall Street Journal article points out that cybersecurity is one of the most “highly sought-after fields in the country, according to the report by Burning Glass International, Inc., a Boston-based [employer services] company.”

Burning Glass CEO Matthew Sigelman describes the demand for cybersecurity talent as “explosive” and points out that big data skill demand is up 122 percent over the past year alone. “As companies are focusing more and more on Big Data and the value that’s accrued within their customer databases, not surprisingly they have also come to focus more attention on managing the risks and vulnerabilities,” he says.

Though defense contractors and IT firms continue to be a major hiring force for cybersecurity professionals, considerable growth is driven by a “more diversified range of businesses, reflecting the widening focus on data by firms across the board.” In fact, Sigelman points out, there has been growth of more than 100 percent in demand for cybersecurity professionals in health care, education and public administration since the year 2007.

Salary Projections

Salary potential for these careers is also impressive. The same Wall Street Journal post states that engineers, analysts, architects and other types of trained cybersecurity professionals averaged $101,000 based on advertised information. This is “well above” the expected salary for IT professionals, which is $86,000, according to the Bureau of Labor Statistics.

Cybersecurity - $101,000
Information Technology - $86,000



Get Started With Russell Sage Online

“What is called ‘foreknowledge’ cannot be elicited from spirits, nor from gods, nor by analogy with past events, nor from calculations. It must be obtained from men who know the enemy situation.”

– Sun Tzu, The Art of War

Now that cyberattacks have become the subject of scholarly research and discussion, more and more colleges and universities are establishing programs of study focused on digital culture and cybersecurity. Russell Sage Online offers both a Bachelor of Science in Information Technology and Cybersecurity program and a Cybersecurity Certificate. These programs are designed to prepare students to become successful cybersecurity practitioners in roles such as:

  • Security analyst
  • Intrusion detection specialist
  • Cryptologist
  • Cryptanalyst
  • Vulnerability assessor

The online undergraduate degree features a comprehensive curriculum in information technology, as well as dedicated cybersecurity courses that provide students with the high-demand skills and knowledge they need for successful cybersecurity careers.

Sage’s certificate in cybersecurity enables students to partner with professionals in business, government and education to design and build cutting-edge security solutions. Graduates from the certificate program will be prepared for industry standard certifications, including Certified Information System Security Professional (CISSP).

Both of these online programs allow students to take their place on the frontlines in the war against all types of cybercrime. Graduates of the program are prepared to be practitioners in the field, armed with relevant, applicable knowledge grounded in a practical, hands-on curriculum. As Cassidy puts it, “Cybersecurity needs to be ingrained in the everyday culture of the workforce. This can be accomplished via education, training and awareness.”


Russell Sage Online

To learn more about the online cybersecurity programs available at Russell Sage Online, visit our program pages. For information on the cybersecurity industry, certifications, careers and more, look for our upcoming piece, On the Frontlines: Your Guide to the Cybersecurity Workforce.

^ Back to Top