The History Of The Securing System

Published Date: 02 Nov 2017

Live Free or Die Hard is a 2007 American action film and the fourth in Die Hard series. The film was directed by Len Wiseman. The name of the movie was adapted from New Hampshire’s state motto "Live free or die". The film was based on the 1997 article "A Farewell to Arms" written for Wired magazine by John Carlin.

Movie Summary:

The United States Federal Bureau of Investigation (F.B.I.) reacts to security breach at their Cyber security division by tracking down country’s top computer hackers, only to find several of them have been killed. F.B.I. starts to take hackers in their protective custody. In process, F.B.I. asks New York Police Department (N.Y.P.D.) detective John McClane to bring New Jersey computer hacker Matthew Farell. John McClane reaches just in time to save Farell from group of assassins hired by a former U.S. Defense Department analyst Thomas Gabriel and his love interest Mai. On their route to Washington D.C., Farell explains to McClane that he was written a portion of security code for a large sum of money from Mai.

As they arrive in Washington D.C., Gabriel orders his group of computer hackers to take control of transportation grids, stock market and eventually national broadcast system. Farell explains this attack as a "Fire Sale", a three staged coordinated attack. The first stage of attack consists of shutting down traffic signals, transportation to send general public into chaos and making road inaccessible for emergency services. The second stage of attack consists of shutting down financial system of a country such as stock market. The third stage of attack consists of shutting down telecommunication sector and anything that requires power source making a country extremely vulnerable. Gabriel initiates a broadcast showing an explosion of the U.S. Capitol building sending public into panic.

Farell thinks that next target of "Fire Sale" could be a power grid so McClane and Farell drives to a power station in West Virginia only to find Mai and her assassins have taken control of power station killing everyone in a power station. However, McClane manages to kill Mai and her assassins and sends information about Gabriel to F.B.I. Infuriated Gabriel uses remote control of the power station to redirect gas supply into it but McClane and Farell manages to escape before the station explodes. Farell takes McClane to his fellow hacker Fredrick. Fredrick recognizes the piece of code Farell has written was meant to access data at a Social Security Administration which is a front for a U.S. National security Agency which was designed by Gabriel himself to download all personal and financial records in case of cyber security emergency. Gabriel finds Frederick is trying to break into his system so he communicates with them and reveals that he has kidnapped McClane’s daughter Lucy.

McClane and Farell go to the Social Security Administration building where McClane fights with Gabriel’s men. Farell finds that Gabriel is downloading all personal and financial records into a portable computer system so he encrypts the data after download is completed. Gabriel men capture Farell and escapes with him and McClane’s daughter Lucy. With McClane behind them, Gabriel hacks into U.S. Marine’s computers to deceive a pilot into believing that McClane is a terrorist. However, McClane manages to escape the attack and makes his way to a nearby warehouse where he kills Gabriel and his men before F.B.I. arrives in a scene.

Cyber-attacks:

Cyber-attack is the act of obtaining classified information from individuals, rival, government and enemies for economic and political advantage using different exploitation methods like internet, network, etc. Cyber-attack is mostly done by exploiting vulnerability in the system that could lead to disruption of communications and transportation sectors. Computer system are hacked by different ways like introducing viruses to computer networks, DOS attack or DDOS (Distributed Denial of Service) attacks, website defacing, social engineering, spoofing etc.

Computer hacker is basically defined as someone with advanced knowledge of computers and computer networks who exploits weakness in a computer system or network to either improve security or use it for personal gain. Computer hackers are classified into different groups according to their activities. White hat hacker also known as ethical hacker is an individual who performs various tests in their own system to close down vulnerability in order to improve security of their system. Black hat hacker is a illegal hacking groups which breaks into computer networks for malicious purpose or for personal gain. Grey hat hacker is a combination of Black hat hacker and White hat hacker. Grey hat hacker exploits security in computer networks and system and notifies the administrator or company about vulnerability and sells them for certain price.

Hacktivist is a hacker who hacks into system to send a social, religious or political message. This fom of hacking is also known as Hacktivism. Hacktivism is the use of illegal digital tools in the pursuit of political ends. Hacktivism mainly involves website defacement, informational theft, denial of service attacks, etc. Anonymous and LulzSec are one of the best examples of Hacktivist group. Anonymous and LulzSec are computer hacker group that claimed responsibility for several high profile attacks. With a joint effort from Anonymous, LulzSec and other hackers, they launched Operation Antisec which involves a series of a hacking attacks in cooperate house and government websites.

Cyber-attack has not been all about group of hackers against government or individuals. There is also politically motivated hacking to damage and spying on other countries network by government themselves, also termed as Cyberwarfare. U.S. government security expert Richard A. Clarke, in his book "Cyber War", has defined Cyberwarfare as "actions by a nation-state to penetrate another nation’s computers or networks for the purpose of causing damage or disruption". Some of the notable examples of Cyberwarfare are "Stuxnet" and "Flame". Stuxnet is a computer worm discovered in June 2010 that is believed to be created by United States and Israel to attack Iran’s nuclear facilities. Stuxnet initially spreads via Microsoft Windows and targets Siemens industrial software and equipment. It is the first discovered malware that spies on industrial systems. Flame is a computer malware that was discovered in 2012 that attacks computers running the Microsoft Windows operating system. The program is being used for cyber espionage in Middle Eastern countries. It can record audio, screenshots, keyboard activity and also record Skype conversations and can turn infected computers into Bluetooth beacons which attempted to download contact information from nearby Bluetooth enabled devices.

Securing system:

Vulnerability is a system weakness that allows an attacker to access and capability to exploit the flaw. To exploit vulnerability, an attacker must have at least one applicable tool or technique that connects to a system weakness. Vulnerabilities have been found in every operating system including Windows, Mac, Linux and others. Vulnerabilities are related to hardware, software, security measures within the organization and management. The only way to reduce vulnerability is through constant observation of the system including applying software patches, use of firewalls and access controls.

Network security involves the authorization of access to data in a network which is controlled by the network administrator. Networks are subject to the various forms of attacks from malicious sources like DOS attack, spoofing, SQL injection, wiretapping, buffer overflow, etc. Network security starts with authentication of the users involving various form of authentication like fingerprints, pin code, retinal scan, username and passwords. Once authenticated a firewall enforces access policies to the users in order to prevent and monitor unauthorized access and misuse. To prevent malware, rootkits, Trojans, etc. to spread through networks, antivirus software and intrusion prevention system should be installed for detection and removal of such malwares.

Cyber security standards are general outlines or techniques for implementing cyber security. Since most of the sensitive data are stored on the computer or stored online so cyber security is important to protect proprietary information and guard against identity theft. Cyber security standard enables organizations to enable best security practices to avoid cyber-attacks. One of the most widely used security standards today is ISO/IEC 27002 which started in 1995.

Source:

http://en.wikipedia.org/wiki/Cyber_security_standards

http://en.wikipedia.org/wiki/Vulnerability_(computing)

http://en.wikipedia.org/wiki/Cyberterrorism

http://deletionpedia.dbatley.com/w/index.php?title=Fire_sale_%28attack%29_%28deleted_17_Jul_2008_at_22:49%29

http://en.wikipedia.org/wiki/Cyberwarfare

http://en.wikipedia.org/wiki/Hacker_(computer_security)

http://en.wikipedia.org/wiki/Stuxnet

http://en.wikipedia.org/wiki/Flame_(malware)

http://en.wikipedia.org/wiki/Hacktivism

http://en.wikipedia.org/wiki/Anonymous_(group)

http://en.wikipedia.org/wiki/Lulzsec

http://en.wikipedia.org/wiki/Operation_AntiSec

http://en.wikipedia.org/wiki/Live_Free_or_Die_Hard

http://www.wired.com/wired/archive/5.05/netizen_pr.html

http://en.wikipedia.org/wiki/Network_security