Report some of the recent cybersecurity attacks, discuss the evolution of the threats and attempts for regulatory oversight coming from the European Union, the United States and Qatar. Does Qatar need to revamp its cybersecurity regulation? if so- indicate what measures should be taken and how.
Use the 5 sources below and other academic sources and journals.
• Qatar National Cyber Security Strategy , available at: https://www.motc.gov.qa/sites/default/files/national_cyber_security_strategy.pdf
• Cyber Crime Prevention Law in Qatar, AL TAMIMI & CO, available at: https://www.tamimi.com/law-update-articles/cyber-crime-prevention-law-in-qatar/ . See unofficial English translation at: http://chato.cl/blog/files/QatarCybercrimeLaw_unofficial_translation.pdf .
• Cyber Attack on the Qatar News Agency. Fake News, Cyber War, and an Attack on International Norms of Sovereignty, available at: https://qataramerica.org/projects/cyber-attack-qna/.
• The European Cybersecurity legal package, overview available at: https://ec.europa.eu/digital-single-market/en/policies/cybersecurity [focus on the NIS Directive].
• The US Cybersecurity legal package, overview available at: https://www.appknox.com/blog/united-states-cyber-security-laws .
Recent Cybersecurity Attacks
Cybersecurity attacks involve attacks launched through a computer system to another, multiple, or network systems. The rise of cybersecurity attacks in the past decade has been linked with the advancement in technology and the wide use of digital media that has enabled attackers to gain advantages through sophisticated cyber-attack tools. The cases involving cybersecurity attacks that have recently occurred had been related to massive data breaches, crypto-jacking, and flaws in microchips, with most of them aiming to access target systems data, gain control, ransomware, or knock the target system offline.
Some of the recent cybersecurity attacks include the Capital One breach that occurred in July 2019, when the online based-banking company was hacked, and data were stolen. The data breach resulted in the loss of sensitive information of Capitol One that included thousands of credit card applications that comprised of customer personal information such as social security number and date of birth. Although the attack did not extend to compromising the bank numbers, the company reputation was damaged and had to offer credit monitoring to the affected customers. After system investigation, it was found that the attacker who was letter caught, had exploited the vulnerabilities in the Capitol One’s AWS server that had not been configured properly.
Another recent cybersecurity attack involves LinkedIn, where attackers applied social engineering attacks that saw more than 165 million user accounts affected. LinkedIn is a social network platform that offers business professionals a means of conducting a variety of activities, including advertising jobs, advertising their experts, and as a recruitment avenue. The company in 2012 announced that more than six million unassociated passwords had been stolen and posted on a Russian hacker forum. The attack had extended to 2016 when a hacker was found selling MySpace’s data, including email addresses and passwords. The company acknowledged that around 165 million users had been affected, and the attack was stopped by resetting all affected accounts passwords. Another recent cybersecurity attack noted is a ransomware attack on the United States Customs and Border Protection/Perceptics. The attacker was able to breach the server of the company gaining access to sensitive data only to demand a ransom. The attacker went to expose the data on the dark web after the executive had failed to pay the demanded ransom. The attack was facilitated through Perceptics, a contractor that was contracted by the United States and Canadian government departments to provide border license plate scanners. The data acquired by the attacker from the Perceptics’ servers that belonged to the United States Customs and Border Protection agency (CBP) was found to have been on the servers in violation of government policy. Failure of Perceptics to meet the attacker demand resulted in the exposure of sensitive information regarding U.S government cars and drivers.
Evolution of the Cybersecurity Threats
The evolution of cyber threats have developed from less complex and less sophisticated attacks that were on the level of disruption to very complex and highly sophisticated attacks that are on the level of world without trust. Since early 1990s, the cybersecurity threats have started to evolve on a higher rate due the advancement in technology. The cybersecurity threats evolution include computer virus and malware that emerged in 1988. The virus targeted computer software affecting over 60 million computers worldwide. The malware were used to snoop users’ activity. In 2000s, the threats evolved to include distributed-denial-of-service (DDoS), slamer worm, and mydoom. DDoS attacks involve software being used to infect host computers from attackers to take control. In 2000, DDoS was used to launch attacks on several website including Yahoo, CNN, eBay, and Amazon. Slammer worm is used as a DDoS attack, which slows down the internet traffic. Mydoom, which is spread via spam have the ability to steal email addresses on the infected machine.
Since 2007, the level of threats went up from cybercrime to cyber espionage. Some of the threats cyber espionage level includes Trojan, which have the capability of taking advantage of technologies used to ensure trusted digital communication. With the evolving of Trojan, more attackers were able to target banking sectors, transportation sectors, and government departments. The treats continued to evolve and by 2010 they had gone beyond the level of cyber espionage to world without trust. The world without trust threat level involves direct attacks that are both relatively and highly sophisticated. Some examples of the threats include advanced scanning, denial of service (DoS), keylogger, and packet spooling. Cybersecurity threats continue to evolve, with most recent ones such as bots, malicious codes, and morphing indicating that more sophisticated threats are aligned in the future.
Cybersecurity has been a concern for governments and non-governmental organizations for more than a decade. The growth that has occurred in the last two decades in terms of information technology and E-commerce sectors on the global level has provided an opportunity for cyber-crimes to increase. Each country worldwide continues to develop a mechanism in attempts for regulatory oversight to prevent a high level of cybersecurity threats nationally. The regulatory oversight discussed in this paper includes those from the European Union, the United States, and Qatar.
The European Union
The European Union engages in different strategies to promote cyber resilience as its prosperity and continues online economy depends on the security of information systems and networks. One of the measures put in place by the EU is the Network and Information Security Directive (NIS Directive), which was prosed in February 2013 by the European Commission and European Union Cyber Security Strategy and adopted in July 2016. NIS directive becomes the first EU legislation piece on cybersecurity. The legislation seeks to ensure high common information and network security levels across the EU by providing legal measures to be applied in boosting the overall cybersecurity level. The NIS directive’s main aim is to achieve a minimum harmonization through various regulations. An example of the regulations provided by the NIS directive is the obligation of all states in the EU to put in place possible measures to maintain a minimum level of cyber-capabilities nationally.
In the efforts to increase regulatory oversight, the EU has set up NIS competent authorities and instituted the Computer Emergency Response Teams (CERTs), which has the responsibility of monitoring domestic private enterprises’ security and reporting requirements for improving network and information system security within private sectors. The NIS competent authorities and CERTs operate in collaboration with other European counterparts including the European Union Computer Emergency Response Team (CERT-EU), and the European Network and Information Security Agency (ENISA). The EU has also implemented the Commission’s blueprint that provides measures that can be applied in the event that a large scale cross-border cyber crisis occurs. Some of the forms suggested by the blueprint that can be used to respond to cybersecurity include conducting a joint investigation to identify the technical cause of the incident, developing mechanisms that organizations can use to assess the impact of the incident, and jointly deciding the framework best for responding to malicious cyber activities.
The United States
The increase in the number of cybersecurity attacks in the United in the last two decades has resulted in the country developing more legislation for governing cybersecurity of networks and information systems. The increase of cybersecurity attacks is based on the digitization that has been witnessed in the healthcare sector, financial industry, SMEs, and other sectors, resulting in an increase of cases from 157 million in 2005 to more than 780 million data breach cases by 2015. The cybersecurity regulations and laws in the United States are developed with the objective of ensuring they force organizations and individuals to protect their systems and information from common attacks, including Trojan, viruses, denial of service (DoS), phishing, control system attacks, and access attacks. Some of the cybersecurity regulations in the United States include the Consumer Privacy Protection Act of 2017 that aimed to ensure the personal information security of customers is adhered to by organizations. The Act was also to ensure identity theft is avoided, to protect sensitive information of customers from being misused and updating organizations and citizens regarding security breaches. Other regulations in the United States include the Health Insurance Portability and Accountability Act (HIPAA) of 1996, the 1999 Gramm-Lean Bliley Act, and the Homeland Security Act of 2002 that incorporated the Federal Information Security Management Act (FISMA).
Federal laws that have been recently introduced by the federal government to support the security system include the Cybersecurity Information Sharing Act (CISA) of 2015, which aims at improving the US cybersecurity by allowing information sharing regarding security threats between the US government and manufacturing and technology enterprises. The Cybersecurity Enhancement Act, which was enacted in 2014, support the improvement of cybersecurity through voluntary public-private partnership in conducting public awareness, education, and research and work development for cybersecurity. Another recent federal law is the 2015’s Federal Exchange Data Breach Notification Act, which requires each individual t be notified in the event that a data breach on their personal information occurs. National Cybersecurity Protection Advancement Act, also enacted in 2015 as an amendment of the Homeland Security Act of 2002, allowing the national cybersecurity and communication integration center (NCCIC) of the DHS to include information sharing, tribal governance, private entities, and analysis centers as part of its non-federal representatives. The cybersecurity regulations and laws in the United States have also been developed at the State level.
According to a new report, Qatar high internet connectivity with about 96% of households connected to the internet now. The connectivity rate in Qatar has made it among the best in internet connectivity among developing countries. The connectivity rate in Qatar has made it among the best in internet connectivity among developing countries. The internet has increased the ability of innovative start-ups and an increase in legitimate digital content solutions and services. However, the high internet connectivity in the country has resulted in a high rate of cybercrime. Qatar, as other countries have also put in place regulations and laws in attempts for regulatory oversight. Qatar promulgated a cybercrime prevention law (No.14 of 2014), which provided sanctions and penalties for breaching the stipulated regulations in the law. The purpose of the cybercrime prevention law was to safeguard Qatar’s technological infrastructure and strengthen cybersecurity within the country.
However, despite the existence of the cybercrime prevention law No. (14) of 2014, Qatar still needs to revamp its cybersecurity regulations. The increased evolving environment provides challenges to Qatar’s existing regulations resulting in difficulties in Qatar’s innovation and competitive ability in the global economy. The measures that should be conducted by Qatar to revamp its cybersecurity regulations include focusing on security initiatives such as National Information Assurance Policy, Critical Infrastructure Protection (CIP) programs, and training and awareness to ensure all sectors regarding cybersecurity are well covered to enhance the development of robust cybersecurity regulation. Qatar should also establish a legal and regulatory framework that supports safe and vibrant cyberspace. This can be achieved by increasing the capabilities to combat cybercrime, building and maintaining strong international relationships for cybersecurity norms, and developing and maintain a professional cybersecurity force work.
Belani Gaurav, Cybersecurity Threats to Be Aware of in 2020, IEEE, 2020. https://www.computer.org/publications/tech-news/trends/5-cybersecurity-threats-to-be-aware-of-in-2020
Swinhoe Dan, The biggest data breaches of the 21st century, CSO, 2020. https://www.csoonline.com/article/2130877/the-biggest-data-breaches-of-the-21st-century.html
Fruhlinger Josh, What is a cyber attack? Recent examples show disturbing trends, CSO, 2020. https://www.csoonline.com/article/3237324/what-is-a-cyber-attack-recent-examples-show-disturbing-trends.html
Al-Khatib Talal, 30 Years of Cyber Attacks: An Ominous Evolution, Seeker, 2016. https://www.seeker.com/30-years-of-cyber-attacks-an-ominous-evolution-1770747423.html
Webb Gregory, Infographic: Evolution of Cyber Attacks, VENAFI, 2013. https://www.venafi.com/blog/infographic-evolution-of-cyber-attacks
The European Commission, Commission Recommendation (EU) 2017/1584, Official Journal of the European Union, 2017. https://eur-lex.europa.eu/eli/reco/2017/1584/oj
van der Meulen Nicole, Eun A Jo, and Stefan Soesanto, Cybersecurity in the European Union and Beyond: Exploring the Threats and Policy Responses, European Union, 2015. https://www.europarl.europa.eu/RegData/etudes/STUD/2015/536470/IPOL_STU(2015)536470_EN.pdf
European Commission, Cybersecurity, 2020. https://ec.europa.eu/digital-single-market/en/policies/cybersecurity
Singh Hardeep, A Glance At The United States Cyber Security Laws, Appknox, 2016. https://www.appknox.com/blog/united-states-cyber-security-laws
Qatar National Cyber Security Strategy, 2014. https://www.motc.gov.qa/sites/default/files/national_cyber_security_strategy.pdf
Alhout Ra’ed, Cyber Crime Prevention Law in Qatar, AL TAMIMI & CO, 2014. https://www.tamimi.com/law-update-articles/cyber-crime-prevention-law-in-qatar/
Law No. (14) of 2014, Promulgating the Cybercrime Prevention Law
Nandikotkur Geetha, Qatar’s National Cybersecurity Strategy, Information Security Media Group, 2015. https://www.careersinfosecurity.asia/qatars-national-cybersecurity-strategy-a-8297