Introduction
Nowadays, it is hard to imagine human life without the Internet. It has become not only an essential part of everyday life but also a way of living and thinking. The dependence on the Internet and the intention to stay online as much time as possible is the issue that is discussed from several perspectives. The existing computer’s holding power is one of the most challenging phenomena that could be even compared to drug addiction.
Various telecommunication companies and Internet providers usually perform the role of drug dealers. Still, similar to drug dealers, telecommunication companies and other providers could not promote safety for all their customers and the users of their services. In this paper, the question of cybersecurity and the current ethical, strategic, and legal aspects will be discussed based on the case study about Deutsche Telekom and its September 2012 DDoS attacks.
Modern hackers and online terrorists can use different methods and techniques to infect web pages and make sure such infections get personal computers or organizational computer systems and destroy the material or make it available to other people.
Cybersecurity is the way of how to protect people against hacking some important, personal data, privacy abuses, constant network outages, and viruses and threats that could affect human lives. The example of Deutsche Telekom proves the importance of the development of cybersecurity programs and strategies to protect users and their interests. This paper helps to understand the essentials of cybersecurity and its abilities to provide people with safe conditions for using Internet sources and the information on how to deal with online threats and inconveniences.
Cyberspace as the Place for Living
During the last several decades, people made numerous attempts to improve social, economic, and entertainment spheres with the help of the Internet. Cyberspace turned out to be the place where people could create new industries, promote communication, and introduce new ways of information exchange. People got numerous opportunities to change and challenge their lives, use various methods to find, store, and share the information, and develop their skills in different directions.
On the one hand, cyberspace has to be considered as an amazing opportunity to increase awareness and destroy the boundaries of people’s possibilities. On the other hand, cyberspace is as vulnerable as any system people could use in their work due to some intentional or unintentional omissions or mistakes. In other words, the bigger the system used by people is, the bigger and more serious problems and risks could occur.
At the same time, cyber risks could also be intentional and unintentional. There are designers, who could make some mistakes that lead to problems like the loss of information or making the information available to all people. There are also such people as hackers or system attackers, whose goals are to steal the information that remains to be confidential, to make some illegal financial transactions possible, or to change the facts to help a certain group of people to benefit.
Cyberspace is just another place for living where laws, crimes, and punishment cannot be neglected. People, who decide to share their information online, to store some data within the cyberspace, or to use the Internet as the main means to work, have to be careful and take as many precautionary steps as possible.
Story of Deutsche Telekom
Unfortunately, the maturity of online hackers and attackers cannot be estimated. People could demonstrate their achievements in the spheres they are hardly connected with. Besides, the goals and outcomes of cyber attacks cannot be specified and explained all the time. The example of Deutsche Telekom helps to clarify the peculiarities of cyber attacks and the worth of cybersecurity, especially at large telecommunication companies.
Deutsche Telekom is one of the well-known communication organizations that aim to provide 156 million mobile customers with mobile communications, Internet products, and services, and communication technologies that help people to make the right solutions and gain benefits.
The peculiar feature of this company is its attention to its corporate values. The company develops customer-oriented policies that include the attention to people’s emotions, needs, and experiences, respect initiative used in regards to customers, colleagues, shareholders, etc., and cooperation culture that is based on team decisions, employee motivation, and personal commitment. Telekom’s infrastructure consists of the Internet-related communications that could promote economic damage to the company and its customers.
The situation happened on September 3, 2012, when the DNS (Domain Name System) was attacked three times per two days. The first attack occurred at 4 p.m. The DNS was out, but the chosen DDoS defense tools helped to mitigate the outcomes. At 6 p.m., the same day, the attack repeated with the help of new modified packet structures to predict the work of the company’s defense. The system was improved by September 5.
However, that day, the third attack took place with no harm to the DNS because of the properly organized protection by the defense tools of the company. The BSI (the Federal Office for Information Security) was informed in a short period. Still, its representatives were not able to clarify the reasons for such attacks and the possible development of the events. Therefore, the thought that hackers just tried to check their possibilities was offered and approved.
Such an example proved that cybersecurity is a very delicate issue. It could be created and modified for several years and broken in several seconds. At the same time, people may promote the improvements of cybersecurity and offer strategies and policies with the help of which this kind of security could become better and stable.
Types of Cyber Attacks and Their Impact
To discuss cybersecurity strategically, it is necessary to understand what types of cyberattacks could be dangerous for people, what reasons are used to explain the nature of attacks, and what methods help to predict or overcome the outcomes of attacks.
Cybersecurity aims at preventing, predicting, and dealing with cyber attacks that could gain some forms nowadays. Millions of European people and citizens worldwide face cyber attacks day by day. Ulsch describes cyber attacks as the best examples of a perfect storm that could bother the world in a short period, and the consequences of which could be hardly predicted or controlled.
Cyber attacks could be of different forms: unauthorized threats (when hackers use various cracking techniques to get to the computer system and steal/take/use/make public the information stored), computer viruses (when a program spreads via the Internet, e-mail, and other means of the information exchange and influences the work of the computer and its functionality), and denial of service, also known as DoS attacks (when a tool is used to influence the work of a computer system of a communication organization or organizations and to make people overload the system for a couple of times).
Each attack has its developers and characteristics. Some attacks could be properly developed and planned that the most effective defense tools could hardly deal with the outcomes. Some attacks remain to be just the possibilities to change the work of a system. The example of Deutsche Telekom is the example of the DoS attack, the most frequently used types of threats spread online. DoS attacks aim at limiting or halting normal services.
Today, people have several options to protect themselves against computer viruses and unauthorized threats. For example, people choose passwords and login details that could hardly be predicted or understood. Anti-virus software could be bought or installed for free independently. DoS attacks have a different nature. Those people, who choose this type of attack, try to prevent users from accessing the required information or services, websites, email, online accounts, etc. Properly installed firewalls could be the solutions to such threats. Still, the reasons for attacks could vary considerably, and defendants have to investigate them thoroughly to succeed in cybersecurity.
Reasons for Cyber Attacks
Cybersecurity includes the necessity to investigate and analyze the reasons for why people may want to attack in cyberspace and destroy the systems people use to improve their lives and their lives of society in general. The explanations include some economic impacts, political motivation, personal entertainment, or even socio-cultural roots. The case of Deutsche Telekom shows that, sometimes, even the representatives of such serious and properly developed organizations like the BSI could not give a clear answer to why a cyber attack takes place and what could motivate people to break systems and continue making attempts.
The actions of cyber-attackers could be inadvertent without harmful intentions, inaction with a possibility of harm because of poor awareness, lack of skills, or wrong guidance, and deliberate when the intentions include to do harm and to achieve certain purposes like disrupting, taking control, frauds, blackmail, fund, or curiosity.
The essence of Cyber Security
Cybersecurity is one of the most important factors for consideration among communication organizations and companies that aim at providing people with Internet services. The developers and supporters of cybersecurity admit that the majority of threats come from the Internet and the possibility of cracking the system in a short period. The majority of cyber attackers use the fact that there is no security system in its absolute sense and develops its activities to prove or disprove this fact. Cybersecurity is the number of steps that are taken to understand the behavior of attackers and the possible forms of attacks that could be used to change the ordinary work of a system or prevent a certain group of people from using the necessary system.
All telecommunication companies and organizations that aim at providing people with the possibilities to share the information online, to store the required portion of the material, and to plan some activities that should not be exposed to the public for a certain period cannot neglect the need for cybersecurity. In other words, cybersecurity is the possibility to prevent data from being used in the wrong way and protect data from being destructed or changed. For example, CERT is the cybersecurity program with the help of which Deutsche Telekom could manage security on the local and international levels. CERT helps to protect the organization and all its customers from the existing variety of dangers that could come from the Internet.
Regarding the possibilities of companies to improve their cybersecurity, it is possible to say that cybersecurity includes the ideas of management, the development of strategic steps, audits of cases, and vulnerability scanning. Many people, who plan to become the customers of certain communication companies, want to clarify if the employers provide all its clients with cybersecurity and what methods are used to achieve a safe exchange of information. So, it is possible to say that cybersecurity is a merit telecommunication companies have to demonstrate properly.
Legal Aspects of Cyber Security
Cybersecurity is the way of how people could feel safe and control in their cyberspaces. Such an explanation makes a comparison between real-life conditions and the conditions of cyberspace possible. Because laws and policies existed in the real-world to protect the rights of people and to promote the standards and rules people have to follow, similar laws and policies have to exist in cyberspace and touch upon the issues of cybersecurity and its impact on people.
The existence of certain legal aspects of cybersecurity helps to prove that malicious and criminal attacks ordinary people could suffer from being frequent users of the Internet could be controlled and prevented. In Europe, there is the Council of Europe Convention on Cybercrime and other frameworks that aim at creating the standards and rules to be followed and defining the boundaries to understand the territorial jurisdiction.
Proper legislation is not an easy task to be achieved because it is necessary to create a common and definite system that covers all aspects and outcomes of illegal activities. Besides, the recognition of legal aspects is challenged because of the necessity to take time to recognize the potential abuses and compare them with the current technological opportunities and the conditions of the national criminal law. Therefore, legal issues of cybersecurity cannot be identified in Europe because people have to work and investigate the latest achievements and create the protective means to make sure that citizens and users of the Internet cannot suffer from Internet hackers and attackers.
Roles of the Government and Other Bodies in Cyberspace
The role of the government in cybersecurity remains to be crucial because of two main reasons. First, the government is the body that takes responsibility for all regulations and frameworks to make sure that companies, including telecommunication organizations, could protect their systems and provide people with safe and high-quality services. Some people cannot still come to the same conclusion about the role of the government in cyberspace.
Therefore, numerous discussions and polemic concerns are raised on this topic. On the one hand, the government promotes cybersecurity on the national and international levels. On the other hand, the government should not be involved in cyberspace where people try to avoid the boundaries and regulations. However, when people suffer from the results of the work of computer viruses or hackers, people try to address the government and find the solutions to their problems and the possibilities to protect or change their personal information that could be available online.
The role of politicians has to be discussed in terms of cyberspace and the possibilities to promote cybersecurity to all Internet users. The politicians decide whether there is an importance of bills to protect people against online hackers and make the regulations work for people. If politicians are not interested in cybersecurity, it could be hard to prove the opposite position. However, millions of people do not want to see politicians to be involved in cyber practice because they believe that such control could deprive them of their rights and freedoms. Therefore, several political representatives face a challenge when they develop their attitudes toward the idea of cybersecurity.
Cyber Security Strategies
Each country introduces its unique approaches to prove that the questions of cybersecurity are discussed and solved by the government. For example, the case study under consideration shows that Deutsche Telekom used the services of BSI to find out the attackers and their intentions. In Germany, the government supported the strategy that is based on the cooperation between the National Center for Cyber Defense, the BSI, the BND, and even the MAD that promotes the identification of the aspects of national security. The strategies developed by these organizations help to detect and prevent cyberattacks by any possible (still safe for ordinary users) means.
In the United States, there are some governmental and federal organizations including the United States Department of Justice and the FBI that take responsibility for the promotion of cybersecurity and the identification of the goals and possibilities people could have as the users of the Internet. As a rule, when people become users of the Internet and decide to share their personal information online, they have to realize that cyber attacks cannot be controlled even by the most powerful firewalls. Therefore, people should take personal responsibility for their intentions to share their information and confidential information about other people.
Therefore, cybersecurity should not be about some technological achievements, anti-virus software, and effective firewalls only. Cybersecurity is the ability of people to filter their information and make decisions that could protect their lives and the lives of their relatives.
Conclusion
In general, cybersecurity is the question that has to be discussed all the time because people should understand their needs, compare the current technological achievements, and consider the regulations set by the government. Cybersecurity is the thing several people strive to get. However, such cases as the attacks Deutsche Telekom experienced in September 2012 proved that cybersecurity cannot be promoted to people with 100% guarantees because the goals and intentions of cyber attackers and hackers cannot be understood and prevented.
Some people would like to check their skills and knowledge, and some people would be eager to earn money on stealing the information online. There is one suggestion that could be given to all people, who want to learn more about cybersecurity and its effects on human lives: if there is a possibility not to share some private information online, it should be used.
Bibliography
Franceschetti, Giorgio, and Marina Grossi. Homeland Security Threats, Countermeasures, and Privacy Issues. Norwood: Artech House, 2011.
Han, Chen, and Rituja Dongre. “Q&A. What Motivates Cyber-Attackers?” Technology Innovation Management Review. Web.
Kostopoulos, George. Cyberspace and Cybersecurity. Boca Raton: CRC Press, 2012.
Reveron, Derek S. “An Introduction to National Security and Cyberspace.” In Cyberspace and National Security: Threats, Opportunities, and Power in a Virtual World, edited by Derek S. Reveron, 5-16. Washington: Georgetown University Press, 2012.
Shackelford, Scott J. Managing Cyber Attacks in International Law, Business, and Relations: In Search of Cyber Peace. New York: Cambridge University Press, 2014.
Telekom. “Introducing Deutsche Telekom CERT.” Web.
Telekom. “Leading European Telco.” Web.
Telekom. “The Company Values of Telekom.” Web.
Turkle, Sherry. Life of the Screen. New York: Simon and Schuster, 2011.
Ulsch, MacDonnel. Cyber Threat!: How to Manage the Growing Risk of Cyber Attacks. Hoboken: John Wiley & Sons, 2014.
US-CERT. “Understanding Denial-of-Service Attacks.” Web.