I need someone to look over and read the main feedback and add more to the paper.
Hi, The paper is generally well written and formatted. It would improve, if you had the subtitles more clearly defined: Introduction, Analysis of Three Trends, Analysis of One Emerging Trend, and Conclusions. I don’t see your in-depth analysis of an Emerging Trend. Please consider updating and re-submitting. Project 2: Top Trends in Cybersecurity University of Maryland Global Campus Introduction: People nearly everywhere in the world have access to the Internet. The Internet is such a robust tool because it can bind us to people in various parts of the world. Because of the opportunities of getting access to the Internet, we see a massive rise in technology. In the last decade, data defense has been a significant problem in the field of technology. Today, our world is afflicted by so many cyberattacks that every company, including government institutions, hospitals, colleges, financial institutions, telephone providers, and other major companies like eBay and Amazon, are linked to the global network. Today, using handheld devices such as mobile phones, tablets, and notebooks can access the Internet conveniently. We get much sharing across these computers through various apps, which puts us at risk of getting our private information out there. Primarily, mobile phones, which we carry easily via these little gadgets, seem to store too much knowledge about it. How do we secure the personal data we have in our mobile phones, smartphones, notebooks, and even smart TVs? Cybersecurity is a body of infrastructure, procedures, and activities intended to secure networks, devices, systems, and data from threats, disruption, or unauthorized access. Findings: The top developments I will discuss in this paper include phishing attacks, ransomware, and unpatched security vulnerabilities and bugs. It all starts by not keeping the systems updated. By not keeping the systems updated can cause exposure to those systems. People do not correct for many reasons, but mainly I see it because some companies have legacy laptops, and if they update most up-to-date OS, their systems won't work correctly, or the software's that they have won't be able to be used. While the laptop is not getting updated and outdated, people still check the emails and click on links that they probably shouldn't have; by clicking the link how you have an issue with ransomware. Companies try to save money, but how much will that company lose if their systems get hacked? Trend 1 – Phishing Attack: Phishing is an online identity hack that attempts to steal personal information from victims, such as username, password, and online banking data. So essentially, phishing is a cyber-attack that typically happens in the form of an email. The email includes a connection or attachment that you need to download. Much of the time, these emails look like a legitimate email from a company or even a real person on your contact list. Phishing emails have been quickly detected in the past, but that is no longer the case. Cyber attackers have become much more advanced with their attacks and have found it impossible to classify them. There are so many famous phishing scams that have made headlines. One of them is when the hackers tried to get John Podesta to send his Gmail address. Phishing attacks are quickly carried out because they only allow users to click on a bogus connection attached to their account. The following shows a typical attempt at a phishing scam: Apparently, the spoofed email from my university.edu is sent to as many faculty members as possible. The email says the user's password is about to expire. Instructions are issued to go to my university.edu/renewal to update your password within 24 hours. Nowadays, hackers can make any website look alike. That is why you would want to go directly to the website instead of clicking the link. Trend 2 – IoT Ransomware: One of the main issues we have noticed on the network today is IoT ransomware. First, IoT stands for the Internet of Things. IoT ransomware is a growing area of concern. The IoT ransomware definition is basic. This means that every mobile computer of yours that is corrupted with a virus encrypts your files before you pay a fee for access to the device. Devices like your machine, mobile phone, smart TV, a smart refrigerator will theoretically be a hack, and the only way to unlock them is by paying a ransom. In most situations, the hacker would give you step-by-step directions about paying them the money they are looking for. When more and more electronics link to the Internet, they are all too vulnerable to ransomware. You can hack the best of any electronics you possess. Here are some rules that can be followed and applied. Do not use default passwords. When you receive a new system, manufactured has its password, but it should be changed after getting the device. However, many machines nowadays have it on one time password and now an actual default password. Ransomware's been around for a while now. It's ransomware that blocks entry to the files by encrypting them and selling you the decryption key to give you back access to the files. IoT ransomware is relatively new to us. Trend 3 – Unpatched Security Vulnerabilities and Bugs: The job of patching software vulnerabilities is a never-ending and sometimes time-consuming process; nevertheless, when it comes to repairing unpatched vulnerabilities, companies must have a well-defined plan in place to reduce the possible risks inherent in determining when to upgrade vital business applications. Unfortunately, most frequently published security updates can have harmful consequences on the computers and networks they are intended to secure. A patch is a series of improvements to a computer program or its supporting data created for revision, remediation, or upgrading. This series of changes is also specially designed to fix security flaws and other bugs. Patches are often written in a way that increases software reliability, efficiency or security. The patching method helps you change compiled and machine language object programs where the source code is not available. However, this involves a thorough knowledge of the code's inner workings by the person or creator making the fix, which is impossible without a close analysis of the source code. In certain situations, particularly in manufacturing, legacy networks can be so outdated that even the concept of patching may be an overwhelming job. For some of these organizations, there is a genuine fear of taking apps down for fear that they can do irreparable harm or that they may not be back up until they have been upgraded. That said, the sheer occurrence of unpatched vulnerabilities encourages the threat actors to investigate these vectors. Conclusion: Cybersecurity is critical, and technology helps many businesses to do it. Yet, the only way companies can see the advantages of cyber protection is by educating experts who appreciate the definition of cybersecurity and its framework. My analysis shows that cybersecurity experts need to continually learn how to protect world data as cybercriminals are becoming more and more advanced by the day. The best way to be ahead of cybercriminals is to predict what new tactics they may have come up with—even educating the public about the risks of phishing, cyber threats, and IoT ransomware. Counties can provide seminars to expose the public to how much personal information they should store on their mobile phones, read emails carefully, be aware of how much smart devices have connected to the Internet, and, finally, a data security program be implemented in schools. There are seven ways we can mitigate cyber-attacks; uninstall apps, install firewalls, use safer passwords, run up-to-date anti-virus software, adjust username and password, and eventually bear in mind unwanted emails. References: Developing a Common Understanding of Cybersecurity. https://www.isaca.org/resources/isaca-journal/issues/2015/volume-6/developing-a-common understanding-of-cybersecurity. Fruhlinger, J. (2020, September 4). What is phishing? How this cyber attack works and how to prevent it. CSO Online. https://www.csoonline.com/article/2117843/what-is-phishing-how-this-cyber-attack-works-and-how-to-prevent-it.html. Imperva. (2020, June 17). What is phishing: Attack techniques & scam examples: Imperva. Learning Center. https://www.imperva.com/learn/application-security/phishing-attack-scam/#:~:text=What%20is%20a%20phishing%20attack,instant%20message%2C%20or%20text%20message. The IoT ransomware threat is more serious than you think. IoT Security Foundation. https://www.iotsecurityfoundation.org/the-iot-ransomware-threat-is-more-serious-than-you-think/#:~:text=It's%20a%20breed%20of%20malware,IoT%20ransomware%20is%20relatively%20new.&text=The%20issue%20was%20also%20raised,in%20regards%20to%20healthcare%20IoT. Palmer, D. (2020, November 3). These software bugs are years old. But businesses still aren't patching them. ZDNet. https://www.zdnet.com/article/these-software-bugs-are-years-old-but-businesses-still-arent-patching-them/#:~:text=Analysis%20by%20Bitdefender%20found%20that,fixed%20a%20long%20time%20ago. Rich Campagna May 28. (2020, July 4). The 9 Types of Security Vulnerabilities. Balbix. https://www.balbix.com/blog/the-9-types-of-security-vulnerabilities/#:~:text=Unpatched%20Software%20%E2%80%93%20Unpatched%20vulnerabilities%20allow,attack%20them%20directly%20or%20indirectly. Security Tip (ST04-001). Cybersecurity and Infrastructure Security Agency CISA. https://www.us-cert.gov/ncas/tips/ST04-001. Find Trends in Your Profession - CBR 60...211) - UMGC Learning Management System