Advanced search
Publication Cover
Information Systems Management Volume 23, 2006 - Issue 2
Submit an article Journal homepage
503
Views
18
CrossRef citations to date
0
Altmetric
E-Security

Cyber-Warfare Threatens Corporations: Expansion into Commercial Environments

Kenneth J. Knapp An assistant professor of management at the U.S. Air Force Academy, Colorado. He earned his doctorate in management information systems at Auburn University, Alabama. He can be reached at kenneth.knapp@usafa. af.mil.
&
William R. Boulton (D.B.A. – Harvard University) is the C.G. Mills Professor of Strategic Management at Auburn University, Alabama. He is widely published and has conducted numerous technology benchmarking studies for U.S. government agencies.
Pages 76-87 | Published online: 21 Dec 2006

Notes

  • A copy of the referenced top 25 issues report is available by contacting the first author
  • The Software Engineering Institute at Carnegie Mellon University operates the Computer Emergency Response Team Coordination Center (CERT/CC) , Given that attacks against Internet-connected systems have become so commonplace and for other stated reasons, as of 2004, the CERT no longer publishes incident numbers (see www.cert.org/stats/cert_stats. html)
  • The Computer Security Institute (CSI) annually conducts the Computer Crime and Security Survey with participation by the San Francisco Federal Bureau of Investigation's (FBI) Computer Intrusion Squad , (see www.gocsi.com)
  • A list of 75 security tools is provided at http://www.insecure.org/tools.html. This list is derived in part from a hacker mailing list. Many of the listed tools are free hacker tools that have been around for years
  • Try a Google search on Home Depot, Texaco, or Wal-Mart for a demonstration ,

References

  • Adams , J. 2001 . Virtual Defense . Foreign Affairs , 80 ( 3 ) : 98 – 112 .
  • Alger , J. I. 1996 . “ Introduction ” . In Information Warfare: Cyberterrorism: Protecting Your Personal Security in the Information Age , 2nd ed. , Edited by: Schwartau , W. 8 – 14 . New York : Thunder's Mouth Press .
  • Ascribe . 2003 . Millennium Project Calls for Declaration of Global Information Warfare against Transnational Organized Crime; Corruption, Money Laundering, Terrorism Funding by Organized Crime Should Be Treated as National Security Threat . Ascribe Newswire ,
  • Associated Press . 2002 . China Boosts Information Warfare Development with Vast Research Centers . Associated Press Worldstream ,
  • Austin , R. D. and Darby , C. A. R. 2003 . The Myth of Secure Computing . Harvard Business Review , 81 ( 6 ) : 120 – 126 .
  • The Australian. 2004 . Officials Break up Russian Extortion Ring . The Australian , : C03
  • Bagchi , K. and Udo , G. 2003 . An Analysis of the Growth of Computer and Internet Security Breaches . Communications of the Association for Information Systems , 12 ( 46 ) : 1 – 29 .
  • Bolt , P. J. and Brenner , C. 2004 . Information Warfare across the Taiwan Strait . Journal of Contemporary China , 13 ( 38 ) : 129
  • Bush , G. W. 2003 . National Strategy to Secure Cyberspace [Rec.1–4(B)] , Retrieved Aug. 10, 2005, from http://www.whitehouse. gov/pcipb
  • Callamari , P. and Reveron , D. 2003 . China's Use of Perception Management . International Journal of Intelligence and Counter Intelligence , 16 ( 1 ) : 1 – 15 .
  • Cohen , W. 2001 . Former Defense Secretary Cohen's Remarks at the 2001 Summit (March 6) , George Mason University . Retrieved Aug. 10, 2005, from http://www.gmu.edu/departments/law/////techcenter/programs/summit/cohen's_ 2001_remarks.html
  • Computer Security Institute. 2002 . Cyber-Crime Bleeds U.S. Corporations, Survey Shows; Financial Losses from Attacks Climb for Third Year in a Row , Press Release . April 7, 2002. CSI, San Francisco. Retrieved April, 2003, from http://www.gocsi.com/press
  • Cronin , B. 2002a . Information Warfare . Library Journal , 127 ( 12 ) : 54
  • Cronin , B. 2002b . Information Warfare: Peering inside Pandora's Postmodern Box . Library Journal , 50 ( 6 ) : 279 – 294 .
  • Cronin , B. and Crawford , H. 1999 . Information Warfare: Its Applications in Military and Civilian Contexts . Information Society , 15 ( 4 ) : 257 – 264 .
  • Dearth , D. H. 1998 . “ Imperatives of Information Operations and Information Warfare. ” . In Cyberwar 2.0: Myths, Mysteries, and Reality , Edited by: Campen , A. D. and Dearth , D. H. Fairfax, VA : AFCEA International Press .
  • De Caro , C. 1998 . “ Operationalizing Software. ” . In Cyberware 2.0: Myths, Mysteries, and Reality , Edited by: Campen , A. D. and Dearth , D. H. Fairfax, VA : AFCEA International Press .
  • De Marrais , K. 2003 . Identity Theft on the Rise . FTC Warns. Knight Ridder Business News , : 1 – 4 .
  • Denning , D. E. 1999 . Activism, Hacktivism, and Cyberterrorism: The Internet as a Tool for Influencing Foreign Policy , Nautilus Institute . Retrieved Aug. 10, 2005, from www.iwar.org. uk/cyberterror/resources/denning.htm
  • Department of Homeland Security. 2005 . Information Sharing and Analysis Centers , Retrieved Aug 10, 2005, from www.dhs.gov/dhspublic/display?theme=73&content=1375; original content from www.caio.gov, May 2003
  • Drucker , P. F. 2002 . Managing in the Next Society (Audiobook) , Los Angeles : St. Martin's Press/Truman Talley Books .
  • Dutta , A. and McCrohan , K. 2002 . Management's Role in Information Security in a Cyber-Economy . California Management Review , 45 ( 1 ) : 67 – 87 .
  • Federal News Service . 2003 . Press Conference with Attorney General John Ashcroft; FBI Director Robert Mueller; and FTC Chairman Timothy J. Muris , Federal News Service Inc. . May 16
  • Friman , H. 2001 . A Systems View of Information Warfare . Journal of Information Warfare , 1 ( 1 ) : 25 – 32 .
  • Frolick , M. N. 2003 . A New Webmaster's Guide to Firewalls and Security . Information Systems Management , 20 ( 1, Winter ) : 29 – 34 .
  • Garg , A. , Curtis , J. and Halper , H. 2003 . The Financial Impact of IT Security Breaches: What Do Investors Think . Information Systems Security , 12 ( 1 ) : 22 – 34 .
  • Garrick , J. B. and Powers , D. A. 2000 . Use of Defense in Depth in Risk-Information Nmss Activities Letter to Richard A. Meserve Dated May 25, 2000 , U.S. Nuclear Regulatory Commission . Retrieved Aug. 10, 2005, from http://www.nrc.gov/reading-rm/doc-collections/acrs/letters/2000/4721893.html Chairman
  • Geralds , J. 2003 . Hacker Insurance Set to Rocket , Retrieved Aug. 10, 2005, from http://www.vnunet.com/news/1138789
  • Gerard , G. , Hillison , W. and Pacini , C. 2004 . What Your Firm Should Know About Identity Theft . The Journal of Corporate Accounting and Finance , : 3 – 11 .
  • Gordon , L. A. , Loeb , M. P. , Lucyshyn , W. and Richardson , R. 2005 . Tenth Annual, 2005 CSI/FBI Computer Crime and Security Survey , San Francisco, CA : Computer Security Institute . (www.gocsi.com)
  • Gross , G. 2003 . Net Attacks Down but Sophistication Is Up . IDG News Service ,
  • Hansell , S. 2004 . U.S. Tally in Online-Crime Sweep: 150 Charged , New York Times . August 26
  • Hutchinson , W. 2002 . Concepts in Information Warfare . Logistics Information Management , 15 ( 5/6 ) : 410 – 413 .
  • Information Systems Audit and Control Association (ISACA) . 2005 . Overview and History , Retrieved Aug. 10, 2005, from http://www.isaca.org/template.cfm?section=Overview_and_ History
  • 2005 . International Information Systems Security Certification Consortium [ISC]2(r) , Press Releases . Oct. 31. Retrieved Aug. 10, 2005, from https://www.isc2.org/cgi/content.cgi?page=13
  • ISO/IEC . 2000 . Information Technology - Code of Practice for Information Security Management (No. ISO/IEC 17799:2000(E)) , The International Standards Organization/The International Electrotechnical Commission .
  • James , P. N. 1992 . Education and Training . Information Systems Management , 9 ( 2 ) : 15 – 21 .
  • Jones , A. , Kovacich , G. L. and Luzwick , P. G. 2002 . Global Information Warfare: How Businesses, Governments, and Others Achieve Objectives and Attain Competitive Advantages , New York : Auerbach Publications .
  • Keating , G. 2003 . Hacker Insurance Market Boosted by Cyberattacks . Reuters ,
  • Keller , S. , Powell , A. , Horstmann , B. , Predmore , C. and Crawford , M. 2005 . Information Security Threats and Practices in Small Businesses . Information Systems Management , 22 ( 2 ) : 7 – 19 .
  • Key , V. 2004 . What Is Solar Sunrise . SANS , Retrieved Aug. 10, 2005, from http://www.sans. org/resources/idfaq/solar_sunrise.php
  • Knapp , K. J. , Marshall , T. E. , Rainer , R. K. and Morrow , D. W. 2004 . Top Ranked Information Security Issues: The 2004 International Information Systems Security Certification Consortium (ISC)2 Survey Results , Alabama : Auburn University .
  • Kolodzinski , O. 2002 . Cyber-Insurance Issues: Managing Risk by Tying Network Security to Business Goals . CPA Journal. , 72 ( 11 ) : 10 – 11 .
  • Legard , D. 2003 . Fake Bank Web Site Scam Reaches U.S., May 14 , Retrieved Aug. 10, 2005, from http://www.itworld.com/Tech/2987/030514fakebank
  • Libicki , M. C. 1995 . What Is Information Warfare , Washington, DC : National Defense University, Institute for National Strategic Studies .
  • Luftman , J. and McLean , E. R. 2004 . Key Issues for IT Executives . MIS Quarterly Executive , 3 ( 2 ) : 89 – 104 .
  • Meall , L. 1989 . Survival of the Fittest . Accountancy (UK) , 103 ( 1147 ) : 140 – 141 .
  • Mitnick , K. 2003 . Are You the Weak Link . Harvard Business Review , 81 ( 4 ) : 18 – 20 .
  • National Research Council . 1991 . Computers at Risk , Washington, D.C. : National Academy Press .
  • Neumann , P. G. 1998 . “ Identity-Related Misuse ” . In Internet Besieged , Edited by: Denning , D. E. and Denning , P. J. Reading, Massachusetts : ACM Press .
  • O'Rourke , M. 2004 . Cyber-Extortion Evolves . Risk Management , 51 ( 4 ) : 10 – 12 .
  • Panko , R. 2004 . Corporate Computer and Network Security , New Jersey : Prentice Hall .
  • Parker , D. B. 1976 . Crime by Computer , New York : Scribners .
  • PCWorld . 2001 . Timeline: A 40-Year History of Hacking . IDG News Service , Retrieved Aug. 10, 2005, from http://www.cnn.com/2001/TECH/internet/11/19/hack.history. idg/
  • Porter , T. 1996 . Information Warfare - Your Company Needs You , 15561 – 566 . Computers & Security .
  • Poulsen , K. 2004 . U.N. Warns of Nuclear Cyber-Attack Risk . SecurityFocus , Sept. 27. Retrieved Aug. 10, 2005, from http://www.securityfocus.com/news/9592
  • Pruitt , S. 2004 . When Outsourcing, Don't Forget Security . Experts Say. IDG News Service , Retrieved Aug. 10, 2005, from http://www.computerworld.com/managementtopics/outsourcing/story/0,10801,96074,00.html
  • Rattray , G. J. 2001 . Strategic Warfare in Cyberspace , Cambridge, MA : MIT Press .
  • Rhem , K. T. 2005 . China Investing in Information Warfare Technology, Doctrine , American Forces Press Service . July 20. Retrieved Aug. 10, 2005, from http://www.pentagon.gov/news/jul2005/20050720_2171.html
  • Richardson , R. 2003 . Eight Annual, 2003 CSI/FBIComputer Crime and Security Survey , San Francisco, CA : Computer Security Institute . (www.gocsi.com)
  • Richmond , R. 2004 . Netware Associates to Attack Spyware with New Products . Wall Street Journal , 22 Jan : B5
  • Rosenoer , J. 2002 . Safeguarding Your Critical Business Information . Harvard Business Review , 80 ( 2 ) : 20 – 21 .
  • Schwartau , W. 1998 . “ Something Other Than War ” . In Cyberwar 2.0: Myths, Mysteries, and Reality , Fairfax, VA : AFCEA International Press .
  • Sequeira , D. 2003 . Intrusion Protection Systems: Security's Silver Bullet . Business Communication Review , : 36 – 41 .
  • Shaurette , K. 2003 . “ Security Infrastructure: Basics of Intrusion Detection Systems ” . In Information Security Management Handbook , 4th ed. , Edited by: Campen , A. D. and Dearth , D. H. Vol. 4 , 683 – 698 . New York : Auerbach Publications .
  • Sipior , J. C. , Ward , B. T. and Roselli , G. R. 2005 . The Ethical and Legal Concerns of Spyware . Information Systems Management , 22 ( 2 ) : 39 – 49 .
  • Smith , L. June 30 2004 . Web Amplifies Message of Primitive Executions , June 30 , Los Angles Times .
  • Stafford , T. F. and Urbaczewski , A. 2004 . Spyware: The Ghost in the Machine . Communications of the Association for Information Systems , : 291 – 306 .
  • Sterling , B. 2004 . The Other War on Terror . Wired , 12 ( 8 ) August. Retrieved Aug 10, 2005, from http://www.wired.com/wired/archive/12.08/view.html?pg=4
  • Stoll , C. 1989 . The Cuckoo's Egg: Tracking a Spy through the Maze of Computer Espionage , New York : Doubleday .
  • Strassmann , P. A. 2001 . Government Should Blaze Global Information Warfare Trails , Retrieved Aug. 10, 2005, from http://www.strassmann.com/pubs/searchsecurity/2001–8.php
  • Straub , D. W. 1990 . Effective IS Security: An Empirical Study . Information Systems Research , 1 ( 3 ) : 255 – 276 .
  • Straub , D. W. and Welke , R. J. 1998 . Coping with Systems Risk: Security Planning Models for Management Decision Making . MIS Quarterly , : 441 – 469 .
  • Sunday Times . 1996 . Secret DTI Inquiry into Cyber-Terror . The (London) Sunday Times , : 1 – 8 .
  • Svensson , P. 2003 . Al-Jazeera Site Experiences Hack Attack . The Associated Press ,
  • Swartz , J. 2003 . Firms' hacking-related insurance costs soar . USA Today , Feb. 9. Retrieved Aug. 29, 2005, from http://www.usatoday.com/money/industries/technology/2003–02-09-hacker_x. htm
  • Toffler , A. 1981 . The Third Wave , New York : Bantam Books .
  • Tucker , T. E. 2004 . “ Leveraging Protection Mechanisms to Provide Defense in Depth ” . In Management of Information Security , Edited by: Whitman , M. E. and Mattord , H. J. 408 Boston : Course Technology .
  • Verton , D. 2004 . Organized Crime Invades Cyberspace . ComputerWorld , Retrieved Aug. 10, 2005, from http://www.computerworld.com/securitytopics/security/story/0,10801,95501,00.html
  • Wilson , J. 2001 . E-Bomb . Popular Mechanics , 178 ( 9 ) : 50 – 54 .
  • Wood , C. C. 1996 . Information Security Policies Made Easy , 5th ed. , Baseline Software .
  • Zviran , M. and Haga , W. J. 1999 . Password Security: An Empirical Study . Journal of Management Information Systems , 15 ( 4 ) : 161 – 185 .

Reprints and Corporate Permissions

Please note: Selecting permissions does not provide access to the full text of the article, please see our help page How do I view content?

To request a reprint or corporate permissions for this article, please click on the relevant link below:

Order Reprints Request Corporate Permissions

Academic Permissions

Please note: Selecting permissions does not provide access to the full text of the article, please see our help page How do I view content?

Obtain permissions instantly via Rightslink by clicking on the button below:

Request Academic Permissions

If you are unable to obtain permissions via Rightslink, please complete and submit this Permissions form. For more information, please visit our Permissions help page.

Related research

People also read lists articles that other readers of this article have read.

Recommended articles lists articles that we recommend and is powered by our AI driven recommendation engine.

Cited by lists all citing articles based on Crossref citations.
Articles with the Crossref icon will open in a new tab.