Forensics Journal - Stevenson University 2015 | Page 22

STEVENSON UNIVERSITY

Disruption or destruction of these vital services poses serious risks to
both national security and economic viability. In order to combat the
threat of a major cyber terrorist attack the United States consistently
must be one step ahead of its hacking adversaries by identifying and
countering malicious intrusion capabilities and employing the most
up-to-date, real-time detection and deflection techniques in daily
operations. Individuals in the cyber security field believe that “we’re
just in the eye of the storm” and, if correct, these precautions must
be taken immediately (Hoffman, 2014, p. 1).

attack reported was 100 Gbps (gigabits per second, a measurement
of internet traffic). In 2013, an attack referred to as the “attack
that almost broke the Internet” reached 300 Gbps, and in 2014,
there have been multiple reports of attacks reaching, and possibly
surpassing, the 400 Gbps mark (Gilbert, 2014). Experts also
predict that within the next year there will be a DDoS attack
doubling what has already been witnessed (Gilbert, 2014). In
only three years, there has been an 800% increase in the “bogus”
traffic DDoS generate, meaning the forecasts for the near future
could undoubtedly wreak havoc on America’s critical infrastructure
operations and information technology.

A CLOSER LOOK AT THE THREAT
Understanding severity of the cyber threat and develop techniques
that eliminate or lessen the impact of a major cyber attack on
America’s vital assets, involves greater knowledge of this weapon.
Malicious software or malware is essentially a cyber predator. It
is deployed with the intention of causing damage to and through
computer systems (Malware Definition, 2006). The impending assault
on critical infrastructure is one in which a particular type of malware
will be utilized i.e. a Botnet Distributed Denial of Service (DDoS)
attack. In recent years, American businesses have seen the effects of
these attacks, especially where financial transactions are involved
and information can be obtained for the attacker’s personal gain.
However, “more recent research found that ideologically motivated
DDoS attacks are on the rise” (Botnet DDoS Attacks, 2014). For a
terrorist or terrorist group seeking to penetrate the data networks of
power plants or water facilities thus controlling their operations to
deny services to Americans, a DDoS attack provides the perfect means
to do so.

Most modern DDoS attacks are “zero-day or zero-hour” attacks
(Holtfreter & Harrington, 2014, p. 33). These attacks exploit
vulnerabilities by using poly [ܜX