Hacking is defined by law as any intentional use and access of data in a computer without a prior authorization or in excess of authorized access. The act is done by persons known as hackers. Hackers get access to information in a computer system which they are not authorized and in the process cause damage. A considerable number of people confuse hackers and crackers. Hacking is a time useful to the government and big companies since they are used to maintain the security systems of such organizations. The difference between hackers and crackers is that hackers crack the password code so as to hack into a security system whereas crackers crack the software code with the intention of bypassing the security mechanisms such as copyright protection. The hacking act is done through ports in the computer system network that are not guarded properly. The attacks launched by hackers on the computer system result in huge loss to the government and companies as well in terms of financial and information loss.
Companies and government ought to initiate an effective and quick response to the increasing acts of hacking since it is regarded as a move of stopping the present and future practices (Hunter, 2002). In addition, existing procedures such as conservation of evidence, as well as law enforcement and notification to organizations including incident-reporting organizations will help huge companies, and government to properly secure their systems or that of others (Long, 2007). Companies and government can use the following best practices so as to mitigate the damage that result from an attack on computer network and, on the other hand, increase the chances of bring to book the culprits.
Organizations such as universities, government and huge companies should have these best practices in their contingency plans even before they are attacked. This will ensure that they have in place mechanisms that can respond immediately to any attack launched by the hackers.
The following practices are designed so as to assist companies, government and network operators, but it is essential for prosecutors and investigators to have a clear understanding of such practices so that they can give advice to first-time victims on the possible steps they can pursue in case of an attack (Flynn, 2002).
Companies and government have witnessed increasing incidents of computer attacks in the past. Therefore, they have put in place procedures that can properly handle the incidences of hacking. The procedures are being reviewed periodically and ensure that they are easily accessed by personnel so that they can fully render their system security obligations. The procedures clearly indicate the person responsible of launching a response after the attack. In addition, organizations have put in place contact centers within and outside their organizations, criteria to be followed in case of an attack and the law enforcement body that can be notified (Star, 2011).
A considerable number of organizations have put in place warning signs or banners. This are used to ensure that there is a timely monitoring of the system attacks. The banners are placed on ports which are more likely to be used by hackers to access the information of the organization. The attacks can be monitored by the organization through their communication and traffic. To improve the effectiveness of the banners the organization are carrying out periodical reviews, hence, efficient and quick response in case of an attack (Fernando, 2009).
For such organization to prevent future attacks, they have launched a respond tacking of trying to establish the real intruders. They assess the incident and its scope. This has helped organizations in identifying the logs or files that were accessed, modified, copied, deleted or created. In addition, the organizations through the primary identification and assessment have been able to locate the origin of the attack and servers which the information were transferred. This has ensured that the necessary steps are taken to safeguard personal data and information (System Safety Society, 1996).
A considerable number of countries have responded to the rising crimes on computer network by putting in place legislation that can properly respond to cyber crimes. The legislations that are in existence, in different countries, tackle the four different computer crimes. The crimes include data-related crimes such as theft, modification and interception, network-related crimes such as sabotage and interference, crimes of access such as virus distribution and hacking and other computer related crimes such as computer forgery and fraud as well as cyber criminals aiding and abetting. The governments have specifically put in place laws that govern the crime of hacking due to the huge amount of loss that result from the cyber attacks. The introduction of such laws in the cyberspace has ensured that a trustworthy and secure environment is created for users and businesses. The presence of such laws does not deter organizations from putting in place procedures that will assist in safeguarding their information and systems (Stephans, 2004).
Organizations such as big companies have put in place security plans addressing process, technology and people issues. They have also committed resources that are used, in educating employees on issues to do with security practices, developing systematic plans for handling sensitive records, data and transactions and incorporating full-bodied security technology like firewalls, intrusion detection software and authentication services across all the computer systems of the organization (Oppenheimer, 2007).
Around the world, company-wide efforts are being put in place to address cooperation, prevention and response issues. The companies have established ISACs (Information Sharing and Analysis Centers). The centers are places where timely information relating to threats, attacks, vulnerabilities and countermeasures are shared and analyzed. In the year 2000, a global summit on information that brought together companies, governments and multinational organizations cutting across economic sectors were organized by WITSA (World Information Technology and Services Alliance) so as to share information and come up with partnership. The cooperation has ensured strengthened penalties on cyber crimes, hence, reduced intrusion and systems attacks (Vacca, 2010).
Companies have also moved in through properly securing their information in the network. This has taken precedence due to their responsibility of safeguarding their property. This is coupled by the government commitment of ensuring that the existing legislations are made fully operational. Cooperation among the government, civil society and companies should be strengthened. This will ensure that cyber security legal frameworks are strengthened.
The latest data breach issue concern wiki leaks and email marketer know as Epsilon who lost a considerable number of his customers addresses to acts of hacking. This follows the same loss of another marketing company, Silverpop. These two organizations responded to the issue amicably by initiating investigations and apologizing to customers (Jaeger, 2008).
Even, though, it is expensive and complex to put in place robust security technologies, cooperation among firms, civil society and government will result in tighten penalties on a computer system hackers. A global fight of the act of hacking will eventually lead to inexistence of the bad act that has detrimental social and economic effects. Government legislations should pronounce strong penalties on the act to ensure that culprits are brought to book and the act brought to an end. Organizations have an additional responsibility of securing their own information from hackers so that they avert fines from government. The fines are charged on firms that have lost their networked, personal information to hackers. Finally, global cooperation is the way to go so that the act is properly death with and eliminated.