Cyber-warfare threatens corporations: Expansion into commercial environments

Information Systems Management

Volumn 23, Issue 2, 2006, Pages 76-87

  Knapp, Kenneth J ^a   Boulton, William R ^b  

^a UNITED STATES AIR FORCE ACADEMY   (United States)

^b AUBURN UNIVERSITY   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

INFORMATION WARFARE; IS MANAGER; MILITARY ISSUES;

INFORMATION SYSTEMS;

HARDWARE;

EID: 33645149750     PISSN: 10580530     EISSN: None     Source Type: Journal    
DOI: 10.1201/1078.10580530/45925.23.2.20060301/92675.8     Document Type: Review

References (82)

1. Adams, J. (2001). Virtual Defense. Foreign Affairs, 80(3), 98-112.
2. Alger, J. I. (1996). Introduction. In W. Schwartau (Ed.), Information Warfare: Cyberterrorism: Protecting Your Personal Security in the Information Age (2nd ed., pp. 8-14). New York: Thunder's Mouth Press.
3. Ascribe. (2003). Millennium Project Calls for Declaration of Global Information Warfare against Transnational Organized Crime; Corruption, Money Laundering, Terrorism Funding by Organized Crime Should Be Treated as National Security Threat Ascribe Newswire, February 10.
4. Associated Press. (2002). China Boosts Information Warfare Development with Vast Research Centers. Associated Press Worldstream, September 27.
5. Austin, R. D., and Darby, C. A. R. (2003). The Myth of Secure Computing. Harvard Business Review, 81(6), 120-126.
6. The Australian. (2004). Officials Break up Russian Extortion Ring The Australian, Aug 3, p. C03.
7. Bagchi, K., and Udo, G. (2003). An Analysis of the Growth of Computer and Internet Security Breaches. Communications of the Association for Information Systems, 12(46), 1-29.
8. Bolt, P. J., and Brenner, C. (2004). Information Warfare across the Taiwan Strait. Journal of Contemporary China, 13(38), 129.
9. Bush, G. W. (2003). National Strategy to Secure Cyberspace [Rec. 1-4(B)], February. Retrieved Aug. 10, 2005, from http://www.whitehouse.gov/pcipb
10. Callamari, P., and Reveron, D. (2003). China's Use of Perception Management. International Journal of Intelligence and Counter Intelligence, 16(1), 1-15.
11. Cohen, W (2001). Former Defense Secretary Cohen's Remarks at the 2001 Summit (March 6). George Mason University. Retrieved Aug. 10, 2005, from http://www.gmu.edu/departments/law/////techcenter/programs/summit/ cohen's_2001_remarks.html
12. Computer Security Institute. (2002). Cyber-Crime Bleeds U.S. Corporations, Survey Shows; Financial Losses from Attacks Climb for Third Year in a Row (Press Release, April 7, 2002). CSI, San Francisco. Retrieved April, 2003, from http://www.gocsi.com/press
13. Cronin, B. (2002a). Information Warfare. Library Journal, 127(12), p. 54.
14. Cronin, B. (2002b). Information Warfare: Peering inside Pandora's Postmodern Box. Library Journal, 50(6), 279-294.
15. Cronin, B., and Crawford, H. (1999). Information Warfare: Its Applications in Military and Civilian Contexts. Information Society, 15(4), 257-264.
16. Dearth, D. H. (1998). Imperatives of Information Operations and Information Warfare. In A. D. Campen and D. H. Dearth (Eds.), Cyberwar 2.0: Myths, Mysteries, and Reality. Fairfax, VA: AFCEA International Press.
17. deCaro, C. (1998). Operationalizing Software. In A. D. Campen and D. H. Dearth (Eds.), Cyberware 2.0: Myths, Mysteries, and Reality. Fairfax, VA: AFCEA International Press.
18. DeMarrais, K. (2003). Identity-Theft on the Rise, FTC Warns. Knight Ridder Business News, September 4, pp. 1-4.
19. Denning, D. E. (1999). Activism, Hacktivism, and Cyberterrorism: The Internet as a Tool for Influencing Foreign Policy. Nautilus Institute. Retrieved Aug. 10, 2005, from www.iwar.org.uk/cyberterror/resources/denning.htm
20. Department of Homeland Security. (2005). Information Sharing and Analysis Centers. Retrieved Aug 10, 2005, from www.dhs.gov/dhspublic/display?theme= 73&content=1375; original content from www.caio.gov, May 2003.
21. Drucker, P. F. (2002). Managing in the Next Society (Audiobook). Los Angeles: St. Martin's Press/Truman Talley Books.
22. Dutta, A., and McCrohan, K. (2002). Management's Role in Information Security in a Cyber-Economy. California Management Review, 45(1), 67-87.
23. Federal News Service. (2003). Press Conference with Attorney General John Ashcroft; FBI Director Robert Mueller; and FTC Chairman Timothy J. Muris. Federal News Service Inc., May 16.
24. Friman, H. (2001). A Systems View of Information Warfare. Journal of Information Warfare, 7(1), 25-32.
25. Frolick, M. N. (2003). A New Webmaster's Guide to Firewalls and Security. Information Systems Management, 20(1, Winter), 29-34.
26. Garg, A., Curtis, J., and Halper, H. (2003). The Financial Impact of IT Security Breaches: What Do Investors Think? Information Systems Security, 12(1), 22-34.
27. Garrick, J. B., and Powers, D. A. (2000). Use of Defense in Depth in Risk-Information Nmss Activities (Letter to Richard A. Meserve Dated May 25, 2000, Chairman, U.S. Nuclear Regulatory Commission). Retrieved Aug. 10, 2005, from http://www.nrc.gov/reading-rm/doc-collections/acrs/letters/2000/4721893. html
28. Geralds, J. (2003). Hacker Insurance Set to Rocket, February 14. Retrieved Aug. 10, 2005, from http://www.vnunet.com/news/1138789
29. Gerard, G., Hillison, W., and Pacini, C. (2004). What Your Firm Should Know About Identity Theft. The Journal of Corporate Accounting and Finance, May/June, 3-11.
30. Gordon, L. A., Loeb, M. P., Lucyshyn, W., and Richardson, R. (2005). Tenth Annual, 2005 CSI/FBI Computer Crime and Security Survey. San Francisco, CA (www.gocsi.com): Computer Security Institute.
31. Gross, G. (2003). Net Attacks Down but Sophistication Is Up. IDG News Service, January 30.
32. Hansell, S. (2004). U.S. Tally in Online-Crime Sweep: 150 Charged. New York Times, August 26.
33. Hutchinson, W. (2002). Concepts in Information Warfare. Logistics Information Management, 15(5/6), 410-413.
34. Information Systems Audit and Control Association (ISACA). (2005). Overview and History. Retrieved Aug. 10, 2005, from http://www.isaca.org/ template.cfm?section=Overview_and_History
35. International Information Systems Security Certification Consortium [ISC]2®. (2005). Press Releases, Oct. 31. Retrieved Aug. 10, 2005, from https://www.isc2.org/cgi/content.cgi?page=13
36. ISO/IEC. (2000). Information Technology - Code of Practice for Information Security Management (No. ISO/IEC 17799:2000(E)): The International Standards Organization/The International Electrotechnical Commission.
37. James, P. N. (1992). Education and Training. Information Systems Management, 9(2), 15-21.
38. Jones, A., Kovacich, G. L., and Luzwick, P. G. (2002). Global Information Warfare: How Businesses, Governments, and Others Achieve Objectives and Attain Competitive Advantages. New York: Auerbach Publications.
39. Keating, G. (2003). Hacker Insurance Market Boosted by Cyberattacks. Reuters, January 27.
40. Keller, S., Powell, A., Horstmann, B., Predmore, C., and Crawford, M. (2005). Information Security Threats and Practices in Small Businesses. Information Systems Management, 22(2), 7-19.
41. Key, V. (2004). What Is Solar Sunrise? SANS. Retrieved Aug. 10, 2005, from http://www.sans.org/resources/idfaq/solar_sunrise.php
42. 2 Survey Results. Alabama: Auburn University.
43. Kolodzinski, O. (2002). Cyber-Insurance Issues: Managing Risk by Tying Network Security to Business Goals. CPA Journal., 72(11), 10-11.
44. Legard, D. (2003). Fake Bank Web Site Scam Reaches U.S., May 14. Retrieved Aug. 10, 2005, from http://www.itworld.com/Tech/2987/030514fakebank.
45. Libicki, M. C. (1995). What Is Information Warfare? Washington, DC: National Defense University, Institute for National Strategic Studies.
46. Luftman, J., and McLean, E. R. (2004). Key Issues for IT Executives. MIS Quarterly Executive, 3(2), 89-104.
47. Meall, L. (1989). Survival of the Fittest.Accountancy (UK), 103(1147), 140-141.
48. Mitnick, K. (2003). Are You the Weak Link? Harvard Business Review, 81(4), 18-20.
49. National Research Council. (1991). Computers at Risk. Washington D.C.: National Academy Press.
50. Neumann, P. G. (1998). Identity-Related Misuse. In D. E. Denning and P. J. Denning (Eds.), Internet Besieged. Reading, Massachusetts: ACM Press.
51. O'Rourke, M. (2004). Cyber-Extortion Evolves. Risk Management, 51(4), 10-12.
52. Panko, R. (2004). Corporate Computer and Network Security. New Jersey: Prentice Hall.
53. Parker, D. B. (1976). Crime by Computer. New York: Scribners.
54. PCWorld. (2001). Timeline: A 40-Year History of Hacking. IDG News Service, November 19. Retrieved Aug. 10, 2005, from http://www.cnn.com/2001/ TECH/internet/11/19/hack.history.idg/
55. Porter, T. (1996). Information Warfare - Your Company Needs You! Computers & Security, 15, 561-566.
56. Poulsen, K. (2004). U.N. Warns of Nuclear Cyber-Attack Risk. SecurityFocus, Sept. 27. Retrieved Aug. 10, 2005, from http://www.securityfocus. com/news/9592
57. Pruitt, S. (2004). When Outsourcing, Don't Forget Security, Experts Say. IDG News Service, Sept. 21. Retrieved Aug. 10, 2005, from http://www. computerworld.com/managementtopics/outsourcing/story/0,10801,96074,00.html
58. Rattray, G. J. (2001). Strategic Warfare in Cyberspace. Cambridge, MA: MIT Press.
59. Rhem, K.T. (2005). China Investing in Information Warfare Technology, Doctrine. American Forces Press Service, July 20. Retrieved Aug. 10, 2005, from http://www.pentagon.gov/news/jul2005/20050720_2171.html
60. Richardson, R. (2003). Eight Annual, 2003 CSI/FBI Computer Crime and Security Survey. San Francisco, CA: Computer Security Institute (www.gocsi.com).
61. Richmond, R. (2004, 22 Jan). Netware Associates to Attack Spyware with New Products. Wall Street Journal, p. B5.
62. Rosenoer, J. (2002). Safeguarding Your Critical Business Information. Harvard Business Review, 80(2), 20-21.
63. Schwartau, W. (1998). Something Other Than War. In A. D. Campen and D. H. Dearth (Eds.), Cyberwar 2.0: Myths, Mysteries, and Reality. Fairfax, VA: AFCEA International Press.
64. Sequeira, D. (2003). Intrusion Protection Systems: Security's Silver Bullet? Business Communication Review, March, 36-41.
65. Shaurette, K. (2003). Security Infrastructure: Basics of Intrusion Detection Systems. In H. F. Tipton and M. Krause (Eds.), Information Security Management Handbook (4th ed., Vol. 4, pp. 683-698). New York: Auerbach Publications.
66. Sipior, J. C., Ward, B. T., and Roselli, G. R. (2005). The Ethical and Legal Concerns of Spyware. Information Systems Management, 22(2), 39-49.
67. Smith, L. (2004, June 30). Web Amplifies Message of Primitive Executions. Los Angles Times.
68. Stafford, T. F., and Urbaczewski, A. (2004). Spyware: The Ghost in the Machine. Communications of the Association for Information Systems, 14, 291-306.
69. Sterling, B. (2004). The Other War on Terror. Wired, 12(8), August. Retrieved Aug 10, 2005, from http://www.wired.com/wired/archive/12.08/view.html? pg=4
70. Stoll, C. (1989). The Cuckoo's Egg: Tracking a Spy through the Maze of Computer Espionage. New York: Doubleday.
71. Strassmann, P.A. (2001). Government Should Blaze Global Information Warfare Trails. Retrieved Aug. 10, 2005, from http://www.strassmann.com/pubs/ searchsecurity/2001-8.php.
72. Straub, D. W. (1990). Effective IS Security:An Empirical Study. Information Systems Research, 1(3), 255-276.
73. Straub, D. W., and Welke, R. J. (1998). Coping with Systems Risk: Security Planning Models for Management Decision Making. MIS Quarterly, 22(4), 441-469.
74. Sunday Times. (1996). Secret DTI Inquiry into Cyber-Terror The (London) Sunday Times, June 9, pp. 1-8.
75. Svensson, P. (2003).Al-Jazeera Site Experiences Hack Attack. The Associated Press, March 25.
76. Swartz, J. (2003). Firms' hacking-related insurance costs soar. USA Today, Feb. 9. Retrieved Aug. 29, 2005, from http://www.usatoday.com/money/ industries/technology/2003-02-09-hacker_x.htm
77. Toffler, A. (1981). The Third Wave. New York: Bantam Books.
78. Tucker, T. E. (2004). Leveraging Protection Mechanisms to Provide Defense in Depth. In M. E. Whitman and H. J. Mattord (Eds.), Management of Information Security. Boston: Course Technology, p. 408.
79. Verton, D. (2004). Organized Crime Invades Cyberspace. ComputerWorld, August 30. Retrieved Aug. 10, 2005, from http://www.computerworld.com/ securitytopics/security/story/0,10801,95501,00.html
80. Wilson, J. (2001). E-Bomb. Popular Mechanics, 178(9), 50-54.
81. Wood, C. C. (1996). Information Security Policies Made Easy (5th ed.): Baseline Software.
82. Zviran, M., and Haga, W. J. (1999). Password Security: An Empirical Study. Journal of Management Information Systems, 15(4), 161-185.