Running head: GLOBAL APPROACH TO CYBERSECURITY 1

Global Approach to Cybersecurity

Name:

Institution:
GLOBAL APPROACH TO CYBERSECURITY 2

Global Approach to Cybersecurity

Step 3: Cyber Policy for a Small World Report

Scores

The Small World Simtray Report earned a score average of 50% after three tries (50%,

49%, and 50%). Lesson leant is the events documented associated with botnets have a significant

impact on the world cybersecurity technologies. s learnt are technologies and events that have

been chronicled and may have an impact on world policies.

Documented Technologies

The Small World Simtray featured lessons on botnets, which are robots that can connect

to the internet for network access. For instance, botnets have the capability to link to each other

via internet connection and makes it possible to operate within a single virtual local area network

(LAN) without detection. Even more astounding is the ability of the botnets to link to other

botnets via the internet connection, making it possible for a single virtual local area network

(LAN) if feasible. Botnets are advanced and can affect computers easilyThis technology looks to

be advanced since computers are not configured to conduct botnets detectionthese operations

autonomously unless the end user is a computer programmer. The Simtray also highlighted

ElectroMagnetic Pulse (EMP), which is basically triggered by High Energy Radio Frequency

(HERF). The EMP is made up of two parts: the magnetic section and the electrical section,

which work together to create the EMP product. When the components operate together, they

generate a steady sinusoidal amplitude wave pattern offset by a fixed frequency. The

technologies documented are mostly employed in high grade military gadgets and equipment for

communication and navigation and have an impact on global cybersecurity. This is a technology
GLOBAL APPROACH TO CYBERSECURITY 3

that is mostly employed by military forces for communication and navigation, as well as high-

level gadgets and equipment.

Policies

According to the Simtray report, some of the events associated with botnet can have a

significantthere are occurrences that may have an impact on global cybersecurity. Botnets had

attacked Alzei's network, prompting its IT personnel to investigate the problem. The extent to

which the IT crew went to troubleshoot the breach wore them out, and in retrospect, this problem

should have been averted. If measures had been put in place to segregate the corporate network

or enhance the firewall, the problem may have been avoided. When subjected to an assault, all

procedures dealing with the attack, including incident response, detection, confinement,

elimination, and recovery, should be properly defined. Foreign policies may include a Bring

Your Own Device (BYOD) policy to limit the danger of enabling outside attackers to infect the

firm network. The strict implementation of the policies is the best approach to ensure the impact

of botnet is minimum or avoided.

Step 6: International Cybersecurity Threat Matrix

Brazil

Country/Region: Brazil
Cyber Culture – (How Cybersecurity Cyber Legal Response to
does the country view Threats Perspective/ Cyber Cyberterrorism/Recruiting
cyber threats? Is this Economic
consistent with the Perspective
general country
culture?)
Brazilian cyber culture Theft of data Exclusive Unless cyberterrorism is
is largely focused on jurisdiction of law directed towards national or
GLOBAL APPROACH TO CYBERSECURITY 4

military cyberwarfare enforcement military responsibilities, the

and cyberdefense government does not appear
solutions. Government to be excessively concerned
and general publicThey with cyberterrorism. There
have put less focus on is no national cyber security
preventing and policy; instead, there are a
responding to few particular programs that
cybercrime. control the cyber sector in
various areas such as
defense, federal public
administration, and internet
use.
Financial fraud A collaboration of
intelligence,
military, and law
enforcement
Child
pornography
Spam
Identity forgery
and theft
Critical
infrastructure
attacks
Cyber warfare
Hacking
activities
Organized
crimes
Cyber terrorism A collaboration of
intelligence,
GLOBAL APPROACH TO CYBERSECURITY 5

military, and law

enforcement

Ukraine

Country/Region: Ukraine
Cyber Culture – (How Cybersecurity Cyber Legal Response to
does the country view Threats Perspective/ Cyber Cyberterrorism/Recruiting
cyber threats? Is this Economic
consistent with the Perspective
general country
culture?)
Ukraine's priority is to Internet and The rule of law and Ukraine's Cyber Security
defend the important computer fraud the protection of Strategy aims to establish
interests of man and human and civil circumstances for the safe
citizen, society, and state rights and liberties operation of cyberspace, as
in cyberspace through well as to apply
the coordinated use of a cyberspace to the
complex combination of advantage of people,
institutional, legal, and society, and the state.
information measures.
Computer theft Establishing International cooperation
Internet and democratic civilian to foster confidence and
computer fraud control over mutual trust in cyber
lawfully formed security, as well as the
military units and development of
law enforcement partnerships to combat
agencies engaged cyber threats, the
in cyber security centralization of initiatives
operations in the investigative process
and prevention of
GLOBAL APPROACH TO CYBERSECURITY 6

cybercrime, and the

prevention of the use of
cyberspace for illegal and
military reasons.
Cyber espionage Partnerships International cooperation
Computer theft between the to foster confidence and
governmental and mutual trust in cyber
corporate sectors, security, as well as the
as well as development of
significant partnerships to combat
collaboration with cyber threats, the
civil society, are centralization of initiatives
essential for cyber in the investigative process
security and and prevention of
defense. cybercrime, and the
prevention of the use of
cyberspace for illegal and
military reasons.
Illegal
acquisition, use,
deletion, storage,
and distribution
of personally
identifiable
information
Cyber espionage
Cyber warfare
Illegal
acquisition, use,
deletion,
storage, and
GLOBAL APPROACH TO CYBERSECURITY 7

distribution of
personally
identifiable
information
Cyber warfare
Cyber crime
Cyber terrorism
Cyber crime
Cyber terrorism

Australia

Country/Region: Australia
Cyber Culture – (How Cybersecurity Cyber Legal Response to
does the country view Threats Perspective/ Cyberterrorism/Recruiting
cyber threats? Is this Cyber Economic
consistent with the Perspective
general country
culture?)
The government and Cyber terrorism Concentrated on Cybersecurity Incident
the general public are the financial Mitigation Strategy
becoming more aware sector
of changing cyber
dangers and their
capacity to identify,
monitor, respond to,
and report cyber
security problems.
Social media The Australian Government
Information Security
Manual was created by the
GLOBAL APPROACH TO CYBERSECURITY 8

ACSC.
Router scanners
Malware Concentrated on
the financial
sector
IoT
Cyber warfare
Ransomware The Australian Government
Information Security
Manual was created by the
ACSC.
Cyber terrorism

Step 7: International Environmental Scan

Brazil

Brazilian cyber culture is mainly concerned with military measures to counter cyber

warfare and cyberattacks attempts by other countries. Over the last 15 years, the usage of

interconnected information systems has expanded as the government has provided IT producers

with attractive financial incentives to support the development of technologycheap cost of

technology. In the cyber environment, some of the challenges Brazil encounter include dData

theft, financial fraud, spam, identity theft, cyber-terrorism, cyber-warfare, hacktivism, cyber-

espionage, and cybercrime are some of the challenges that Brazil faces. Brazil cybersecurity

sector is set to grow in the next 10 years with the government now focused on will grow

increasingly focused on enhancing cybersecurity awareness and education across all sectors

among its inhabitants during the coming decade. Malware attacks, such as the Bolware family of

Malware, are one of the most serious problems Brazil is now facing. This very effective virus
GLOBAL APPROACH TO CYBERSECURITY 9

infected over 192,227 bots and cost over $3.75 billion in damages (Paganini, 2014). The current

efforts by Brazil government to provide a secure cyberspace is also supported by NATO and

United Nations.

NATO and the United Nations have made major efforts to improve cybersecurity

capabilities in member countries and throughout the globe world.

International. International initiatives have included the Council of Europe Convention on

Cybercrime, an international pact for combating cybercrime. In 2001, the United Nations

advocated worldwide initiatives and collaboration to assist member countries in dealing with

cybercrime. NATO has been working with its member countries to set worldwide minimum

cybersecurity technological and legal requirements. It is in the best interests of not just NATO

and the UN to aid their members with stronger cybersecurity, but also of all nations to develop

their cybersecurity capabilities (Brown, 2021). I would recommend that the Brazilian

government step up efforts to establish information-sharing centers with government and

business. The government should also, as well as undertake a public education campaign to raise

awareness of possible dangers to network infrastructure.

Australia

The Australian government has been focused on attempts to improve their country's

cybersecurity capabilities. The large distances between Australia's population centers, which are

predominantly located in the continent's coastline areas are one of the continent'scountry’s most

significant and distinctive issues. Some of the cyber threats that Australia confronts include

malware, cybercrime, cyber espionage, cyber terrorism, and ransomware. The proximity of

Australia to China and North Korea might be the driving force behind the need to increase

cybersecurity capabilitieschange. State-sponsored actors from both countries will continue cyber-
GLOBAL APPROACH TO CYBERSECURITY 10

espionage operations to get access to data critical to Australia, the United States, and NATO.

NATO and the United Nations have made major efforts to improve cybersecurity capabilities in

Australiamember countries and throughout the world. In 2001, the United Nations advocated

worldwide initiatives and collaboration to assist member countries in dealing with cybercrime

(Brown, 2021). The Australian government has benefited significantly due to its UN membership

and as an ally of NATO. NATO has been working with its member countries to set worldwide

minimum cybersecurity technological and legal requirements.

Ukraine

When it comes to culture, Ukraine has various distinguishing features. For one thing,

Ukraine's geographical location makes it a proxy for nation-state actors and criminals from both

Russia and the West. Furthermore, criminal organizations that emerged during the Soviet

Union's decades of existence have swiftly adapted to the cyberworld and the chances it provides.

Cyberthreats, cyberwarfare, cyberterrorism, computer and online fraud, and hacktivism are some

of the risks that Ukraine faces (Jakub, 2022). The most significant shift for Ukraine over the next

decade will be the improved protection that comes with being a NATO member. Cooperation

with other member countries and a focus on legal proceedings against perpetrators within

Ukraine would improve Ukraine's cybersecurity grade.

NATO and the United Nations have made major efforts to improve cybersecurity

capabilities in member countries and throughout the world. International initiatives have

included the Council of Europe Convention on Cybercrime, an international pact for combating

cybercrime. The ongoing Russian invasion has put key vital infrastructure at risk, and Ukraine

will expand its spending in implementing security measures for network systems supporting

critical infrastructure, as well as a drive to raise overall training and awareness.

GLOBAL APPROACH TO CYBERSECURITY 11

Step 8: Regional Cybersecurity Threat Fact Sheet

According to Muggah and Thompson (2018), Brazil is continuously ranked first in the

world in terms of cybercrime, including botnets, banking fraud, and financial malware. Brazil's

government has prioritized protecting itself against cyber espionage or warfare performed by

other countries, rather than securing its networked systems to protect enterprises, education, and

trade. Among the cybersecurity dangers confronting Brazil are, but are not limited to: Spam,

database theft, financial crimes, identity theft, cyber terrorism, cyber espionage, hacktivism,

cyber warfare, and organized crime are all examples of cybercrime. "One of the most serious

hazards to Brazilian internet users is finance malware, a type of cybercrime that has expanded

due to the country's broad use of online banking" (Teixeira, 2015). Bolware, a type of malware

that targets Brazil's Boleto payment system, is a prominent example of malware that targets

Brazilian users.

Step 10: Botnet evaluation

Characteristics of Botnets

The botnet includes bot, command and control servers, and the controller or "botmaster"

comprise a botnet. Botnets have recently "become the largest danger to cybersecurity and have

been utilized as infrastructure to carry out practically every form of cyber-attack" (What Is A

Botnet? n.d.). Botnets are not restricted in size and can range from massive botnets with

thousands of bots to small-scale botnets with only a few bots. Botnets are designed to facilitate

and carry out harmful operations in computer networks. Botmasters utilize a variety of attack

tactics to infect new targets, including spam emails, instant chats,  P2P networks, malicious

URLs, and even other botnets" to transmit infected programs.

Evolution of Botnets over the Past 5 to 10 Years

GLOBAL APPROACH TO CYBERSECURITY 12

Botnet programs first appeared in 1999, with the release of a Trojan named "Sub7" and a

worm named "Pretty Park," both of which were distributed over Internet Relay Chat (IRC)

sessions. Botnets were first utilized by Internet Relay Chat operators to do automatedconduct

automated tasking on behalf of the botowners. Botnets have advanced in recent years by using

technological breakthroughs in a harmful manner. While malware targeting PCs and servers is

still used to form classic botnets, botnet builders have primarily shifted to botnets made up of

IoT devices. Furthermore, modern botnets prefer to deliver orders via peer-to-peer

communication rather than the central command and control server.

Key Technical Features of Botnets

The botmaster, command and control servers, and bots are the core technological

components of a botnet. The botmaster is the person in charge of botnet command and control

for remote process execution (Radware, n.d.). A command and control server, according to

Rouse and Hahn (n.d.), is a computer that sends commands to digital devices infected with

various forms of malware. A bot is a software program that has been designed to carry out

certain activities.

Factors that Contribute to Botnet Characteristics to Change

Botnets are developing as technology progresses. T; the future of botnets appears to be a

far more aggressive and advanced capability. This sort of future technology will search and

acquire intelligence information quicker than botnets. The advancement of technology such as

the Internet of Things (IoT), which makes conveniences more manageable and accessible, will

also contribute to the future of Botnets.

Step 11: Botnet Discussion

Six Specific Characteristics Ofof Thethe Global Nature Ofof Botnets

GLOBAL APPROACH TO CYBERSECURITY 13

Botnet Purpose: Botnets were previously used to manufacture or disseminate unsolicited

messages on Internet Relay Chats. Botnets now have more in-depth malevolent intentions, such

as stealing confidential data and passwords, attacking networks, taking over weak systems for

power, and launching DDoS assaults.

Botnet Attack Methods: Dedicated servers with numerous capacities and safeguards may have

been hired for various reasons. For one day, a targeted DDoS service was provided. The ability

to deliver spam to targets via email, SMS, ICQ and Skype is one of the reasons. In addition,

botnet attack strategies would include infecting vulnerable computer systems throughout the

world and turning them into zombies to make the botnet attack more successful.

Botnet Size: Statistic inference is typically the only method for calculating the size of Botnets.

The number of Internet protocols (IPs) that communicate in a certain time period represents bot

behavior online. The frequency of contact for bot activity reflects the activities of the bot master.

Botnet File Attributions: The capacity to identify malware by studying file hash values.

Botnet Network Attributions: The ability to monitor IP packets, including the type of software

supported by the packet, the protocol utilized, packet durations, and the originating address.

Attribution to a State: It is preferable to ascribe cyber war-type assaults to a state in order to

facilitate dispute resolution and equitable clean-up and restitution. Even if we can connect an

attack to a specific computer or device in a certain nation, we cannot always attribute it to that

country (Rowe, 2015).

How These Characteristics Have Emerged, Changed, Or Evolved

The characteristics of botnets stated above have changed dramaticallysignificantly during

the previous ten years. For some instances, technology has gotten more stealthy and harder to

detect. Botnets are mostly used to prevent the attacker from being detected. Botnets can fool
GLOBAL APPROACH TO CYBERSECURITY 14

investigators and shift the blame to another source in addition to concealing the source of the

assaults.

Key Technical Features of Six Example Botnets

Star Wars-themed Twitter Botnet: Two security researchers identified a Star Wars-themed

Twitter botnet made up of 350,000 bot accounts that tweet random phrases from the film

franchise. The emergence of a huge botnet like this one may have unintended and perhaps

serious consequences. Bots may, for example, distribute unsolicited spam, generate bogus hot

topics to affect public opinion, and execute specific cyberattacks (Penta Security Systems Inc.,

2017).

The Hajime Malware Botnet: Named after the Japanese term for "beginning," originally

surfaced in October of 2016last year and had gathered 300,000 devices as of April 2017.

Ironically, it is preventing new malware from infecting these hacked IoT devices.

WireX Android Botnet: Malicious applications have been on the rise this year. Google's Play

Store, in particular, has experienced an increase in rogue apps and bots masquerading as legal

apps.

The Reaper IoT Botnet: Known to "quietly" target security flaws in wireless IP-based devices

and other IoT devices by running a list of known usernames and passwords against the device,

the Reaper was found in September 2017. Once infected, a device may propagate malware to

other vulnerable devices and enslave them to the botnet network.

Satori IoT Botnet: At least 280,000 IP addresses have been detected as being linked to this

botnet by security experts. Satori looks to be a variation of the Mirai botnet, which has

previously taken control of hundreds of thousands of home routers.

GLOBAL APPROACH TO CYBERSECURITY 15

Kraken Botnet: The Kraken Botnet was believed to have infected 10% of all Fortune 500

organizations and to have control over approximately 500,000 bots. Each one was found to be

capable of sending up to 600,000 emails every day, totaling 300 million emails worldwide

(Thomas, 2015).

Contributing Factors May Cause Botnet Characteristics to Change

A creative new point of view from talented hackers is one factor that may lead a botnet's

characteristics to alter during the next 10 years. Another element that will cause change is the

availability of software environments that enable for simple control of Botnets. Finally, quicker

and more efficient hardware technology means less labor for a programmer or hacker to create

more resilient botnets.

Step 12: Botnet Conclusion

As the threat of Botnets has grown in tandem with the expanding usage and availability

of networked computers, the global community may do a number of things to mitigate future

risks. Current and worldwide cybersecurity policy must address a variety of issues. They include

improving the security of all IoT devices; requiring or encouraging international efforts to

increase cybersecurity education and awareness globally; encouraging collaboration and

communication between government departments and private industry; and providing monetary

incentives to emerging economies as they boost the presence of networked devices to adhere to

international security standards. The significance of considering security at every stage of

development is one of the key findings from the life cycle of software development. This should

become a standard not only for the SDLC, but also for the creation and maintenance of

networked technologies. Increasing cybersecurity awareness and education should be a priority

for all countries as they strive to secure not just their government systems, but also the personal
GLOBAL APPROACH TO CYBERSECURITY 16

information of their inhabitants. Promoting better interaction on how to combat current and

upcoming attacks, as well as promoting the sharing of data on emerging risks, might improve

overall cybersecurity. Finally, more developed countries may create an international fund to

assist emerging economies in focusing on training and education as they progressively use

networked gadgets.

I believe that cybersecurity rules can be made successful enough to eliminate botnets in

two ways. First, states must be able to assign Botnet ownership to the persons and groups

responsible for its construction and usage. Second, international communities must reach an

agreement to allow such persons to be prosecuted through improved collaboration and other

means like as extradition treaties.

GLOBAL APPROACH TO CYBERSECURITY 17

References

Paganini, P. (2014). Massive Boleto fraud in Brazil caused 3,75 USD billion losses. Retrieved

from https://securityaffairs.co/wordpress/26359/cybercrime/massive-boleto-fraud-

brazil.html.

Brown, D. (2021). Cybercrime is dangerous, but a new UN treaty could be worse for rights.

HRW. Retrieved from https://www.hrw.org/news/2021/08/13/cybercrime-dangerous-

new-un-treaty-could-be-worse-rights

Jakub, P. (2022). Russia's war on Ukraine: Timeline of cyber-attacks. Think Tank. Retrieved

from https://www.europarl.europa.eu/thinktank/en/document/EPRS_BRI (2022)733549

Muggah, R., Thompson, N. (2018). Brazil struggles with effective cyber-crime response.

Retrieved from https://igarape.org.br/en/brazil-struggles-with-effectivecyber-crime-

response/.

Penta Security Systems Inc. (2017). Top 5 Botnets of 2017. Retrieved from

https://www.pentasecurity.com/blog/top-5-botnets-2017/

Radware. (n.d.). DDoS Attack Definitions. DDoSPedia. Retrieved from

https://security.radware.com/ddos-knowledge-center/ddospedia/botmaster/.

Rouse, M., & Haughn, M. (n.d.). What is command-and-control server (C&C server)? Definition

from WhatIs.com. Retrieved from https://whatis.techtarget.com/definition/command-and-

control-server-CC-server

Rowe, N. C. (2015). Attribution of Cyber Warfare. Retrieved from

https://faculty.nps.edu/ncrowe/3 - Rowe chapter 070214.htm

Teixeira, M. (2015). Largest Cybercrime Threats in Brazil. Retrieved from

https://techinbrazil.com/largest-cybercrime-threats-in-brazil.
GLOBAL APPROACH TO CYBERSECURITY 18

Thomas, K. (2015). Nine bad botnets and the damage they did. Retrieved from

https://www.welivesecurity.com/2015/02/25/nine-bad-botnets-damage/

What Is A Botnet? (n.d.). Retrieved from https://us.norton.com/internetsecurity-malware-what-

is-a-botnet.html.