Legal & Regulatory Issues

Today, one of the important aspects of cyber security is legal & regulatory issues. The following list of issues, may have legal or regulatory implications and lead to civil or criminal liability on the part of an organization.

Cyber Crime

Criminal activities committed over communication networks, such as the Internet, Telephone, wireless, satellite, and mobile networks are called cybercrimes. Read more about Cyber Crime

Cyber Terrorism

The main objective of these attacks could be to cause harm based on social, ideological, religious, and political. Cyber Terrorism is type of cybercrime committed against computers and computer networks. Read more about Cyber terrorism

Cyber Stalking

Cyber Stalking is a type of cybercrime in which the criminal harasses or intimidates the victim using the Internet and other electronic resources.

Motives may be to control or intimidate the victim or to gather information for use in other crimes, like identity theft or offline stalking.

The victim can be an individual, a group, a non-governmental company, a government agency or even an international organization. Cyber Stalking can take different forms including slander, defamation and threats.

ITperfection-Server room-Computer Networking Computer Networking ITperfection-Data-Secuirty-Network-Security-Cyber Computer Networking Cyber Security Support Hack-Network Security-HIPPA, CISSP- IT security-Data security-IT service provider- Networking- CISSP-CEH

Information Warfare

Information Warfare is a type of cybercrime to destabilize the enemy, such as governments and institutions to gain a competitive advantage. For example, false propaganda, Disinformation, web page defacement and so on.

DoS Attack or DDoS Attack

DoS / DDoS attacks are cybercrimes where websites of the computer systems of any user are made inaccessible using multiple services request to overload the web and application servers.

A DoS attack is a denial of service attack that make the server unavailable to other devices and users throughout the network.

A DDoS attack is one of the most common types of DoS attack in use today. During a DoS attack, multiple systems target a single system with a DoS attack. This is because more devices are available to attackers, making it difficult for the victim to identify the victim. Read more

Phishing Attack

This type of attack is mostly based on building a fake website, which is very similar in appearance and URL address to a real financial transaction website – such as a bank’s website. In this type of attack, the victim is deceived to be directed to this fake website instead of referring to the main website of the above bank. Then he/she then enters his/ her bank card (or credit card) information and the information is given to the attacker.

Another target of this attack is to direct the victim to fake but similar websites related to the e-mail service providers’ websites ( Such as Gmail, yahoo, outlook and etc) in order to record the victim’s e-mail information.

This type of attack is one of the most common cyber-attacks organized by individuals, groups and even governments. Read more about Phishing attacks.

Pharming

This attack is very similar to the phishing attack and in which, a user is redirected to a malicious website created by the attacker. Read more about Pharming attacks.

SMiShing / SMS Phishing

This attack is using mobile networks. In this attack, SMS is used to lure the user to the attacker-created malicious websites.

Transborder Data Flow

The transfer of computerized data across national borders, states or political boundaries are termed as the transborder data flow. The data may be personal, business, technical, and organizational.

Data Breaches

A data breach is a security event in which sensitive, protected, or confidential data is copied, transmitted, viewed, stolen, or used by an unauthorized individual for various purposes.

A data breach can happen owing to do unethical means such as hacking or organized crimes. It can also be owing to unintentional information disclosure, or data leak.

IPR

The creator of creative intellectual works (such as design, music, literary work, art, inventions, etc.) has a special exclusive right to the property. These exclusive rights are called intellectual property rights (IPR). Intellectual property law is a legal law that is responsible for IPR. Here are some of the IPR-related terminologies:

  • Copyright
  • Patent
  • Trademark
  • Trade Secret

Read more about IPR

Importing and Exporting Controls

Many countries have import and export restrictions concerning the encryption of data.

For example, encryption items specifically designed, developed, configured, or modified for military applications, are generally controlled based on munitions lists.

International import and export controls exist between countries to protect IPR. Information security professionals need to be aware of relevant import/export controls for any countries in which their organization operates or to which their employees travel.