Articles Data Breaches and Identity Theft | Page 17

80 M. Abomhara and G. M. Køien
with co-conspirators in all parts of the world. Another prevalent group of
criminal organization entails hacktivists. Hacktivists are groups of hackers
who engage in activities such as denial-of-service, fraud, and/or identity
theft. Also, some of these groups have political motivations, like the Syrian
Electronic Army (SEA) [57], Iranian Cyber Army and Chinese cyber-warfare
units [58].
3.2.3 Intelligence agency
Intelligence agencies from different countries are persistent in their efforts to
probe the military systems of other countries for specific purposes, for example
industrial espionage, and political and military espionage. To accomplish their
objectives, the agencies require a large number of experts, infrastructure
ranging from research and development entities to provide technologies
and methodologies (hardware, software, and facilities) besides financial and
human resources.
Such agencies have organized structures and sophisticated resources to
accomplish their intrusion goals. This sort of agencies are the biggest threat
to networks and necessitate tight surveillance and monitoring approaches to
safeguard against threats to the information systems of prime importance for
any country and military establishment.
4 Discussion and Conclusions
4.1 Discussion
The exponential growth of the IoT has led to greater security and privacy
risks. Many such risks are attributable to device vulnerabilities that arise from
cybercrime by hackers and improper use of system resources. The IoT needs
to be built in such a way as to ensure easy and safe usage control. Consumers
need confidence to fully embrace the IoT in order to enjoy its benefits and
avoid security and privacy risks.
The majority of IoT devices and services are exposed to a number
of common threats as discussed earlier, like viruses and denial-of-service
attacks. Taking simple steps to avoid such threats and dealing with system
vulnerabilities is not sufficient; thus, ensuring a smooth policy implementation
process supported by strong procedures is needed.
The security development process requires thorough understanding of a
systems assets, followed by identifying different vulnerabilities and threats
that can exist. It is necessary to identify what the system assets are and what