Tuesday, August 20, 2019
Macro Environment Analysis: PEST
Macro Environment Analysis: PEST With the increasing of international business, there has been growing interest in how a successful organization to create a appropriate international strategy. This article provides an expanded approach to an organizations strategy and linkages that exist in international business operations. Geely Holding Group as an illustrative case to be evaluated by suing PEST analysis, Porters Five Force Model, SWOT analysis, and Integration-responsiveness Framework. By analyzing all internal and external elements and variables factors, this paper proposes a list of recommendations and solutions to promote Geelys international process. Key words: Internal Business Environment, External Business Environment, industry globalization and localization drivers, Critical Success Factors, competitors Integration-responsiveness framework. 1.0 Introduction 1.1 Background of Automotive Industry The automotive industry is growing with globalization since the first automobile was built in 1885. To the present day, more than 70 million motor vehicles were produced extending throughout the world. China , Russia , Brazil and India became the major markets rapidly. In 2008, the Figure 1 shows there were about 73.2 million new motor vehicles were sold worldwide (OICA, 2009). The production has continuously increased, whereas sales started decrease in late 2007. The whole industry was weakened by a substantial increase in the prices of raw materials and fuels cost. Furthermore, the recession began in 2008 had a profound influence on the auto industry. By 2008, a series of damaging blows drove the automobile manufacturers include American Big Three to the verge of miserable condition. Dugigg (2008) has referred to such a language as The automotive industry crisis occurred between 2008 and 2010 is a part of reflection of global financial downturn. The crisis primarily affected the American and European automobile manufacturing industry. Decline in productivity has resulted in less output, meanwhile, due to the economic crisis, oil price shock and environment expectations, more and more automobile buyers turned their attention on a higher quality and more fuel saving auto vehicles. This phenomenon of changing product demand gives many automobile manufacturers a heavily shock. Therefore, many famous automobile manufacturers have no choice to sell some of its famous brands in order to relieve financial pressure. Undoubtedly, it provides opportunities to other private enterprises entry the market. China became both the largest automobile producer and market in the world after experiencing massive growth in 2009. For example Ford, the one of The Big Three of American au tomobile manufacturer and the fourth-largest in the world based on cars sold number annually (OICA,2008), battled against the weak currency market and sold decline. Failing investments and an increasing unemployment rate has exacerbated the impact of the crisis. 1.2 Geely Holding Group Profile According to the company brief of Geely (2010), Geely Holding Group is one of Chinas top ten private automakers and also among the countrys top 500 organizations. Geely is founded in 1986 and is today a fully integrated independent auto firm with a complete auto eco-system from design and research and development to production, distribution and servicing (Li Shufu,2008,p 9). Although Geely has achieved great success in domestic automobile industry, it pays more attention to explore global market. About 40000 vehicles are exported for sales in 2008, ranking second place in automobile export in China. In March 28, 2010, Geely Group signed a contract to make an acquisition of Ford Motors Volvo automobiles brand for the cost of $1.8 billion (Nordstrom, 2010). Through acquisition, Geely can rapidly accelerate its international business in automobile industry and become a leader in this area. 2.0 Geely Business Environment Analyses 2.1 Conceptual Background on Business Environment John Kew and John Stredwick(2005) similarly argued that business environment is a situation largely outside the control and influence of an organization, and the factors in business environment car potentially have both benefit and passive impacts on an organizations present or future activities. It is useful to divide into two the micro-environment and the macro-environment. Middleton (2003) elaborated that the macro-environment involves factors such as the economy, government policy and social change, outside of the direct control of the business. These factors such as the economy, government policy and social change can have a significant effect on a firms success but the relationship is fairly one way. The PEST (or PESTLE) analysis appears to be by Francis J. Aguilar in 1967 can analyze the macro-environment efficiently. The individuals and firms belong to micro-environment and have direct activities of a business. The members of it include suppliers, distributors, competitors, c ustomers and employees. These factors will affect the performance of any organization. Thus, the micro-environment plays a critical role in the success and behavior of a business. Use the Five Forces analysis to gain insights into the competitiveness of the micro-environment (Cliff, 1990). 2.2 Macro-environment Analysis by use PEST Analysis PEST is an acronym for Political, Economic, Social and Technological. Organization can use this tool to reduce risks associated with operation. The Oxford University Press was strongly shaped and influenced by PEST analysis. As the relevant article published in 2007 shows A PEST analysis is helpful understanding the position, potential and direction for a business. PEST Analysis on Automotive Industry Political Political factors relate to government policy that firms have to operate, such as trade regulation, political stability and trading policies. Political decisions can impact on many vital aspects for organizations. Automotive industry has propelled by government incentives. For example, China government used stimulus measures to support vehicle sales, such as cuts in sales tax for engines smaller than 1.6 liters. Indeed, Geely as a famous independent privately owned firm in China, it has a strong support from the government. Moreover, America saved the American Big Three of the automobile manufacturers in 2009. Furthermore, governments make no difficultly with automobile merger of cross border or oversea purchase domestic brands. A great deal of mergers and acquisitions activity from auto manufacturers to parts suppliers (Gaughan, 2008). For instance, Geelys international acquisition is evident to that. Economic Economic factors include interest rates, taxation changes, economic growth, inflation and exchange rates. Above of these impact the profit of firm and customers purchasing power. Exchange rate fluctuation influences on vehicle international trade, a weak currency may make export easier. An economic slowdown in many parts of the world during the financial crisis. In this term, interest rate and inflation are unstable. In fact, recession let automotive industry has a huge problem. However, China has remained the only one of the worlds major economies that continued to show growth through the global recession of 2008-2009. Chinas strong economic boom of recent years continues to lift incomes and bring more of the population within financial reach of car ownership, vehicle sales arrived at 13.6million units in 2009 CAAM reported (Just-auto). Social Social factors include lifestyle trends, culture, buying access and trends. These factors affect consumers demand and the size of potential markets.Focus on social trends can improve on the firms reaction to customers need. Consider of fuel cost and environment pollution, increasing consumers need small cars. In other words, customers prefer to high quality, low price, complete service, and added value for an auto vehicle. Technological Technological factors involve new technologies create, rate of technological diffusion and change, replacement technology and so on. Individuals and governments are set up to promote new technology in renewable energy and create electric vehicles. Conclusion Above of these factors could be important macro-environment elements in an automobile manufacturer. It is vital to gain an insight into the macro-environment of the industry to guide strategic decision-making. In political aspects, although most governments propel development of auto industry, some of them take a system of tariffs or other measure of protecting domestic producers, especially compare with Chinas new stimulus measures. It doubtless impacted automobile international trade. If the firm choose a place with abnormal inflation rate, high taxation and may lead to production cost and operation fee, taxation and unstable exchange rate, the firm will have high risks associated with operation. Consider social and technological factors, companies in should focus on research and development to environmentally-friendly products like electric vehicles. 2.3 The Porters Five Forces Analysis on Micro-environment Porters Five Forces analysis is a simply tool to analyze the determinants of an organizations profit; it can be summarized through his Five Forces Model in figure 3. (Chris, Stewart and martin, 2008). This model attempts to explain relationship between competitors, new entrants, suppliers, customers and substitutes. Understand of critical issues is vital to establish what the best competitive position and gap is (Michael E. Porter, 1980). 2.3 The Porters Five Forces Analysis on Micro-environment Porters Five Forces analysis is a simply tool to analyze the determinants of an organizations profit; it can be summarized through his Five Forces Model in figure 3. (Chris, Stewart and martin, 2008). This model attempts to explain relationship between competitors, new entrants, suppliers, customers and substitutes. Understand of critical issues is vital to establish what the best competitive position and gap is (Michael E. Porter, 1980). Rivalry Among Existing competitors Rivalry competitors always have similar products or services in the same industry. Strong rivalry is likely to generate profits damage. The degree of rivalry is high when competitors have become more equal in market share and capability, tempted use price war or other competitive measures to boost sales, low barriers to entry, demand for the product is growing slowly, the costs of leaving the market is high and a little brand loyalty because of so similar that customers are easily switch products. According to automotive industry, rivalry can be intense and cut-throat due to more and more competitors undertook the vehicle manufacture. 2. Threats of New entry For other Chinese firm enter the automotive industry it is expensive to set up a nationwide network in marketing and equipment. Geely established in 5 strategy markets, such as CIS, Middle East, Africa, Southeast Asia and Central and South America. The existing automobile manufacturers have gained high reputation in market and established excellent brand image. However, the existing firms have no control of the supplies; new entries have opportunities to development. In recent years, Chinese domestic auto companies that have experience in host country like Chery, Chana, Saic and Baw, have active performance in international market. Therefore industrys profitability was affected. Like Porters view, In a market with low barriers to entry, the threat of newly competing rivals is high only when the level of profitability in this industry is high as well. To illustrate, in March 2nd, 2006, Chery had exported its own products to American. Chery has gained a certain market share in Europe, Africa, South America and North America in 2009. 3. Threats of substitutes A substitute is something has similar function as existing product in the industry. According to Porter, the threat of substitutes also influences the bargaining power of companies. (Chris, Stewart and martin, 2008,p.37)If substitutes have lower price, good performance or both, then some customers will be tempted to move new products. Substitutes are not in direct competition but have nonetheless a massive impact on existing companies, for example decrease goods price and raising investment to improve products or services. However, there was no obvious evidence of substitutes in automotive industry. Although some countries have complete public transfer, but all of these 4. Bargaining Power of buyers Powerful buyers will be able to force down prices thus can bargain away profits of firms that sales goods or services. Porter argues that the profitability of an organization depends on the bargaining power it exercises in negotiating prices with suppliers and customers. Buyer power will be higher if they are scale important in this transaction. For example they purchase in large quantities or purchases represent a sizeable percentage of the industrys total sales. However, this kind of powerful buyer are difficult appear in global auto industry, it could be happen in a small area. Especially, there are a few buyer of the firm, big buyer is vital to them. Moreover, when the industry emerge large numbers of small sellers or customers can easily switch to other provides, consumers have powerful negotiation to extract a high quality service at a good price. In fact, international auto market has a great many vehicle brands not only in low-end car market but also in high-end auto market. Buyers have a very wide selection. 5. Bargaining power of suppliers The strong bargaining power of supplier is leading to a squeeze on profits through higher input costs. If there are relatively few suppliers within the industry or organizations are difficult or costly switch from one supplier to another, the suppliers of raw materials, power, skilled labors and components will have power of high prices negotiation. According to China Association of Automobile Manufactures research (Plunkett, 2007) shows cost, design, security and extra capability are decisive factors in a cars value. It requires suppliers to enhance the quality of their products and service. Global competition in auto industry: Along with the continuous impact of financial crisis, the international market is shrinking. Meanwhile, the profit of international auto market decrease along with the shrinking revenue. Consequently, the competition in international auto market is becoming fiercer and fiercer. The automobile market is at the maturity stage of the life cycle, locally and globally, due to an increased number of competitors from domestic and foreign markets. The automobile market is characterized by a low potential for market growth, but high sales and limited profit margins. Competitive forces are high in each segment of the overall market, Geely currently face fierce competition against Lifan, whos marketing strategy is price oriented, its model series LIFAN520 has gain a considerable proportion of the market due to its low price strategy. After the buy out of Volvo, it is expected that Geely will shift its current strategy to differentiation. Hunt (1972) proposed a strategic group analysis to identi fy and group strategic characteristics, following similar strategies or rivaling on common bases. Criticism offers that the study of strategic groups is merely from cognitive perspective, notwithstanding the framework have obtained prominence over the years (Hodgkinson 1997:623). Profit Margin High Low Sales Volume Low High High sales with average margin Toyota, Chrysler, Honda Low Sales Volume with high margin BMW, Mercedes, Jaguar High Sales Volume with low margin Lifan, Geely Low Sales and low margin Chery, Chana, Saic Baw Figure: Strategic Group Analysis To sum up, along with the recovery of international economy environment, and Chinese governments policy on private enterprises access to internationalization, it provides convenience and opportunity for Geelys international strategy. Nevertheless, due to deficient consumer confident on private enterprise and the restriction of consumption environment, Geely faces mighty competition pressure. Thus, what is needed is the improvement of Geelys ability to respond to external factors after acquisition. When we make an international strategic plan for a multinational enterprise, we have to take the corresponding relationship between local factors and global factors into account. The IR framework provides a visual diagram for us to demonstrate the diverse and conflicting pressures that firms confront. The two major concepts that will influence MNE are integration and responsiveness. By integration, Prahalad and Doz (1987) refer to the coordination of activities across countries aimed at building efficient operations networks and taking maximum advantage of similarities across locations. By responsiveness, they refer to the attempt of responding to specific needs of host countries, and note that businesses can choose to emphasize one dimension over another, or to stress both dimensions. Thus, firms have basically three strategic options at their disposal: the global integration strategy, the locally responsive strategy, and as sort of an in-between option, the multi-focal strategy. The choice between the three strategic options is governed by the perceived intensity of two forces in the firms operating environment: the pressure for global integration and the pressure for local responsiveness (Prahalad Doz, 1987, pp. 18-21). The global integration and local responsiveness pressure of Geely is listed in Figure 8 Integration Pressure(Globalization drivers) Responsiveness Pressure(Localization drivers) Economies of Scale. Geely needs to set a brand of subsidiaries to achieve economies of mass production. Consumer trends and universal needs. The word Consumers are God should be a basic principle of Geelys cultural. Uniform service to global customers. Services are essential to win global consumers enthusiasm. Global sourcing of raw materials, components, energy, and labor. Source from large-scale, centralized suppliers provides benefits from economies of scale and consistent performance. Global competitors. Global cooperation and coordination is necessary to resolve competitive threats in foreign and domestic markets. Availability of media that reaches customers in multiple markets. Geely should take advantage of the Internet and cross-national television to advertise their products in different countries simultaneously. Unique resources and capabilities available to the firm. Each country has its own abundant resources. Diversity of local customer needs. Different people in different region have different appetite and requirements on vehicles. Local competition. When competing against numerous local rivals, centrally-controlled MNEs will have difficulty gaining market share with global products that are not adapted to local needs. Geely should diversify its products. Cultural differences. MNES have to adapt to local history, language, custom, ways of dealing with people and culture. Local government requirements and regulations. Local governments usually impose trade barriers or complex business regulations to protect local trade. Apparently, Geely has great ambitions to become a top automobile manufacturer giants in a few years. However, due to the reason that Chinese automobile industry has started later than many developed countries, Geely has a huge gap between other large manufacturers. Although Geely has already acquired Volvo, it has numerous obstacles such as international humanresource integration and management, autonomous technology RD, and cross-cultural conflicts. According to the analysis of Figure8 and IR framwork, we can conclude that Geely has to seek to achieve both global effectiveness and local responsiveness. Geely must achieve simultaneously requirements for strong central control and coordination of subsidary companies and decentralization and empowement to local responsiveness. 3.3 Key Factors for Success in Automotive Industry The Critical success factors (CSF) is a notion which is applied to understand the elements necessary for an organization to archive its objectives, it is initially applied in the data analysis and business analysis (Rockart, 1979), later it extended its use in IT projects to enhance the user involvements (Boynlon, 1984). In the automotives industry, there are a set of critical success factors for firms to achieve in order to obtain unique competitive advantage. First, engineering and innovation in car designing, a firm can gain remarkable advantage via superior quality of engineering in automotive production, skilled labour force, fashionable design and luxury taste. Second, Brand image is of essence in todays auto mobile competition. E.g. BMW claims its brand as ultimate Driving Machine (BMW, 2004), excellent brand image can lead to fanatic loyalty towards the brand thus create advantage. Third, safety is guaranteed by the quality of vehicles, premium quality mobile, sophisticated testing methods and strong safety record will all contribute to competitiveness of a firm. Fourth, cost reduction, sophisticated techniques e.g. JIT system or host country advantage can have direct impact on the cost reduction of a firm. Fourth, if a firm can tightly control its distribution network, it can manage its bran d more efficiently and make more effective communication with its distributors. Fifth, a firm has an excellent grasp on supply chain management enables the firm to maintain a good relationship with suppliers in the long run, to ensure that the customer needs are satisfied. The strategic positioning model is widely applied to demonstrate how a firm shifts its strategy in a variety of ways (Boston, 2000). Chesbrough and Rosenbloom (2002) argued that the application of strategic position model enable the user to gain a clear picture of the competitive advantages of the chosen firm. In Geelys case, due to the host country advantage now Geely possess the cost advantage in the low end market from global scale. However the acquisition of Volvo may help Geely to gain the engineering expertise and a positive brand images, consequently create more competitive advantages for the firm. 4.0 International Strategy of Geely 4.1 Internal and External Factors Analysis by Using SWOT Analysis SWOT analysis is a simple and useful tool for strategic alternatives from a business environment analysis. SWOT formed from the initial letters of Strengths, Weaknesses, Opportunities and Threats. It through analyze the internal and external environment to help organizations understand current situation and make decision easily. The SWOT analysis was provided by Albert S. Humphrey in the 1960s, but now it development into an absolutely necessary part of the strategic planning process (An Soff, 1965). Indeed, it is considered the first step of forming a strategic picture. SWOT analysis divide into two aspects, one is external factors as opportunities and threats, the other aspect is internal factors include strengths and weaknesses. Strengths and weaknesses are essentially internal to an organization and relate to matters concerning resources, programs, and organization in key areas. Opportunities and threats tend to be external- from competing organizations, global trends, and other environmental factors. (Charney,p 170,2005) The SWOT analysis reduces the relevant information from internal and external environment to a manageable quantity of primary issues. Logically, it is helpful optimize the firms resources and capabilities, therefore a firm can better leverage its strengths, correct its weaknesses, capitalize on golden opportunities, and deter potentially devastating threats. (Menon,1999,p 30) Thus, a comprehensive SWOT analysis of Geely contributes to a better understanding of Geelys international business environment at internal and external. The figure below is the SWOT analysis on Geelys acquisition of Volvo. SWOT analysis on Geely Internal factors External factors Strengths Opportunities Owns many patents. The maturity of domestic market. Ranking 2nd place in automobile export in China. Supports from government policy. A mass of honest customers in the low-end car market. Geely got further research and developed new energy vehicles. Effective cost control of manufacturing and sale while has high performance price ratio. Increasing needs at abroad. Vehicles have gained high reputation in overseas market and established excellent brand image. Advanced production facilities and technology in low-end car. Local competitors have poor products. Geely can launch 4-5 brand new car models and engine models every year. RD is greatly improved to provide efficient guarantee for the overseas business development. Geely successfully acquired the worlds second largest automatic transmission company called DSI. Capital rising by entrust loans from reliance group. Product innovations ongoing. An increasing trend on global market shares. A billions credit limit from China Everbright Bank and the support from Goldman Sachs Investment Bank. Weaknesses Threats The scale gap with other large automobile manufacturer in the world. Brand appeal is low, oversea consumers have little confidence on new private brands. Marketing network is incomplete, oversea staff need training. Consume circumstance of automobile market is depressed since financial crisis. No takeover experience at automobile company abroad could be called up. It has risks in culture and operation. More and more domestic private brands emerge in automobile industry likely entry of new competitors. Management cover insufficient, Lack of management depth A high safety standard of international import and export motor vehicles Inadequate financing capabilities. Capital situation is unstable. Culture difference impact management style and sales product, oversea customers maybe refuse to adapt new products. It will invest huge number of money to operate in the further years. The market system is incomplete. Manufacturing technique is deficient, poor quality vehicles and less value. New regulations exposed to political problems in the countries that operate in, besides, taxation maybe introduced on product or service. 6.0 Current Situation and Recommendations Independent Research and Development There is no doubt that core technology is the essential of every company in every industry. Moreover, when Geely grasp the unique core technology in automobile industry, it will have the pricing power and cost control, which is the key factor of its globalization strategy. Therefore, Geely has to put more energy on research on its own patents. It is advisable for Geely to set up its own lab. Geely can attract scientists and technicians by offering well-paid position and reputation. 2. Pay attention to domestic market Chinese market is a huge cake which contains abundant human and raw material resources. More and more foreign have rushed into China in order to seize the new prosperous market. As a domestic enterprise, Geely has many unique advantages such as human network, government supports, and public patriotism. Domestic market is the solid back supports for Geelys international development. 3. Cross-cultural management After acquisition, Geely has to take over a series of overseas factories, which means Geely has recruited hundreds and thousands of foreign employees. How to manage them effectively will be the first challenge for Geely. Cultural shock, language barriers, miscommunications, and staff turnover will be the main obstacles in Geelys management. It is suggested that Geely should pay attention to leadership theories. Empowerment, motivation and teamwork are the key factors involved in Geelys management. 4. Government supports In order to expand international market, Geely has to face with different laws and regulations. Building a harmonious and cooperative relationship with governments is essential. Geelys investment and development can enhance local employment rate and increase local tax revenue. Simultaneously, government can provide unique supports for Geely. Cooperation with governments is a win-win strategy. 5. Building a talents training system Experts and technology are the core productivity for a MNE. Geely can set up its own talent base through establishing independent labs and donation to famous universities. Through collaboration with universities and labs, Geely can gain a reputation for thousands and hundreds of students, who have potential to contribute for Geely in the future. Unauthorized Intrusion Or Hacking Information? Unauthorized Intrusion Or Hacking Information? This survey paper will give us the brief overview of what cyber attacks are, what are their types and their causes and what steps should be taken in order to control or counter them with respect to information security management. With the current advancement in cyber technology and mass adaptation of this technology by most of the organizations and businesses cyber security becomes the key concern. Most of the operations like financial, industrial and commercial are interlinked and dependent on each other and ever more dependent on information technology. At the same time, the rapidly growing interconnectivity of IT systems, and the convergence of their technology towards industry-standard hardware and software components and sub-systems, renders these IT systems increasingly vulnerable to malicious attack. (Randel, etal,1998) Introduction: As technology progress and capabilities of information warfare have developed significantly in recent years, the probability of cyber attacks have increased as well. Computer-network attacks mainly known as cyber attacks can destroy adversary data, computer systems, and networks, and can have a major effect on an adversarys ability to wage war (Bayles, 2001). In the cyber arena, the situation is, in some ways, worse than simply paying too little heed to a potential new threat until it manifests itself. Threats in the cyber arena have manifested themselves. We are reminded constantly of our vulnerabilities to the threat, yet we still are not doing enough. Every hour of every day, some individual or group is writing or disseminating a new disruptive virus or worm or is breaking into a computer network or to harm a network by some other means (Vatis, 2004). It is usually said that it is very productive and simple to bring computer in our systems and to increase its usage but at the same time it is significantly difficult and far more expensive to develop technologies to make it secure mainly because of the internet, a network which is used to share information rather than hiding it. Most cyber attackers are attracted to high value targets such as networks, servers, or routers, whose disruption could yield financial or political consequences (Vatis 2001). Types of cyber Attacks: According to (Arnold and Pangi, 2003) Main objective of the cyber attacker is to steal, destroy, remove or change information or to block the functionality of the system which they want to target. We can divide these attacks typically into three main categories, Unauthorized Intrusion or Hacking Destructive Viruses or Worms Denial of Service attacks (DoS) Unauthorized Intrusion or Hacking: Unauthorized attacks are attacks in which attacker get access in to the system by the means of different hacking or cracking techniques. This type of activity will be performed by some outsider who wants to have access of the system in order to use it for some negative purpose. Second type of threat is from an insider who illegally wants to access the system which he or she is not authorized to in order to do harm the network or system. We can divide hacking further in to three more categories, system can be shut down by hacker after regular interval but this kind of hacking activity easily recognized by the administrator and can be easily fixed. Sometimes there are defacements which change the information on the computer system, this type of activity is also easily traceable as sometimes hackers place a note like you have been hacked à ¢Ã¢â ¬Ã ¦Ã ¢Ã¢â ¬Ã ¦etc. Defacements are potentially more disruptive as they subtly change figures or alter information. Another common type of defacement is website defacement. Hackers regularly deface information on organizations or government websites in order to ridicule the entity that sponsors the site or to put hackers own message. Most of them are just nuisance not a serious threat. Semantic hacking is one fo rm of defacement which is potentially more harmful as it changes the content of a web page deviously so that the change could not be obvious which results in the dissemination of the false information. An example of possible semantic attack with significant impact would be change in the website of disease control and prevention system which could have a disastrous effect on research and analyses or treatment of the disease. Thirdly the possible threat is of Trojan horse programmes. These are the silent operations and aim to pass undetected by virus scanners. They get the information from the system and send it to the hacker. (*, 2007) Destructive Viruses or Worms: These types of attack usually spread through emails or some other source of data transfer between computer to computer and can cause the loss of functionality of parts of the network. Worm and viruses are malicious computer program example of famous virus is love mail which use to shut down the system and another example of this kind of virus is I love you email as soon as attachment is opened it start sending copies of the same email to all address in users address book. Denial of Service attacks (DoS) Denial of service attack is a sort of attack in which hacker bombard the system with number of messages with such a frequency that system cannot able to process anything else. It overload the computer system which results in effecting the functionality of the system. Distributed denial of service (DDoS) attacks is another useful mean of putting computers off network for some time. In Distributed Denial of service attacks hacker bombard the web and email server from great number of messages, by receiving such a high numbers of fake messages system functionality becomes slow or sometime system get crashed. Hackers can easily increase the effect of their distributed denial of service (DDoS) attacks by using malicious codes to get control of other systems and using these Zombie machines to send more messages on to the servers(Arnold and Pangi, 2003). Domain Name server (DNS) Attack: According to (Arnold and Pangi, 2003) Communication between two computers on the internet is done by using internet protocol address of computers. To map the name of the website computer consult domain name servers and if DNS give wrong numerical address than user will connect to a wrong server without any information that he is on wrong server. This sort of attacks will be useful in spreading incorrect information and to divert a customer of e-commerce site from the original site or sometime block access. DNS is hierarchal there for the cascading effect on remote servers would result in traffic to selected site to be redirected or loss. (Cortes, 2004) Compound attacks: As the word compound itself describes these attacks are the combinations of 2 or 3 different attacks simultaneously. Purpose of these attacks is to increase the destructiveness of some sort of physical attack with the help of coordinated cyber attacks e.g. terrorist might place some boom in densely populated area at the same time with the help of cyber attacker they disable the communication setup of emergency services like ambulance, fire, police to impede there response. (Arnold and Pangi, 2003) Routing Vulnerabilities: Router controls all the traffic on the internet that is there they make it sure that the information in the form of packets, get from the source to destination. In general router is not a primary threat for disruption, but if the routing operation is not well diversified than it can lead to a massive routing attack. So it now a primary concern for the router manufactures to follow standards and regulation for maintaining the security on routers. (Cortes, 2004) Sources of Attacks: Cyber attacks can be launched from different sources depending upon their motives and the target they want to attack, generally we can group them in three categories terrorist groups, targeted nation-states and thrill seekers. Terrorist Groups Terrorist activities are the great threat for the whole world. Terrorist are not only targeting the physical infrastructure of the countries but now they are targeting the IT infrastructure as well. i.e. hacking the government websites and causing serious damage to vulnerable information (Cortes, 2004). Targeted Nation-States Most of the countries which dont have the friendly relation with one of the some countries use cyber attacks to sabotage the IT infrastructure of their potential enemy in order to safe guard their own national interests. e.g. India and Pakistan both are trying to attack government an defense resources in order to harm each other. Similarly China, America and Russia try to initiate attacks on each other national infrastructure primarily security network (Cortes, 2004). Thrill Seekers These sorts of attacker are not attacking the network for specific purpose rather they do it for fun and check their ability to break the secured networks. Because of the advancement in technology probability of these attacks are high (Cortes, 2004). Countering Cyber Attacks: Due to technology advancement and use of IT in almost every field of life and day by day increasing cyber attacks it is mandatory to counter all this cyber attacks and to secure the IT infrastructure as much as possible. Although countering these cyber attacks is not an easy job rather much complex and consist of several layer of defense. It take time to develop a mature program. The ratio of threat is changing day by day probability of risk is increasing and organizations should change their approach towards information security and take it as a primary concern. Establish threat intelligence gathering Capability Threat monitoring Risk analysis Security strategy validation Minimize delivery of malware Security awareness enhancements Continuous controls update Website protection Threat monitoring Application security testing Prevent execution of malware Application whitelisting Least access privileges Network restrictions/segmenting Identity and access management Protect the data Protect the data/data loss prevention Detect and respond Host and network anomaly detection Incident response program Forensics Source: insight of IT risk 2010 Established threat gathering capabilities: In order to understand the continuously changing threat landscape organization should develop an intelligence gathering capabilities to supervise and plan strategic and tactical responses to threats. This team should consist of qualified professionals who can keep an eye on the current threats and interpret how the organization can be effected by these potential threats and what necessary steps should be taken to modify the organizational security controls and overall security strategy. The prime objective of this time is to monitor the threat level than analyze it that how it can effect their organization and than to develop a strategy (Ernst Youngs, 2010). Minimize delivery of malware: By strictly implementing the traditional security measures in the organization the threat of malware can be greatly reduced below mentioned are the ways how we can reduce the threat level. Social engineering: It is one of the most common methods of reducing the threat or malware environment. There are number of ways by which this threat can be introduce like phishing or dropping USB in organization premises and hoping some one will use this USB in company computer, resulting employees unintentionally perform a harmful action. Regardless of implementing the entire advance technical controls human factor will remain the weakest link in spreading malware. So the solution of this problem is to aware the employees as much possible against these threats so that the employees protect them self to unintentionally become a source for spreading these malware. Research shows that companies are not doing well in promoting awareness to their employees. The organization should conduct the information security programmes on regular intervals. So that there effectiveness will be increase (Ernst Youngs, 2010). Security awareness: Mean to educate the employee about the common threats which are used by the cyber attackers. This awareness can be increase by including security awareness programs in the companies overall defense in depth strategy. These programs should include education about new threats different examples how employees contribute to the success of the attack and lesson learned what means are used by cyber attacker using social media etc. to target organizational networks and than take the feedback from the employees (Ernst Youngs, 2010). Malicious software: Another way which can reduce the threat of cyber attack is a use of registered softwares on all user computers. Corrupted or pirated softwares are also the main source of introducing malware in the network. Phishing and DNS redirection: Threat can be introduced in the company network by redirecting the DNS to a malware site while preventing the user from visiting the hack or fraudent site to begin with would be preferred but it would not happen most of the time. So it is preferred to block the sites but it is infective to block the sites on domain name bases because they can easily be change. So it is more effective to block the sites by IP address. Install the tools which can tell the users when they visit the site whether the site is safe or unsafe the network. At the end decision is again in the employees hand, so awareness to employees is really very important (Ernst Youngs, 2010). Protect the data: Data is the most important aspect in information system because at the end it all about the data. By implementing the Data Loss Prevention DLP solution can help stop malware collecting the sensitive data and from sanding data back to attacker home network. On the basis of predefined policies host based DLP can be implemented in order to control the information which user has access. In order to keep the check on the flow of data on the network, network DLP can be use which keep the record which data is going in and out of the network and block the specific data to going out of the network ( Ernst Youngs, 2010). Conclusion: After considering all the factors in mind which we have discussed above we came to conclusion that As technological advancement reaching at its peak, at the same time Cyber crime is also increasing day by day but different organization and agencies are working to overcome all such crimes. As cyber crime become a global issue so globally Governments are putting all their resources against these crimes by imposing legislation against these activities and most of the country have consensus to help each other against cyber attacks. Software companies are developing most sensitive tools and controls in order to protect organizational or government assets from these threats. The most important thing is to implement all those advance controls along with conventional security measures to safe guard all sort of assets from cyber attack.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.