Draft:Unauthorized access

Unauthorized access refers to the situation in which an individual or entity gains access to information on a computer or system without prior permission from the system owner. This activity is commonly referred to as hacking. Essentially, it involves an attempt to breach security measures in order to access data that the individual should not possess. Various methods can be employed to achieve unauthorized access, such as releasing a worm into the network where the data is stored or gaining control over a system with valuable information using stolen credentials. Unauthorized access may result in the theft of valuable data, data manipulation, or other security risks, often leading to legal consequences.

Logic
Distinguishing between authorized and unauthorized access is straightforward in real-world scenarios, as there are clear boundaries. However, this distinction becomes less obvious when examining computer systems. When an individual accesses another computer within their operating network, they are merely transmitting data, constituting authorized access to the system. On the other hand, computer hackers strategically leverage resources from a second computer in a network to obtain more information than intended, constituting unauthorized access to the system. Not everyone engaging in such activities is necessarily a hacker, and situations are not always simple.

For instance, the 1986 Kennison v. Daire case illustrates a scenario where individuals could withdraw money from ATM machines despite their bank accounts being closed. Whether done knowingly or unknowingly, such actions would be considered unauthorized access. This is because the principle behind granting authorization to resources, to an individual, mandates that it be explicitly designated by the person. Machines, in contrast, lack the capacity to provide authorization autonomously.

Defense mechanisms
Many contemporary organizations implement Multi-Factor Authentication (MFA) systems to enhance their defense against cyber threats. The adoption of MFA implies that gaining access to the system is no longer as straightforward as entering a username and password. Instead, additional layers of security are introduced, such as one-time codes that change at regular intervals. Another protective measure involves the deployment of firewalls within the network to mitigate potential attacks. In larger organizations, the responsibility for managing access to specific systems or network segments often rests with designated individuals who possess access keys. These individuals may include department managers or other designated personnel. Additionally, access-control lists (ACLs) play a role in computer security by providing a list of users authorized to access specific systems or log into a network.

Attack methods
Attackers initiate their efforts by acquiring data about the target network or system. This involves not only identifying vulnerabilities but also locating potential entry points and gathering information on program versions, system architecture, and potential flaws. Various strategies may be employed to exploit weaknesses, such as targeting unpatched software and misconfigured services. Deceptive methods, such as false emails, messages, or phone calls, are also commonly used to trick users into revealing passwords or downloading malware. Once access is secured, attackers aim to maintain control over the system, employing tactics like installing backdoors, creating new accounts, or implanting malware to ensure continued access even after closing initial entry points.

Organizations under attack must ascertain whether the threat originates from an insider or an external source. In the event of a security breach, companies need to consider the possibility that the perpetrator may be an employee. This is plausible as employees often possess a deeper understanding of the company's network systems than external parties. An illustrative case of unauthorized insider access is Edward Snowden, a whistleblower who disclosed classified information from the National Security Agency (NSA) to the public.

Importance
The volume of personal information stored in data centers or servers is increasing daily, driven by the growing number of people using social media and sharing information on public [[network domain
 * domains]] or websites. The rise in valuable resources within these data centers has led to a corresponding increase in cyber attacks. In 2014, CEOs in the U.S. alone were spending up to 60 billion dollars annually to combat cyber attacks. . This issue has evolved into a significant threat to governments, given the abundance of highly classified data stored on servers. Protecting against unauthorized access within organizations that control these domains or websites is synonymous with safeguarding the personal data of their customers or users, even for individuals with accounts on popular social media platforms.

The escalating frequency of cyber attacks has resulted in substantial losses for large corporations due to the theft of valuable data. Implementing defensive solutions comes with a considerable cost, and after an attack, many organizations struggle to recover due to resource constraints.

Over the years, both individuals and companies have become more attuned to this problem. In the past, when attacks were less frequent, cost-benefit considerations often deterred investments in authorization access policies and cyber attack defense, deeming them too expensive. Nowadays, it has become evident, even to small businesses how crucial protection against malware, ransomware, and other unauthorized access methods is. The landscape has shifted to the point where not only large corporations but also small and medium-sized businesses are susceptible to attacks.

History
Unauthorized access to sensitive systems and data poses a threat, with the potential to escalate into a cyber attack. Throughout the digital era, there have been notable instances of some of the most significant cyber attacks in history.


 * Melissa Virus

The Melissa virus, unleashed on March 26, 1999, stands as one of the earliest cyber attacks in the history of the digital landscape. Functioning as a malicious computer worm, it propagated by attaching itself to email messages and then replicating across the contact lists of email owners. Primarily targeting Microsoft Word and Outlook-based systems, the virus caused a substantial overload, leading to a surge in email volumes.

Being the first mass-mailing worm, Melissa rapidly spread globally, inducing chaos in its wake. The estimated damage amounted to approximately $80 million, and its disruptive impact resulted in the temporary shutdown of numerous businesses and organizations. The Melissa virus serves as a pivotal case study in the evolution of cyber threats, underscoring the imperative need for continuous advancements in cybersecurity measures to thwart such malicious attacks.

The Mydoom worm, which surfaced in January 2004, gained notoriety as one of the fastest-spreading email worms during its time. Propagating through email, its primary goal was to create a backdoor in the infected system, allowing unauthorized remote access. Mydoom had significant repercussions, resulting in considerable losses for major corporations, including Microsoft, SCO, and Google. The overall estimated damage caused by this computer worm amounted to 38 billion dollars.
 * MyDoom

The 2013 Yahoo cyber attack affected three billion user accounts. State-sponsored actors utilized forged cookies to gain unauthorized access. Though discovered in 2014, Yahoo only disclosed the breach in 2016 during acquisition talks with Verizon, resulting in legal consequences. This incident underscored the necessity for robust cybersecurity measures. In response, Yahoo implemented security enhancements and increased investments in cybersecurity to mitigate future threats. The breach had a substantial impact on public perception and inflicted lasting consequences on the company's reputation, highlighting the critical importance of timely detection and transparent disclosure in the evolving landscape of cyber threats.
 * Cyber attacks on Yahoo