Journal Entries

>

The motives of cyber crime ranked from best to worse would be 1. Money, 2. Multiple Reasons, 3. Recognition, 4. Political, 5. Entertainment, 6. Revenge, 7. Boredom. I believe that money is the biggest reason of cyber crime because money is a powerful motivator for any type of crime, and often is the reason people who refuse or can’t get normal jobs lean toward crime. Secondly, I believe that Multiple Reasons is the second biggest motivator because in addition to money being a reason, people could also be committing cyber crime for recognition which might in tern lead to more money The next three aren’t as important because I don’t believe they are the main reason of the majority of cyber crime being committed, so Money, Recognition, and Multiple reasons are the most important, with Political, Entertainment, Revenge, and Boredom trailing behind. 

Three fake website would be something like http://facebook.com http://amazo.co and http://you.tube.com and these websites would be obviously faked because they are all missing the secure portion of http meaning that connections on to this site are not secured and could potentially lead to stolen data or information, additionally, these sites may also be the result of just misspelling a word which is a clever way to get people to accidentally access your site instead of making it something that would never be accessed. Real examples of these sites would be https://facebook.com; https://amazon.com; https://youtube.com or something likes https://wordcounter.net/ with all including the full spelling and the https instead of http. 

“Dog hacks into multi billion dollar corporation for treats” 
“Familial hacker and sad man gives his information to the government”
“Meet the person who stole over 1 billion dollars from banks, and says he would do it again” 
* Memes for the dog picture and the two below it. 

These memes relate to human centered cybersecurity because they describe the reasons why people commit cyber crime. For example, the dog is participating in cybercrime for treats which could be considered greed. The smiling man stole 1 billion which is also a primary motivator being money. The sad man grew up around other hackers in his family, so that became his easiest choice. You could prevent these risks by enacting proper security measures against the methods these individuals were using to hack the corporations/banks. Additionally, you could appeal to the primary motivator and remove the monetary aspect somehow.

After watching the video, it can be seen that the media’s portrayal of things relating to cybersecurity like hacking are flawed because of the lack of information of hacking as a whole. As shown in the video most of the hacking often included people typing very fast portions of code that could just be completely unrelated to what they are saying is going on. However, the video also showed many instances where accurate hacking was occurring using actual command line arguments that would be found in real hacking such as N-map. Even the accurate hacking still often emphasized the speed of hacking like your information could be gone in minutes, but in reality it could also be a long and strenuous process to create a program capable of even stealing that king of information. 

After completing the social media disorder scale, I don’t use social media a bunch, but I count social media as something like twitter, discord, insta etc. I wouldn’t count recording and media sites like twitch or YouTube as social media and would more closely group them to just media in general. I think the items used in the scale were accurate but not all of them would lead to an addiction in social media, and somebody could score well but still be addicted to social media just not in most of the ways the scale tested for. Different patterns are probably found across the world because people react and respond differently to social media as a whole, additionally, some people don’t even have internet/phone access and have no way to interact with social media. 

The article “Social Cybersecurity: An Emerging National Security Requirement” basically talks about the evolving concept that encompasses cybersecurity and stating how it will grow to effect multiple different things such as warfare. It compares and contrasts traditional cybersecurity from cybersecurity that uses human psychology and technology to change social behaviors and responses. The article gives a distinct term for this called “cognitive hacking’ which is used to exploit people many different people with both in state and non state actors using this ability to create animosity and discord between different people or even nations. The article showcases the necessity for a multi-disciplinary approach to cybersecurity because it is just as much a social field as it is a technological field.

The role of a cybersecurity analyst does heavily relate to social behaviors because it involves interacting with trust. Cybersecurity analysts basically work to protect sensitive information and prevent data leaks and breaches. In the presentation, there aren’t many social themes that I found unless you consider her talking about the necessities of getting work experience, getting certifications. etc some form of social theme. However, she describes a cybersecurity analyst as someone who is responsible for monitoring and reporting/responding to alerts triggered by information security controls and tools…which would involve a big social aspect because since they are tasked with monitoring and responding to alerts given by another department, they would have to ensure that the interactions between them and that department are up to standard. 

The two economic theories that this letter most relates to would be Rational Choice and Marxian theory of economy. This relates to the rational choice theory because in order for this data breach to occur, there would have to have been shortcuts somewhere down the line in the security of the website data probably to cut costs and to be cost effective/not interact with user experience, additionally, this relates to the Marxian theory because they were aware that these leaks happened before ever notifying any customer, showcasing that since they had power within this company they were able to get their bearings and prepare before notifying any person that their information could have potentially be stolen. The two social science theories would be two we might not have covered being the social trust theory and risk society theory, the risk society theory also relates to the Rational choice theory in economy, so its inclusion is due to the same reason. The social trust theory refers to the amount of trust people gave to this company to protect their user data and information, but the company failed. However, the theory was still applicable because without that trust there would have been no data to steal. 

The literature review in the article showcases two primary reasons for bug bounties with them being: a shortage of professionals in the field, and bug bounties effectiveness when finding vulnerabilities in programs. These article showcases how bug bounties could benefit the field as a whole in multiple ways such as allowing smaller entrepreneurs and companies to leverage freelance work toward finding vulnerabilities. Additionally, the article references “Linus Law” which basically means that the more people with eyes on something, the better chance for the error to be found.  The findings show that although money is a big motivator, most people look toward recognition or notoriety when participating in bug bounties, supporting the point that newer companies or smaller companies can still leverage these benefits, and showcases how bug bounties are useful in most environments and can be applicable at all stages of development. 

After reading 11 illegal things you unknowingly do on the internet by Slynchuk, I believe that the list of things from most serious offenses to less serious minor offenses are faking your identity(Stealing someone else’s identity), collecting information about people under 13, using other peoples networks(without their knowledge), recording a volp call without consent, bullying and trolling, sharing passwords, using copywrite images, torrent/illegal streaming sites. Starting with the most serious crime being faking your identity, faking your identity is a very serious crime because you use someone else’s identity and are able to get away with doing illegal stuff because of that. Secondly, I would put collecting information from people under 13, and using other people’s networks at the same level on serious offense because they both could result in possible jail time and are both very serious offenses because they involve taking something from another person, taking information from children who can’t even consent to give that information, and stealing network information from people without their consent. Next, would be recording calls without consent, while not as impactful as the other few, this can be very illegal and dangerous because the information discussed could lead a company toward taking legal action against a person. The next few offenses are basically on the same level because they aren’t really as illegal and are more commonplace in the online space, practically everyone pirates movies/games and you probably have seen tons of bullies online. 

Digital forensics relates to the social sciences because it involves analyzing human behavior through digital means. For example, the speaker talks about how digital forensics involves long form data collections from sites. They would analyze that data and information and relate it back to their analysis on human behavior to figure out what people were thinking. He showcases this when he speaks about helping a person who was looking to help their client from selling a important piece of artwork, and what I would assume he did that through either analysis of that persons behavior or recovery of the deleted information from their phone. The speakers pathway to his career was different because he stated that there were no courses or anything you could study, and he got into the career through his father. He practically stumbled upon the career from being in IT and Accounting and took the opportunity which is pretty cool that he could find a career that he enjoyed by luck.