Article Review 2

Article Review #2: Cybercrime and Prevention
Student Name: Benjamin Rivera Medina
School of Cybersecurity, Old Dominion University
CYSE 201S: Cybersecurity and Social Sciences
Instructor Name: Dr. Jordan Quinn
Date: April 5, 2026

Introduction/BLUF
Since the age of technology, cybercrime has become more prominent and accessible for criminals to engage. This is due to the anonymous nature of cybercrime with a lack of confrontation with the victim and absence of accountability. This research study investigates the psychological traits of cybercriminals, evaluates breaches that have occurred to large organizations, and recommendations to prevent further cybercrime in the future.


Relation/Connection to Social Science Principles
This case study on cybercrime provides findings that can relate to the social science principles and aids in supporting the research question. This study demonstrated the principle of skepticism by the screening and selection process of all sources used. Instead of taking scholarly sources at face value, a screening and thorough examination of each source was required before being used to support the findings. Objectivity was also a principle implemented during this case study regarding the scholarly sources. This case study was conducted under an interdisciplinary lens which allows for the research to be unbiased and objective. The concept of relativism relates to this case study as factors regarding cybercrime techniques, vulnerabilities exploited, and victims were all related in the case studies.


Research Question /Hypothesis/ Independent Variable/Dependent Variable

  1. Research Question: How and why do cyberattacks succeed? What can be done to prevent
    them in the future?
    3
  2. Hypothesis: If businesses and government do not stay up to date with cyber threats and
    lack in-depth cybersecurity, then they are more likely to become a target, no matter the
    size.
  3. Independent Variable: Attack types that were used against the three companies in case
    studies.
  4. Dependent Variable: Effectiveness of the exploit or breach.

Types of Research Methods used.
This research study used a variety of research methods from an interdisciplinary lens to ensure the findings are concrete and unbiased. Abstracts of scholarly sources were screened to identify relevancy to the topic and research thesis. In addition, data extraction forms were used to document each study’s findings which included objectives, methods, data, and conclusions. Archival research was conducted using case studies such as 2014 Sony Pictures Hack and Target Data Breach of 2013. These case studies helped give insight into how companies responded to cyber threats, dealt with consequences, and lessons learned.


Types of Data Analysis used.
Comparative case study analysis was conducted to identify patterns and lessons learnt after incidents occurred. The three case studies consisted of three different incidents that occurred to large cap companies due to a cyber-attack. Large cap companies as the basis for the case studies illustrate how well-known companies such as Sony and Target are not safe from cyberattacks. In addition, scholarly sources used in conjunction with this case study were screened to ensure relevance to the research. “Titles and abstracts of the retrieved articles were screened to identify potentially relevant studies” (Thuyen TRINH, Ha DINH, & Kim TRAN, 2025).


Connections to other Course Concepts
The course concepts in this course heavily relate and support the findings from the three case studies. First, module four goes over the different motive’s cybercriminals may have for committing cybercrimes. To illustrate, the Sony Pictures hack in 2014 was driven for political reasons while the Colonial Pipeline ransomware attack was strictly for financial gain. In addition, it was relativism that led to the ransomware attack succeeding against Colonial Pipeline. The ransomware attack was successful due to a legacy VPN account still being active, the password for the account was weak, and no multi factor authentication in place. All these issues were connected to one another which resulted in the compromise of Colonial Pipeline.


Connections to the Concerns or contributions of Marginalized Groups
A concern regarding the recommendations to prevent breaches was cybersecurity awareness training. While this is an effective option in educating employees who are unaware of cyber threats, training may be inclusive to specific languages. This would result in training inaccessible to those who speak different languages. In addition, marginalized groups may behave differently with security compliance due to marginalized groups often being blamed or punished more harshly for mistakes. This could potentially result in a fear of punishment by marginalized groups if they make a mistake.

Overall societal contributions of the study/Conclusion
Cybercrime consists of a vast range of techniques to gain trust and exploit vulnerabilities. The findings conclude that the best line of defense is a multilayered technical and social awareness defensive security posture. Implementation of technical tools such as encryption, intrusion detection and prevention systems, and access controls are vital for security. However, it is also vital to train personnel on social engineering attacks to ensure they can identify and report them. In addition, incident response plans are crucial to have in place in case an incident does occur. This allows for a set of procedures to be in place to recover and protect systems as breaches can be stressful and emotional. This report contributes to society by further educating best cybersecurity practices and the mindset and psychology of cybercriminals. In conclusion, technical security tools and understanding how human factors relate to security postures can mitigate the chances of cyber-attacks being successful. Companies must be proactive with security measures and not wait until the attack is already successful to decide to prioritize cybersecurity.

References
Thuyen TRINH, D., Ha DINH, T. C., & Kim TRAN, T. N. (2025, June). Cybercrime Journal. From
Exploring the Psychological Profile of Cybercriminals: A Comprehensive Review for
Improved Cybercrime Prevention:
https://cybercrimejournal.com/menuscript/index.php/cybercrimejournal/article/view/452/1
33