1. After reviewing the NIST Nice framework, I chose 3 areas I would like to potentially pursue further along with 3 areas that at this time I’m less interested in. To start the three areas that appeal to me the most are Oversee and Govern, Analyze, and security provision. Some areas I seem a little less interested at this time are operate and maintain, investigate, collect and operate. The reason that I’m interested in options such as Oversee and govern, analyze or security provisions is because I have connections with people in these areas and have a decent understanding of what those jobs entail when it comes to work opportunities and pay.
2. How do the principles of science relate to cybersecurity? In 1970, Robert Bierstedt stated that social sciences adhere to the same principles as natural sciences. One example is determinism, which is a principle that says behavior is caused and determined by preceding events. This could say that a hacker who stole someone’s credit card information only did so because they were previously very poor, and that they had very little free will in the matter which is the nomothetic model of determinism. There are many other principles, such as relativism, objectivity, and parsimony, which are all terms used in the natural sciences but can also be applied to cybersecurity.
3: There are a surprising amount of situations in which your personal data can be leaked without any law in place stating that you be notified. In 83% of states paper records are not included, in 58% medical records are not included, in 100% percent of states “publicly available” information is uncovered etc. This is very interesting considering there are only 2 states that do not require a notification in case of a businesses information being leaked. This can show researchers that while it is important to protect businesses, the people deserve much more concrete and informative laws when it comes to individuals information being leaked.
4. Review Maslow’s Hierarchy of Needs and explain how each level relates to your experiences with technology. Give specific examples of how your digital experiences relate to each level of need. Maslow’s Hierarchy of needs refers to the fact that once one level of needs are met, we move on to striving for the next one. In cyber, I can identify points that apply to each level of needs. For example, a basic physiological need of cyber is just being connected to the internet via phone or computer. There have been times where I found myself with a dead phone per se, and it led to an increased level of anxiety within. Moving on to safety needs, my laptop has McAfee installed in order to scan for viruses with anything I download, and I need my computer to be virus free so that I can continue my career as a college student and eventually graduate. I would be incapable of completing any work without the proper function of my laptop. Moving up one level to psychological needs; most people my age either have snapchat, Instagram, TikTok, or Facebook. Those apps help us feel a sense of being connected to our peers, and provides a home for many people to socialize with many people they may otherwise not. Once my need to feel connected to others was met, I moved on to building up my esteem and confidence by posting more and gaining more followers and friends. It is tricky to apply self actualization, because I’m not sure if I have reached that stage either online or in real life. I would say everybodys full potential would look different in both scenarios. For me, I think I would be able to achieve this by actually realizing that I don’t need social media to be connected to others, but for some people I’m sure that it could mean building a massive following or fanbase around them.
5. Motives of Cyber crime ranked 1-7 (most to least)
Reason one- Money: I believe that while all cybercrime is bad, that doing it for money seems to make the most to me. Keep in mind, only a small amount of hackers doing it for money are doing it for a somewhat reasonable reason. Only about 15% of people hacking for money use it on basic needs and around 30% percent are using it to invest back into hacking or stocks.
Reason two- Political: Hacking to prove or promote a political idea; While ‘hacktivism’ is viewed as a major threat, I can’t knock the fact there have been political activists all through history, and now in the age of technology this seems to be another way to participate.
Reason three- Recognition: Social status and recognition are apart of Maslow’s recognition of needs, just above the basic needs levels. While it seems like a somewhat elementary reason to commit a crime, if the hackers basic needs have already been met then it moves on to the psychological needs.
Reason four- Entertainment: Committing crimes for the purpose of your own entertainment is just a bad way to spend your time. While it could fulfill ones need for confidence, exposing hundreds of millions of peoples data is ethically wrong.
Reason five- Multiple reasons: Money, ego, socioeconomic needs, psychological needs, quick money, and popularity are the more acceptable or understandable of the multiple reasons, however the reason this ranks so low on the list is because it also includes revenge and boredom. Revenge can come in many forms including stealing from a person or company to posting revenge porn online, which is very morally wrong.
Reason six- Boredom: Boredom in children along with unsupervised internet access can lead to them being groomed online by pedophiles. While it is not the fault of the children, its the child being bored that leads to risky behavior for them such as posting to and messaging strangers on social media.
Reason 7- Revenge: Revenge is in my opinion the worst reason to commit a cybercrime. Revenge porn and sexual abusive videos cause permanent harm to victims mental state and social status. Revenge is one of the leading causes of cybercrime, and millions are affected.
Three Fake websites Compared to three real sites: Americannews.com is a fake news website aimed to confuse and potentially cause people to act out based on the fake stories posted, for example they posted a article stating that Denzel Washington endorsed Donald Trump for president , which could be aimed at either making more people vote for Trump, or to make more people dislike Denzel. A real news website NbsNews.com. We know that this is a real website because NBC is widely known, and the website is very professionally made and covers real time news. Discountelectronics.com.co, this website showcases electronics at greatly discounted prices, to the point where it may seem like a ‘no brainer’ to spend your money there compared to anywhere else. This showcases the fact that if it seems too good to be true, then it probably is. This website also lacks a secure connections with a HTTPS , along with limited contact information listed. Compared to Amazon.com which has a secure HTTPs connection, clear contact information, clear and concise descriptions of products with images and reviews. Another pair of a real and a fake are Nike.com, being real, and Bestfashiondeals.com, being the fake. Nike.com includes a clearly states ToS, is a household name, and has customer service while Bestfashiondeals.com have very broad descriptions of items, limited reviews, and deals that are again too good to be true in many senses.
A Cybersecurity related meme, since the individual is sitting on top of a building in a urban area, I related it to how a superhero like spiderman may scout out bad guys, but instead this person is on his computer stopping cyber attacks.
How media distorts our understanding of cybersecurity, according to Hacker Rates 12 Hacking Scenes In Movies And TV | How Real Is It? – YouTubeLinks to an external site. In the media, the aspects of cyber security involving hacking are often distorted in order to make the message more understandable or entertaining for the consumer. For example the amount it of time it normally takes to brute force passwords, breach backdoors, or even just type are often cut short by hours and even days and weeks. The tools used by hackers in some movies show a small box being plugged in for 5 seconds and it brute forces a 12 digit complicated password in the matter of minutes. Another movie showed cars of multiple makes and models being hacked at once and causing accidents, which is based on a real event where hackers got access to the 2014 Jeep Cherokee, however it would be extremely unlikely to get into different makes and models at the same time currently. With all this being said, there are also many cases of the media showing a pretty realistic version of things. After all, the media is there for entertainment and does not accurately show the sheer amount of hours that these things would normally take.
Week 12: Journal entry 12
The sample letter about a information breach relates to the economic theory “Marxian” and the classical economic theory. The Marxian theory says that those with power will exploit those who are weak, in this case the ones with power are the people who had the know how on how to steal information by targeting a company with a weak cybersecurity protocol, leading to the theft of information. The classical theory says that the market runs on supply and demand and that the government should not intervene. In this case there was a demand for glass washer parts, a demand big enough for third parties to notice and decide to attack that market, leading to the attack. The sample also relates to Maslow’s hierarchy of needs, because people will always try to get to the next higher level, in this case by attacking a company and stealing information for money which could be used to improve quality of life. It also relates to the social theory created by Bierstedt that says social science adheres to the same laws of natural sciences. In this case relativism. The changing of the market led to the change of how criminals operate, changing from physical attacks to cyber.
Week 12: Journal entry 13
I was surprised to find that more programs being made have a insignificant impact on the amount of reports made. Basically, the amount of protection put in place has little effect on a hackers ability and determination to make a breach. It was also interesting how certain industries will experience more or less threats as a whole, which can help experts divide attention more efficiently. This along with the finding that hackers are pretty price insensitive is somewhat concerning as it shows hackers have a high motivation to simply just hack.
Week 13: Journal entry 14
11 crimes that many unknowingly commit online were highlighted in a article by Andriy Slynchuk, of those 11 I have chosen what I believe are the 5 most serious, in no specific order. 1.Sharing passwords, addresses, or photos of others. 2. Bullying and trolling. 3. Faking your identity. 4. Using other peoples internet networks. 5. Illegal searches on the internet. I have chosen these 5 specifically because I believe that they could lead to the most potential harm, for all parties involved. For example bullying and trolling online have led to people developing depression, anxiety, and in extreme cases individuals have committed suicide, all while the person bullying or trolling may think its just a fun game will have to live with both the legal and moral consequences of what they caused. To continue with examples using somebody else’s internet network can cause the affected persons Wi-Fi to become slower than they pay for, more expensive, and if you go around connecting to random WIFI’s your information is at risk of being stolen. Faking your identity online is something a lot of people unknowingly do, and is a federal offense, while the people doing it purposefully often have the end goal of financial gain by scamming and lying to others.
Week 15, Journal Entry 15
Davin Teo says he was ‘placed’ into digital forensics, he was an accountant by profession, while his employers were looking for an IT professional, he took the role and slowly started to fall more into the IT side of things before ending up at a top 4 IT firm where he fell in love with the study digital forensics and went 100% percent into that side of things. Digital forensics is about investigating digital evidence to solve crimes. But like most things to do with technology it’s also about understanding people and society. Social science helps with this. For example, Social Sciences study the way that people act online, looking into the motives of why certain crimes are committed and why victims were targeted, Digital forensics use this knowledge in order to help them solve crimes. Social scientists also work to help digital forensics to do their work morally and fairly, with out compromising peoples privacy.
The Interplay of Cybersecurity Engineering and Social Science: Safeguarding Marginalized Communities in a Digital Age
Cameron, Saeed
Old Dominion School of Cybersecurity
APA Citation
Cyse201S
Professor Yalpi
04 07, 2024
I pledge to support the honor system of Old Dominion University. I will refrain from any form of academic dishonesty or deception, such as cheating or plagiarism. I am aware that as a member of the academic community, it is my responsibility to turn in all suspected violations of the Honor Code.
Introduction
Engineers play a pivotal role in safeguarding digital assets and infrastructure in the rapidly evolving landscape of cybersecurity. However, beyond technical proficiency, cybersecurity relies heavily on insights from social science research and principles. This essay explores how cybersecurity engineers depend on social science to enhance their effectiveness, particularly emphasizing their impact on marginalized groups and society.
Understanding Human Behavior and Psychology
One of the fundamental pillars of cybersecurity is understanding human behavior and psychology. Social science research provides invaluable insights into human motivations, decision-making processes, and susceptibility to manipulation, all critical in designing effective security protocols. Cybersecurity engineers leverage this knowledge to develop strategies that account for human error and behavior, ultimately enhancing the resilience of systems against social engineering attacks.
Ethical Considerations and Privacy Concerns
Social science principles guide cybersecurity professionals in navigating ethical dilemmas and privacy concerns inherent in their work. Marginalized communities, often disproportionately affected by privacy violations and digital surveillance, rely on cybersecurity engineers to uphold ethical standards and protect their rights. By integrating social science perspectives, engineers can develop inclusive and privacy-preserving solutions that prioritize the interests of vulnerable populations.
Cultural Competence and Diversity Awareness
Cybersecurity engineers operate within diverse cultural contexts in a globalized world, necessitating a deep understanding of social norms and values. Social science research helps engineers cultivate cultural competence and awareness, enabling them to design security measures sensitive to cultural differences and avoid inadvertently marginalizing certain groups. By embracing diversity in their approach, cybersecurity professionals contribute to building more inclusive and equitable digital environments.
Human-Centered Design and Usability
Effective cybersecurity solutions must be technically robust, user-friendly, and accessible to all individuals, including those with varying levels of digital literacy. Social science principles inform the practice of human-centered design, emphasizing the importance of usability testing, feedback mechanisms, and inclusive design practices. By prioritizing user experience and accessibility, cybersecurity engineers empower marginalized communities to navigate digital spaces safely and confidently.
Addressing Socioeconomic Disparities
Socioeconomic disparities often intersect with cybersecurity vulnerabilities, with marginalized groups facing heightened risks due to limited resources and access to technology. Social science research sheds light on the root causes of these disparities and informs strategies for mitigating their impact. Cybersecurity engineers collaborate with social scientists and policymakers to advocate for equitable access to digital resources, bridging the digital divide and empowering marginalized communities to participate fully in the digital economy.
Conclusion
In conclusion, cybersecurity relies heavily on insights from social science research and principles to effectively address the complex challenges of the digital age. By integrating social science perspectives into their work, cybersecurity engineers enhance their ability to understand human behavior, navigate ethical dilemmas, and design inclusive and equitable solutions. In doing so, they play a crucial role in safeguarding the interests of marginalized groups and promoting a more secure and resilient digital society.
References
“Festival of Digital Swaraj.” A-Code, acode.defindia.org/festival-of-digital-swaraj/. Accessed 8 Apr. 2024.
Software Engineers: The Modern Day Builders – HireMeFast. hiremefast.net/software-engineers-the-modern-day-builders/. Accessed 8 Apr. 2024.
Carley, Kathleen M. “Social Cybersecurity: An Emerging Science.” Computational and Mathematical Organization Theory, vol. 26, no. 4, 1 Dec. 2020, pp. 365–381, link.springer.com/article/10.1007%2Fs10588-020-09322-9, https://doi.org/10.1007/s10588-020-09322-9.
Li, Yuchong, and Qinghui Liu. “A Comprehensive Review Study of Cyber-Attacks and Cyber Security; Emerging Trends and Recent Developments.” Energy Reports, vol. 7, no. 7, 2021, pp. 8176–8186. Sciencedirect, www.sciencedirect.com/science/article/pii/S2352484721007289, https://doi.org/10.1016/j.egyr.2021.08.126.
CYSE201s
Cameron Saeed
February 11, 2024
Article Review One- Understanding the use of Artificial Intelligence in Cybercrime
Along with new inventions of technology comes new ways to commit crimes. One of the
hottest new advancements is the Ai known as chat gpt. This artificial intelligence can perform
tasks that would previously require human intelligence, which in turn is being abused to commit
crimes. There are many reasons why people commit cybercrimes, along with reasons for certain
people becoming victims. These reasons vary, but most of them can be described with Maslow’s
hierarchy of needs. From basic needs to psychological, to self-fulfillment.
Victimization by Deepfake in the Metaverse: Building A Practical Management
Framework (Stavola & Choi, 2023), is a paper that studies the victimization in the metaverse. This
research suggests that the main culprits and offenders are likely to be males in their 20’s, who are
motivated by one of seven reasons. These reasons include entertainment, politics, revenge,
boredom, recognition, money, and for multiple reasons. Two of the biggest reasons are money and
sexual gratification, with the use of extortion however it can even be both. The victims of these
crimes are usually a younger audience who are naiver and more impulsive. The paper suggests that
proper guardianship can help to prevent victims from being targeted. The sheer number of new
crimes involving ai suggests that we create new procedures to deal with them, along with involving
law enforcement healing programs for affected victims. Being a victim of a deepfake or being
sexually extorted online can permanently damage the mental state and social image of victims,
which is why new procedures ought to be created to avoid and deal with these crimes.
Harnessing Large Language Models to Simulate Realistic Human Responses to Social
Engineering Attacks: A Case Study (Asfour & Murillo, 2023), explores how chat gpt can simulate
target responses to social engineering attacks, phishing, being the most common one to date. Not
only can gpt4 simulate target responses, but it can also simulate target vulnerabilities to social
engineering. This also suggests that more research must be done, and new policies be made in
order to deter offenders, but also to help prevent potential victims from being affected.
Parti, K. , Dearden, T. & Choi, S. (2023). Understanding the Use of Artificial Intelligence in
Cybercrime. International Journal of Cybersecurity Intelligence & Cybercrime: 6(2)
Article Review #2: Digital Criminal Investigations in the Era of Artificial Intelligence: A Comprehensive Overview
Cameron, Saeed
Old Dominion University
APA Citation
CYSE201S
Diwakar Yalpi
03/21/2024
Introduction
The article “ Digital Criminal Investigations in the Era of Artificial Intelligence: A Comprehensive Overview” analyzes the intersection of social science and technology. It does so at its core by asking how AI technologies can improve upon traditional investigative methods in digital crime while also protecting people’s information. Trying to use AI as a tool in cybersecurity, while also protecting people’s information relates to how in class we were taught about the ‘human firewall’, and how many people should be better educated on protecting their information. It also relates to being taught how much of our information is actually free for anyone to access as well. This research uses qualitative research to investigate AI’s potential in being integrated into criminal investigation, descriptive analysis and analytical research. This article reviews a number of different research studies conducted in this domain in order to find out the potential effectiveness of AI implementation, while also looking into the ethical legal sides of things where things of this nature have a very blurred line currently.
Contribution to law enforcement
The study contributes to society by outlining how AI advancements can potentially be used to forecast, prevent, and mitigate digital cybercrime, and how it can lead to more efficient and concrete ways of solving criminal investigations. For example, AI could potentially learn Maslows’ Hierarchy of needs in order to realize the type of person who the offender may be. AI can also help to identify human factors such as sensation and perception of things in order to help identify offenders. Through the automation of tasks that would otherwise be tedious and performed by a human, human workers can spend more time and manpower investigating high priority tasks, and ultimately enhance public safety and security.
Marginalized Groups
This article focuses on the legality and morality of AI implementation alot, which can help the elderly when it comes to the protection of their data and information, and how there is a need to address biases in AI algorithms that could potentially lead to the wrongful accusations or arrests of certain minority groups as well. Through certain learning models, AI can also study victim precipitation and help people to create guidelines that would further keep the public safe. The study pushes for a more ethical way to develop and implement AI in a way that would not skew the results through a bias. One of the best ways to do this is through objectivity, which is that science exists to advance science and finding out proper ways to deal with hackers.
Conclusion
In conclusion, “Digital Criminal Investigations in the Era of Artificial Intelligence: A Comprehensive Overview.” reviews the social, ethical, and technological aspects of integrating AI into the field by promoting a responsible deployment of AI.
References
Faqir, R. S. A. (2023). Digital Criminal Investigations in the Era of Artificial Intelligence: A Comprehensive Overview. International Journal of Cyber Criminology, 17(2), 77–94. https://cybercrimejournal.com/menuscript/index.php/cybercrimejournal/article/view/189/71
Leave a Reply