The first article I reviewed was “Understanding the connection between hackers and their hacks” by Joshua Gerstenfeld. The principles of relativism, determinism and objectivity can be pointed out in this article. Gerstenfeld sets out to prove his hypothesis that despite the rough data and problems criminologists have had in addressing hacking, there is a relationship between the gender, age and nationality of a hacker and the methods they use to hack. Gerstenfeld stays objective throughout the entire article, never supporting or condemning the hackers, only stating the numbers and how they correlate to his hypothesis. The idea of relativism is essentially the backing of the entire project. By proving that the background of a hacker has an influence on their methods deals heavily in the principle of determinism as well. To accomplish this paper Gerstenfeld conducts a reviews the research previously done on this topic and compares it to crime reports provided by the United States Department of Justice Computer Crime and Intellectual Property Section (USDOJ CCIPS or CCIPS). To analyze the data, he created 6 variables and compared them to the race, gender and nationality of the hackers to create trends analysts can use to create profiles that can help identify attacks early. The 6 variables are the use of insider information; the use of social engineering; whether the hacker used software that was self-built for the task; if they followed up the initial hack with another hack; if multiple entities were targeted and whether a specific organization was attacked. This article addresses multiple topics we’ve covered in this class. In module 3 we talked about diversity or lack thereof in cyber security. Only 8 out of 103 participants who identified a gender were female which shows the lack of diversity in cybersecurity exists on the criminal side as well. The psychology of hackers is also discussed. Gerstenfeld discusses how hackers are more likely to quit if they feel they have reached their peak abilities and leave to start doing to legal cybersecurity work. It’s also noted that they feel no remorse for their actions and in some cases don’t believe they did anything wrong. This report also shows they feel few ethical regrets for their actions. Gerstenfeld address the challenges felt by both women and minorities in this section of crime. As stated earlier women are very rarely included in the ranks of hackers. The article also states that Minorities and students are less successful at hacking and are caught more often. White Males and non-students are shown to be significantly more successful. I believe that this paper contributes positively the study of sciences. It’s a multidisciplinary study covering cybersecurity, sociology and criminology. It also helps us identify profiles and trends that can be used to help identify potential threats and better be protected from them.
The second Article I reviewed was “Cyber Attacks, Cyber Threats and Attitudes toward cybersecurity policies” by Keren Snider, Ryan Shandler, Shay Zandani, Daphna Canetti. The authors hypothesize that the public would be more receptive to stricter government cybersecurity policies immediately following a cyberattack. They conducted a controlled survey of 1022 Israeli citizens where they were shown simulated news reports of cyber attacks with varying levels of lethality. The control group did not watch any report. The principles of relativism, empiricism and ethical neutrality are all prevalent in this paper. The hypothesis is about how the views of the public change relative to current events. Empiricism and ethical neutrality are prevalent because some of the laws that are discussed are very similar to the controversial Patriot Act and the Authors stay away from the ramifications of this law and maintain the focus on their hypothesis. After conducting the tests, it was discovered that exposure to lethal cyber attacks affected political behavior in a similar manner as a terrorist attack would. After viewing news reports of a lethal cyber-attack the respondents were more likely to waive civil liberties and consent to tighter and more intrusive security. In general, both respondents that were exposed to both lethal and non-lethal cyber attacks showed a willingness to support stricter cybersecurity policies of varying intrusiveness. This study plays heavily on the psychology of the respondents of the survey and how these simulated events effect their perceived safety and what they are willing to give up to maintain it. This also plays into the concept of cyber victimization we have discussed. This article makes multiple contributions to the sciences by discussing the psychological effect of a cyber attack on the general public and how the varying levels of lethality would effect their political views on cyber law.