I think the media has a big influence on how difficult people think cybersecurity, coding, and hacking is. It definitely can be difficult, same with everything else, but media gives the idea that you have to be really smart in order to understand cybersecurity or code. This isn’t the case, code itself is more like learning a language and cybersecurity is the same as building defenses for any building, it is just on a digital plane and sometimes also a physical one. I am not good at math but I can still understand code and algorithms just fine. It does not take a super genius to hack or code or create cyber defenses, its all the same as any other job or hobby, it just takes experience no matter how that experience is gained. There will be people who learn faster or are better with this facet of technology but those are the outliers.

Meme 1:

Meme 2:

Meme3:

It is actually pretty easy to spot fake websites. There are a few different ways to do it but the things I have actually done to spot fake websites is first look at the URL, if the domain is spelt wrong, has a random string of numbers or letters, or has a domain that you do not recognize. If any of these tip you off then the site is probably fake but to test it you can copy and paste the URL into a search bar and type fake website or scam behind it and you could come up with articles or the original websites addressing the fake website. Another way to tell is if it is asking you your credit card information when it doesn’t make sense that it would. If a website like Wikipedia has a pop up asking for your financial info then it is probably not the actual Wikipedia unless you are actually donating. This is what happened with me and an email from UPS a while ago. Another way to tell is that if you get an email taking you to a website and the email comes from a fake company or has an out of place addition. If you got emailed by Google@gmail.qw56du.com, then it is definitely fake and you should not click any attachments sent with the email. There are also multiple free tools online that scan a URL of a website to confirm its authenticity.

1. Multiple reasons: This feels like the most sensible reason because any two or more of the below reasons can apply and they probably do. Those who do hacking as a living for money most likely have an ego and also do it for notoriety.

2. For Money: This one is obvious, everyone needs money and if someone has the skills can make a lot of money from their computer in just a few days by running some phishing scams and get access to others financial information. Not to say its easy but some would find it preferable to a 9-5 job

3. Revenge: This is about revenge and power. If something happens to someone and they realize that they can get back at someone online with no repercussions they probably will. We live in an age that is no longer characterized by physical altercations. Instead of someone getting bullied and them not being able to do anything about it people can now take action from the safety of their computer

4. Political: These reasons make sense because people sometimes don’t feel like they have voices online and people make groups to deal with issues that others will not. This does not mean that what these groups do is good but they usually have an altruistic perspective but also do not understand how what they do effects other people.

5. Recognition: The hacker space is a large interconnected network of people and many people want to live out their hacker fantasy by becoming the next anonymous or create a malware as infamous as the Morris worm.

6. Entertainment: I understand why people do these things however there is too much risk just to be entertained so it does not make as much sense as the other reasons on the list.

7. Bordem: This is at the bottom because I personally have difficulty understanding why someone would be so bored they would do something illegal. I know there are messed up people that have to see others be put in order for them to have fun. I do not have as much to say about this topic however I do notice a pattern that the internet is starting to reflect how the physical world used to be. Kids used to run around and do small crimes, trespassing, spray painting, other small things, and they would get a slap on the wrist and go home and they had fun being dumb kids. The internet is at that same point but with worse consequences. So hacking must be exciting enough for some and that is a good enough reason it do it.

This week I am relating my experiences with technology to the Abraham Maslow’s hierarchy of needs. The first is basic needs which at the bottom tier relates to things that are required for survival. While there is not much related to phones or such things for these we do have stoves to cook and fridges to keep food edible for longer and these are both technology that has made basic needs more accessible. Next for basic needs is security and safety which is also fulfilled by technology. We get alerts when someone is abducted and we have sirens for when national disasters happen. The next rung is psychological needs which is “belonging and love”, and “esteem” needs. Both of these can be fulfilled with technology, while personally I prefer to be with my friends physically there is definitely people who get both if these through online interaction and accomplishment doing things online as well. Social media is used a lot for these things. The final rung is self-actualization, achieving ones full potential including creative activities. There is so much to accomplish with technology such as online projects like making games and building businesses and websites. Technology helps to fulfill every rung on the latter in some way which shows how integrated technology is in our lives. While I talk about the positives most of these rungs can also be negatively impacted by the influence of technology.

Looking at “privacyrights.org” you can go to the 2022 data breach notifications. It is very easy to see that there are certain bits if personal information that could be floating around without you knowing. Looking at the first question of, “what do states count as personally identifiable information”. Most states say your full name, your social security number, and any kind of financial account number (just to keep it simple). Now by looking at the other questions you can see why it could be scary. Passports, bio metric information, and paper records are not covered as personally identifiable information in every state. If information of these things get out about you in certain states such as North Dakota, (which counts none of the three examples as personally identifiable information) then you wont be notified of that data breach.

This kind of information could be very important to researchers because they could use the information to run tests and see whose information such as their passport or bio metrics are online without their knowledge. The statistics of data breaches in the U.S. could be much higher than what is shown online if those articles are only taking into account breaches that people have been notified about. Then they could write their own studies to show how much information is actually acquired during data breaches while taking into account this other information that government or companies exclude. I personally would want to know if my passport or bio metrics were on the internet due to how many devices rely on that information

There is a short and long answer to why the principles of science apply to cyber security. The short answer is that everything and everyone now uses devices, and when there is devices there needs to be security so cyber security and technology in general is involved in all sorts of sciences and fields because of it.

The long answer is that cyber security can be split many ways but the two big halves of cyber is the analyze and the create. They only work when both are used but people can specialize in them. (This could also be defined by the social science side and the scientific defense side) We need to analyze the defenses and see how people are getting through in order to create better defenses so there are many different disciplines that are used (Relativism). All principles are used throughout the process as well. Things need to be kept simple so common people understand how to defend themselves (Parsimony). It is important to look at all cases within cyber free of values or it could cloud your judgment such as thinking someone is to young or too old to have hacked someone when they may be the culprit (Objectivity). It is important to also stay grounded and use data and evidence that is trustworthy because it could be problematic to get data from someone who is not trusted as it could cause issues (Empiricism). The most important thing is to keep the internet as free as possible but also safe so Ethical Neutrality is important. If Ethical neutrality is not kept it could have more public consequences. Determinism is also important to make sure that there is a baseline of security. As I said in my discussion post for this week it should not be the main focus however it is helpful at keeping the peace on a simple scale. If these principles are used correctly to analyze, create, and improve a security system then there should be very few people hacking into and stealing from your system.

After reviewing the NICE cybersecurity framework I would be most interested in the analyze specialization so I could focus on exploitation analysis which I believe would include penetration testing and ethical hacking. However I would also like to look into system defense as well which would fall under cyber defense analysis. I want to study both sides of the system so i can understand how the defenses work and therefore know how to break it apart. It makes the most sense for me to do that since that is how most construction works, You have to know how a car works before you can take it apart correctly and put it back together. If the system is broken through it could be easy to trace back to the attacker, but if you could replace the parts behind you once you have broken in it would be much more difficult for the defender to trace the attack back to the attacker.