Week 3- Journal Entry 3

From utilizing the data from PrivacyRights.org researchers could use this information for a myriad of different reasons. The reports have the locations of data breaches, the industries that were targeted, how often and the method of intrusion. Locations of the incidents would be something of value because a researcher would be able to see where these breaches are occurring. From that information a hypothesis could be made as to why are they occurring more in one area compared to another. Maybe that location has a plethora of financial institutions compared to a less targeted area that has mainly Non profit organizations. A researcher could assume that money is the motive for the system intrusions and data breaches. Having a detailed view of the type of industries and the amount of intrusions within that sector could be a good start of learning a specific industries cyber posture as well.

Week 4 – Journal Entry 4

After reviewing Maslow’s Hierarchy of needs I came to realize that I am quite dependent on technology. In regards to my basic needs within the Physiological hierarchy I utilize mobile applications on my phone to order food, clothes, and medication. This technology makes access to my daily necessities very easy to obtain. For my safety needs I use ADT for my home security, Ubiqiti for the cameras monitoring my home and my apple watch to watch my heart rate. The most utilized in the hierarchy by me would be the psychological needs of belonging ness. I communicate with my family through messaging apps like WhatsApp and Signal since I travel alot for work. Without this technology it would be hard for me to connect to my family and friends.

Week 5 – Journal Entry 5

Below are how I would rank motives from 1 being the most sensible to 7 being the least.

1.) Money would be ranked first because I believe money to be the root of all evil. People will commit unscrupulous  crimes that they probably would never do over money and what it can bring to them.

2.)Boredom because idle hands will always will cause some type of trouble physically or in cyberspace. Bored children in the playground bullying each other is no different then bored kids in cyberspace bullying others. I feel as though this is very common.

3.)Political because with the boom in social media hacktivism has taken a rise since ones political views will travel further through cyberspace and be readily available in all of the social media platforms

4.)Entertainment , some attackers find it fun to wreck havoc on a vulnerable system

5.)Revenge I don’t think is all that common because it is an emotional crime that people commit due to some emotionally fueled hatred towards someone in particular situation.

6.)Recognition is on the lower end of the spectrum because I still do not think a lot of people even keep track of the amount of cyber crimes that go in the world. Only other Cybersecurity engineers like the individuals in this course would pay attention too.

7.)Multiple reasons would be the last because who could possibly guess all of the strange things a criminal thinks about committing a crime?Search for:

Week 6 – Journal Entry 6

I think its fairly easy to spot the difference from a real vs fake website. I do so by paying attention to the websites name in entirety. If I am looking for Walmart.com I will first make sure the spelling is correct and there isnt any spelling mistakes like “Wallmart.com”. I will also make sure that the site domain ends in .com and not .co or .net. I also look to make sure the placement of the number “0” and  the letter “O” are used correctly. I have noticed on some fake websites they misuse these characters and sometimes if you do not look deep enough you can easily skim over the error. The last thing I look for now is the pad lock symbol on my web browser and the signer of the SSL certificates of the site. 

Week 7 – Journal Entry 7

My 3 favorite photos are Photos #5, #13 and #9.

Photo #5 The Jubilant people jumping for joy are jumping because they just passed their human centered Cyber training course.

Photo #9 Is a meme of an employee updating their once 4 digit passcode to a 6 digit passcode for added physical protection. This was a result of a Human centered training program created by the company to thwart attackers.

Photo # 13 Is a brief conversation between two employees staring at the companies monitoring system.

Guy 1 How did they break into the system?

Guy 2 A brute force attack was done on your system using your username. What was your password?

Guy 1 Password.

Guy 2 We need to send you to our annual cyber webinar ASAP.

Week 8 – Journal Entry 8

I feel as though the media has a huge influence on cybersecurity. The media also makes it look very simple and feasible for anybody to do when its rather difficult to do the things you see in a movie. The amount of just shear electricity to power the systems portryed in the movies is impossible for one random guy in the basement to achieve. I also think some one the influences are a good thing because it shines light on some the amazing things you can do with the internet. I believe it promotes interest in the younger demographic of people to think about entering into the field. Yet where there is good there is also bad. The same depictions I also believe are  bringing people into the dark side of cybersecurity !

Week 10 – Journal Entry 9

I scored a 0 on the Social media disorder scale. I think the questions are quite interesting  because they almost remind me of questions that seem to inquire almost about an addiction. I think patterns are different around the world for a multitude of reasons. A simple one could be resources. Small third world countries may not have access to computers ,iPads and mobile phones to surf the internet as larger countries do. My neice is 7 and her school supplies her with a laptop and an ipad already at such a young age. She is already immersed in the use of technology just from being a student at a US school. Another reason could be culture. Ive noticed in other cultures having your phone out at the dinner table or placing TV in bedrooms are not allowed.

Week 11 – Journal Entry 10

I agree with the coordinator of the Russian state agency, Dmitri Keselev. We are not in a war where we are standing in line in front of each other loading our muskets shooting at one of another. We are in the information age and data and intelligence is everything. We can cripple our opponents by Electronic warfare. SCADA systems in Nuclear power plant, our electrical grid, or even our water system can wreck havoc on a country. Also with the use social media physiological attacks can be utilized to divide the masses and have people cause chaos amongst themselves without a single physical weapon being used. 

Week 11 – Journal Entry 11

A few social themes were talked about in her video. She spoke about jobs that were very social in nature and in sociable cites. She described a variety of different cyber jobs that were in different disciplines like offensive and defensive jobs like vulnerability analyst and SOC analysts. She mentioned different social activities and that were different in the cities that she spoke about. For people who do not have networking skills you can attend technical meetups to further broaden you IT experience that could land you a job with a high paying salary after 1-2 years of experience.

Week 12 – Journal Entry 12

I believe the Classic economic theory applies to the above reading. I believe that it applies because companies are now using these big data companies as third party providers to handle the PII of their customers. This practice is allowing these large companies to have a plethora of our information which then is sold off to other third party customers and it saturates the web with all of our information. I do not think this should be happening and the companies we work directly with should keep our information close so they can have more accountability of our personal data. This data is rhen mono tized then sold to companies and they will use it for strategic advertisements to us.

I do not think the other economic theories in our module really apply to our reading. Maybe the Keynesian theory. The business that was being used to hold the credit card information may have not even had a cyber response method in place if it wasn’t for the tax incentives given by the state to beef up there cyber response initiative. 

I believe the company relied on Determinism to create their cyber response plan. They understood that there could be an intrusion on their system and prepared the above document to notify the people who were at risk from the third party data breach.

Week 12 – Journal Entry 13

Many firms in certain sectors like Health IT will turn a blind eye to specific security vulnerabilities within their system. Corporations put more of an emphasis on specific segments of their system compared to others due to budget constraints. Hiring a 3rd party researcher and learning that you have vulnerabilities that may render hardware with your system obsolete can cost millions to fix. The risk should be assessed before the cost in my opinion but majority of these companies will save money instead of spending it. I think the bug bounties are extremely important and should be done by all companies. Understanding the weaknesses in your system from inside to outside is key to a hardened system.

Week 13 – Journal Entry 14

I think the top 5 most serious violations would be recording ones conversation with out consent, faking your identity online, using someone else’s internet, collecting information about children and utilizing torrent services.

I believe recording some ones phone call is a felony in the District of Columbia. With smart phones recording a call is super easy and I don’t think people actually know that it is illegal. This law is serious because phone conversations may be used in the court of law and its not fair to the party thats clandestine being recorded without knowing it. Responses from an individual are usually different if they know they are being recorded.

Faking your Identity is an obvious one. If its illegal to do in person than it is absolutely illegal on the web. This is possibly the most serious because our data is no longer sitting in an office locked in a safe. It is sitting somewhere on a server somewhere being guarded by the organizations present or not present IT policies to keep it safe. Faking some ones identity can give you access to extremely personal and private information.

Using some ones internet connectivity is a serious crime because the intruder can also access personal information that sits on that network as well by gaining access. Cyber crimes can be done utilizing that network leaving data that links that network to another intrusion that the unexpected owner of the network had no idea happened.

Obtaining data about children and minors as a big one too because kidnapping and child crimes are becoming more prevalent on the internet. No data on children should be given away without the consent of the parents knowing who ,what, when, where and why that data is needed.

Illegal streaming is the same as sneaking into a movie theater. Its still a crime and if not a bigger one. When rebranding and copying movies and selling them online takes away the profit from the people involved in the movie. Its never cool to take food of the plate of any hardworking law abiding citizen.

Week 15 – Journal Entry 15

I think his path way into the forensics is actually very common from my experience. I have met a lot of Cyber people in my time who were also accountants , scientist or just normal tier 1 IT around the office. Matter of fact I started off as an Electronics Engineer dealing with electronic circuit boards and I was put into a Cyber role and have been in the field since. It started off as kind of cool and just something to do but after about 1 month I knew cyber was something I wanted to do from here on out. I believe people in the cyber field have a passion for solving things more than anything and this is what makes a good cyber person so rare. There’s not a specific background per se back in the day when soliciting for Cyber positions so whoever was in the same organization and was some what technical were given a chance to fulfill these jobs.