Article Review #1
Kiori Edwards
October 2, 2024
A Necessity of Cybersecurity in Healthcare
The article’s topic consists of research about technological advancements in healthcare and how it has heightened through the analysis of Routine Activities Theory (RAT) and Cyber-Routine Activities Theory. Regarding the innovative posture of tech in healthcare, the article discusses how healthcare has become a target of attack because of the many facets of digital access that each withholds sensitive data of its customers. With electronic health records increasingly at risk, healthcare is now referred to as a suitable target. While enhancing patient care through digitalization, vast amounts of personally hidden
PRINCIPLES OF THE SOCIAL SCIENCE
The intersection of cybersecurity in healthcare relates to the principles of social science through the lens of many principles such as sociology, and psychology. As technology integrates within the healthcare system, many stakeholders like patients, insurers, and policymakers; each of who are within the data systems become at risk. The healthcare system is a complex social structure that requires diligent analysis of the various components that secure customers’ sensitive data. Psychology is another social science that is vital to cyber victimization in healthcare. Psychology describes the perception that stakeholders have when indulging in the risks of technology use. For example, some will be sure to include the suggested precautions to better secure their accounts and some will choose the bare minimum security measures will secure their accounts less than.
HYPOTHESIS
Certain characteristics of healthcare organizations (e.g., size, technological infrastructure, employee training) increase their likelihood of being targeted for cyberattacks. “The healthcare industry is facing significant challenges in managing increasingly sophisticated cyberattacks. Between 2016 and 2022, most of the 30% of cyber incidents involving data abuse targeted healthcare organizations(Praveen).” The technological infrastructure that is implemented dictates the security status of organizations. Keeping hardware or software outdated for example will increase the risks of attacks because of how easily the systems can be exploited. It is vital to have the latest updates on software and high maintenance of security measures as technology evolves. Educating employees as well as suggesting cyber hygiene regimens for customers to partake in are essential requirements to have to consistently safeguard the cyber environment for healthcare.
RESEARCH METHODS
The research that is conducted in the article comes from statistics that were monitored and studied within healthcare systems. For example, there is a breakdown of the code-type attacks and the percentages that are descriptive statistics on cyberattack dynamics in healthcare. These types of research methods give real-life studies to illustrate the magnitude of cyberattacks that are happening, alluding to the necessity of better cybersecurity.
TYPES OF DATA/ANALYSIS DONE
The type of data and analysis done stems from the research methods that are shown throughout the article that provide broad overviews of the various cyberattacks across various types of healthcare entities. As listed within one of the data analysis tables; ransomware was the most common method, “accounting for 40.1% of the attacks. Few other attacks that follow ransomware are “account takeover (21.5%) and phishing (18.5%)(Praveen).
CONCEPTS FROM POWERPOINT RELATION
Concepts from the PowerPoint relate to the article in several ways; one particular slide is the “psychological factors increasing the risk of victimization”; this slide has a common topic of discussion regarding victim precipitation. In the PowerPoint, it says the phrase refers to efforts to identify how the victim’s behavior contributes to victimization. This ties into the reading of the article because it talks about how the handling of new technology in the healthcare systems is complex to the stakeholder’s safety being the extra ways of vulnerability points. Victim precipitation focuses the where there are things that individuals can do to make themselves safer.
RELATION TO MARGINALIZED GROUPS
The topic mostly relates to the age groups that pose challenges and concerns that contribute to the lack of cyber hygiene. Healthcare includes a wide range of individuals, however the handlers of accounts are typically a range of older people. Older people are also most ignorant of the use of new technology given the complexity of some things. This is why elderly people tend to often be targeted in scamming attacks because of their lack of awareness. The healthcare system is taken up mostly by the elderly people who are also users that can be perceived as having higher value or in a cyber instance “whale phishing attack” or “spear phishing.”
OVERALL CONTRIBUTION
The article information contributes to society by sharing how attacks are rising due to the continuous advancement of technology in the healthcare system. It uses this information to bring awareness to the need for diligent use in account management and the security posture at which stakeholders are. Since this article uses the lens of RAT it shows those who are in a healthcare system that they are at risk since they are perceived as suitable targets by motivated offenders such as cybercriminals looking for a lot to gain with newly founded ways to exploit.
CONCLUSION
In conclusion, the article goes over Cyber victimization within the healthcare industry by analyzing the association between Routine activities theory and Cyber Routine Activities theoryPraveen, Y., Kim, M., & Choi, K.-S. (2024). Cyber victimization in the healthcare industry: Analyzing offender motivations and target characteristics through routine activities theory and cyber-routine activities theory. International Journal of Cyber Investigations and Cybercrime, 12(2), 100-120. https://vc.bridgew.edu/cgi/viewcontent.cgi?article=1186&context=ijcic
Article Review #2
Kiori Edwards
November 17, 2024
Article Review 2: Investigating the Intersection of AI and Cybercrime: Risks, Trends, and Countermeasures
INTRODUCTION / Describe how the topic relates to the principles of the social sciences
The article “Investigating the Intersection of AI and Cybercrime: Risks, Trends, and Countermeasures” investigates the correlation between Artificial Intelligence technology, being leveraged by cybercriminals to initiate malicious activity. This topic relates to the principles of the social science of the scientific method. The research will break down the the questions that need to be asked in regards to the concern of AI malicious use and impacts that will increase cybercrime. Research will seek perspectives on how the technology can be misused for unethical purposes. After observations are complete, the background and data of the technology will be analyzed. The hypothesis will be made to understand certain instances and experiments. After this process is done researchers will begin analyzing the collected data and drawing conclusions as to how the correlation of AI and cybercrime can be mitigated from a technical standpoint.
Describe the study’s research questions or hypotheses;
One question of the studied research is “How is information involving malicious use of AI distributed and used on both the dark web and the clear web, and what are the mechanisms for its transfer between these domains?” This question is described to understand the initiative of the technical parameters and how they are being spread amongst cybercriminals. It also mentions the dark web which is known as the hidden internet and mainstream place for criminal activity. Once this question is more understood it will begin the process of limiting the connectivity of how this information is distributed, mitigating the abuse of Gen AI technology.
Describe the types of research methods used;
The types of research methods were begun through a quantitative approach which led to the collection of evidence of AI-generated prompts that were used for malicious activity. After analysis of collected data, they would then record. the details of each of the software associated with these attacks like ChatGPT which correlated to the data collection process. They also examined various online forums on clear web and dark web communications that were linked to AI-generated prompts for malicious purposes. In addition, they used a qualitative data collection process which was initiated through a multidisciplinary set of experts relevant to cybercrime, and cybersecurity. And criminal justice. They would then interview this specialist to learn their insight into AI’s role in media cyber hygiene and policy implications. This was also done to help address their other research questions.
Describe the types of data and analysis done
In addition to the aforementioned, the types of data and analysis done were through the lens of qualitative and quantitative data. To go further in-depth with the qualitative data, the researchers would take the information from the experts they would reach out to and angle their view more in a way that would address the complex challenges at the intersection of AI technology. The breakdown of how the researchers approached the interviews with the experts each in their respective fields was to start with open-ended questions that would encourage broad and conceptual responses. This led to structured questions that would help them gather certain data points relevant to the study.
Describe how concepts from the PowerPoint presentations relate to the article
A specific slide of the PowerPoint presentation that relates to the article is the social forces and cybersecurity: technology slide. This slide dives into the how evolution of technology has influenced how we behave in social groups. I feel that this concept correlates to the abusive use of AI due to the increase in reliance on it. As this technology improves social groups will tend to gather their information from it making it their leading source of communication.
Describe how the topic relates to the challenges, concerns, and contributions of marginalized groups;
Marginalized groups will be affected by this topic of cybercrime and AI due to their biased views. Since these individuals are doubted and looked at as insignificant the activity of AI will possibly make them feel entitled hence the regulation in responses of those types of people.
Describe the overall contributions of the studies to society
I think overall these studies contribute to society and should closely be reviewed. The abuse of Generative AI is creating more sophisticated ways to commit acts of cybercrime. As we evolve as a digitally interconnected world, researchers and scientists should hone in more on the threats of AI and the leverage that can be taken by cyber criminals.
Conclusion
The study on the intersection of AI and cybercrime highlights the growing risks posed by malicious use of AI technologies, particularly through platforms like ChatGPT and dark web forums. The research aims to understand how AI-generated prompts are distributed and leveraged by cybercriminals to facilitate criminal activities, and it investigates ways to mitigate these risks. By employing both quantitative and qualitative research methods.
References
Shetty, S., Choi, K.-S., & Park, I. (2020). Cybersecurity and its implications for critical infrastructure: A comprehensive review. International Journal of Cybersecurity and Information Assurance, 5(2), 123-135. https://vc.bridgew.edu/cgi/viewcontent.cgi?article=1187&context=ijcic