Eli Wallace
Prof
CYSE 201S
November 24 2024
How Social Principles Relate to Ethical Hacking
Important Concepts
There are many concepts that we have learned in this class that relate quite well to the career that I chose, ethical hacking. One concept in particular relates quite well and it’s called relativism. I think professionals in the field can use relativism to try and predict the future of cyber attacks and attempt them in a safe environment before they really start to do damage. They can do this by keeping up with the times and seeing what laws, rules, and regulations are set in place to stop cyber attacks. Once they realize what is already implemented, it should be known that cyber criminals will try something new if they realize they will get caught off doing the same thing. The goal is to predict what they might do and implement it into ethical hacking so that companies have less of a chance to lose consumer data. In an article I found online it had mentioned that, “According to a recent estimate provided in the Global Risk Report by the World Economic Forum, losses from cyber-related risks might reach US$ 6 trillion in 2021 (Pavel, 2023).” We have come a long way from the first computer but there is still so much to do. Not only are losses coming from a financial standpoint but there are people who are losing their identity on the internet. Cyber criminals will wait for data breaches or even initiate them just so they can jump at the opportunity to steal someone’s data and do something bad with it. The demographic for these attacks are prevalent in some groups more than others and unfortunately these criminals will go after those who understand the least about technology as they mainly look to steal information from young children as well as older people.
The world of not understanding
There are many ways that people can learn about how to work their way around these threats and educate themselves on how to use the internet. It is even taught in school how to at least navigate around so children can do homework online. There are some flaws with this though, even though they are being taught how to navigate the internet most of the time they aren’t taught how to protect themselves. In person young children are taught all about stranger danger and what happens when you interact with someone that you don’t know. We are going into a technical based society and yet we are educating the future of our society, a lot of the time you can find adults too who don’t truly understand the risks of the internet. An article mentions, “Not surprisingly, 86% percent of college students consider themselves frequent Internet users and 76% report they are using multimedia while on the Internet (Hughes & Dennison, 2008).” There are too many people on the internet who don’t understand it and it makes some or even most cybersecurity jobs more difficult to defend people’s things. For example someone could have accidentally left their computer on at their workplace and then an unknown person snuck into said workplace. If they do it well enough they could either use the computer to upload something bad or download data without being caught. With this some people are just “too human” and they will act through the social science term of determinism and use that to do bad things. Many hackers want to test out what they can do but sometimes they struggle to find things to test on so they will do something illegal like hack into a bank or steal someone’s data just because they can.
Human Nature
It is natural for humans to fall for things that they don’t understand and that’s why it’s important for cybersecurity professionals to be on top of their game at all times. A scholarly article I found summed it up perfectly by stating that, “Everyone is susceptible to phishing attacks because phishers play on an individual’s specific psychological/emotional triggers as well as technical vulnerabilities (KeepnetLABS, 2018; Crane, 2019).” Most criminals are not dumb so they will appeal to the human senses that will make the victim more susceptible to falling for attacks. If a criminal is articulate enough they could follow a trail of a victim they want to exploit and implement key concepts that will make whatever the attack is seem real. If a person signs up for every giveaway they see then it wouldn’t be out of the ordinary to conjure up an email stating that they won something and they just need to provide their personal information. Things like this happen all the time, that’s why I personally always recommend learning the risks of whatever you do on the internet. That is also why I think ethical hacking is important because some of these tests need to happen so the real attack can be protected well or just never happen.
Closing Statements
It’s important for ethical hackers to understand a lot of social science aspects because there is forever going to be human error in the field of cyber security. The only way to truly mitigate the risks as much as possible is to either teach everyone in the world how to properly use the internet or to have ethical hackers as well as other cybersecurity professionals making up for the mistakes. I do believe that there could be a point where we see a less steep trend upwards for cyber attacks but with so much unknown as of right now it’s probably going to keep its trend. All that can happen for now is helping people understand what to do and what not to do while on the internet.
Work Cited
Pavel V Shevchenko, Jiwook Jang, Matteo Malavasi, Gareth W Peters, Georgy Sofronov, Stefan Trück, The nature of losses from cyber-related events: risk categories and business sectors, Journal of Cybersecurity, Volume 9, Issue 1, 2023, tyac016, https://doi.org/10.1093/cybsec/tyac016
Tucker, J., & Courts, B. (2010). Utilizing the internet to facilitate classroom learning. Journal of College Teaching & Learning (TLC), 7(7). https://doi.org/10.19030/tlc.v7i7.136
Alkhalil, Z., Hewage, C., Nawaf, L., & Khan, I. (2021, January 18). Phishing attacks: A recent comprehensive study and a new anatomy. Frontiers. https://www.frontiersin.org/journals/computer-science/articles/10.3389/fcomp.2021.563060/full?ref=based.inc