To foster dynamic transfer into major-level writing courses, this course emphasizes academic literacy and the skills necessary to decode and understand the writing process, the fundamental rhetorical principles of writing, and the research process and how they adapt to shifting requirements of audience, subject matter, and context
The Final Draft of the major essays
Jade Ames Moore
ENGL 211C
Professor Susan McAlister
12 December 2023
Final Course Reflection
Entering my second year of college knowing what field I wanted to pursue and see myself in for the future, I designated this class around my major to better understand my degree and to also raise awareness on how Cybersecurity is even though it’s been looked down for so long. Doing this overtime has made writing enjoyable for me and the understanding of the basics of Cyber Security. I feel like my writing in this class began rocky, but overtime became more complex. In this reflection I’ll be talking about my work during this semester in ENGL 211C.
My first paper was a Rhetorical Analysis paper. With Rhetorical Analysis being one of my weak areas when it comes to analyzing a podcast, article post, or website, I overthink this section. With this paper I started with the basics of Cybersecurity and that’s Phishing emails. Phishing emails are the most simple and easiest targets with Cybercrimes. Just the click of one infected link can cause a huge amount of malicious malware, trojans, and ect. With this paper my low points were my introduction and closure. My key components were the summary of the paper and language use.
My second paper was a Comparative Analysis. With this paper I had to compare to sources that both talked about “Why should companies train their staff on cyber security?”. The difference between these two sources was one was a popular article and the second one was peer reviewed. As I was analyzing those two sources I started to see why peer reviewed articles were more eligible for educational purposes. Yes, the popular article gave me the idea of Why should companies train their staff on cyber security, but the peer reviewed went into depth onto why this was so important. With this paper my analyzing skills increased and I performed better than the Rhetorical Analysis. What I got from this paper is the importance of going to the main source rather than the short cut version.
As the semester is coming to an end we began our Research Paper. This research paper has taught me so much in the writing field as in paraphrasing, quoting information in the right form in alphabetical order, and patience. I did my research paper on “What is Ransomware”. Bringing ransomware into my research paper was like the cherry on top of staying in my degree to educate myself more and bring awareness to Cyber Security. WIth all my assignments i’d say this one was the most challenging and enjoyable for the better. I believe my strength as a writer is rambling and always getting to the word count with no problems. With that being said , this research paper wasn’t as bad as I thought it would be. I think all the preparation and little things we did in between to get to this final paper helped more than anything. I’ve also been able to apply what I’ve learned with this research paper with all my other cybersecurity classes also. I’ve noticed since this class I get through paper faster with good language usage.
All in all I think I’ve developed as a better writer after this course. I’ve qualified great achievers with knowing and understanding my SLOs and have used them in other courses as well. My reaction to my writing this year was thrillfulness on how far I’ve gone since the beginning of this semester. What I’ll do next in my writing career is take a writing intensive course in Cybersecurity to further my education on the benefits of ENGL 211C.
Rhetorical Analysis
Jade Ames Moore
ENGL 211C
Professor Susan Mcalister
27 September 2023
Phishing
In this article Stefanie Schappert , September 1st 2023, a Senior Editor writes about “Labor Day phishing threats rising as remote workers embrace holiday mode” under Cybernews, which is a page , individuals like myself, go to for information day by day about cybersecurity. Fraudulent emails or other messages purporting to be from reputable companies are known as phishing, and they are intended to trick people into divulging their personal information, including passwords and credit card numbers. Being a victim of a Phishing email can become very agitating and a humble experience, especially if you’re a cybersecurity major. The purpose of this essay is to analyze how phishing methods are evolving, the intensity of working remotely in Cybersecurity, and how to avoid becoming a victim of Phishing.
In the article they do a survey to see how and what these new tactics that cybercriminals are evolving in sending phishing emails, calls, texts, websites. “The report found a significant rise in evolving tactics in 2022, such as vishing (voice phishing), smishing (SMS phishing), and quishing (QR code phishing)” ( Schappert). Arthur continues to inform the audience that phishing detection tools became more effective at detecting new threats, so attackers began varying message components to avoid detection. The author also informs the audience that cyber criminals’ tactics to avoid creating a lot of email noise are able to be detected by spam filters by sending a limited amount of messages. They’ve also become more confident with their victims. If the criminal was successful with one colleague, they’ll move on to the next one in the same workforce. From what I’ve got from the reader with the evolving of Phishing, it’s not only in emails anymore, it’s expanding to websites, QR codes, voice messages, and many more.
Another point the author states is the intensity of working remotely in Cybersecurity. The author shows the debate of working remotely and how the employees feel about this subject. The phishing attacks over Labor Day rise as remote workers embrace holiday mode articles, giving insight of how easy it is for criminals to send phishing emails because of how vulnerable the employees are with using PCs, iPads, Personal Phones that IT can’t control. Cybersecurity employees are already lacking some components of security while working remotely. They’re not able to get as much protection with data as they would if they were using company computers/networks. Since labor day is considered a three day weekend, most employees work remotely on Friday and throughout the weekend. This means most work will be conducted on their personal device (mostly personal phone while on the road) and not give their full attention to an email. Before covid working at home was unusual, especially for a cyber security job but now that cases are at a safe space and mostly everything is back how it was; no one wants to go back in the office because of how comfortable they’ve become. It was also interesting that in the article 65% of employees would rather quit their cybersecurity job, than work hands on in an office. From what I’ve gathered from the article, working remotely or working in the office is becoming conflicted.
The next factor of this article is to avoid becoming a victim of Phishing. The first step is identifying if an email is skeptical. Don’t click any links or attachments on emails or messages if you’re skeptical of the receiver. Rotate passwords and if necessary plug in fire walls. “About 68% of workers said they were more likely to use their personal devices when working from home, which “greatly increases the risk of falling victim to phishing attacks,”Cockerill said(Schappert 1). Using PC, mobile device, or IPads should be limited to a certain amount of availability. Stefanie Schappert recommends that the security of data and users is tightly controlled, that authentication procedures should be implemented, and that baseline user behavior be monitored.
As for me in the future , I would be more cautious and extra skeptical when Attackers would think I’m the most vulnerable. This article showed me in cybersecurity you can never really let your guard down while working or not. It just takes one bad email to give you the easy target representation.
Source:
Schappert, Stefanie. “Labor Day phishing threats rising as remote workers embrace holiday mode”. Cybernews, 1 Sep. 2023
https://cybernews.com/news/labor-day-phishing-threats-rise-as-remote-workers-embrace-holiday-mode/
Comparative Rhetorical Analysis
Jade Ames Moore
ENGL 211C
Professor Susan McAlister
9 October 2023
Why should companies train their staff on cyber security?
Cybersecurity is becoming the top priority for huge businesses, offices, online activity, healthcare, small businesses, famous individuals, and just normal individuals. Cybersecurity helps and repair malware from ransomware for the defense side; They can also be on the offense side where they test the system to find any vulnerability. In these two articles, which are completely different, you’ll see the Comparative Analysis on a peer reviewed article “ Human Factors on Cybersecurity: Designing an Effective Cybersecurity Education Program For Healthcare Staff”, by Maria Waddell. Then we have the popular market article “Help Employees Understand the Importance of Cybersecurity” by Karen Adams. With comparing these two articles we’ll see the difference between a peer reviewed article and a popular market article.
In Karen Adams article “Help Employees Understand the Importance of Cybersecurity ” popular” market article, it discusses how educating employees on cyber security can prevent cyberstalking, phishing attacks , privacy risk, and how to detect an attack. The article gives us some background information on how, because of covid and many employees at work using their PC’s and personal devices that no one in the companies IT department can reach, working at home makes you vulnerable to a cyber attack. Not being able to receive all your resources that you would on the company computers, like firewalls, makes you more vulnerable. They also go into depth on how training employees’ cybersecurity for their company will also lower phishing attacks. Having control and knowing how to avoid clicking on a phishing link cna lower the cost of ransomware. Ransomware is the racket of when a cybercriminal makes a malware, in this case you can think of a virus, and cuts all control from the company, so that the cybercriminal can take over the network. To restore this network these cybercriminals ask for money in return, if not they can destroy data, if a ransomware is in a hospital they can cut off all electricity which can endanger patients.
In Maria Maddell article “ Human Factors on Cybersecurity: Designing an Effective Cybersecurity Education Program For Healthcare Staff”, peer reviewed article, we see that a resilient workforce complements technical protections, reducing organizational risk, when leaders promote cybersecurity education that emphasizes human factors of cyberattacks. This article is more on social science and is engaged in the professional field. This article has a detailed and rightful format of a peer reviewed article. This essay shows the ethical problems , the declaration of conflict interest, the acknowledgement, and even the designing future of training staff on cybersecurity. With this arctic they also explain and define what most keywords are so just in case the reader doesn’t understand what they’re coming from , they give the reader background information.
In the popular market article, some of the references are highlighted in the text with no intext citation. The headlines are a different color than the font and they have a referenced picture that’s not cited. There’s not much of an abstract or introduction, I feel like it gets straight to the point. I would use this article if I needed a surface of information on why companies should train their employees on cybersecurity. The article gives me basic knowledge and how to prevent cybersecurity attacks. It is on the short side so it’s not very lengthy or has a reference list like the peer reviewed article. I believe the peer reviewed article if you want a more in depth, look at both sides, and credited article i would recommend the peer reviewed article. It gave more details than the popular market article did and it also made more sense. Some similarities are the basic concepts, they both gave reasonable reasons on why companies should train their staff in cybersecurity.
All in all, “ Human Factors on Cybersecurity: Designing an Effective Cybersecurity Education Program For Healthcare Staff”, by Maria Waddell, and “Help Employees Understand the Importance of Cybersecurity” by Karen Adams are not the same. As a result of peer review, the quality of education in the sector is improved and the integrity of the sector is enhanced. It’s the most reliable and valid . The comparison of these two articles show where and what is the best resource to get information from.
References:
Adams, Karen. “Help Employees Understand the Importance of Cybersecurity”. Society for Human Resource Management (SHRM), https://www.shrm.org/resourcesandtools/hr-topics/technology/pages/help-employees-understand-the-importance-of-cybersecurity.aspx
Waddell, Maria. “Human factors in cybersecurity: Designing an effective cybersecurity education program for healthcare staff”. Sage Journals, 8 september, 2023. https://journals.sagepub.com/doi/full/10.1177/08404704231196137
RESEARCH PAPER FINAL
Jade Ames Moore
ENGL 211C
Professor Susan McAlister
9 October 2023
What is Ransomware?
The medical community always recommends everyone to get a flu shot each year, right? However, we see opportunities in these threats and are taking steps to take advantage of them. However, compared to PCs, smartphones, tablets, and enterprise networks, which do not have predictable seasonal infections, it’s always flu season for them. Malware, on the other hand, can cause users to fall ill instead of feeling chills and body aches. No antivirus software can project 100% protection against these attacks. Over 300,00 malwares are created everyday, and malware is the key to these Ransomwares. As an attempt to show how to avoid these malicious practices, I will explain what ransomware is, who is most likely to be affected, and how business downtime affects businesses.
What is Ransomware and how damaging can the Malicious Bug can Damage A System
Before we go deep and share my knowledge on Ransomware, first we need to understand the project of what ransomware is and how damaging the malicious bug can damage a system. Ransomware is the form of a malicious attack that takes control of important documents , locks you out of the system and demands money. In return you get your information back, hoping it’s not corrupted. Just because these companies or the government pay off their money, doesn’t always mean documents haven’t been infected. In this peer reviewed article this will show the insight and definition of ransomware. “The name “ransomware” comes from the ransom note asking its victim to pay some money (ransom) in return for gaining back access to their data or device, or for the attacker not to divulge the victim’s embarrassing or compromising information “( Hull et al. ). This could be considered black mail if these attackers go for federal institutions or even personal users, which would be considered rare. Infectious software applications, infected external storage devices, e-mail attachments or compromised websites are all common ways in which these malicious bugs spread. These perpetrators know that they have affected your network once they’ve gathered all information and data to take down an establishment if they don’t receive the money amount they desire. Once that step is acknowledged, they send a message on the company’s network indicating their presence. You know how movies or TV shows mimic what happens in real life and they seem unreal and fake. From what I’ve seen, especially the Grey’s Anatomy Ransomeware episode, I find them realistic and believable.
Now that we know what a Ransmoware is and how the malicious bug can slither through a network, let’s take a look at what the malware can do afterwards. After the ransomware and you receive your lost data/ files and important documents back, the scale of the damage depends on the target and how strong the recovery will be. You’ll begin to have slow computer performances. Your company computer, PC, or any other device that was a victim of this crisis will show erratic computer behaviors such as not being able to start a program, web pages are unexpectedly added to your browser, and instances of your browser appear to display website advertisements when you use your browser to view websites. This is due to the damage of hardware and software. Having damage to a software is a fixable situation but if your computer is hit all the way to the hardware, your computer is most likely done for.
Who Would Most Likely Become a Victim Of Ransomware?
When these cybercriminals choose who will become a victim of these malicious acts, they have to go for where they’ll make the most money out of their crime. Sad to say but with how educated and knowledgeable criminals are, they go for whatever is in the most demand and with urgent recovery, that would be the healthcare system. Healthcare is the top target for Ransomware and that is a huge concern. The attack on healthcare can result in life or death. With this development with new technologies and techniques, hospitals use computers, Ipads, and many other electronic devices to keep record on when and why someone is taking medication. Any health issue requires medical details or reports to help doctors determine the next phase of treatment. Ransomware attacks can have severe implications for healthcare if they lock the data and make it inaccessible.
This is not only just a life threatening issue but also the exposure of personal data health. This information is used to benefit the cybercriminal. They use patient information to sell data on the dark web. “In this cohort study of 374 ransomware attacks, the annual number of ransomware attacks on health care delivery organizations more than doubled from 2016 to 2021, exposing the personal health information of nearly 42 million patients. During the study period, ransomware attacks exposed larger quantities of personal health information and grew more likely to affect large organizations with multiple facilities” ( Neprash et al). While this patient can file a lawsuit against the given hospital for the exploitation of their personal information, this doesn’t change the fact that their data is already exploited and make them a target to a personal or black mail ransomware.
Business Downtime
Paying the ransomware doesn’t always mean it’s paid off. What I mean by this is many companies have to restore data they can hopefully recover. If they had Cybersecurity insurance it may be easier to recover but not promised. A perfect example business wise of a Ransomware attack where they had business downtime is the cyberattack that forced shutdown n with Colonial Pipeline. Colonial Pipeline is one of the largest fuel pipelines in the United States. This led to a widespread panic on the east coast because of the lack of gas supply. Even though the CEO immediately authorized the $4.5 million dollar Ransomware within two hours, it still took six days for Colonial Pipelines to shut down for information to be restored. Many companies can’t afford being down for too long because of supply and demand. In this next article citation by Delphix this details how degrading a ransomware can be. “Many organizations feel tremendous pressure to pay ransoms because they can’t afford to be offline or locked out of mission-critical systems and applications for days or weeks. The average downtime a company experiences after a ransomware attack is 21 days” (Delphix). Many breaches after they pay for the ransomware still have to pay double the amount that paid just for recovery. These companies then have to upgrade all their Informational Technology devices and triple up on security.
solutions:
Antivirus and AntiMalware Software Detection
“Comprehensive antivirus and anti-malware software are the most common ways to defend against ransomware”(Chin). With how damaging a virus and malware is, you need to detect them as soon as possible to lower the damage of technical devices. In contrast to antivirus software, anti-malware software ranges from virus detection and removal to preventing all kinds of malware, including Trojans, worms, and adware from infecting a computer. While both of these programs are created to protect and detect your systems from malicious malware, antivirus software is specifically used to detect viruses, worms ,and other trojans; while malware is used to detect new advanced malicious practices. Both of these programs work best together to create a prepared and aware system. Antivirus and Antimalware can do wonders for detection but they can’t prevent these malicious bugs, they can only detect and defend. Viruses and malicious software are not the only threats that antivirus and anti malware software tackle. Additionally, they can extend the life of your computer. The health of computers tends to be better when they’re not attacked by malicious software. These programs can detect and remove threats but they can’t prevent malware or viruses from happening. Nobody can. No matter how educated or prepared a person is, they cannot prevent these actions that can only be prepared and know how to recover from the inconvenience.
Keeping Systems Updated
Another way to prevent Ransomware is keeping all your data, web browser, operating systems, and all other softwares up to date. You should always keep up-to-date with the latest versions of malware, viruses, and ransomware to prevent your computer from being infected. The first thing the attacker seeks for is vulnerability and the easiest way into a system. Updates are made to keep up with all the new malicious virus that comes over time. Knowing that new trojans are made everyday, companies need to keep up with this practice. With a system not being up to date, it’s like a walk in a park for the attacker. In order to continue with business as usual, many people choose to ignore or remind themselves later when recommended updates pop up on their screens. However, delaying software updates repeatedly may leave your computer vulnerable to cyber threats and result in more serious issues. Just one update can cause a disturbance to a system.
Normalizing Basic CyberSecurity Training
Cybersecurity is becoming the top priority for huge businesses, offices, online activity, healthcare, small businesses, famous individuals, and just normal individuals. Cybersecurity helps and repairs malware from ransomware for the defense side; They can also be on the offense side where they test the system to find any vulnerability. Educating employees on cyber security can prevent cyberstalking, phishing attacks , privacy risk, and how to detect an attack. “Therefore, in order to combat ransomware, we need a better understanding on how ransomware is being deployed, its characteristics, as well as how potential victims may react to ransomware incidents”(Hull et al). Being educated and having knowledge on the signs of computer invading can lower the damage to a company for the long run. I would personally consider the knowledge of cybersecurity an investment. This would save money, data, and personal information that may be outed.
Conclusion:
In conclusion Ransomware can happen to anyone at any given moment. Ransomware can come down on huge companies, small businesses, and even wealthy individuals for blackmail. Anyone can become a victim no matter how prepared they are. These individuals have to make sure you go through all precautions to lower your chances of getting caught up. Ransomware can put companies out of businesses professionally and money wise. Companies need to keep data up to date, lock in reliable software, and normalize basic cybersecurity training to educate people for the little signs that will make a huge impact; don’t be the one person who didn’t get a flu shot when it was flu season.
Works Cited:
Bischoff, Paul. “Ransomware attacks cost the US $159.4bn in downtime alone in 2021” CompariTech, 19 July 2022 https://www.comparitech.com/blog/information-security/us-ransomware-attacks-cost/#:~:text=In%202021%2C%20576%20US%20organizations%20for%20victim%20to,a%20cost%20of%20%24159.4%20 billion%20in%20 downtime%20alone.
Delphix. “Downtime: The Real Cost Of Ransomware”. Security Boulevard,
Accessed 30 Nov. 2023
“How to Prevent Ransomware Attacks: Top 10 Best Practices in 2023 | UpGuard” Upguard, 15
Nov. 2023 https://www.upguard.com/blog/best-practices-to-prevent-ransomware-attacks
Accessed 30 Nov. 2023
Hardeep, Kaur. “[7 Best Ways] How To Respond To A Ransomware Attack?” PC Error Fix
6 Apr. 2020 https://www.pcerror-fix.com/how-to-respond-to-ransomware-attack
Hull, G., John, H. & Arief, B. “ Ransomware deployment methods and analysis: views from a predictive model and human responses”. CrimeScience, vol. 8, no. 2, 12 Feb. 2019.
https://crimesciencejournal.biomedcentral.com/articles/10.1186/s40163-019-0097-9#citeas Accessed 20 Nov. 2023
Neprash, Hannah T, McGlave, Claire C. et al. “Trends in Ransomware Attacks on Us Hospitals,
Clinics, and Other Health Care Delivery Organizations, 2016-2021” National Library Of
Medicine, vol.3, no.12. JAMA Health Forum. 29 Dec. 2022. https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9856685/
“What is Malware? Malware Definition, Types and Protection”. Malwarebytes 30 Nov. 2023
https://www.malwarebytes.com/malware 30 Nov. 2023
.