How the Principles of Science Relate to Cybersecurity
The principles of science can guide the cybersecurity discipline, much as they can for the social sciences. Relativism, objectivity, parsimony, skepticism, ethical neutrality, determinism are all considered fundamental principles of science and should be applied to the field. Where the social sciences struggle to match the “harder” sciences is in their ability to conduct experiments. The cybersecurity discipline, with its significant overlap into the social sciences, is no different. Constructing more “classic” experiments would be difficult, if not impossible, and any experimentation can raise ethical concerns.
In What Ways Can Researchers Utilize Publicly Available Information about Data Breaches?
PrivacyRights.org maintains a comprehensive database of data breaches. Breaches are tagged by type, state, organization, date, and other attributes. This data is a trove for researchers, as it can demonstrate trends. For example, the database shows that the overall number of breaches peaked in 2019. A researcher may use this to prove the efficacy of current countermeasures using statistical methods. Additionally, an increase of breaches in a particular sector or of one modality over another over time may point to where additional research is most needed.
Maslow’s Hierarchy of Needs and How Each Level Relates to Experiences with Technology
Our dependence on technology maps well on to Maslow’s Hierarchy of Needs. Critical systems like the power grid and the Internet could represent basic needs. So much of the modern world depends on these and, with power in particular, their loss could threaten human physical well-being. Social interaction with others on the Internet and the websites and apps that support this can map to psychological needs. Finally, use of digital tools to create art or programming to create novel applications can provide for self-fulfillment needs.
During Hurricane Sandy, I lost power for nearly a week. This resulted in a quick slide down Maslow’s pyramid. First, I realized I no longer had access to music creation tools, games, and other conduits for personal creativity. Next, I realized that use of social media and email was limited to a phone quickly losing its charge. Finally, in addition to causing me to lose the ability to charge my phone, the loss of power prevented me from warming my apartment. My concerns about all the above quickly faded when I realized I was at risk of hypothermia from the cold.
Cyber Offending Ranked
- Money
- Political
- Multiple reasons
- Entertainment
- Boredom
- Revenge
- Recognition
Certainly, the motive that makes the most sense to a cyber offender would be the desire for money. Money “makes the world go round” and can service many of the other motives listed. Offenders acting out of this motive tend to be among the most sophisticated (e.g. organized crime).
Political motivations would be next on my list. People’s political beliefs can be powerful motivators causing all manner of aberrant behavior. When these attacks are done by individuals or small groups, they are of moderate sophistication. When carried out by state actors, they are of the highest sophistication (e.g. Stuxnet).
Multiple reasons would be next as it is difficult to separate motivations of all the remaining motivations. For example, a bored high school hacker may seek entertainment in a hack while seeking recognition for his online identity. It would be difficult to weigh how much of a role entertainment, boredom, or recognition played in each hack.
Revenge is near the bottom of the list. It may be a more powerful motivator than boredom, but the cases would be much less frequent.
Recognition would be at the bottom of the list only because it is hard to get personal recognition behind the digital veil of the internet. Broad notoriety only comes after an offender is caught (though some limited recognition among a group of hackers is likely prior).
How Can You Spot Fake Websites? What Makes the Fake Websites Fake?
Fake websites often use similar looking names, resembling an actual website. For example, “paypa1.com” was used for PayPal scams. A link sent with this URL at quick glance could look like the legitimate “paypal.com.”
Websites may also offer exclusive and/or limited-time deals, pressuring users to act quickly in clicking links or paying for products that may not exist or that may be counterfeit. Nike has filed suit against sites impersonating legitimate sneaker sellers.
Finally, typo squatting is used to trick users into engaging with fake sites. These cases may use a replacement of the top-level domain (e.g. “.biz” in place of “.com”) or an extra letter in a name or word. “Fallwell.com” was one such site, impersonating the site of Jerry Falwell and posting messages in direct opposition to those on his site.
How the Media Influences Our Understanding about Cybersecurity
The media, to include television shows and movies, seeks to entertain. There is often great license taken in depicting cyber events (it may also be that the producers of content do not have the knowledge to accurately depict events). The average viewer may not have the technical savvy to recognize this deviation from reality. This can result in the propagation of misconceptions about hacking, for example, that are not useful in the support of accurate cybersecurity knowledge transfer, which would be a public good.
The Social Media Disorder Scale
The Social Media Disorder scale measures levels of social media addiction. While I do not use social media outside of the occasional update to my LinkedIn profile or communication on the platform, I have known people who would likely not test well on this scale.
The items of the scale effectively test ways in which social media use bleeds into the rest of one’s life. Someone who tested high on this scale would be in service to the social media platform instead of the platform being a tool to be used in service of the individual. At this point there would be mental health concerns.
It is interesting that different patterns of social media use might be found across the world. It is likely that a large part of it is simply access: is the country so poor that access to Internet-connected hardware is more difficult to obtain and/or is there less time for online entertainment while meeting basic human needs is a struggle? I would like to see a study that controlled for access and teased out any cultural differences.
“Social Cybersecurity: An Emergining National Security Requirement” by Beskow, D. M. & Carley, K. M.
Defense agencies are waking up to the threat of cyber-mediated changes in the social space. The emergence of social cybersecurity as a subdomain is the result of the effort to study and protect against this. According to the authors, today’s technology allows state and nonstate actors to manipulate the global marketplace of ideas at the speed of algorithms. Two changes are enabling this: decentralization of media and physical presence no longer being required for access to a population (i.e. governments cannot isolate a population from foreign content on the internet).
Maneuver by threat actors can take the form of information manipulation or network alteration. Examples of information manipulation include misdirection, hashtag latching, smoke screening and threat jacking. Examples of network manipulation include opinion leader co-opting, community building, community bridging, and false generalized other. These modalities are enhanced using bots, often working as human-bot hybrids.
The challenge to combating malicious attempts to alter the social and political landscape is that, in a free society, inputs into media that do this cannot be blocked without violating free speech. Instead, society needs to be strengthened prior to an effort, or the effects need to be mitigated after. I agree with the authors that the greatest strategic weakness for any country is internal, not external, and the above challenge may be the greatest in cybersecurity.
How the Role of Cybersecurity Analyst Relates to Social Behaviors
While the role of a cybersecurity analyst can vary from company to company, it is effectively responsible for being a first line of defense in monitoring the network. This includes responding to incidents, such as phishing attempts and intrusions. For these incidents, you are expected to identify human behavior that is directly putting your organization at risk and triage it.
It is also valuable to get involved with the community for career networking. This will allow you to find the next job by getting to know contacts in the industry. Various social organizations can facilitate this effort by hosting events and meet-ups.