Cybersecurity, Technology, and Society
Analytical Paper
In today’s world we are always on or nearby a cell phone or a computer with all our personal information, banking information, and much more information that could cripple us or our loved ones if we got hacked. Which is imperative for not only cybersecurity professionals but for all of us to be ready for a cyber-attack. It is important for us to be knowledgeable of certain tactics hackers use to hack into our accounts or networks
For the first cybersecurity event to be mindful of is called phishing. “There have been an increasing number of cybersecurity events that have happened in the U.S. electric subsector, although, many of these have been largely unsuccessful. Methods of these cybersecurity events impacting the grid have been mainly limited to gaining access through phishing emails with malicious links with the hopes to gain access and connect to a network.” (“Electric Grid Security,” 2016) “Phishing is defined as a criminal activity using social engineering techniques that enable phishers to attempt fraudulently acquire sensitive information, such as passwords, credit card details, national identification information and much more.” (Alsayed, A., & Bilgrami, A. 2017). These emails could have malicious links with hopes of individuals clicking on them so that they gain access to their information that way or asking for individuals reply to
with their personal information. Then a scammer will use that information to open new accounts or invade the individuals already existing accounts. Many companies face hacking and phishing attacks, but one in particular that I think has to stay on their guard all the time would be financial institutions since all banks around the world have some type of electronic banking set into place. The phishing attack has become one of the most common financial crimes in recent years. Phishers can even breach the security of a bank after they access user’s financial information; then, they conduct a wide range of illegal activities. Online banking users are more vulnerable to e-banking frauds, when they conduct any financial activity through the web, such as transferring money. Phishing attackers can also breach the security of bank websites by using sophisticated technologies such as the Man-in-the-Middle Attack. The attackers’ goal is to access to bank users’ data to harvest money or conduct financial frauds for their own benefits, such as transfer of funds and purchasing goods.
Secondly, I believe it is important to know the shocking information on how strongly Small Businesses should take cybersecurity seriously. According to “The Impact of Cyber Security on Small Businesses” power point, the National Small Business Association, also known as NSBA, found that “half of all small businesses report they have been the victim of a cyber-attack – up from 44 percent just two years ago. Among those who were targeted, 68 percent reported being a cyber-victim more than just once.” (“The Impact of Cybersecurity on Small Business.”). With small businesses having limited number of resources to secure themselves as well as multi-million or billion-dollar corporations, they still need to have options to protect themselves from cyber-crimes. Some options that they can do ensure that their business and private information is protected is, one set up firewall security for their internet connection. “A firewall is a set of related programs that prevent outsiders from accessing data on a private network. Make sure
the operating system’s firewall is enabled or install free firewall software available online.” (“Federal Communications Commission.” 2023) Two, is to make backup copies of important business data and information. “Critical data includes word processing documents, electronic spreadsheets, databases, financial files, human resources files, and accounts receivable/payable files. Backup data automatically if possible, or at least weekly and store the copies either offsite or in the cloud.” (“Federal Communications Commission.” 2023) Finally, the third is to control physical access to all computers and create user accounts for all employees. By doing this it will be able to prevent access or use of business computers by unauthorized individuals. Even though these options might not stop every cyber-attack or crime, they will definitely be able to help better protect small businesses and their assets.
Finally, after learning about the cybersecurity event known as phishing, as well as the impact on Small Businesses. I felt that it was important to touch on Cryptography, and how it can benefit us with authenticity and integrity. “Cryptography is an information security tactic used to protect enterprise information and communication from cyber threats through the use of codes.” (Morgan, N. 2022). In the security environment, integrity refers to the fact that information systems and their data are accurate. “If a system possesses integrity, it means that the data in the system is moved and processed in predictable ways.” (Morgan, N. 2022) “Cryptography ensures the integrity of data using hashing algorithms and message digests. By providing codes and digital keys to ensure that what is received is genuine and from the intended sender, the receiver is assured that the data received has not been tampered with during transmission.”. (Morgan, N. 2022) “Integrity is used to make sure that no one in between sites A and B has changed any of the shared information. Therefore, a hash is calculated and added to the packet. this can be achieved by using the hashing algorithms like MD5 and SHA (1,2). If you really want to make
sure that that no one is even able to modify the hash, HMACs are used.” (“Authenticity, confidentiality & integrity – general questions.” 2017) “Authenticity is the act of proving one’s identity. Whenever we go to a website like Gmail or Facebook, we are prompted to enter our username and password. By entering these credentials, we are proving ourselves to the server. That is one form of authentication called Basic Authentication.” (Marisetti, M. 2021) To achieve these different kinds of techniques can be used, pre-shared keys that are configured on both sites, Elliptic Curves or RSA as public and private key algorithms.
After touching on some very basic impacts of cybersecurity compared to how many ways hackers can steal your information from you, your friends, family, and even your business. Cyber criminals are become much craftier with new hacking techniques every day to gain access into your personal information. So, it is very important to watch what emails you click on, as well as what sites you access to better protect yourself from a cybersecurity attack. I chose from these three discussions to go over because one is a way hackers target you. Another is how cybersecurity can benefit your business. Finally, an important tool you can use to communicate with the use of a code hackers will have trouble interpreting to keep you safe from being attacked. I hope you were able to learn something from the information I have provided gathered from the knowledge gained from this semester. I have a long way to go, but it is important to keep focused on cybersecurity to keep yourself safe against hackers.
Works Cited
Electric Grid Security and Resilience – Department of Energy. (2016, June).
https://www.energy.gov/policy/articles/electric-grid-security-and-resilience-establishing-
baseline-adversarial-threats
Alsayed, A., & Bilgrami, A. (2017, January). E-banking security: Internet hacking, phishing
attacks, analysis and … https://www.researchgate.net/profile/Anwar-
Bilgrami/publication/315399380_E-
Banking_Security_Internet_Hacking_Phishing_Attacks_Analysis_and_Prevention_of_Fra
udulent_Activities/links/59f19d7c0f7e9beabfca5f17/E-Banking-Security-Internet-
Hacking-Phishing-Attacks-Analysis-and-Prevention-of-Fraudulent-Activities.pdf
The Impact of Cybersecurity on Small Business. (n.d.).
https://drive.google.com/file/d/1YokA-b8nQZtx88aZFXuSEF2Zfo5ZuL6Y/view?pli=1
Federal Communications Commission. (2023). Cybersecurity for small businesses.
Cybersecurity for Small Businesses. https://www.fcc.gov/communications-business-
opportunities/cybersecurity-small-businesses
Morgan, N. (2022). The role of cryptography in information security. Triskele Labs.
https://www.triskelelabs.com/blog/the-role-of-cryptography-in-information-
security#:~:text=Cryptography%20ensures%20the%20integrity%20of,been%20tampered
%20with%20during%20transmission.
m4ik, m4ikm4ik 9111 gold badge11 silver badge66 bronze badges,
LimitLimit 3, Dan UjvariDan Ujvari 1911 bronze badge, &
ThoriumBRThoriumBR 53.6k1313 gold badges135135 silver badges151151
bronze badges. (2017, February 1). Authenticity, confidentiality & integrity – general
questions. Information Security Stack Exchange.
https://security.stackexchange.com/questions/148173/authenticity-confidentiality-integrity-
general-questions
Marisetti, M. (2021, September 28). Authenticity in cryptography. Medium.
https://medium.com/@mohithmarisetti_58912/authenticity-in-cryptography-a7cc24a016a5