Category Archives: cyse201s

Journal #7

Posted on March 3, 2025 | Leave a comment

Review the following photos through a human-centered cybersecurity framework. Create a meme for your favorite three, explaining what is going on in the individual’s or individuals’ mind(s).

Employee security training for everyone who fell for the fake phishing campaign.
“I knew I shouldn’t have clicked that link.”

“This should be enough security!”

“I thought I needed to do all of this extremely technical hacking, but an employee just sent their credentials to me in plaintext through email.”

I think my “memes” ironically highlight several aspects that human-centered cybersecurity. Training gaps in a workforce, misconceptions about security and over-reliance on security tools, and social engineering risks. These all play a critical role in cybersecurity, and are all human factors. Human-centered cybersecurity addresses these issues with systems that account for real-world human behavior.

Leave a comment

Posted in cyse201s, Journal Entries

Journal 6

Posted on February 24, 2025 | Leave a comment

Can you spot three fake websites? [Refer Online Security Blogs, Public Awareness Sites, Academic Resources etc., and cite the source]. Compare the three fake websites to three real websites and highlight the features that identify them as fraudulent.

Placeholder

Leave a comment

Posted in cyse201s, Journal Entries

Journal Entry #5

Posted on February 14, 2025 | Leave a comment

Review the articles linked with each individual motive in the presentation page or Slide #4.  Rank the motives from 1 to 7 as the motives that you think make the most sense (being 1) to the least sense (being 7).  Explain why you rank each motive the way you rank it.

  1. Political
    I list this one as number one. Now more than ever, people are motivated politically. Global politics are so divisive, and it makes a breeding ground for ‘hacktivists’ to make their point.
  2. For Money
    Money rules everything. There are a lot of cases of ransomware infecting hospitals, high-profile corporations and businesses. All of them ask for an absurd amount of money in order to unlock them. Advanced persistent threats also can operate as a black-market business in this way. If it’s profitable, these malicious organizations will take advantage of it.
  3. Revenge
    Employees of any business are the most vulnerable asset to a company. At times, disgruntled employees will arise and have then intent to cause harm, or to “get back” at a business or company for wrongdoing.
  4. Recognition
    Everybody wants their fifteen minutes of fame. This one could also go hand-in-hand with hacktivism, or to prove a point, or to prove skillfulness in hacking. This is where the term “owning” comes from in the hacking community.
  5. Entertainment
    Some people just find enjoyment out of tinkering with their own property and computers, or others. Like the “9to5mac” article points out, this hacker “Tom Liner” scraped 700 million LinkedIn user’s data, just for fun (and profit).

    http://9to5mac.com/2021/07/19/man-behind-linkedin-scraping/
  6. Boredom
    I think this one also ties in to entertainment. Although I don’t see how the article that is posted in the slides tie into how boredom influences those particular crimes.
  7. Multiple Reasons
    Some people may have their specific reasons not listed. While it is a valid reason, I don’t think this one should be raised above the others, since it would fluctuate on a case-by-case basis.

Leave a comment

Posted in cyse201s, Journal Entries

Article Review #1: Investigating the Intersection of AI and Cybercrime

Posted on February 14, 2025 | Leave a comment

The article I chose to review is a study published in the International Journal of Cybersecurity Intelligence & Cybercrime. It explores artificial intelligence as a revolutionary tool, and a growing cybercrime threat. Cybercriminals are misusing and exploiting the new technology to generate new malware, phishing campaigns, and conducting various dark-web activities.

The study and concepts presented touch on a few things we have covered in our lectures, specifically some of the social science principles. We see the principle of empiricism by collecting data from hacking forums and expert interviews. It is often difficult to conduct studies in cybersecurity, because data cannot be collected until after an event has happened. Collecting data from the sources the article uses ensures that their findings are based on observed behaviors.

The study explores a few different questions and hypotheses: How is malicious AI generated content distributed on the web/dark web? Does the media/social media play a role in the distribution of the maliciously generated content? How can cybersecurity professionals improve to prevent AI based threats? The study’s purpose is to understand how AI-generated security threats spread, how the technology is being misused, and how to address these issues.

With AI technology developing so quickly, and becoming very convincing, it can be used to target the elderly, who may not understand the technology, or digitally illiterate groups. Victims in these digitally marginalized groups can easily fall prey to generated misinformation and Deepfake scams. The study addresses these groups and highlights them as being at a heightened risk of being targeted. It addresses the issue of these groups lacking quality access to cybersecurity education and resources.

To summarize, from a societal perspective, the study contributes an awareness to the growing issue at hand with artificial intelligence, and its role in cybercrime. It is a growing threat and becoming increasingly easier and accessible to generate malicious content. The study calls for regulation and cybersecurity awareness, naming them as essential countermeasures, as well as imploring future research to explore long-term solutions for artificial intelligence based cyber-threats.

Citation:
Shetty, S. , Choi, K. & Park, I. (2024). Investigating the Intersection of AI and Cybercrime: Risks, Trends, and Countermeasures . International Journal of Cybersecurity Intelligence & Cybercrime, 7(2), – . DOI: https://doi.org/10.52306/2578-3289.1187


Available at: https://vc.bridgew.edu/ijcic/vol7/iss2/3

Leave a comment

Posted in Article Reviews, cyse201s

Journal Entry 4

Posted on February 10, 2025 | Leave a comment

Review Maslow’s Hierarchy of Needs and explain how each level relates to your experiences with technology. Give specific examples of how your digital experiences relate to each level of need.

Our lives are becoming increasingly digital. As such, Maslow’s Hierarchy of Needs can apply to multiple areas in our digital lives. When we consider basic survival needs like food, water and shelter, there are services available that can deliver groceries (food and water) directly to your doorstep. You can sign a lease for an apartment without needing to even see the place, or close on a house and sign mortgage papers instantly.

Safety needs, defined by Maslow’s, can be fulfilled digitally through securing your online identity, assets and information. Antivirus software protects you from harmful malware and viruses. VPN’s encrypt your traffic, and keep it hidden from a potential attacker. Password managers make it easy and convenient to store passwords, and allow you to generate complex random passwords.

All in all, Maslow’s Hierarchy of Needs is definitely still relevant as it pertains to our digital lives.

Leave a comment

Posted in cyse201s, Journal Entries

Journal #3

Posted on February 3, 2025 | Leave a comment
Image source: https://www.griffinhouseconsultancy.co.uk/blog/when-do-i-need-to-report-a-data-breach/

Visit PrivacyRights.org to see the types of publicly available information about data breaches. How might researchers use this information to study breaches?

PrivacyRights.org provides information about just that. Their goal is to help inform people of their rights and choice they may be able to make to protect themselves. They offer information about various data breaches that extends into the tens of thousands of incidents. These records provide detailed information about each incident that breaches privacy rights. This can be an invaluable resource for researchers attempting to conduct archival research and find more information about specific events, how they were handled, who it impacted, and the effects that came from an incident. From this information, they could utilize it to perform trend analysis, assess the impact of an incident, and use it to inform new policy. 

Leave a comment

Posted in cyse201s, Journal Entries

Journal #2

Posted on January 30, 2025 | Comments Off on Journal #2
image source: https://www.apu.edu.my/our-courses/postgraduate-studies/masters-degree-programmes/master-science-cyber-security

Explain how the principles of science [Empiricism, Determinism, Parsimony, Objectivity etc.,] relate to cybersecurity?

As a social science, the principles of science (such as empiricism, skepticism, parsimony, determinism, etc.) still apply when it comes to cybersecurity. Some aspects can be more difficult to conclude at times, as opposed to natural science counterparts, since there can be more gray areas in social science disciplines. However, when we consider the principle of skepticism, for example, we can consider and question aspects of a cybersecurity incident or an implementation of a system: How reliable is the data? Could it be a false positive/negative? Could the data be manipulated?

Another example could be the principle of parsimony. As cybersecurity professionals, it works in our favor to simplify our systems, documentation, and our communication to non-tech personnel. Simplification makes sure that everyone can understand a system, or the results of a report.

Considering the principles of science, and applying them to cybersecurity as a social science helps build strong, understandable systems in an ever-evolving cybersecurity landscape.

Comments Off on Journal #2

Posted in cyse201s, Journal Entries

Journal #1

Posted on January 30, 2025 | Comments Off on Journal #1
image source: https://0xinfection.github.io/reversing/pages/part-27-x64-assembly-part-1.html

Review the NICE Workforce Framework. Are there certain areas that you would want to focus your career on? Explain which areas would appeal the most to you and which would appeal the least.

I’d like to focus my cybersecurity career within the “Design and Development” work role category. Many of the roles I find interesting, but specifically I find the “Technology Research and Development” role interesting. This role is responsible for the development, engineering and research of software and systems security. Ultimately, a career as a security researcher or reverse engineer is my goal. I excel in situations where problem-solving is necessary, and hunting for threats and vulnerabilities in systems requires finding problems in order to solve them before they become dangerous. I think it’s necessary to understand how a system or software can be attacked or compromised in order to defend it.

Comments Off on Journal #1

Posted in cyse201s, Journal Entries