Cybersecurity and Computer Crimes: Difference between revisions
| Line 82: | Line 82: | ||
----- | ----- | ||
The first thing that comes to mind about cyber security and computer crimes are the financial errors in stock markets. As a stock trader, I get rather fearful when potential security issues happen. I’m not sure if they count as security issues, or… issues with their algorithms or partially hacking. Those would result in crashes. The second thing that comes to mind are those “reputation hijacking” (ref 1) on social networks. A family member of mine had this happened to her. She was using the application Line, and somehow pressed a bad link which asked for her logins. That wasn’t a smart move, but for a novice internet user, they would likely follow those instructions assuming it is legitimate. The end result was a long process of letting her friends know it was a hack, and to secure potential credit card information, etc. Therefore I really liked reference 1 which shows all the potential hacks others could do to a PC. I would suspect I had personally experienced a few of them. | |||
Reference 2, 3, and 4 becomes very exciting to see the power of hackers obtaining information of normal citizens. Are we really safe by providing our information to corporations online? 77 million user accounts hacked, that is quite something. Not only is privacy an issue here, it also questions if authorities have what it takes to prevent these issues from happening. Sony not announcing it till Tuesday was, in my opinion, also a breach of it’s customers’ trust. It does raise a fair point of how the hackers will use the information that was illegally obtained. Will there be an outlet for the hackers to use it? Are these hacks individual, or are they political? It appears that hackers are yielding too much power. I still hold by my beliefs that “winners” take all. The winners get everything. Once a hacker cracks a code; that’s it, they can decrypt everything and obtain everything. Of course, as the US claims, it was hackers from Korea, most likely due to the release of The Interview. Personally I think it isn’t as bad as Team America that was released 10 years ago. | |||
As I mentioned for last weeks readings, Anonymous has a lot of power. Not exactly sure if it is a good thing or a bad thing. But we should also consider if what they’re doing is just or not. Is it just to give “justice” to the ones they think deem it? Are they above the law? I’m not sure. As Operation Payback and Project Chanology has showed us. Were they really being just for doing what they did? Were they off base? I think the founder of Scientology website does have a point… | |||
Heldal-Lund commented, "People should be able to have easy access to both sides and make up their own opinions. Freedom of speech means we need to allow all to speak - including those we strongly disagree with. I am of the opinion that the Church of Scientology is a criminal organisation and a cult which is designed by its delusional founder to abuse people. I am still committed to fight for their right to speak their opinion." | |||
So it is therefore unconstitutional for what Anonymous did. This also led me to think about Edward Snowden. Was he really doing good for society, or was he doing it for fame, and his own ideals of justice? What constitutes as constitutional? This argument was shared by the United Kingdom Intellectual Property Office too, as they had said the below after Operation Payback. | |||
“The United Kingdom Intellectual Property Office said that when its site was attacked, those responsible were depriving its citizens of access to information they have a democratic right to access. Other critics claimed the attacks restricted Gene Simmons' right to free speech.” | |||
Anonymous is not pro-democracy. They want to dictate what is right or wrong in their own hands. If they did things that reflected what people really believed in, then I believe they have done things “just”-ly. But to deprive people of their basic right to speech and beliefs; I’m not so sure. Was it a troll taken too far? | |||
There have been increasing amounts of threats that we face, such as “Destroy Obama Care”. Also forbes gives a whole list of the top 20 data breaches. They are increasing in numbers, and it seems like corporations don’t know what to do. Just as technology has enhanced their reach, they would also be required to invest in technological defense against these potential hackers. It also feels that law really lags behind technology a lot. Technology advances so quickly that law requires time to pass. The amendments to the CFAA, which occurred many times. I believe there needs to be a better way to enforce new laws at the same pace as technological advancement, otherwise law would always be a step behind. | |||
References: | |||
http://krebsonsecurity.com/wp-content/uploads/2012/10/HackedPC2012.png | |||
http://www.reuters.com/article/2011/04/26/us-sony-stoldendata-idUSTRE73P6WB20110426 | |||
http://arstechnica.com/security/2014/12/hackers-promise-christmas-present-sony-pictures-wont-like/ | |||
http://arstechnica.com/security/2014/12/us-government-fingers-north-korea-as-the-sony-hackers/ | |||
https://en.wikipedia.org/wiki/Project_Chanology | |||
https://en.wikipedia.org/wiki/Operation_Payback | |||
http://www.csmonitor.com/Technology/2013/1113/Hacking-tool-threatens-Healthcare.gov-site | |||
http://www.forbes.com/sites/moneybuilder/2015/01/13/the-big-data-breaches-of-2014/ | |||
http://www.justice.gov/criminal/cybercrime/docs/ccmanual.pdf | |||
[[User:Caelum|Caelum]] ([[User talk:Caelum|talk]]) 17:32, 28 March 2015 (EDT) | |||
---- | |||
Revision as of 16:32, 28 March 2015
March 31
Last week we looked at hacking as a form of social protest. This week, we take a closer look at the more sinister side of hacking, and the various responses to it. Hacking at its heart involves modifying or intruding upon another’s system. But not all intrusion is socially harmful, and writing laws against hacking have a troubling (and at times, tragic) history of being misused. How big a threat is hacking, really? How should systems respond to hacking? What, if anything, should be the role of government? In what ways can we govern those who don’t consider code to be a governing influence?
Assignment 3
Assignment 3 is due before class today. You can upload that here.
Readings
- Cybersecurity
- Brian Krebs, "The Scrap Value of a Hacked PC (infographic)," Oct 2012
- Bill Hardekopf, "The Big Data Breaches of 2014, Forbes, January 13, 2015
- Liana Baker and Jim Finkle, "Sony Playstation suffers massive data breach," Reuters, April 26, 2011
- Sean Gallagher, "Hackers Promise 'Christmas Present' Sony Pictures Won't Like," Ars Technica, December 15, 2015
- Peter Bright, "US Government Fingers North Korea as the Sony Hackers," Ars Technica, December 17 2014
- Computer Crimes
- United States Department of Justice, Prosecuting Computer Crimes (read pages 1-11: Introduction to the Computer Fraud and Abuse Act and Key Definitions)
- Case studies
Optional Readings
- Intelligence Squared Debate: "The Cyberwar Threat Has Been Grossly Exaggerated" (an Oxford-style debate with Marc Rotenberg, Bruce Schneier, Mike McConnell, and Jonathan Zittrain; watch the video of the debate)
Videos Watched in Class
Links
Class Discussion
There are several types of hacking, including for example reputation hijacking, hacking account or financial credentials and bot activity. This is something that affects private citizens as well as large companies and governments. In the article ”Sony Playstation suffers massive data breach”, that deals with a hacker attack against Sony in 2011, Braker and Finkle write ”In the rush to get out innovative new products, security can sometimes take a back seat.”. The interesting question here is if it will continue the same way, or if consumers will put more pressure on companies to care about security.
The article ”Hackers promise ”Christmas present” Sony Pictures won´t like” deals with other hacker attacks on Sony and the quote ”The sooner SPE accept our demands, the better, of course…The farther time goes by, the worse state SPE will be put into and we will have Sony go bankrupt in the end.” shows what power the hackers can have in the computer based society of today. Hacking can be used to blackmail people, companies and governments.
Operation payback was a group of attacks on opponents of Internet privacy by the decentralized community ”Anonymous”. It all begun with the crisis on Wikileaks, when they were under pressure after publishing secret US. diplomatic cables. Anonymous was on the side of Wikileaks and there it begun. What made me really angry was when I read that Anonymous threatened to disrupt British government websites because the group opposed the possible act of handing over Julian Assange (who is often called the founder of Wikileaks) to Sweden. This is upsetting in at least three ways.
Firstly, it would have been an act that would´ve denied the British citizens information that they by law have the right to access.
Secondly, it is to indirect aggravate a lawsuit since the reason for why the Swedish court system wanted Assange to be extradited was that there had been a subpoena about rape directed towards Assange. To make it difficult for the court system to plead someone guilty or not guilty is a very serious thing to do.
Thirdly, it is illegal and there are other ways of changing laws and systems. The laws are made by the government and the government is chosen by the citizens. To believe that you are above the laws is also to believe that you are above other citizens. Laws are there for a reason and if you don´t like it, you can either vote differently or try to change the opinion in ways that don´t hurt others.
Anonymous acted this way because they believe that information should be free and open for everyone to see. It is therefore very weird and contradictory that they protest through doing exactly what they are protesting against, i.e. limiting and blocking information.
As a conclusion to my thoughts, I want to say that I believe that Internet terror is the future military threat against most countries. It might be on the Internet that our future wars will be held. Consequently, we can´t dismiss crimes on the Internet as ”something that is just on the Internet and not in the real world”, but instead look at the Internet as a natural part of our society. JosefinS (talk) 07:51, 25 March 2015 (EDT)
The first thing that comes to mind about cyber security and computer crimes are the financial errors in stock markets. As a stock trader, I get rather fearful when potential security issues happen. I’m not sure if they count as security issues, or… issues with their algorithms or partially hacking. Those would result in crashes. The second thing that comes to mind are those “reputation hijacking” (ref 1) on social networks. A family member of mine had this happened to her. She was using the application Line, and somehow pressed a bad link which asked for her logins. That wasn’t a smart move, but for a novice internet user, they would likely follow those instructions assuming it is legitimate. The end result was a long process of letting her friends know it was a hack, and to secure potential credit card information, etc. Therefore I really liked reference 1 which shows all the potential hacks others could do to a PC. I would suspect I had personally experienced a few of them.
Reference 2, 3, and 4 becomes very exciting to see the power of hackers obtaining information of normal citizens. Are we really safe by providing our information to corporations online? 77 million user accounts hacked, that is quite something. Not only is privacy an issue here, it also questions if authorities have what it takes to prevent these issues from happening. Sony not announcing it till Tuesday was, in my opinion, also a breach of it’s customers’ trust. It does raise a fair point of how the hackers will use the information that was illegally obtained. Will there be an outlet for the hackers to use it? Are these hacks individual, or are they political? It appears that hackers are yielding too much power. I still hold by my beliefs that “winners” take all. The winners get everything. Once a hacker cracks a code; that’s it, they can decrypt everything and obtain everything. Of course, as the US claims, it was hackers from Korea, most likely due to the release of The Interview. Personally I think it isn’t as bad as Team America that was released 10 years ago.
As I mentioned for last weeks readings, Anonymous has a lot of power. Not exactly sure if it is a good thing or a bad thing. But we should also consider if what they’re doing is just or not. Is it just to give “justice” to the ones they think deem it? Are they above the law? I’m not sure. As Operation Payback and Project Chanology has showed us. Were they really being just for doing what they did? Were they off base? I think the founder of Scientology website does have a point…
Heldal-Lund commented, "People should be able to have easy access to both sides and make up their own opinions. Freedom of speech means we need to allow all to speak - including those we strongly disagree with. I am of the opinion that the Church of Scientology is a criminal organisation and a cult which is designed by its delusional founder to abuse people. I am still committed to fight for their right to speak their opinion."
So it is therefore unconstitutional for what Anonymous did. This also led me to think about Edward Snowden. Was he really doing good for society, or was he doing it for fame, and his own ideals of justice? What constitutes as constitutional? This argument was shared by the United Kingdom Intellectual Property Office too, as they had said the below after Operation Payback.
“The United Kingdom Intellectual Property Office said that when its site was attacked, those responsible were depriving its citizens of access to information they have a democratic right to access. Other critics claimed the attacks restricted Gene Simmons' right to free speech.”
Anonymous is not pro-democracy. They want to dictate what is right or wrong in their own hands. If they did things that reflected what people really believed in, then I believe they have done things “just”-ly. But to deprive people of their basic right to speech and beliefs; I’m not so sure. Was it a troll taken too far?
There have been increasing amounts of threats that we face, such as “Destroy Obama Care”. Also forbes gives a whole list of the top 20 data breaches. They are increasing in numbers, and it seems like corporations don’t know what to do. Just as technology has enhanced their reach, they would also be required to invest in technological defense against these potential hackers. It also feels that law really lags behind technology a lot. Technology advances so quickly that law requires time to pass. The amendments to the CFAA, which occurred many times. I believe there needs to be a better way to enforce new laws at the same pace as technological advancement, otherwise law would always be a step behind.
References:
http://krebsonsecurity.com/wp-content/uploads/2012/10/HackedPC2012.png
http://www.reuters.com/article/2011/04/26/us-sony-stoldendata-idUSTRE73P6WB20110426
http://arstechnica.com/security/2014/12/hackers-promise-christmas-present-sony-pictures-wont-like/
http://arstechnica.com/security/2014/12/us-government-fingers-north-korea-as-the-sony-hackers/
https://en.wikipedia.org/wiki/Project_Chanology
https://en.wikipedia.org/wiki/Operation_Payback
http://www.csmonitor.com/Technology/2013/1113/Hacking-tool-threatens-Healthcare.gov-site
http://www.forbes.com/sites/moneybuilder/2015/01/13/the-big-data-breaches-of-2014/
http://www.justice.gov/criminal/cybercrime/docs/ccmanual.pdf
Caelum (talk) 17:32, 28 March 2015 (EDT)