For this week’s Weekly Writing Assignment, add a comment to this post in memo format that describes what you have contributed to your team’s collaborative project. Include any writing drafts and/or research that you have done. This is a way to maintain accountability for each team member’s contributions and to keep Prof. Ellis apprised of the work that your team members are doing to help bring the project together. Watch this week’s lecture for more details.
12 thoughts on “Weekly Writing Assignment, Week 13”
Leave a Reply
You must be logged in to post a comment.
TO: Prof. Ellis
FROM: Kanak Das
DATE: DEC/01/21
SUBJECT: Network Wireless Security
Paragraph one and two : Introduction
Definition of the Wireless security
The importance of the Wireless security
Overview of the Wireless Technology
Such as: WLAN/Layer Security
Body paragraph Three and Four: Difficulties may encounter
Some Advantages and disadvantages of Wireless Security
Encryption
Threats to the network
Hacking
Paragraph Five and Six: Solve the problem
How it can be solved with strong security and passwords
Security and policies
Materials that needs/Techniques and Technology
Security Technologies
Wi-fi Protected Access (WPA)
Paragraph Seven and Eight: Other Networking Solutions
Security in Public Spaces
If needs use Virtual Private Network (VPN)
Implementation case study. (Web Titan)
Conclusion: Nine and Ten
Make sure to See everything Works
Connect
Avoid untrusted Networks
Future of Wireless network.
TO: Prof. Ellis
FROM: Ron Bepat
DATE: DEC/7/21
SUBJECT: Problem of a network being hack and ways to prevent it.
(Knowledge of the cause and nature of the problem Ron’s Part)
Many Network breaches happen every year and it takes different tactics to fight back these breaches, one of such is having a longer password to make it harder for someone to guess a password. The cause of these breaches happen through an individual who wants to affect others by stealing their information or compromising their information. One of these case studies that would reveal how this process works and why they’re happening. “This year’s study found that only 6 percent of all breaches in 2019 were suffered by financial services firms. However, these breaches compromised significantly more records than those that occurred in other industries. In total, more than 60 percent of all leaked records in 2019 were exposed by financial services organizations.” [#] these results show that the root reason these breaches were happening was because the people doing these breaches wanted to leak companies’ information onto the internet. These results are also current, so this leads to many firms such as financial service firms having weak network security or they don’t focus on their overall security which in turn leads their information to be leaked onto the internet. This is a problem as companies should be focusing on their network security but they may not know they’re being hacked as they’re probably unaware of their situation and letting these hackers obtain their data leaking it on the internet. “This is at least partially due to the Capital One mega breach, which compromised more than 100 million records. Despite this outlier, average breaches in financial services companies still tend to be larger and more detrimental than other sectors’ breaches. Fortunately, they do occur less often. ”[#] After Capital One got breached it seems their customer’s info was leaked onto the internet then people used these people’s leaked information to access other accounts and passwords they had because more likely than not some people use the same password for everything which isn’t good. If an individual wants to protect themselves, they would need to change their passwords frequently or have a long password. Another suggestion would be if they had a password manager, this manager can be bought for s subscription around $1-$4 depending on the subscription and that manager can create long passwords for you and save your passwords and it’s safe as you need a passcode to access this manager. The next section of research pertains to when these problems started occurring to find out when data breaching became the cause of taking network’s data. An article called “Digital thieves dominate data breaches” states “FOR THE FIRST time, hackers have become the biggest cause behind publicly reported data breaches, according to a recent report….That changed in 2009, when about one out of every five data breaches had a hacker behind it.[##]” The root of the problem became more abundant around 2009 as these tools for hacking started to become sold to the general public or found on websites such as Pirate Bay(which is no longer up) for free. Once these tools became more accessible to the public more of these data breaches started popping up and kept on growing as years went by. “A thief who walks away with a laptop is Likely more interested in wiping its hard drive and selling it than in selling its data. But a hacker who invades a company’s network and swipes a trove of credit card numbers is sure to use them or sell them to someone else who will.” [##] Credit card fraud is another problem caused by hacking as stealing someone’s credit card information off companies’ databases is a crime. This criminal activity has plagued many people for years to protect their customers. Sometimes the credit card companies would usually contact individuals if they were making higher purchases than they usually do.
Word Count of this portion: 644
Total word count: 1286 (this is with my prior intro)
I forgot my citations
Citations
“Bitglass 2019 Financial Breach Report: Hacking and Malware Remain Primary Cause of Data Breaches.” Entertainment Close-up, 29 Dec. 2019, p. NA. Gale General OneFile, link.gale.com/apps/doc/A609946808/ITOF?u=cuny_nytc&sid=bookmark-ITOF&xid=38fad655. Accessed 7 Dec. 2021.
Larkin, Erik. “Digital thieves dominate data breaches: theft by hacking is now the top cause of companies’ reported data losses, but a few steps can mitigate the damage.” PC World, vol. 28, no. 4, Apr. 2010, p. 44. Gale General OneFile, link.gale.com/apps/doc/A222678623/ITOF?u=cuny_nytc&sid=bookmark-ITOF&xid=2d7057d8. Accessed 7 Dec. 2021.
To: Prof. Ellis
From: DeAndre Badresingh
Date: 12/7/2021
Subject: Network Wireless Security
The main goal of WEP is “to guarantee confidentiality, authentication and integrity by implementing encryption techniques in the MAC layer to protect link-level data communication security between the clients and the access points.” [1] WEP implements the RC4 algorithm to encrypt information and maintain traffic control. Furthermore, it is vital to note that the keys that are used are not sent to the actual network being used stored in a registry within the network. The steps used for wired equivalent privacy can be summarized as first sending the request for authentication, a response from an access point is given with a test involved, the requesting client has to present the access point with the secret key, the access point verifies the encryption key and if successful, the access point grants the client a data transfer. WPA’s can be described “as a security system is proved to solve many problems with advanced encryption in addition to providing authentication.” [2] In order for WPA’s to be fluent, they rely on Temporal Key Integrity Protocol which helps the WPA’s seek any type of vulnerabilities. In addition to that, networks have IEEE 802.11 security protocol technical standards that include media access controls and other protocols for communication. With that being said, WPA has “…security mechanisms that eliminates most 802.11 security issues and was based on the current state of the 802.11i standard. As 802.11i evolves, WPA will evolve to maintain compatibility.” [1]
Aside from the use of WEP and WPA, there are many more methods that can be utilized that would make it harder if not impossible for hackers to be able to get inside your network. One well known method is the use of a network firewall. Majority of operating systems, personal or business related, have some form of built-in firewall that comes activated and ready to defend. The main utilization for firewalls, just like WEP/WPA is to protect a user from any unauthorized access to data. Firewalls are able to do this by having a filtration system that monitors and tracks the data that is being sent and received. They also scan packets for dangerous codes that can lead to potential harm to files located on your system. Another major form of protection includes being careful of files/folders or messages that you are not aware of. The term that can be used to describe this would be phishing which is when hackers send emails, texts, or calls requesting information from you. This is typically done by informing users of a false event and needing information to verify or get access to that event. If you receive phone calls or messages requesting your information, report those messages at reportphishing@apwg.org.
These are just some of many ways that users can protect themselves from network vulnerabilities. When on a network, it is crucial that the user not only has a strong password, but also other measures noted that can potentially save your network from an unsuspecting hacker. It is also good to note that “Although each different type of wireless network has its own characteristics, applications with security concerns typically require (mutual) authentication, data (and control message) confidentiality, and data (and control message) integrity.” [1] Remember to always be safe and aware when on a network.
[1] L. Chen, J. Ji, and Z. Zhang, Wireless Network Security. Springer Science & Business Media, 2013.
[2] M. Eissa, I. A. Ali, and K. Abdel-Latif, “Wi-Fi protected access for secure power network protection scheme.” International Journal of Electrical Power & Energy Systems, vol. 46, pp. 414-424, 2013, doi: 10.1016/j.ijepes.2012.10.034.
To: Prof. Ellis
From: Roshel Babayev
Date: 12/7/2021
Subject: Network Wireless Security Progress
Our team has managed to have very well-established communication. Here’s what I’ve gotten done so far:
People always tell you to use a strong password but they never explain why or what’s the purpose. A password is a means to prevent unauthorized access to a certain page. The way a network stores the authentication password is by keeping the hashed variant instead of simply having it in plain text. In order to properly understand how to solve the problem, we must first understand what exactly IS the problem. Hashing works by hashing plain text but with the key difference from encryption being that you can’t directly reverse or “decrypt” a hash. While you may not be able to decrypt a hash, you can still bruteforce it. Hashing text goes one way but the result is always the same. This can be exploited by using a large list of possible passwords, hashing them all and creating a dictionary or a lookup table. You can attempt to find the hash in the dictionary and go to its definition (which would be the original plain text) and that allows you to “decrypt” it. You can also bruteforce hashes by generating random text, hashing it and adding it to your dictionary. By using a strong password, you prevent that text from appearing in a word list or from the possibility of it being randomly computer generated resulting in it being cracked.
As mentioned above, the first defense of securing your information and security is with a strong password. Most personal use laptops and workstations rely on what we call wireless local access networks which is essentially a unique network that allows your devices to communicate seamlessly. However, there can be malicious people who would try to attempt to get access to this network. In order to protect against that, granted if you have a strong and secure WIFI password, the next step is the use of WEP and WPA. WEP, also known as Wired Equivalent Privacy and WPA, also known as WIFI Protected Access both work hand in hand to protect your network. In order for these two protocols to work, they rely on a type of encryption called RC4. In short, this encryption is infused into these protocols to navigate and identify any form of unauthorized access to any data. The way they communicate with each other is how “WEP utilizes RC4 encryption algorithm, CRC-32 (Cyclic Redundancy Code) checksum algorithm, and a pre-established shared secret key (the base key) to encrypt the transmission between the clients and APs.” [1]
To: Prof. Ellis
From: Ulises Mora
Date: 12/7/2021
Subject: Network Wireless Security
This week I started to work on my part of the assignment project. I also created the structure of the paper. The following is my contribution for this week.
Technology has been one of the creations that have impacted humanity. We live in a technological age. As technology evolves, the risk of it also increases. We all know that the internet is not a safe place, we are at risk of leaks every time we use it, they may be watching us, and we are not aware. We may even be at risk of hacking, or we may even have been hacked and we still don’t know it. So, we would be in the presence of a huge problem, which is networking hackers. Network or networking is the connection of data or sharing resources between two or more devices. The largest network known so far is known as the internet, which is network of network. Because of that, every time we are on the internet, it is considered as a network, and we would be at risk of being hacked.
In order to understand deeply about the history and some background of “hack” or “hacking” it is important to know the definition of it. According to the Oxford English Dictionary, hack is: ” In full computer hack. A person who is skilled at using computers, either for pleasure or in order to gain unauthorized access to systems or data” [1]. Any attempt to illegally access and manipulate third-party computer systems is considered as hack. Humanity depends every time more and more on technology, specifically the internet, the risks and hacking attempts exist more and more as well, going hand in hand. Hackers are considered as digital thieves, so it would be considered as a crime.
The first time the term hacker was heard was in 1955, it was not in the same context as it is currently known, but it was the origin of this word. According to Catherine Hiley in an article on the website Cybernews, Hiley says: ““Hacking” was first used in relation to using technical know-how back in 1955 at a meeting of the Technical Model Railroad Club. In the meeting minutes, it was used to describe how members modified the functions of their high-tech train sets” [2]. However, t it was not until shortly after the 70’s that the word hack was related to what we know today, mostly cybercrime, about anyone related to deciphering digital security systems.
There have been many cases of big companies hacked such as Yahoo, Google, Apple, etc. Hackers have even messed with highly recognized banks like CapitalOne. In which, both, companies were affected as well as users or customers. In addition to that, staff and students at universities have also been victims of hacking, such as the case of the University of Ohio. According to Jean Marie Angelo, on the article “Making a game of IT security: a slew of higher ed competitions allow students and pros to hack networks,” he mentioned that “The most high-profile at the moment is the case of Ohio University, where Social Security numbers and data belonging to 137,000 people were in the hands of overseas-based hackers for more than a year” [3]. This did not happen just once, but three times in total with different objectives, the last time they were hacking to decipher credit card records.
People are at risk of being hacked, and this increases even more as technology continues to evolve. Wireless network is a very clear example, every day we use it to connect to Wi-Fi and it is something that current human depends on. Without a doubt, it is one of the easiest to hack, according to Harish and Nagarjuna in a post on IEEE Xplore, they mentioned the following: “Wireless networks are the weakest one and most easily targeted without having any physical connection to the network. Hacking using python does not require much technical knowledge and easy to perform due its advantages” [4]. Python is one of the easiest programming languages to use, any programming student can become an expert in using this program, and decipher ways to hack, so that the same students are at risk of being criminals one day, and attack anyone by breaking the codes of ethics. Furthermore, they declared that ” Hackers are finding a new or alternate method for hacking even after employing different Wi-Fi security protocol which overcome the vulnerabilities of the former Wi-Fi security protocol.” [4]. Again, highlighting that nowadays Wi-Fi is used globally and frequently, it is one of the technological tools that makes it easier for humans, but each user is at risk of being hacked due to network hackers, a problem in which it will continue to grow if adequate solutions are not proposed.
References:
[1] “Hack” in Oxford English Dictionary, 3rd ed. Oxford, UK: Oxford University Press, December 2016. Available: https://www.oed.com
[3] C. Hiley, “Brief history of cybersecurity & hacking,” CyberNews, October 2020. [Online]. Available: https://cybernews.com/security/brief-history-of-cybersecurity-and-hacking/.
[3] Angelo, Jean Marie. “Making a game of IT security: a slew of higher ed competitions allow students and pros to hack networks.” University Business, vol. 9, no. 7, July 2006, p. 15. Available: Gale Academic OneFile
[4] H. Musthyala and P. N. Reddy, “Hacking wireless network credentials by performing phishing attack using Python Scripting,” 2021 5th International Conference on Intelligent Computing and Control Systems (ICICCS), 2021, pp. 248-253, doi: 10.1109/ICICCS51141.2021.9432155.
To: Prof. Ellis
From: Shuaixiang Feng
Date: 12/8/2021
Subject: Problem of a network being hack and ways to prevent it.
Network security is the area, subject, or direction focusing on the defense of a computer or network. Before the user uses software to defend the computer, avoiding being the target is also an intelligent way to secure the network or computer. Understanding the hacking motivations may help people prevent being a victim if a person or company has a new product, solution, or formula that will revolutionize or break through in a business area. Alternatively, a person has a good credit rating or credit card that is very attractive, and hackers may prime you for identity theft or botnet target. Alternatively, a person or company has information on another company that is important to someone, such as a competitor. These reasons possibly let hackers mark you as the target for hiring by your competitor or trying to extort money from you. That is economic motivations. Another numerous cases can be summarized as Hacktivism, which means many hackers love to use their skill to do something they feel is justice. This kind of belief system is called Hacktivism. So, if an employee or former employee has become disgruntled and wants to make a point and your company is doing business in a part of the world in the middle of social or political upheaval, Be careful may the next target.
The Internet, computer, or network will get the illness too, but the virus is most coming with hacker attacks. If unfortunately, hacker target on you, hacker attacks are kind of viruses (in biology meaning) into your computer and network, then firewalls are the immune system for the network and computer. So, it is the first line of defense to computer or network. A great and varied firewall can prevent many attacks from the Internet. A firewall can examine traffic as it enters one of its interfaces and applies a rule to the traffic [1 p. 279]. Simply a firewall is permitting or denying the traffic based on these rules. So, inspection and filtering of packets is one of the most fundamental responsibilities of a firewall. Following its responsibilities, firewall can separate as seven functions that use to defend in the network. First, blocking unwanted incoming traffic based on source or destination. The unwanted traffic is normally from attackers, so keep that traffic out the network is how the firewall did. Second, filter outgoing network traffic based on source or destination. Many firewalls can also screen network traffic from internal network to the Internet. For example, you might use a school laptop in high school. In that kind of laptop, student cannot open any website like Facebook and twitch. That is the firewall working on denying the student access to the website. Third, filter network traffic based on content. Denying the network access based on content only install on advanced firewalls that can screen network traffic for unacceptable content. Fourth, detect and filter malware. Following the rise and proliferation of botnets and malware, many firewalls designed to detect infected hosts through packet inspections. The hacker attacks make you packet of data secure yesterday but might not to be tomorrow. Fifth, make internal resources available. In some companies can also configure many firewalls to enable selective access to internal resources, such as a public we server, while still preventing other access from the Internet to internal network. Sixth, allow connections to internal network. This is a common method for employees to connect to a company network is using virtual private networks. The virtual private networks can provide enough security from the Internet to a corporate network. Seventh, Report on network traffic and firewall activities. The firewall can report to user when it is screening network traffic to and from the Internet. The user can know what the firewall is doing, who tried to break into your network, and who tried to access inappropriate material on the Internet. Most firewalls have a reporting mechanism to warning user. A good firewall can also log activity to a syslog or other type of archival storage receptacle.
To: Prof. Ellis
From: Quazi Hedayet
Date: 12/8/2021
Subject: Research Project Update
Significance of Cybersecurity
In our society and economy, digitization is becoming increasingly important. Humans and technology are linked in today’s society via network communication linkages. Such is the era of the internet and cellular devices. Working, playing, shopping, watching movies and serials, having a conversation, composing lyrics to our favourite tunes, ordering meals, making payments, socializing, and greeting friends and family on auspicious occasions are all technology-based activities. It genuinely connects us to ease and elegance. Because of the rapid advancement of technology, our data may now be followed, and objects can be accessed using an Internet connection. We rely on the internet so much these days that we desire it to be secure and reliable.
Cybersecurity concerns occur illegitimately owing to attackers wielding a magic incantation, however the security vulnerabilities existent within the system provides the attackers a considerable advantage. Currently, we live in a society where everyone is encircled by a variety of wireless technologies and applications. Assault on information technology (IT) networks are one thing; but assaults on wireless services, which are the Critical Information Infrastructure, may be a matter of life and death (CII). As time goes on, we’ll see how television white spaces and other spectrum white spaces are being used to meet rising broadband Internet access needs. In the context of a user-centric system, the fifth expansion of wireless communication systems (5G) is hammering on our door. As shown in the author, 5G will be a much more enhanced form of the global Communications Multimedia Communication Village (GIMCV) and Wireless Innovative System for Dynamically Operating Megacommunications (WISDOM) concepts, which were first proposed in 2008. (Prasad, 2008).
Cybercrime is a collection of skills, strategies, methods, and processes that are designed to ensure security, computers, software, and information against viruses, attacks, damage, and unauthorized access. Our lives have indeed been made easier and more comfortable provided by mobile technologies. It is unavoidable that advances and improvements in Information and Communication Technologies (ICT) in the form of mobile communications will lead to 5 g networks However, the adverse hand side of the equation, in the context of information security to our possessions, helps people feel insecure. Each day, ICT systems are hacked for the purpose of stealing money and company secrets, pursuing political ambitions, or stealing intellectual property.
References
(LEAP), L. E. (2018). A to Z of Cyber Crime. Pune: Laws, Asian School of Cyber.
Elvira Ismagilova, L. H. (2020). Security, Privacy and Risks Within Smart Cities: Literature Review and Development of a Smart City Interaction Framework. Information Systems Frontiers. doi: https://doi.org/10.1007/s10796-020-10044
Honan, M. M. (2012, June 8th). How Apple and Amazon Security Flaws Led to My Epic Hacking. Retrieved from Wired: https://www.wired.com/2012/08/apple-amazon-mat-honan-hacking/
To: Prof. Ellis
From: Rameen Khan
Date: 12/8/2021
Subject: Research Project Update
Introduction
Today’s man can send and receive any type of data, whether it’s an e-mail, an audio or video file, with the press of a button, but has he ever considered how securely his data is being transmitted or sent to the other person without any information being leaked?? Cyber security is the answer. In today’s world, the Internet is the fastest-growing infrastructure. Many new technologies are transforming the face of humanity in today’s technological world. However, because of this new technology, we are unable to protect our personal information as well as we would want, and as a result, cybercrime is on the rise. Because more than 60% of all commercial transactions are now conducted online, this area necessitated a high level of security to ensure transparent and efficient transactions. As a result, cyber security has become a hot topic. The scope of cyber security extends beyond safeguarding information in the IT business to include a variety of other domains such as cyber space. [1]
Cloud computing, mobile computing, E-commerce, online banking, and other cutting-edge technologies all require a high level of security. Because these technologies contain sensitive information about a person, their security has become a priority. Enhancing cyber security and safeguarding important information infrastructures are critical to the security and economic well-being of any country. Making the Internet safer (and protecting Internet users) has become a key component of both new service development and government regulation. The battle against cybercrime needs a more comprehensive and secure strategy. Given that technical measures alone cannot prevent any crime, it is vital that law enforcement authorities be given the tools they need to properly investigate and prosecute cybercrime. Many countries and governments are now enacting strong cyber security legislation in order to avoid the loss of sensitive data. Every individual must be educated on cyber security in order to protect oneself from the growing number of cyber-crimes.
Background
Any illicit conduct that involves the use of a computer as a major means of commission and theft is referred to as cyber crime. The US Department of Justice has broadened the definition of cybercrime to encompass any criminal activity that maintains evidence on a computer. Cybercrime refers to crimes that are made possible by computers, such as network intrusions and virus transmission, as well as computer-based variations of existing crimes, such as identity theft, stalking, bullying, and terrorism that have become a significant worry for individuals and governments. [5]
Cybersecurity
Any organization’s top security measures will always be data privacy and security. We now live in a world where all data is stored digitally or electronically. Users may feel secure when interacting with friends and family on social networking sites. Cybercriminals will continue to attack social networking sites in order to obtain personal information from home users. A person must take all necessary security precautions not just during social networking but also during financial transactions. [6]
Many organizations feel cyber assaults are a severe danger to both their data and their business continuity, according to a countrywide poll of US technology and healthcare leaders.
· This year, 98 % companies are maintaining or expanding their cyber security efforts, with half of those boosting resources dedicated to online threats.
· The majority of businesses are planning for cyber assaults when they happen, not if they happen.
· Only one-third of respondents are entirely confident in the protection of their data, and even fewer are confident in their business partners’ security precautions.
New cyber-attacks on Android-based devices will occur, but they will not be widespread. Because tablets and smartphones share the same operating system, they will be infected with the same malware. Malware specimens for Macs will continue to increase, albeit at a far slower rate than for PCs. Because Windows 8 will allow users to build programmes for practically any Windows 8 device (PCs, tablets, and smartphones), malicious apps comparable to those for Android will be possible, and these are some of the anticipated cyber security trends. [2]
Trends changing Cybersecurity
Some of the trends that are having a significant influence on cyber security are listed below.
Web servers
Attacks on online apps to extract data or transmit harmful code are still a problem. Malicious code is distributed by cyber thieves using legal web servers that have been hacked. However, data-stealing attacks, many of which garner public attention, are also a significant concern. We must now place a higher focus on the security of web servers and web applications. The ideal venue for these cyber crooks to steal data is through web servers. To avoid being a victim of these frauds, one should always use a safer browser, especially during critical transactions. [3]
Cloud Computing and its services
All small, medium, and large businesses are gradually adopting cloud services these days. In other words, the planet is gradually approaching the clouds. Because communications may bypass established ports of inspection, this current development poses a significant problem for cyber security. In order to prevent the loss of vital information, policy controls for web apps and cloud services will need to change as the number of applications accessible in the cloud rises. Despite the fact that cloud services are building their own models, security concerns continue to be raised. Although the cloud offers several advantages, it is important to remember that as the cloud grows, so do its security issues. [7]
Mobile Networks
We can now communicate with anyone in any area of the world. However, security is a major worry for these mobile networks. Firewalls and other security protections are getting more porous as people use more devices such as tablets, phones, PCs, and other devices, all of which require additional security precautions in addition to those provided by the programmers. We must constantly keep the security of these mobile networks in mind. Furthermore, because mobile networks are so vulnerable to cybercrime, extra caution must be exercised in the event of a security breach.
Companies must guarantee that they are equally as fast to recognize risks, respond in real time, and avoid any type of breach in a world where we are eager to give over our personal information. Because these social media sites draw individuals readily, hackers utilize them as bait to obtain the information and data they seek. As a result, users must take necessary precautions, particularly while engaging with social media, to avoid losing their data. The capacity of individuals to share information with a global audience is at the heart of the social media problem that businesses face. In addition to allowing anybody to share economically sensitive information, social media also allows anyone to publish incorrect information, which may be just as destructive. One of the rising threats listed in the Global Risks 2013 report is the fast spread of incorrect information via social media. [6]
Cyber ethics
The code of the internet is known as cyber ethics. When we follow these cyber ethics, there’s a strong chance we’ll be able to use the internet properly and safely. Here are a few examples:
Do utilize the Internet to contact others and interact with them. Staying in contact with friends and family, communicating with coworkers, and sharing ideas and information with folks across town or halfway around the globe is simple with email and instant messaging.
On the internet, don’t be a troll. Do not call individuals names, lie about them, give them humiliating photographs, or attempt to harm them in any way.
Because the Internet is regarded as the world’s biggest library, containing knowledge on every topic in any subject area, it is always necessary to use this material in a right and legal manner.
Do not use other people’s passwords to access their accounts.
Never try to corrupt other people’s computers by sending malware to them.
Never give out your personal information to anyone since it is likely that people may misuse it and you will end yourself in trouble.
When you’re online, never pretend to be someone else, and never try to create a bogus account on someone else’s behalf, since this will get both of you in trouble.
Always follow copyrighted information and only download games or media if they are allowed.
The above are some cyber ethics to observe when using the internet. We have always thought about correct regulations from a young age, and the same is true in cyberspace.
References
[1] McGettrick, Toward Curricular Guidelines for Cybersecurity: Report of a Workshop on Cybersecurity Education and Training, ACM, Aug. 2013.
[2] Henrique Santos, Teresa Pereira, Isabel Mendes, “Challenges and reflections in designing Cyber security curriculum”, World Engineering Education Conference (EDUNINE) IEEE, pp. 47-51, 2017.
[3] M. Michael, K. Michael and C. Perakslis, “Überveillance the web of things and people: What is the culmination of all this surveillance?”, IEEE Consumer Electronics Magazine, vol. 4, no. 2, pp. 107-113, 2015.
[4] Arjun Shakdher, Suyash Agrawal, Baijian Yang, “Security Vulnerabilities in Consumer IoT Applications”, Big Data Security on Cloud (BigDataSecurity) IEEE Intl Conference on High Performance and Smart Computing (HPSC) and IEEE Intl Conference on Intelligent Data and Security (IDS) 2019 IEEE 5th Intl Conference on, pp. 1-6, 2019.
[5] B. Obama, “Improving Critical Infrastructure Cybersecurity”, Executive Order 13636 Federal Register, vol. 78, no. 33, pp. 11737-11744, Feb. 2013.
[6] Arjun Shakdher, Suyash Agrawal, Baijian Yang, “Security Vulnerabilities in Consumer IoT Applications”, Big Data Security on Cloud (BigDataSecurity) IEEE Intl Conference on High Performance and Smart Computing (HPSC) and IEEE Intl Conference on Intelligent Data and Security (IDS) 2019 IEEE 5th Intl Conference on, pp. 1-6, 2019.
[7] International Journal of Scientific & Engineering Research, Volume 4, Issue 9, September-2013 Page nos.68 – 71 ISSN 2229-5518, “Study of Cloud Computing in HealthCare Industry “ by G.Nikhita Reddy, G.J.Ugander Reddy
To: Prof. Ellis
From: Brandon Sosa
Date: December 13th, 2021
Subject: Research Project Update
During the entirety of the group project, I have managed to email all of my fellow group members and created a constant way of communication. I’ve also been helping everyone in my group stay on top of tasks such as checking in with the professor if they are going to miss out on anything, project-related and creating the entire google drive folder for us to have access to the documents. As of right now, each of my group members, including me are working on our perspective topics and we will submit everything when it is ready. I will continue to keep my group members informed of what needs to get done and hopefully be done with the project.
To: Prof. Ellis
From: Jun Gao
Date: 12/8/2021
Subject: Research Project Update
There are several viable solutions to the advent of cyber-crime that produce relevant resolutions concerning preventive measures that may halt the continuous growth of online criminal activity. Various strategic implementations have been offered as potential solutions for threats in cyber security, subsequently allowing researchers to develop systemic plans to combat and prevent cyber-grime groups from gaining access to sensitive information and resources to conduct criminal behavior on different online platforms. The development of strategic intelligence presents itself as a foundational concept that has allowed security developers to create thorough plans that assess relevant aspects of preliminary cybercrime to prevent information breaches from occurring. “Strategic intelligence and analysis are vital in the fight against cybercrime. In methodological terms, this mainly consists of data gathering, the interpretation thereof, and theoretical considerations on future developments, patterns, trends, threats and opportunities […] This scheme, applied to the cybercrime phenomenon, will allow, first and foremost, a clearer picture of the gangs involved in cybercrime modi operandi and cybercriminals’ motivations. It will allow us to assess indicators such as the size of the cybercrime group, the financial resources available, the expertise, the international dimension of their activities, the flexibility, the internal structure of the group, etc.” (Buono, 2) As the progression of strategic intelligence measures continues to create the framework for solution development to occur, new aspects of progression within the field of online security continue to present efficient methods of prevention for a multitude of cyber-related criminal activities. Strategic intelligence helps build a network of information through collaborative efforts and systemic analysis regarding systems errors and the availability of resources for criminals to use against online protection measures. Communication efforts between different intelligence groups have supported the growth of this strategy, using collaborative plans that interact with new information that allows web developers to create software that can stop cybercrime from occurring. This strategy also incentivizes the need for education concerning cyber-crime within public discourse, creating the availability of relevant information for the general public to learn about potential threats and help in efforts to combat the issue.
To: Professor Ellis
From: Edwin Ascencio
Date: 12/13/21
Subject: Research Project Update
Some of the characteristics of Blockchain introduce challenges to existing legal framework.
Blockchain technology are capable of recording information such as identities, financial transactions, and all legal operations. Each node within the network contains a copy of a ledger, from the fist block created to the latest one. Individual blocks contain a has (fixed length of alphanumeric string that is created from a string text) pointer as connection to previous block, a timeframe, and transaction data. Blockchain are then able to have data and transactions to be recorded and shared across a distributed network of other participants without requiring the need for a trusted intermediary.
Problems:
There have been intense debates about privacy and blockchain technology. According to John Salmon and Gordon Myers “the original purpose of blockchain was to facilitate peer-to-peer transaction without the need of a central part”. [1] This means there is no authority or rules when a transaction occurs and it up to the participates to be responsible. Within a permissionless public blockchain system, there is no single party that is held accountable for the availability or protection of a certain blockchain network, and all users of the system will have direct access to the data that was stores on the network. This conflicts with privacy laws because the party or participant that has access and control of an individual must ensure protections and privacy of that data on behalf of the individual. Failure to comply will result in personal records and data to be leaked to other participants that are not related to the business party.
Both a controller and a processor have obligations under the General Data Protection Regulation (GDPR), making it important and establish if a party qualifies to be a controller or processor when handling and processing personal data. Participants could use a cloud computing system and when uploading personal data are known to be the controllers and participants operating the cloud storage are known to be the processor. Blockchain systems are operated by all participant in a peer-to-peer network environment, and this makes it difficult to determine if a participant is a controller or a processor. It is important to what degree different participants in the blockchain network are controllers based on the respective activities.
Blockchain Technology may contain the highest level of security when it comes to securing personal data but there is a flaw and cyber security risks is one of them. Public Blockchain allows data to be input from any number of nodes and that potentially leaves the nodes vulnerable to tampering. Blockchain “tamper proof” characteristic could be negated if the data is stored on a tampered ledger. The cyberattacks at not aimed at the blockchain system but its external system that contain cryptocurrency wallets. Cryptocurrency is a digital currency that is used to purchase goods and services. The unregulated currencies are used to trade for profit with speculators at time driving prices skyward. Another issue with security is that cyberattacks may not just target cryptocurrency wallets but instead personal data of an individual. Cyberattacks could alter data and spread inaccurate information. Other user on the blockchain will believe the misleading or false information that was created. Using this method, it is likely to redirect wallet destinations and amounts of payment. The attacker could redirect the payment onto their own account while making it appear that the payment was sent over to the intended location and ensuring that the attack cannot be traced.
Another attack is a distributed denial of service (DDoS attack) and it is a type of cyberattack in which the user tries to make a service unavailable to other users by overwhelming the bandwidth of a network with traffic (junk data). Blockchain may not be probe to these types of attacks compare to centralized systems. However, where ledgers are included or concentrated on a few high-performing nodes, the chances of a successful DDoS attack is increased.
Solutions:
One of the solutions is for regulators to work with certain industry to ensure that compliance with regulation could be meet while allowing blockchain technology to perform at its maximum potential. Certain Jurisdictions, regulators are required to move away from the use of detailed and perspective rules and use stated principles that create standards which will allow industry to operate in. This will allow regulation to be flexible enough to allow user to use Blockchain effectively and efficiently. Regulators should be able to work closely with other participants and ensure that their viewpoints are acceptable to industry practices. In the article, “One opportunity to adapt regulatory compliance to distributed ledge technology could be the use of regulatory sandboxes”, [1]. This means that regulators can gain an understanding of how blockchain systems operate and cooperate with the industry to identify and develop new methods for compliance. This action can benefit regulators and allow them to develop a level of regulation that will enable innovation while providing protections for users. It would also encourage development of technology solution.
A secondary solution is to adapt regulatory compliance into existing regulatory principles to the blockchain environment. Regulators will want to have a centralized system that make easy regulatory supervision. France has created some regulation about privacy issues within unpermissioned systems. They regulation were stated as the following, “those actively inputting data into the system, and not mere “modes” or “miners” providing verification of transaction to the platform- are responsible as data controllers”.[1]. This allows introduce a balance in the public interest in large scale “trustless” systems and it will also ensure meaningful accountability for privacy and personal data practices. This is an example of adapting compliance into regulation into blockchain systems.
Conclusion:
There are several numbers of risk management concern for different companies or organization that are willing to adopt blockchain technology. There are 3 potential models that every participant must consider before adopting the Blockchain technology. The first is private or permissioned model where a single participant or several other takes responsibility for operating the system. A node that is controlled by a regulator could be included to act as a neutral party. The second model is public blockchain system where a contractual framework is presented between the participants. This framework will look to allocate liability and accountability to the parties. This will be achieved by using a end user license agreement where it condition the use of the public platform. Anyone will be able to join but there will be risk allocation and clear rules to follow. Lastly, the third model is where an origination takes on the responsibility and liability for running the system. It is important that regulators remain flexible in company’s approach to this emerging technology.
“EMCOMPASS note 63 blockchain and legal issues in emerging …” [Online]. Available: https://www.ifc.org/wps/wcm/connect/da7da0dd-2068-4728-b846-7cffcd1fd24a/EMCompass-Note-63-Blockchain-and-Legal-Issues-in-Emerging-Markets.pdf?MOD=AJPERES&CVID=mxocw9F. [Accessed: 17-Dec-2021].
“Blockchain & Cryptocurrency Laws and regulations: USA: GLI,” GLI – Global Legal Insights – International legal business solutions. [Online]. Available: https://www.globallegalinsights.com/practice-areas/blockchain-laws-and-regulations/usa. [Accessed: 17-Dec-2021].