The Cost of Convenience
A discussion on modern cyber-security issues
FungWong Chu (Phoenix)
George Washington University
Author Note This paper is the rough draft for Writing & Comm & Med Rel — I_PSIS_2101_VC, taught by Dr. Michele Schmidt Moore.
As we move into the 21st century, the development of technology has developed rapidly. While the improvement of technology has provide us great deal of convenience, but also has exposed us to new weaknesses. Cybercrimes, cyber bullying, cyber warfare, cyber-security have become problems that many of us are concern. In this paper I will mainly focus on one of the most concerning issues in the century — cyber security. This paper will seek to provide a base understanding of how much it will cause us for having a more convenience life, and educated normal computer users on the topic of cyber world. Additionally, discussing what might offer solutions for average computer users. We shall argue is worth it to spend the time and effort to protect ourselves from cybercrimes when there are more valuable targets out there.
The Cost of Convenience
A discussion on modern cyber-security issues How much is convenience worth to pay? In recent years since technology has developed in a blink of an eye, dramatically changing the way we live our life. Since the first virus and worms appear in the 1990s costing millions of dollars, cyber-security has become a new field to study. According to Warner, who wrote Cybersecurity: A Pre-History, “The ‘cyber’ issue is not new, but rather has taken a half-century to develop” (Michael Warner). Yes, over 50 years of “cyber issue” and cost millions and millions of dollars, for most of us, we didn’t start to think it is a problem until recent years. But even until now the cyber issues become the new trend that everyone is talking about, many of us has lack of a clear understanding of what it is. And what can be done to protect ourselves in cyber world. In order to have a better understanding of cyber world and the price it came with, we have to respond to following questions:
1. Is it worth to pay attention to cybersecurity?
2. What kinds of cybercriminals are out there?
3. How hackers strikes?
4. What have we giving up for more convenience life?
5. What can we do?
Is it worth to pay attention to cybersecurity?
There is no doubt that cybersecurity is a threat, but one might asked is it worth it to spend time and money to protect our PCs, when obviously there are much bigger (profitable) target for attackers to hack. Such as, big corporation, government facilities, websites, databases, and so on. All of them has more valuable information than our personal computers. Why would attackers waste their time on low profits targets?
Following are some statistics from Go-Gulf.com that compiled number of different statistics websites. “Large number of cyber-attacks are target to induvial, almost 556 million of people as a victim of one or multiple cyber-attacks” (Go-Gulf.com).Which is 1.5 million of victim per day! Of course there are attacks to industry and cost millions of dollars. But by no means that we are safe from cyber-attacks. Facebook — one of the largest social network site on the internet has receive over “6 hundred thousand attacks per day” (Go-Gulf.com). This shows that cybersecurity is not just something that big corporation have to worry about. It is also closely related to us in daily life. Anyone can be the next victim. When I interview Dr. Sara Hooshangi, Dr. Sara Hooshangi is the program director of George Washington University, I asked her which has been targeted the most industry or normal computer users, she said “When it comes to pure numbers, I would say that users are targeted the most”. Even the most educated computer users cannot assure you that they know everything about computer. Ever since internet come alone and start to make a name for itself, computers and internet has become a part of our life with no rules and boundaries. It was only after the Morris worm, “Morris Worm is a worm program […] that flooded the ARPANET in November, 1988, causing problems for thousands of hosts” (“Morris Worm”), was released via internet and damage hundred and thousands of computers, we knew that there restriction on the internet. But, still, most of us are lack of clear understanding of cybercrimes nor cyber laws. When discussing cybersecurity issues, we have to talk about kinds of cybercriminals and what cyber activities will be classify as cybercrimes.
What kinds of cybercriminals are out there?
The meaning of cybercrimes are no different from the crimes in real life. Therefore, cybercriminals are just the same as criminals in real life. Whenever people mentions cybersecurity, we think of an individual try to hack into an organization or government facilities and steals valuable data for profits. Or someone release virus and worm on the internet for malicious attempt. But as “cyber issue” develop over time, cybercriminals are more than just these. According to Adrian Cristian MOISE’s article cybercriminals can be classify by the following: “Hacker, phreakers, crakers, information traffickers and mercenaries, terrorists, extremists, embezzlers, detractors, cheats, negligent users, traditional criminals, fraudsters, thieves, malicious code writers, harassers, stalkers, pedophiles, academic cheats, organized criminals, spies, and music, movie, software pirates. (P. 4)
This tells us that cyber security isn’t just about hacking or is only important to big corporations, it is also important for individual computer users. For example, cyber stalking is one of the rising problem in cyber world. But people wouldn’t normally think it is a cybercrime, and considering of raise cyber security level or reach for help. One might think cyber stalking is just a minor issue compare to the real life trouble that we have to handle. But what if? Knowing the types of cybercriminals are out there, we can mostly guess the methods they uses. For example, malicious code writers most likely to be people who coding virus or worms. But by identify the types of cybercriminals also let us know that what behaviors shouldn’t conduce via internet. As a current student of GWU with an IT degree, I understand that plagiarizing is against the school rules. But I will never find out that it is a cybercrime too and it is call academic cheats. Just like most of the people knew it is forbidden to pirate music, movie, or software for different reasons they can came up with, but not all of us know it is a cybercrime. Although, it is good to know the type of cybercriminals and how to identify. The concept of how they are going to attack is also important. By knowing the process of how an attackers would do before they strikes, it will improve our cybersecurity level.
How hackers hacks? In order to protect our information better, we have to understand the process behind hacking. Let’s take penetration testing for example, “a penetration testing is a way for you to simulate the methods that an attacker might use to circumvent security controls and gain access to an organization’s systems” (Metasploit, 2011, p. 1). In other word, penetration testing is like hacking but with permission from whoever they hack into. As simple as it seem to be but the process behind it is no different from “hacking”. Both hacking and penetration testing need to go through the following steps, “Pre-engagement interactions, intelligence gathering, threat modeling, vulnerability analysis, exploitation, post exploitation and reporting” (Metasploit, 2011, p. 2–3). For those of you who don’t understand these steps, they are pretty much self-explanatory. One might think hacking and penetration testing are not the same, therefore the process will not be the same. Granted, modern day hackers hack into your (normal computer users) PC might not be as complicated as it sounds to be or follow these steps. By clicking few bottom on hacking tools, hackers might be able to hack into our PCs. But the logic behind it will still the same. All hackers will have to go thought intelligence gathering, which is gather information about their targets. Then complete the rest of the steps by hacking tools that hackers might not even notices. Therefore, protecting our private information are important.
What can harm us?
Ever since the first computer worm — Morris Worm, that costs United States government to establish their first cyber law to restrict people what can and cannot do on the computers. Worm and virus has become one of the dangerous weapons that can be used by hackers and crackers. Of course methods of attack are far more than just virus and worms. For example, Denial-of-service attack (DDoS) is another method that hackers uses. According to digit attack map “A Distributed Denial of Service (DDoS) attack is an attempt to make an online service unavailable by overwhelming it with traffic from multiple sources” (what to put). These methods are just tip of iceberg.
The rise of social media has replaced most of ours human face to face communications into an online communications. Especially when the new generation has used to the convenience of it. According to the journal Educating Teens about the Risks on Social Network Sites. An intervention study in Secondary Education “The new generation of participatory network technologies provides individuals with a platform for sophisticated online interaction. Active participation of media audiences has become a core characteristic of the 21st century and therefore the meaning of media literacy has evolved” (p. 2). Websites such as Twitter, Facebook, Instagram, and many other online communication software become the new norm. Social network sites (SNS) has create more spaces for hackers. In the video “Blackhat 2010 How I met Your Girlfriend Samy Kamkar” by Samy Kamkar (who create Samy Worm in mySpace make all infect users to add him as a friend), he has introduce us how danger SNS can be. In the video he shows how easy it could be to hack into someone’s Facebook account or locate a person’s physical location. For most of our normal computer users, we have no idea how easy it is for people to gather our personal information for malicious attempts. As Samy Kamkar states in the end “PRIVACY IS DEAD”, the cost for a more convenience life is our privacy. There will be no secret no anymore when we put our information online.
If the social media has replaced our communication style, increasing usages of smartphone has changed the way we live in everyday life. The use of smartphone become so important that lots of people can’t live without it. But as smartphone more and more involves in our daily life, the functions of smartphone has greatly increase. Most of us storage our sensitive information on smartphones; we use smartphones to take photos graphics; we even start to pay bills thought smartphones. As we more and more depended on smartphones the security on smartphones hasn’t be the priority for many of us. Smartphones build in security tools such as password lock can only protected for so long. It isn’t hard for criminals to break into the phones and collect all of the information on it.
What can we do? As a normal computer users there is nothing much we can do to protect our cybersecurity except using antivirus software and firewall. But antivirus software can only do so much, the more important thing is don’t download unsure documents and click on suspicious sites. The most important thing is to understand the threat of being online and don’t put your private information on social media websites. Even these SNS claim to secure your private information, but nothing is secure on the internet. According to Dr. Hooshangi when I asked her how she protect her network, she said “Strong password, encryption, don’t click on links or open attachments that seem unusual or do not come from someone you know.”
Conclusion Technology has brought us great convenience in our daily life, but it also make us concerning the risk of being hack by cybercriminal. But the potential price we have to pay are leak of private information, identity thief, cyber stalking and many more. Whether it is worth it to spend the time and effort to protecting is depended on individual. Acknowledge the drawbacks that are imbedded with internet. Once we put our information online, it will stay there forever no matter what we did to retreat our information. Improve cybersecurity isn’t a risk free cure, but improve cybersecurity will greatly reduce the risk of being online. Although the price for a more convenience life is high, understanding cybersecurity is one of the most effective way to minimize the cost.
“Cyber Crime Statistics and Trends [Infographic].” Web Design Dubai Dubai Web Design and Web Application Development Company Cyber Crime Statistics and Trends Infographic Comments. Ed. Go-Gulf. GO-Gulf., 17 May 2013. Web. 8 Oct. 2015.
“Morris Worm.” Network Dictionary (2007): 317. Computers & Applied Sciences Complete. Web. 2 Aug. 2015.
Blackhat 2010 How I Met Your Girlfriend Samy Kamkar. Prod. Hacking Conferences, Information Security, How To’s. Perf. Samy Kamkar. YouTube. YouTube, 10 Dec. 2010. Web. 9 Sep. 2015.
Digital Attack Map. (n.d.). Retrieved October 8, 2015, from http://www.digitalattackmap.com/understanding-ddos/
Kennedy, D., Gorman, J., Kearns, D., & Aharoni, M. (2011). The absolute basics of penetration testing. In Metasploit The Penetration Tester’s Guide (pp. 1–6). San Francisco: William Pollock.
MOISE, A. C. (2014). Some considerations on the phenomenon of cybercrime. Journal of Advanced Research in Law & Economics, 5(1), 38–43. doi:10.14505/jarle.v5.1(9).04
Thaanum, J. D. (2013). Threats to cyber security: The dangers of malicious mobile code, users, and the iPhone. Journal of Applied Security Research, 8(4), 490–509. doi:10.1080/19361610.2013.825755
Warner, Michael. “Cybersecurity: A Pre-History.” Intelligence & National Security 27.5 (2012): 781–799. Computers & Applied Sciences Complete. Web. 8 Oct. 2015.