Sony, Cyber Security, and Free Speech: Preserving the First Amendment in the Modern World

Reprinted from 16 U.C. Davis Bus. L.J. 309 (2016). This paper explores the Sony hack in 2014 allegedly launched by the North Korean government in retaliation over Sony’s production of The Interview and considers the hack’s chilling impact on speech in technology. One of the most devastating cyber attacks in history, the hack exposed approximately thirty- eight million files of sensitive data, including over 170,000 employee emails, thousands of employee social security numbers and unreleased footage of upcoming movies. The hack caused Sony to censor the film and prompted members of the entertainment industry at large to tailor their communication and conform storylines to societal standards. Such censorship cuts the First Amendment at its core and exemplifies the danger cyber terror poses to freedom of speech by compromising Americans’ privacy in digital mediums. This paper critiques the current methods for combatting cyber terror, which consist of unwieldy federal criminal laws and controversial information sharing policies, while proposing more promising solutions that unleash the competitive power of the free market with limited government regulation. It also recommends legal, affordable and user-friendly tools anyone can use to secure their technology, recapture their privacy and exercise their freedom of speech online without fear of surreptitious surveillance or retaliatory exposure

Refining the PoinTER “human firewall” pentesting framework

PurposePenetration tests have become a valuable tool in the cyber security defence strategy, in terms of detecting vulnerabilities. Although penetration testing has traditionally focused on technical aspects, the field has started to realise the importance of the human in the organisation, and the need to ensure that humans are resistant to cyber-attacks. To achieve this, some organisations “pentest” their employees, testing their resilience and ability to detect and repel human-targeted attacks. In a previous paper we reported on PoinTER (Prepare TEst Remediate), a human pentesting framework, tailored to the needs of SMEs. In this paper, we propose improvements to refine our framework. The improvements are based on a derived set of ethical principles that have been subjected to ethical scrutiny.MethodologyWe conducted a systematic literature review of academic research, a review of actual hacker techniques, industry recommendations and official body advice related to social engineering techniques. To meet our requirements to have an ethical human pentesting framework, we compiled a list of ethical principles from the research literature which we used to filter out techniques deemed unethical.FindingsDrawing on social engineering techniques from academic research, reported by the hacker community, industry recommendations and official body advice and subjecting each technique to ethical inspection, using a comprehensive list of ethical principles, we propose the refined GDPR compliant and privacy respecting PoinTER Framework. The list of ethical principles, we suggest, could also inform ethical technical pentests.OriginalityPrevious work has considered penetration testing humans, but few have produced a comprehensive framework such as PoinTER. PoinTER has been rigorously derived from multiple sources and ethically scrutinised through inspection, using a comprehensive list of ethical principles derived from the research literature

AI-DRIVEN CYBERSECURITY THREATS AND ORGANIZATIONAL CONSEQUENCES

ABSTRACT This project used a case study research strategy to investigate the impact of AI-driven cybersecurity threats on organizations. The research questions are: Q1: How can different types of organizations improve their defenses against AI-driven cybersecurity attacks? Q2: How will future hackers most likely access AI tools, and what AI tools will they use? Q3: What strategies can organizations implement to enhance resilience against phishing emails? Three Case Studies were selected and analyzed to answer the three research questions. The findings are Q1: AI-driven cyberattacks pose significant risks, but organizations can improve defenses by investing in AI technologies like Vectra Cognito and AWS integration for real-time threat monitoring and response in networking organizations and IT industries using Open AI. Q2: Future hackers will likely use Generative AI tools like HackerGPT for sophisticated attacks, including realistic phishing emails and botnet creation. These tools streamline cyberattacks but have limitations like potential misdiagnosis of vulnerabilities. Q3: AI-driven email security solutions like Barracuda Essentials and Sentinel effectively combat phishing by providing multi-layered protection and predictive analysis to prevent attacks with three tiers of security blocking all incoming messages and scanning, eliminating all the potentially dangerous threats. This reduces the company\u27s susceptibility to email-based phishing schemes and other cyberattacks. The conclusions are Q1: Creating successful defense measures requires an understanding of AI-driven cyber threats. Using AI technology helps reduce risks and guarantee company continuity. Q2: AI tools will probably be used maliciously by future hackers, thus creating strong defenses is essential. Q3: To reduce the risks associated with phishing attacks and increase resilience through multi-layered security and education, it is imperative to combine advanced email security solutions with employee training. Future scope: Q1: Research in the future should assess AI-driven defense mechanisms and how new AI technologies affect cybersecurity tactics. Q2: Research ought to create defenses against AI tools and evaluate the impact of self-governing AI systems on cybersecurity threats. Q3: To improve phishing resilience, novel approaches to phishing prevention, like behavioral analytics and natural language processing, should be investigated

Cyberwarfare in the Korean Peninsula: Asymmetries and Strategic Responses

In this paper, we argue that the two Koreas’ intentions and actions on the cyber front point toward the possibility that they have engaged in cyber warfare against each other. From South Korea’s standpoint, a key concern has been North Korea’s advanced cyber warfare capabilities and alleged involvement of its substantial workforce in the Internet’s dark side activities. These issues need to be looked at the backdrop of the North’s nuclear and ballistic missile capabilities. This paper draws principally upon theories and concepts from military strategy and warfare to examine the contexts, mechanisms, and processes associated with the cyber warfare in the Korean peninsula. We also compare the two Koreas in terms of various forms of asymmetries in cyber warfare and cyber attacks. Also highlighted in the paper are South Korea’s recent initiatives and actions to enhance cyber-offense and cyber-defense capabilities

Ethical Hacking Pedagogy: An Analysis and Overview of Teaching Students to Hack

An area that is being scrutinized as a more effective method of educating and preparing security professionals is that of ethical hacking. The purpose of this research is to examine a more proactive approach to adequately prepare future information security professionals. Future careers in security may require that professionals be equipped with the necessary skill sets to combat an ever-growing presence of unwanted activity throughout the Internet. Many argue that future information security professionals need to have the same skill sets as attackers in order to adequately recognize and defend networks from intrusion. This research defines ethical hacking and examines the pros and cons of ethical hacking pedagogy as a viable approach for teaching network security to future professionals. The analysis includes the concept of ethical hacking education with an emphasis on ethical and legal concerns associated with ethical hacking pedagogy. The research concludes with an overview of existing best practices in ethical hacking education highlighting a hands-on approach as well as the inclusion of soft skills needed to complement the technical hard skills for future information security professionals

Cyber Security Active Defense: Playing with Fire or Sound Risk Management

“Banks Remain the Top Target for Hackers, Report Says,” is the title of an April 2013 American Banker article. Yet, no new comprehensive U.S. cyber legislation has been enacted since 2002, and neither legislative history nor the statutory language of the Computer Fraud and Abuse Act (CFAA) or Electronic Communications Privacy Act (ECPA) make reference to the Internet. Courts have nevertheless filled in the gaps—sometimes with surprising results

Crashed Software: Assessing Product Liability for Software Defects in Automated Vehicles

Automated vehicles will not only redefine the role of drivers, but also present new challenges in assessing product liability. In light of the increased risks of software defects in automated vehicles, this Note will review the current legal and regulatory framework related to product liability and assess the challenges in addressing on-board software defects and cybersecurity breaches from both the consumer and manufacturer perspective. While manufacturers are expected to assume more responsibility for accidents as vehicles become fully automated, it can be difficult to determine the scope of liability regarding unexpected software defects. On the other hand, consumers face new challenges in bringing product liability claims against manufacturers and developers

Malware in the Future? Forecasting of Analyst Detection of Cyber Events

There have been extensive efforts in government, academia, and industry to anticipate, forecast, and mitigate cyber attacks. A common approach is time-series forecasting of cyber attacks based on data from network telescopes, honeypots, and automated intrusion detection/prevention systems. This research has uncovered key insights such as systematicity in cyber attacks. Here, we propose an alternate perspective of this problem by performing forecasting of attacks that are analyst-detected and -verified occurrences of malware. We call these instances of malware cyber event data. Specifically, our dataset was analyst-detected incidents from a large operational Computer Security Service Provider (CSSP) for the U.S. Department of Defense, which rarely relies only on automated systems. Our data set consists of weekly counts of cyber events over approximately seven years. Since all cyber events were validated by analysts, our dataset is unlikely to have false positives which are often endemic in other sources of data. Further, the higher-quality data could be used for a number for resource allocation, estimation of security resources, and the development of effective risk-management strategies. We used a Bayesian State Space Model for forecasting and found that events one week ahead could be predicted. To quantify bursts, we used a Markov model. Our findings of systematicity in analyst-detected cyber attacks are consistent with previous work using other sources. The advanced information provided by a forecast may help with threat awareness by providing a probable value and range for future cyber events one week ahead. Other potential applications for cyber event forecasting include proactive allocation of resources and capabilities for cyber defense (e.g., analyst staffing and sensor configuration) in CSSPs. Enhanced threat awareness may improve cybersecurity.Comment: Revised version resubmitted to journa