Introduction
From the morality and legal standpoints, this social-psychology report will attempt to define and examine several facets of internet security. For any type of human action, motivation is always key, therefore, what motivates hackers and cyber criminals will be the emphasis of the report, which also emphasizes the significance of a having a user awareness training program and a strong security policy. Access control mechanisms play a crucial role in developing a strong security policy, however, its implementation can have both negative and postive impact on employee productivity, which will be examined in this report.
Psychology has a significant impact on cybersecurity. Our mindsets have an impact on how we collaborate on threats and plan to defend against a cyber-attack (Madarie, 2017). The act of accessing the internet does not generate these social-psychological dangers. Rather than that, people utilize the internet unlawfully to obtain resources and instigate panic in a malicious manner. When viewed via the ethical lens of cybersecurity, people are aware of what is and is not acceptable. It is critical to remember that simply being unethical does not automatically make something criminal.
As leadership is aware, MDH suffered a successful attack against its network system that occurred recently, jeopardizing the system’s functionality for an extended period of time. As a result of the attack, it was determined that leadership should be educated on the psychology of why attackers chose to infiltrate an organization’s network system. Understanding the perpetrators’ motivations will aid in preventing future assaults. Understanding the attackers’ motivations will also assist the IT department in developing job aids for current employees that will better prepare them for future attacks (Madarie, 2017). Each section below will define terminologies used in cybersecurity to describe the type of adversary against which our organization will be protecting itself from.
Hackers
A hacker is a person who use networking, computer, or other skills in order to overcome to get access to information or technological difficulty. The word can also apply to someone who employs their skills to gain unauthorized access to computer systems or networks in order to execute criminal acts on the internet (Dalziel, 2014). A hacker may, for example, take information in order to cause harm to others through identity theft or knock down a system and, in many cases, hold it hostage in order to collect a ransom in exchange for information. Many hackers are in it for the publicity, some are intrigued or want to test themselves, and even a few are motivated by retribution. To distinguish between different kinds of hackers, the cybersecurity community refers to hat colors such as gray, white, and black hat hackers.
A certified white-hat hacker, is frequently referred to as an ethical hacker. They are typically computer security professionals who specialize in a variety of defense strategies, such as vulnerability scanning, pen testing, and a variety of other types of testing. Ethical hacking is crucial for identifying security issues in a system, online application, or architecture, such as access points (Dalziel, 2014). In other words, a good hacker uses the same tricks as a bad one. A good hacker’s goal is to test the security of a company’s computer platforms and make them more secure.
Instead of stealing data, releasing malware, or making money through ransomware, the goal of a black hat hacker is to get access to the network and systems in order to unleash their evil intents. A black hat hacker is defined as a criminal by the Federal Government because he or she gains access to a company’s computer system without the proper authorization. The term “blackhat” is sometimes used to describe an attacker who has a higher level of expertise in hacking and exploiting systems and networks than the typical script kiddie. Black hats may attack a network or system for a variety of reasons (Dalziel, 2014). They could be doing so for a variety of reasons, including the simple joy of breaking into a system, obtaining specific information about the system, or utilizing the system as a “pivot” to launch an assault on another system on the same network.
A gray hat hacker (sometimes spelled gray hat hacker) is someone who may breach principles or ethical standards but does not act maliciously, as black hat hackers do. Gray hat hackers may engage in tactics that appear to be less than totally legal, yet are frequently acting in the public interest. Gray hat hackers sit in the middle of the spectrum between white hat hackers, who work for people responsible for maintaining safe systems, and black hat hackers, who act deliberately to exploit system weaknesses. The realm of IT security is often viewed as a black-and-white world by many people. Gray hat hacking, on the other hand, has its place in today’s security landscape (Dalziel, 2014). Hackers that exploit security flaws in order to raise awareness of the flaw are among the most common examples of a gray hat hacker.
Threat actors
A threat actor is a group, institution, or individual who initiates an incident that compromises the security of an organization. They can act from within or without an organization. The motivations of a threat actor might range from inciting terror to seeking thrills, and they can be political or economic in nature (Johnson, 2013). Discussed below are some of the most know threat actors.
Disgruntled employees; Many people focus on human mistake when it comes to data breaches; however, it’s important to remember that dissatisfied employees can also pose a hazard. It’s critical to be ready for the possibility that an employee with access to sensitive data will abuse that privilege. Since so much of cyber security is concerned with avoiding intrusions from the outside, it pays little attention to monitoring and stopping those already inside from causing disturbance (Johnson, 2013). Disgruntled employees often resort to simple tactics like copying payroll data onto a USB or printing sensitive financial data, but the consequences can be disastrous.
Cyber criminals; Organizations are a common target for cyber hackers looking to make a quick buck. DDoS attacks and phishing are two common tactics used by cyber criminals, but there are many others as well (Johnson, 2013). In order to perpetrate blackmail or fraud, they plan to take advantage of human mistake and weak systems to obtain personally identifiable information, such as social security numbers and credit card numbers.
Script kiddies; Individuals who lack advanced hacking abilities are referred to as “script kiddies,” and they exploit existing scripts to deface websites and cause disruption as a kind of entertainment (Johnson, 2013). In the event that a business is targeted by a script kiddie, the costs of fixing systems and recovering data can quickly spiral out of control.
Cyber Terrorist; Cyberterrorism is the act of utilizing ICT infrastructure to cause real-world damage or catastrophic disruption in order to advance the attackers’ underlying social, religious, or political cause (Johnson, 2013). Terrorists may attempt to impose their will on the digital realm in order to advance their ambitions.
Cybersecurity Policy
It is imperative that IT departments pay attention to the growing threat of cybercrime. However, every person in a business, not just those in IT and upper management, should be concerned about security. A cybersecurity policy that outlines each employee’s duties for safeguarding IT systems and data can be an excellent tool for educating employees about the importance of security (McAfee, n.d). A cybersecurity policy is a set of guidelines that specifies how certain actions, such as email attachment encryption and social media usage limitations, should be carried out. Different policies that can be stated in simple terms ought to be implemented by a MDH to apply a security policy to future and current employees. Employees must be made to understand the importance of cybersecurity as well as the dangers that come with it. Employees must be aware of where to go to report security incidents in order to protect the company’s reputation. Because data breaches and cyberattacks can be so expensive, it’s critical to have strong cybersecurity procedures in place (McAfee, n.d). Employees, on the other hand, are frequently the weak links in a company’s security.
IT security policy should specify the restrictions and practices that employees who access the organization’s IT assets must agree to gain access to the organization’s server or network to be able to effectively perform their duties. In order to be hired, new workers must sign off on this standard onboarding policy. Additionally, an Access Control policy must be in place to explain how employees can have access to information systems and the organization’s data (McAfee, n.d). A watertight non-discriminative policy agreement ought to be created for present and future employees by the legal team and the IT security and HR departments.
Separation of duties
An organization’s role-definition rules are aligned with its separation of duties philosophy. As a first step, the division of responsibilities aims to avoid conflicts of interest and other types of fraud and misconduct, such as abuse and errors. The next objective is to detect control failures, such as security breaches and data theft. As a result of the separation of duties, no single person can exert total control over an entire system because several people handle all security-related tasks (Dalziel, 2014). Because of this, the organization can guarantee that each administrator’s authority will be distinct and will never overlap. External auditors will analyze the security strategy in accordance with the control measures surrounding the separation of roles.
Redundancy and Diversity
Building numerous resources that perform the same job and can be used in the case that the primary system is damaged or destroyed is known as redundancy in cybersecurity. Continuity of service is another term for redundancy. Any organization that claims to be able to ensure dependability has most likely adopted some form of redundancy (Sterbenz et al., 2014). The ability to establish redundancy is fantastic because the cost of extra storage offline is so minimal. In contrast, if an organization’s data needs to be recovered quickly, the cost can be much more than it would otherwise be.
Vulnerabilities can be reduced if diversity is taken into consideration. The more diverse an organization is, the more secure it is. Multiple physical links entering the facility through various access ports are what is meant by having a diversified network connection (Sterbenz et al., 2014). It is vital to install a diversified connection since no firm can afford to have an outage and probable disruptions can have a negative impact on the operation.
Access Control Mechanisms
Restricting employees’ access to the system is critical. Access control is a critical component of data security since it establishes who is permitted to access and use the organization’s resources and information. It is a key component of cybersecurity because it aids in the protection of an organization’s system and data. Employees should have access to information that will assist them in performing their job duties effectively. Separating roles appropriately within an IT department will become crucial, if not mandatory, in order to maintain the organization’s security. Separation of duties may have a modest negative effect on employee and organizational performance, although this effect is negligible in comparison to the potential loss to the organization if an attack against the system is successful. Additionally, redundancy and diversity help to improve access control. Redundancy enables the organization’s resources and data to be available at all times (Sterbenz et al., 2014). While diversity contributes to the network’s diversity, it also ensures that the systems are configured correctly. When a system is sophisticated, it makes hacking into it more difficult.
Conclusion
Understanding what cybercriminals are pursuing and what motivates them to perform these threat acts is critical if an organization wishes to understand what cybercriminals are after. While considerable research has been conducted into the psychology of the attackers’ motivations, each attack is influenced by various circumstances. The best practices for protecting a business from attacks include implementing access control mechanisms, conducting research, and learning from other organizations that have faced attacks in the past.
References
Dalziel, H. (2014). Introduction to us cybersecurity careers. Syngress Publishing.
Johnson, M. (2013). Cyber security threat actors. Cyber crime, security and digital intelligence (pp. 173-182). Routledge. https://doi.org/10.4324/9781315575667-15
Madarie, R. (2017). Hackers’ motivations: Testing schwartz’s theory of motivational types of values in a sample of hackers. International Journal of Cyber Criminology, 11(1), 78-97. http://dx.doi.org/10.5281/zenodo.495773
McAfee. (n.d.). How cybersecurity policies and procedures protect against cyberattacks. https://www.mcafee.com/enterprise/en-us/security-awareness/cybersecurity/cybersecurity-policies.html
Sterbenz, J. P., G., Hutchison, D., Çetinkaya, E.,K., Jabbar, A., Rohrer, J. P., Schöller, M., & Smith, P. (2014). Redundancy, diversity, and connectivity to achieve multilevel network resilience, survivability, and disruption tolerance invited paper. Telecommunication Systems, 56(1), 17-31. http://dx.doi.org/10.1007/s11235-013-9816-9