ESPIONAGE / BLOG 3

            After reading through Chapters 3 and 4 in the text, I decided that I wanted to write this blog post on espionage. Espionage is a topic that I'm familiar with but not very well-versed on and even after reading through the chapter, I wanted to find how it can apply in the real world. Also, if you have been reading my blog then you are probably aware with the fact that I love CNN.com. I like how they organize and report their stories on their website and I find their personal opinions respectful. For this post, I read the article "Chinese cyber espionage group caught hacking defense, industrial base" written by Tal Kopan for CNN.com last month. I specifically chose this article because the title stood out to me for including both my topic of this week (espionage) and hacking, my loose topic of the last two weeks.


            The story being reported on involves a very sophisticated group of Chinese hackers that has been nicknamed "Emissary Panda". These hackers have been getting into highly secure systems and obtaining sensitive information from important organizations around the World. This is not the first time that these hackers have been getting into computer systems. In 2013, they hacked into the Russian embassy's website and spread their damaging software to all of the visitors of the site. Thus far, there have been over 100 attacks on 50 targets identified in the United States and United Kingdom.


            The group seems sophisticated because of how they are going about taking the information. While making themselves known early on, the hackers are managing to find credentials to obtain access to the sites and giving themselves enough time to make lists of all of the sensitive information on the site. Only then are they leaving the task to return and take only a small amount of said information. Experts have observed this activity to conclude that the group seems to be taunting the organizations being hacked on; how they are making it so obvious that they are hacking but will never be able to be caught. They've been found out and kicked off of sites only to later come back and find their way back in again.


            Two videos accompanying this article does clear the air with how this hacker group has affected national security within US borders. The Department of Homeland Security has claimed that there are no signs of "malicious activity" within their constrains. The United States as a whole, however, is blaming China for this entire ordeal. If they are truly the country or government program to be the source of this, that can only foreshadow larger issues in the future as we know how powerful China can be.

Article source link: http://www.cnn.com/2015/08/05/politics/cyber-espionage-campaign-chinese/index.html

CYBERTERRORISM / BLOG 2

            Terrorism is by far my favorite topic within Criminal Justice. Although it could technically be labeled under Homeland Security, there are many bleed-overs into CRJS. I'm writing on this topic today after finishing up Chapter Three in "Digital Crime and Digital Terrorism" by Robert M. Taylor, Eric J. Fritsch and John Leiderbach. The one thing that always trips me up on the topic of terrorism is that it is always for a political goal. Simple "evil" happenings cannot always be labeled terrorism although they terrorize society. In Chapter Three I learned about cyberterrorism and how it is a new tactic to achieve the same end goal as what our minds think of when we think of 'terrorism'.

            This subject brought to my mind the scandal of WikiLeaks and made me interested to look into it fully since I never truly understood the situation 100% and see if it was at all any kind of terrorism. The United States had sensitive information leaked through WikiLeaks, which is an organization whose goal is to bring important information to the public through “innovative, secure and anonymous way for sources to leak information to our journalists”, per www.wikileaks.org. The biggest player in the 2010 WikiLeaks information leak was Julian Assange, the founder of the organization. He has been in the news constantly about this debacle. WikiLeaks posted a sensitive video involving the United States military but although this shook the US government, there didn’t seem to be a political agenda for Assange so this could not be considered terrorism. He is currently being held at the Ecuadorian Embassy in London for sexual assault charges that were brought upon him three years ago and Swedish prosecutors have said that they may be trying him for his alleged sex crimes in 2020, according to CNN’s Ben Brumfield. Five years from now.

            Although the purpose of the WikiLeaks site is definitely not something that is popular with world governments, it cannot be considered any kind of cyberterrorism. I know that the chances were slim but it seemed plausible enough prior to my research into the organization for it to be so. I can see cyberterrorism becoming a primary security issue for the United States as technology gets more and more advanced and hackers learn more and more about said technology. ISIS specifically has proven themselves to be a very technology-savvy group and I hope that we never get into a cyber war with them or any other terror organization for that matter.

Article link: http://www.cnn.com/2015/08/13/europe/wikileaks-assange-sweden-allegations/index.html

ASHLEY MADISON + TARGET / BLOG 1

         I decided to research into “the computer as an instrument of crime” as discussed following page 12 in “Digital Crime and Digital Terrorism” by Robert W. Taylor, Eric J. Fritsch and John Leiderbach. In light of the recent Ashley Madison, a website where users create accounts and chat with others in order to commit adultery affairs, hacking I became interested in how online information can be protected and how it can ultimately be stolen and used against society. I used two medias from CNN.com to fully understand what happened with the hack and what it means for cybersecurity in the future.

         In the article “Ashley Madison hack: The utter end of privacy” written by Jeff Yang for CNN.com, Jeff explains how “the Ashley Madison debacle has brought data invasion to the masses and crowdsourced it” through online tools that allow everyday individuals to search for family members and colleagues within the database’s list of paid members. He states that we are currently living in a post-privacy world and that the only way to hopefully remain unseen or uncovered in the future is to leave tiny, digital footprints. Which is something that many of us under the age of 45 already do not possess.

         In the video “Ashley Madison hack raises questions about security”, Alex Van Someren, a director with investment focus on cybersecurity, discusses how many companies have difficulties securing people’s data online and that banks and credit card companies “probably do it best of all”. He further delves into how the technology exists to keep data online protected and that it is not an “illusion” as prompted by the newsroom host but that the challenge is help companies (and especially start-ups) get a hold of the right tools. Standards are necessary in order for online consumers to be able to be smart about where they are inputting their personal data and can protect themselves individually site-by-site.

         The issue is not only how data is transferred throughout the Internet but also how it is being stored and looked after. A wide range of websites from banking to health care as well as dating sites carry the unmonitored risk to having data hacked into or erased. The Ashley Madison hack is not the first of its kind with Target, the second-largest discount retailing corporation in the United States just having a debit and credit card data leak in 2013 that affected almost 10 million of its customers that has lead to Target requiring chip-and-pin-enabled cards being required for their store brand REDcards, per www.corporate.target.com in April of 2014. These two stories both have brought to light the issue of cybersecurity and push forward the work towards a more safe and secured Internet. I believe that the next step is creating a mandated administrator who gives out titles to certain cites and companies who have the best kind of security out currently and requiring them to consistently update with the times so that scandals such as the Ashley Madison hack and the Target data breach do not occur as frequently.