Cyber Society: A 'new' Danger?
By
Michiel Middelplaats & Steven Dings
With this blog we intend to inform you in our own way about various forms of cyber threats. With the creation of the internet a whole new area opened itself to its users. It brought opportunities as well as threats. Now it is possible to communicate across the world and share information. However, it is also possible to hack, bully and to misuse another one’s identity. This blog comprises four sub-topics within the main topic: Cyber threats to Society.
Shifting world
The DigiD is a personal code with which users can identify themselves on the websites of the Dutch government. With this digital ID the Dutch government knows who it is dealing with. The ID consists of a personal username and password, in addition, there is also a text messaging (SMS) function available whereby users receive an automatic generated in log code[1]. The main advantage of the digital ID is efficiency; people do not have to go to the city hall or other physical official buildings when services are needed. And like the old situation whereby you had to identify yourself by passport it can now be done by a digital one. However with the introduction of the system came as well the threats towards the system. You might have heart of DigiNotar, the web-based security company was recently in the news, and is now bankrupt. A clear and physical example of a Cyber threat on the society.
What was DigiNotar and what did it do?
DigiNotar was (since it is now bankrupt) a Dutch security certificate company. It provided these so called certificates that have the purpose of providing and establishing a secure internet connection. There are different kinds of certificate in use, for example the Secure Sockets Layer (SSL) or the Transport Layer Security (TLS). It is difficult to explain how the certificates work, in short the systems make use of asymmetrical cryptography, and this is a process whereby a public key is created. This key will then be authenticated so the user will know that there is connection between the rightful servers. When connected, digital signals will be encrypted and secured by a so called block-cipher. With this feature people with bad intentions are kept out of bay. At least, this is being tried.
These certificates are of great importance when communicating with governmental or financial institutions. Imagine what could go wrong when the systems are breached? Money can be lost and identities can be stolen. And this was exactly what happened to the Dutch security certificate authority DigiNotar
Assumed is that Iranian hackers falsified the certificates of the Dutch DigiNotar on orders of the Iranian government, with these false certificates the hackers could control and look at users that were interacting with servers that used DigiNotar’s certificates. As a result, also the Dutch governmental websites such as DigiD were breached. The government feared that the hackers could also make use of other governmental websites that used DigiNotar certificates. In addition, it was a severe blow to the Dutch government. With the hack the trust between the users and the Dutch government was damaged. Critique arose, since the government expects its citizens to use their online services and applications. But how can we make use of this if there is no guarantee that the use is safe?
After the entire situation with DigiNotar and it certificates the company has gone bankrupt. The Dutch public prosecutor is now prosecuting DigiNotar for affirmative negligence. The Dutch government is using a new digital security company and has asked Microsoft to maintain some of the previous DigiNotar certificates that have not been affected or miss used.
We are Anonymous.
You, me, your neighbour. According to them everyone is Anonymous. This group of people shows up in the news more and more these days. For those of you who are unfamiliar with Anonymous, it is a group, spread through the Internet, initiating active civil disobedience, while attempting to maintain anonymity.[2] Hacking government institutions or multinational companies. Nothing is too much for Anonymous. Hard to imagine, that services we use nearly every day can so easily be controlled or disturbed by anyone with some good knowledge of some basic computer programming skills. It can even be the 16-year old kid next door who is playing football outside one day and the other day is hacking the websites of Visa, MasterCard and PayPal, companies which cut off their services to WikiLeaks after the publishing of classified governmental documents. Age does not matter anymore when it comes to hacking. Anyone can do it and this is becoming a major threat to our society.
In the beginning of 2008, the group Anonymous has become involved more and more in collaborative, international hacktivism, being involved in protests and other actions, often with the goal of promoting internet freedom and freedom of speech. Only a couple of days ago, on the 11th of October 2011, Anonymous attacked the website of the New York Stock Exchange for the fight against social injustice and corporate greed flowing through the American system. It is a good thing the attack failed, leaving the website offline for only a couple minutes, otherwise the economic market could have gotten into trouble again.
Remember, remember the 5th of November
On the 5th of November 2011, Anonymous has announced to execute Operation Facebook where supposedly Facebook shall be attacked or even be destroyed. This because, according to Anonymous, Facebook is violating the privacy of its users by leaking private data to government institutions and other players. They say that even by deleting your account, Facebook will keep hold of your data. The 5th of November has a special meaning for the group of hackivists. On the 5th of November 1605, the Englishman Guy Fawkes tried to bomb the House of Lords; the British senate which existed mostly out of noble-men and high clergies. With this assassination attempt, Fawkes wanted to protest against the decadence of the senate and the dictatorial traits of the parliamentary system. This all also comes back into the movie V for Vendetta, where the mask worn by the character V is one of the symbols that define Anonymous.
In the end, we could ask ourselves if we should fear Anonymous, or even hackers in general, or that, in some ways, they could be right and have a point. Maybe they are the ones that actually do what a lot of people only think. Eventually, actions speak louder than words. And what attracts more attention than hacking government institutions or multinationals which have an influence on our everyday lives.
Cyber bullying; A ‘new’ threat?
Kids want a new phone, of course that one which has access to the internet so they can use Facebook, Hyves, Twitter or Messenger apps. It used to be a tool, gadget for mature people. Now almost everybody has a mobile phone with internet access. You will probably ask yourself now; “What do smartphones have to do with cyber bullying?” Well, the answer may surprise you then. Children who get involved in social cyber services on the computer, smartphones, etcetera are more prone to become a cyber-bully victim than for example mature users. A survey in the Netherlands proved that, out of children between the age of 9 and 16, over four per cent is a victim of cyber bullying. That comes down to about 60.000 children. [3]
In America it is even a bigger problem. For this topic we will use the example of the 11-year-old girl, Jessi Slaughter (not her real name). This video can be described as the ‘perfect’ example of cyber bullying. This girl came into the picture on the internet when she posted a video where she threatens all her ‘haters’. One thing led to another and soon the video ended up on the site 4chan.org, in the random section, /b/. On this site, and especially in this section, everything is ‘allowed’. Posts of (child) porn, explicit (horrifying) images, everything gets posted there. Furthermore, many members of Anonymous are also active on this website. Needless to say, that if something personal or something prone to misuse is posted on this website, it is impossible to get rid of it and the main character is in a lot of trouble. The cyber bullying started out relatively calm for Jessi but soon enough, her phone number was being posted, as well as her address, real name and even social networking accounts. She received prank calls, pizzas were being ordered to her home, almost call girls were even ordered. The situation even reached a peak when her father replied angry to the threats his daughter received. They were both being made fun of and posts were being sent telling the girl to kill herself or tell the father people were going the beat Jessi up.
Such an incident is a very radical, but suitable example for cyber bullying. When certain ‘sensitive’ information or particular footage falls into the wrong hands it can damage that person significantly. Many people like to see videos of people who are being made fun of, getting hurt (in a mild sense) or being in difficult (funny) situations, but the main character(s) of the movie do not always want this to happen. Such happenings might affect them, usually in a negative way. Even though cyber bullying is a very small issue on a global scale, especially compared to the Anonymous issue, it still affects society and also poses a threat to it. Even though cyber bullying is a cyber-threat on a relatively small scale, it has to be closely watched, for it could grow, develop and even lead to mature bully victims.
Identity theft
Isn’t it great that now a days we can share everything with each other online? From digital photo albums, opinions, personal information etc. With just a couple clicks of the mouse button we can look up almost everything what we want. Let’s say we know that it is Linda’s birthday this month but we don’t know the exact date. How can we get to know this? Calling a friend? It is easier than that, thanks to our shifted digital society. Almost everybody today has some sort of online social account. A popular one is Facebook. On these websites you can stay in touch with your friends, sharing data etc. Usually, people provide their personal information on these sites. From address details till birthday data. So if we check Linda’s Facebook we can see the exact date, Facebook can even remind us.
However, this is also were the problems lies. Because almost everybody posts their personal files online, people can easily use them to their own benefit. You can already apply for credit card simply by knowing someone’s date of birth, name, and address details. Here are some examples where criminals used someone else’s identity:
• “ A man was indicted in Miami on identity theft-related charges relating to his alleged filing of false federal tax returns in the names of 614 Florida prisoners, seeking more than $3 million in fraudulent refunds.
• A man pleaded guilty in Seattle to federal identity-theft and fraud charges, after using the names and Social Security numbers of other people to open several credit card accounts and make nearly $200,000 in fraudulent charges across the United States and in Italy”.[4]
Identity theft has reached serious proportions. A study by the Meridian Research company has shown that in the United States an estimate of 500,000 to 700,000 people a year will become victims of identity theft. In addition, in 2001 already 86,000 people filed identity theft complaints at the Federal Trade Commission in the USA. We can only imagine how this number has risen in the last 10 years. Furthermore, it is not only annoying and costly. It is a more destructive constraint for the ‘offline’ society! The human and societal costs of identity theft can be much higher and worse when terrorists are behind the theft.
What can we do?
The problem with identity theft is a difficult one. The main reason for this is the internet. Meaning, internet has given us the opportunity to be in contact with anyone in the world. From Belgium to Kazakhstan. The only things necessary are a computer and an internet connection. However, this created as well the threat. Someone from on another continent or in another country can commit a crime in the United States with the usage of internet. This makes it difficult to fight it, let alone resolve or prove it. Secondly, there is not enough police staff available to deal with this kind of problem.
The aim should be to coordinate legislation internationally. Set up online investigation teams. However, this can only be done with the right coordination and guidelines. In addition, the percentage that will actually be caught for the online crime they have committed will be fairly small. But if caught, depending on the crime the criminal can expect to go in for some time. Already in 1988 the Federal criminal statute from the United States grants federal prosecutor the right to go after a person when: “ a person unauthorized uses or transfers someone else's "means of identification," were the criminal intends to commit, or even aid and abet, any unlawful activity that constitutes a federal offense or a state or local felony. Violations are punishable by up to 15 years imprisonment (25 years, if the crime is committed to facilitate international terrorism)” [5].
To sum up, the cyber society poses many threats to the real society. They can arise on a small scale, such as cyber bullying or surface on a global scale, such as identity theft. The cyber society raises many questions to users and non-users. Questions like “Should we be afraid of the cyber society”, “Does it also affect me”, and “Do hackers actually have a point in their actions” arise all the time in the cyber scene. You should be careful with what you put on the internet, because once it is on there, it is nearly impossible to delete it again. Furthermore, when falling into the wrong hands, it could affect not only you and your social- or business life, but sometimes even people around you. So in the end you should ask yourself, how much do you share with the world..?
Word Count: 2.891
Reference list
Chen, A. (July 16, 2010). How the Internet Beat Up an 11-Year-Old Girl. Retrieved October 12, 2011 from the Gawker Gossip Web Site:
Clarke, M. (June 19, 2011). Identity Theft-Are you safe? Retrieved October 12, 2011 from the website:
de Vries, W. (September 4, 2011). DigiNotar-hackers blijken 531 certificaten te hebben vervalst. Retrieved October 12, 2011 from the Tweakers net page:
http://tweakers.net/nieuws/76567/diginotar-hackers-blijken-531-certificaten-te-hebben-vervalst.html
http://tweakers.net/nieuws/76567/diginotar-hackers-blijken-531-certificaten-te-hebben-vervalst.html
Hamburger, E. (August 9, 2011). Hacker Group Anonymous Vows To Destroy Facebook On November 5. Retrieved October 13, 2011 from the Business Insider news Web Site: http://www.businessinsider.com/anonymous-facebook-2011-8
Kirk, J. (December 9, 2010). Dutch Arrest 16-year-old Related to WikiLeaks Attacks. Retrieved October 13, 2011 from the PCWorld, Business Center Web Site:
NOS (October 6, 2011). 60.000 kinderen gepest op internet. Retrieved October 11, 2011 from the NOS Media Web Site:
http://nos.nl/artikel/279573-60000-kinderen-gepest-op-internet.html
http://nos.nl/artikel/279573-60000-kinderen-gepest-op-internet.html
NOS. (September 3, 2011). Meest gestelde vragen over Diginotar. Retrieved October 13, 2011 from the NOS media website:
Rush, J. (September 18, 2002). Perspective: Identity theft: Fact and fiction. Retrieved on October 12, 2011 from the Cnet news website:
The Herald Sun (October 11, 2011). Hacker group Anonymous fails to 'erase' NYSE from the internet. Retrieved October 12, 2011 from The Herald Sun news Web Site: http://www.heraldsun.com.au/news/more-news/hacker-group-anonymous-fails-in-attempt-to-erase-nyse-from-the-internet/story-fn7x8me2-1226164106961
van Ringelestijn, T. (September 5, 2011). Uitlegparty: Diginotar-debacle (update). Retrieved October 13, 2011 from the website:
Wikipedia. Article on Anonymous (group). Retrieved October 12, 2011 from the Wikipedia Web Site: http://en.wikipedia.org/wiki/Anonymous_(group)
Wikipedia. Article on Diginotar. Retrieved October 12, 2011 from the Wikipedia website:
[1] http://www.digid.nl/
[2] Wikipedia http://en.wikipedia.org/wiki/Anonymous_(group)#cite_note-citypaper-1. Retrieved October 13, 2011
[3] NOS (October 6, 2011) http://nos.nl/artikel/279573-60000-kinderen-gepest-op-internet.html. Retrieved October 13, 2011
[4]Rush, J. (September 18, 2002). Perspective: Identity theft: Fact and fiction. http://news.cnet.com/2010-1071-958328.html
[5] Rush, J. (September 18, 2002). Perspective: Identity theft: Fact and fiction .http://news.cnet.com/2010-1071-958328.html
No comments:
Post a Comment