SlideShare a Scribd company logo

Review of Data Misuse and Information Warfare in the Digital Age

Download as DOCX, PDF
O
ouldparis

UNPROTECTED DATA: REVIEW OF INTERNET ENABLED PSYCHOLOGICAL AND INFORMATION WARFARE Francisco GARCIA MARTINEZ Illinois Institute of Technology, School of Applied Technology, Chicago, Illinois, USA [email protected] Maurice DAWSON Illinois Institute of Technology, School of Applied Technology, Chicago, Illinois, USA [email protected] ABSTRACT Since the last elections in the United States, France, and other nations, fake news has become a tool to manipulate voters. This creation of fake news creates a problem that ripples through an entire society creating division. However, the media has not scrutinized enough on data misuse. Daily it appears that there are breaches causing millions of users to have their personal information taken, exposed, and sold on the Dark Web in exchange of encrypted currencies. Recently, news has surfaced of major social media sites allowing emails to be read without user consent. These issues bring upon concern for the misuse of data and more importantly, how can this be used for information warfare and the exploitation of targeted groups through the use of the Internet. It is essential that organizations continuously review current data policies to ensure that they do not become victims of information warfare. KEYWORDS: data misuse, information warfare, Internet security, intelligence 1. Information Warfare In the battlefield, there is a type of warfare known as psychological operations. This aspect of warfare is used to create a favorable image, gaining adherents, and undermining opponents had already become a significant weapon of 20th-century warfare. However, “they are neither a substitute for power nor a panacea” (Headquarters Department of the Army, 1979, pp. 1-5) but employed correctly they can be instrumental, making the difference between success or failure in military operations. And not exclusively military operations, but also in numerous other fields, such as technology or marketing. Information warfare is, in general terms, a way of protecting one’s information infrastructure while attacking someone else’s by using computers. In the past century, it was commonly considered how future wars would take place and, more importantly, the mean by they would be won (Aldrich, 1996). Consequently, information warfare has become a significant issue in recent decades for both governments and private companies, who have often joined forces to strengthen their economies over their adversaries. For instance, in the United States, government agencies such as the Central Intelligence Agency (CIA), Federal Bureau of Investigation (FBI) or National Security Land Forces Academy Review Vol. XXIV, No 3(95), 2019 DOI: 10.2478/raft-2019-0022 © 2017. This work is licensed under the Creative Commons Attribution-NonCommercial-NoDerivatives 3.0 License. 187 Bereitgestellt von provisional account | Unauthentifiziert | Heruntergeladen 05.02.20 03:53 UTC A ...

Education
1 of 41
UNPROTECTED DATA: REVIEW OF INTERNET ENABLED PSYCHOLOGICAL AND INFORMATION WARFARE Francisco GARCIA MARTINEZ Illinois Institute of Technology, School of Applied Technology, Chicago, Illinois, USA [email protected] Maurice DAWSON Illinois Institute of Technology, School of Applied Technology, Chicago, Illinois, USA [email protected] ABSTRACT Since the last elections in the United States, France, and other nations, fake news has become a tool to manipulate voters. This creation of fake news creates a problem that ripples through an entire society creating division. However, the media has not scrutinized enough on data misuse. Daily it appears that there are breaches causing millions of users to have their personal information taken, exposed, and sold on the Dark Web in exchange of encrypted currencies. Recently, news has surfaced of major social media sites allowing emails to be read without user consent. These issues bring upon concern for the misuse of data
and more importantly, how can this be used for information warfare and the exploitation of targeted groups through the use of the Internet. It is essential that organizations continuously review current data policies to ensure that they do not become victims of information warfare. KEYWORDS: data misuse, information warfare, Internet security, intelligence 1. Information Warfare In the battlefield, there is a type of warfare known as psychological operations. This aspect of warfare is used to create a favorable image, gaining adherents, and undermining opponents had already become a significant weapon of 20th-century warfare. However, “they are neither a substitute for power nor a panacea” (Headquarters Department of the Army, 1979, pp. 1-5) but employed correctly they can be instrumental, making the difference between success or failure in military operations. And not exclusively military operations, but also in numerous other fields, such as technology or marketing. Information warfare is, in general terms, a way of protecting one’s information infrastructure while attacking someone else’s by using computers. In the past century, it was commonly considered how future wars would take place and, more importantly, the
mean by they would be won (Aldrich, 1996). Consequently, information warfare has become a significant issue in recent decades for both governments and private companies, who have often joined forces to strengthen their economies over their adversaries. For instance, in the United States, government agencies such as the Central Intelligence Agency (CIA), Federal Bureau of Investigation (FBI) or National Security Land Forces Academy Review Vol. XXIV, No 3(95), 2019 DOI: 10.2478/raft-2019-0022 © 2017. This work is licensed under the Creative Commons Attribution-NonCommercial-NoDerivatives 3.0 License. 187 Bereitgestellt von provisional account | Unauthentifiziert | Heruntergeladen 05.02.20 03:53 UTC Agency organiza protectio whose f Rona of such a (2003, p Internat the loss espionag billion i by the
conclud surveyed espionag Th much i adversa informa confiden From th three l warfare and glob a single electron persona to, har theft o attacks informa specific ransomw (NSA) hav ations to on programs first recorde f the Boeing great impo p. 1) remar tional Trad in the Unite ge at $23.8 in 1989”. B
University ded that 48 d admitted ge victims (S he primary information ary while ation infras ntiality, int he economic levels of , being th bal levels. T e individual nic privacy. al level incl rassment, e or blackma often con ation gatheri c targeted c ware (O’G ve cooperate create s (Elbirt, 20 ed use was g Corporation ortance that rks in his p
de Commiss ed States du 8 billion in Besides, a stu y of Illin 8 % of th d to bei Schawartau Figu purpose is n as possib e protec structure, t tegrity, and c point of v impact in hese person The persona l or group . Attacks d lude, but ar extortion, p ailing. The nsist of an ing to, later ampaign of Gorman & ed with priv infrastruct
003). The ter by Thomas n in 1976, is t A. J. Elb paper that “ sion estima ue to econom 1987 and $ udy conduc nois in 19 he compan ing industr , 1997). ure no. 1: Inf to retrieve ble from cting on thus ensuri d availabili view, there n informati nal, corpora al level affe of individu directed to re not limi personal d ese kinds n individua r on, perform
f blackmail & McDona vate ture rm, s P. s of birt “the ated mic $40 cted 988 nies rial a ph ma Al fav dis da inf cre Pr att co att (E nformation W
e as the ne’s ing ity. are ion ate, ects uals the ted data of al’s m a or ald, 20 foc pri mi co sp an an the wa or
as lev inv rel dis Ad Typical Denial of hishing, soc anipulation ll with the vorable pos srupting the ata. As a co formation w eated in 19 otection C tacker per onducting an tack plann Elbirt, 2003). Warfare Pro 012). Some cus on unau ivate inf isinformatio orrected, d reading of
n individual nd the mali e resulting d When arfare attac organizatio industrial vel. The u volve comp lease of the srupting dditionally, information Service at cial engine or modi common sition over ir services o onsequence, warfare attack 998 the Nat Centre (NIP rforms th n attack: inf ning, and .
ocess other per uthorizedly formation. on could be due to th data across l’s privacy cious activ damage is o the cond ks are elev ons, they ar espionage usual corpo petitor info eir propriet an adve there have n warfare att ttack (DoS eering, or ification o goal of ga their oppon or stealing c , threatened ks, the Unite tional Infra
PC). Typic hree steps formation g attack e sonal level altering so Thought e easily rem he extreme the networ has been i vity has bee often irrepar ducted info vated to co re often ref e or the c orate level ormation th ary informa ersary’s e also been tacks are attack), deletion, of data. aining a nents by classified
d by this ed States astructure ally, an when gathering, execution l attacks meone’s t this moved or ely fast rk. Once invaded, en done, rable. ormation ompanies ferred to corporate attacks heft, the ation, or activity. cases of 188 Bereitgestellt von provisional account | Unauthentifiziert | Heruntergeladen 05.02.20 03:53 UTC
governments making use of Information Warfare tactics to provide information to a private organization within the country from a competitor of a foreign country. Elbirt gives an example of this kind of activity in his paper: “Hitachi paid IBM a reported $300 million in a settlement agreement after being caught spying on a new generation of IBM computer equipment and that French intelligence was proven to have spied on Boeing to help Airbus” (Elbirt, 2003, p. 5). Economic espionage, or global level attacks, refer to the government’s use of Information Warfare techniques to combat other countries or their allies in the desire of improving their economy or obtaining a better combative position. Nonetheless, these attacks are not limited to government activities, but they also include terrorist groups, such as Anonymous, Al-Qa’ida, or the famous Chinese cyber espionage group, Axiom. However, they require a large number of people involved and a significant monetary investment. A key aspect of being successful at the global level relays on being capable of organizing this vast number of people while maintaining a high level of privacy. Concerning data collection, databases can represent a great source of useful data within the information warfare. Numerous access control countermeasures have been
developed and are implemented, preventing unauthorized users from accessing and retrieving confidential information. Nevertheless, those techniques do not address the inference control problem, where a user could perform legitimate general queries to the database as a whole while restricting him from extracting individual’s private information (Elmasri, 2008). Clifton and Marks (1996) introduce some possible solutions in their paper. To ensure that a company cannot infer private data from public data to, later, use it to gain a better position than its competitors in the information warfare. 2. All Source Intelligence Analyzing data could provide valuable information regarding an organization’s or individual’s activity with the use of Open Source Intelligence (OSINT) tools. OSINT data is unclassified information or data that is publicly available. OSINT is not to be a substitute for other sources of intelligence but rather complement existing methods to collect information such as Geospatial Intelligence (GEOINT), Signal Intelligence (SIGINT), Human Intelligence (HUMINT), and Measurement Intelligence (MASINT). This data collection method relies on information that is found publicly without the need to request access to it, and it can be used to generate reports (Stalder & Hirsh, 2002). Having access to this data allows an attacker to develop an intelligence analysis on the
target. This analysis can be a culmination of information about the target’s movements, online behaviors, technical data, and more. With the Internet, several applications such as Maltego can make the profession of an OSINT analyst done with ease. This means they can create transforms, perform sentiment analysis of words, and review other public databases with ease. 3. Misuse of Data The widespread use of newer technologies and their correspondent tools and apps leads to infinite quantities of data released to the Internet. However, the most critical finding in the last recent years is that all this data has a value. All this information which was practically discarded was a source of intelligence that traditionally took a significant work effort to collect. Hence, enterprises have increased their investments in software, hardware, staff, education, and other associated items that constitute the digital world, by 50 %, to $4 trillion (Gantz & Reinsel, 2011). Grantz and Reinsel state in their paper that “the amount of information individuals create themselves – writing 189 Bereitgestellt von provisional account | Unauthentifiziert | Heruntergeladen 05.02.20 03:53 UTC
documents, taking pictures, downloading music, etc. – is far less than the amount of information being created about them in the digital universe” (Gantz & Reinsel, 2011, p. 1). Therefore, we cannot imagine how significant this amount of data is, and even less wonder how to handle it. That is why companies are putting all their efforts to be able to generate value by extracting just the right information, or even by misusing the data for different purposes for what it was collected. Being capable of doing so would enormously help to position themselves in the “pole position” of the information warfare. It cannot be denied that the new features included in popular apps usually make someone’s life easier. However, the actual goal of the company for developing that new functionality remains unthinkable and unknown to the end user. These goals can range from the selling of data to third parties or collecting data to sell other products to the end user (Ahmed, 2004). It was probably not to make everyone’s lives more comfortable but to know more about them; to gather more useful information about the people which can later be transformed into personal-oriented marketing strategies and, eventually, more revenues to the corporation. What enterprises usually achieve with these techniques is to get more private information about their users’ data, or metadata, which, as a result, is growing extremely faster than the actual data itself.
In recent years several patents can be found that deal with mobile data collection to (Sinisi, 2007). Facebook’s new “face recognition” or “tag suggestion” feature is an excellent example of this. This functionality identifies a user’s face in a picture and notifies him of the uploaded photo. Thus, the user can decide whether to be tagged in the photo or, even more, report someone who has uploaded a picture of him without consent. Although several privacy experts claim that it is an excellent advance in protecting someone’s privacy preventing fraud and identity theft, what Facebook does is maintaining what it is called a “template” (Fussell, 2018). This template is a string of numbers that is unique for each user, which could be considered similar to a fingerprint. As a consequence, Facebook becomes the owner of extremely protected biometric data of its customers, that could later be tasked for malicious purposes. According to John T. Soma et al. personally identifiable information (PII) “is now a commodity that companies trade and sell” (Soma, Couson & Cadkin, 2009, p. 1). Furthermore, it is equaling or even surpassing the value of traditional financial assets in large corporations. Nevertheless, the question is: are companies benefitting from the use and trade of PII without protecting the privacy interests of those PII owners? This entails consequences for commercial and technological sectors.
In the marketing industry, the benefits of using PII are double (Soma, Couson & Cadkin, 2009). Imagine that an online store sells alcohol to its consumers. Collecting data such as gender or nationality may not make any difference, but, if it also collected age values, it could significantly narrow its target to old enough consumers. Thus, the store would not only increase its revenues by approaching more likely possible buyers but also reduce costs by discarding underage consumers. Moreover, consumers can also benefit from companies keeping their PII, tailoring them future activity. Cloud computing is becoming an excellent solution for many small and medium companies since it represents a great way of saving money by sharing resources with other organizations and 190 Bereitgestellt von provisional account | Unauthentifiziert | Heruntergeladen 05.02.20 03:53 UTC avoid buying and maintaining their servers. However, regarding security, cloud providers may have to face different risks and challenges to the ones in conventional IT environments. From the end user’s point of view, they are still reticent to cloud computing technologies, concerned about their data privacy and security issues —
even more after knowing about the most significant cloud computing providers security breaches. Google Gmail was exposed to a severe vulnerability up to 4 hours in its VMware virtualization for Mac version in 2009, where attackers could take advantage of this vulnerability to execute malicious code on the host (Chen & Zhao, 2012). Microsoft Azure also suffered a severe outage accident on its cloud services for 22 hours earlier this year. Concerning the health sector, due to the augment of health information available in the Internet, patients tend to look for their symptoms online, sharing especially private data to everyone, without considering its associated security risks. Researchers comment that “Both specialists and patients can benefit from linking family health profiles so that all relevant information is available for reference when the need arises” (Gajanayake, Iannella & Sahama, 2011, p. 31) obviously, developing a safe and private environment. The access of illegitimate persons to one’s health information can have critical consequences when later being disclosed or misused since it contains sensitive data tremendously useful for ransom ware or social engineering attacks. Thus, they propose an information accountability mechanism as the solution to information misuse in the health field. Moreover, they claim that with their approach “when inappropriate misuse is detected, the agent defines methods of holding the users
accountable for misuse” (Gajanayake, Iannella & Sahama, 2011, p. 37). 4. PII Exploits Krishnamurthy and Wills define personally Identifiable Information (PII) as “information which can be used to distinguish or trace an individual’s identity either alone or when combined with other public information that is linkable to a specific individual” (Krishnamurthy & Willis, 2009, p. 7). The term encompasses any information that can uniquely identify an individual, such as name, birthday, address, phone number, social security number, fingerprints, or a face photo. Social networking sites are web-based services that allow their members to build a public or semi-public profile and connect with other strangers based on shared interests, hobbies, or political thoughts (Boyd & Ellison, 2007). We could say that social media is an expansion of traditional media, offering individuals highly capable and nearly unlimited ways of communicating and networking with others. There are many different kinds of social media business models, varying from sharing live-photos of places you are currently visiting activities focused on growing your professional network and seek jobs. Nevertheless, just like everything in this world, social networking sites also have their drawbacks. Users do not often
realize the massive amounts of personal data that they are sharing with their network and thus, how they are being exposed to exploits of these data. All social networks offer a wide range of possibilities concerning the privacy settings of their members. If an individual leaves these settings public by default, this can constitute a breach of privacy. Consequently, a malicious user can perform a reconnaissance attack and gather as much possible information to conduct a successful social engineering attack later. 191 Bereitgestellt von provisional account | Unauthentifiziert | Heruntergeladen 05.02.20 03:53 UTC However, having a public profile is not the only vulnerability to private information on a social networking site. In their paper, P. Gundecha et al. discuss how a social media user can become way more exposed to exploits of his data by merely adding a vulnerable friend. They define a vulnerable friend “from an individual user’s perspective is dependent on whether or not the user’s friends’ privacy settings protect the friend and the individual’s network of friends (which includes the user)” (Gundecha, Barbier & Liu, 2011, p. 511). Hence, a single user’s privacy settings can compromise its entire network.
Frequently, social media websites partner with third-party servers to provide content and advertisements to their users. Although these websites claim in their privacy policies that they share cookies to third parties to offer a better user experience to their members, these cookies do not exclusively consist of Internet Protocol (IP) addresses (Symantec Corporation, n.d.). What is more, some third-party servers are in fact trackers or aggregators, that follow the user habits before, while and after the user’s interaction with the social media application (Krishnamurthy & Willis, 2009). Krishnamurthy and Wills define this action of combining this PII with other information and sharing it to external websites as “leakage”. In their paper, they present a study demonstrating how Online Social Networks (OSN) often provide information linked to a particular person to third parties via a combination of HTTP headers and cookies. Most of the times, when a person publishes a document or picture on the Internet, he is not aware of the PII or other identifiers attached to it, even less how to remove them. There are countless situations in which personal information is retrieved from documents with inappropriate security. Therefore, this private data can further be used to commit malicious activities. An example of information leak caused by inadequate attempts to secure
protected information took place in 2000 when a secret CIA document about a coup in Iran was published in The New York Times website (Aura, Kuhn & Roe, 2006). The company unsuccessfully tried to erase the names of the persons involved by just painting white squares over their names. As a consequence, the names were still in the publication’s metadata and could easily be retrieved. 5. Where Stolen Data Can Be Found: Dark and Deep Web The types of data captured through poor security practices and improper coding techniques provide not only side channels into the organizations but a plethora of details. For example, a photo provides lots of metadata that can give insight into camera type, specific detailed information of photo taken, latitude, and longitude coordinates. These items can be used to create an intelligence analysis of a target with the number of connected devices and those on the Web with a lack of security protections. However, the key is where these stolen data and information end up do. The definition of the Internet as the mainstream perceives does not entirely represent what the entity is. Because of an increasing number of static HyperText Markup Language (HTML) pages, there is an enormous amount of information hidden in the layers of deep and dark Web where most
search engines cannot have access (see Figure no. 2). The pathway to these remote Web locations is provided through static Uniform Resource Locator (URL) links due to their existence being depended on responses to queries submitted through the query interface of an underlying database. It is estimated that 43,000 to 96,000 deep Web sites exist along with 7,500 terabytes of data (He, Patel, Zhang & Chang, 2007). 192 Bereitgestellt von provisional account | Unauthentifiziert | Heruntergeladen 05.02.20 03:53 UTC Th website being th sense li Take th example database informin crawler all “kn website you nee searchin he issue w s is that t he site is no ike a standa
he search e items a e by eith ng Google s looking fo nown” web is not ind ed to know ng for dir ith trying t they do no ot indexed i ard search engine Go are added her the w of their UR for, finding, bsites it fi dexed in e the URL of rectly. No Figure no. Figure n to locate de ot exist. T in a traditio engine wor
oogle.com to Googl website its RL or the w , and indexi inds. A de ither capac f what you ow there 3: Example no. 2: Comp eep hat nal rks. for le’s self web ing eep city are are ex am are
Du Do en sta In en sea Ho no tha e of the Duc plete Web xtensive data mounts of s e called uckDuckGo ogPile for ngines allo andard sear some case ngines can b arch terms owever, eve ot take into at is found o ckDuckGo S abases that search engi
metasearc o (see Fig example. T ow you t rch engines es, as man be searched and the p en these me account th on the deep Search Page try to comp ine data, an ch engine gure no. These meta to search s all at on ny as 40-50 d with the press of a tasearch en he vast info web. e pile large
nd these es like 3) and a search various ne time. 0 search entry of button. ngines do ormation 193 Bereitgestellt von provisional account | Unauthentifiziert | Heruntergeladen 05.02.20 03:53 UTC There are several specialty search engines such as TORCH and the Onion URL Repository which index as many deep websites that can be found. The key to these types of search engines is that they do not act like traditional searches. You need to have access to TOR networks which work as a semi-autonomous network that provides private browser and viewing of sites. Once you are on this network, you still be able to access repositories of different search engines usually broken down by subject matter and start you dig into the deep web. Another item of note is the deep web,
and the dark web is not the same thing. While you may make use of TOR to access the dark web search engines that index the deep web. Both these environments are independent of each other. Deep websites sites can be found using traditional browsing methods as long as you know the URL for it where dark websites leverage a software package like TOR to access the pages. The Onion Router (TOR) gained popularity when the news was released around the globe about Edward Snowden exposing what the American government was doing with citizens’ data. The tool of choice used was TOR. The Tor Browser can be used on Gnu Not Unix (GNU) Linux, Windows, and Mac without the need for installation of any software (Tor Project, n.d.). Tor was developed further by the Defense Advanced Research Projects Agency (DARPA) after the first principle of onion routing developed from a United States Naval Research Laboratory scientist. In Figure no. 4 shown are two Tor Browsers on Ubuntu Linux. The other browser shows The Uncensored Hidden Wiki and some onion links that have been verified. The first browser window displays the welcome message for anonymous exploration. Figure no. 4: TOR Browsers 194 Bereitgestellt von provisional account | Unauthentifiziert |
Heruntergeladen 05.02.20 03:53 UTC TOR is native in the Tails Operating Systems (OS) Tails is a Debian based Linux distribution which primary goal is the preserve privacy and anonymity to beat surveillance. In recent years, organizations such as the NSA have been attacks this browser. One attack revealed was the exploitation of the Tor Browser Bundle. When using the Tor Browser security that leaves a system vulnerable such as Flash become enabled in this attack (Schneier, 2013). This attack targeted the Firefox browser by identifying the Tor Users and executing attacks against the browser (Schneier, 2013). Other tools detected Hypertext Transfer Protocol (HTTP) through Capability Network Exploitation (CNE), which is the starting point for finding Tor users. Researchers at the University of Waterloo and Stony Brook University discuss active attacks for website fingerprinting to identify destination web pages by passively observing their communication traffic (Wang, Nithyanand, Johnson & Goldberg, 2014). However, these attacks have not deterred the use of Tor Browser. For users conducting illicit activities, this browser allows for undetected movement. One needs not to look too far to see the activities that occur on the Dark Web from the sale of
illicit narcotics to human trafficking. Services from experienced hackers to assassins can be located using Tor and exploring Hidden Wiki. Some browsers allow the user to protect their privacy. One such browser is Searx that does not share the users’ IP, search history, and aggregates the results of more than seventy search engines (Tauber, n.d.). Searx browsers allow for advertisement filtering, personalization, and use of HTTP POST by default. Figure no. 5 shows the results of a search of Illinois Institute of Technology that populates that allows for files to be downloaded; pages scraped and allowed customization in terms of time. Figure no. 5: Searx Browser 195 Bereitgestellt von provisional account | Unauthentifiziert | Heruntergeladen 05.02.20 03:53 UTC There have been several occasions where the Tor network has been abused for personal gain. In 2013 a Harvard University student used this mean of anonymity to send emails to the school for a hidden bomb threat to avoid a final exam (Lin, Tong, Zhijie & Zhen, 2017). Silk Road is an online black market being accessed by nearly one million users through the exclusive access of the Onion Router. It includes illegal services like
drug trafficking, child pornography, and arms trafficking; the value of its transactions has been calculated to be worth $12 billion. Its operations were shut down in October 2013 by the Federal Bureau of Investigation (Lin, Tong, Zhijie & Zhen, 2017). “Anonymous” the notorious worldwide hacker organization, launched a DDoS attack against Sony Corp in April 2011. They used the anonymous network and managed to steal the personal data of nearly 1 billion people. This attack had a disruptive financial impact of $171 million (Lin, Tong, Zhijie & Zhen, 2017). 6. Using Web for Targeted Warfare Researchers have discovered that Internet sites such as YouTube Kids and YouTube have detected unsafe content through nefarious promoters that target kids through psychological means (Kaushal, Saha, Bajaj & Kumaraguru, 2016). This means that the threat landscape is altering to include all active users regardless of age or other constraints previously considered off limits. In the past mainly adults have been the targets of individuals or nation states however due to technological advances and increased connectivity any connected user can be a target. Reviewing the Open Web Application Security Project (OWASP) top 10 over the last ten years, it is apparent that the same
critical web application vulnerabilities are still found (Wichers, 2013). One such vulnerability is the Common Weakness Enumeration (CWE) 89: Structured Query Language (SQL) Injection, which is rather easy to exploit using an application called sqlmap. A simple search of php?id=[number] while bringing up several websites through a query that can be a potential target. 7. Conclusion The misuse of data and deficiency of knowledge to apply security controls is a critical issue across enterprise networks. The Internet has allowed for older techniques used for warfare to be modernized at levels that make a novice intelligence analyst near a Subject Matter Expert (SME). This is a drastic change to the landscape of the current battlefield in which is still evolving with the ever expansion of networked systems such as the Internet of Things (IoT) and 5G. The apparent scarcity of applied cybersecurity protections is allowing for threat agents to take advantage of organizations and individuals that lack the necessary knowledge for ensuring protection. This, combined with laws that do not require companies to have stronger security, enable attackers to perform exploits continuously. REFERENCES Ahmed, S. R. (2004). Applications of data mining in retail
business. International Conference on Information Technology: Coding and Computing. Proceedings. ITCC, Vol. 2, 455-459. IEEE. Aldrich, R. W. (1996). The international legal implications of information warfare (No. INSS-OP-9). Colorado: Air Force Academy Colorado Springs Co. 196 Bereitgestellt von provisional account | Unauthentifiziert | Heruntergeladen 05.02.20 03:53 UTC Aura, T., Kuhn, T. A., & Roe, M. (2006). Scanning electronic documents for personally identifiable information. Proceedings of the 5th ACM workshop on Privacy in electronic society, 41-50, New York, USA: ACM. Boyd, D. M., & Ellison, N. B. (2007). Social network sites: Definition, history, and scholarship. Journal of Computer-Mediated Communication, Vol. 13, Issue 1, 210-230. Chen, D., & Zhao, H. (2012). Data security and privacy protection issues in cloud computing. International Conference on Computer Science and Electronics Engineering, Vol. 1, 647-651, IEEE. Clifton, C., & Marks, D. (1996). Security and privacy implications of data mining. ACM SIGMOD Workshop on Research Issues on Data Mining and
Knowledge Discovery, 15-19. Elbirt, A. J. (2003). Information Warfare: Are you at risk?. IEEE Technology and Society Magazine, Vol. 22, Issue 4, 13-19. Elmasri, R. (2008). Fundamentals of database systems. India: Pearson Education. Fussell, S. (2018). Facebook’s New Face Recognition Features: What We Do (and Don’t) Know [Updated], available at: https://gizmodo.com/facebooks-new-face- recognition-features-what-we-do-an-1823359911, accessed on 18 March 2019. Gajanayake, R., Iannella, R., & Sahama, T. (2011). Sharing with care: An information accountability perspective. IEEE Internet Computing, Vol. 15, Issue 4, 31-38. Gantz, J., & Reinsel, D. (2011). Extracting value from chaos. IDC iview, 1142, 1-12. Gundecha, P., Barbier, G., & Liu, H. (2011). Exploiting vulnerability to secure user privacy on a social networking site. Proceedings of the 17th ACM SIGKDD international conference on Knowledge discovery and data mining, 511-519, New York, USA: Association for Computing Machinery. He, B., Patel, M., Zhang, Z., & Chang, K. C-C. (2007). Accessing the deep Web. Communications of the ACM, 50(5), 94-101.
Headquarters Department of the Army (1979). Psychological Operations. Field Manual, No. 33-1, Washington: U.S. Government printing office. Kaushal, R., Saha, S., Bajaj, P., & Kumaraguru, P. (2016). KidsTube: Detection, characterization and analysis of child unsafe content & promoters on YouTube. 14th Annual Conference on Privacy, Security and Trust (PST), 157-164, IEEE. Krishnamurthy, B., & Wills, C. E. (2009). On the leakage of personally identifiable information via online social networks. Proceedings of the 2nd ACM workshop on Online social networks, 7-12, ACM. Lin, Z., Tong, L., Zhijie, M., & Zhen, L. (2017). Research on Cyber Crime Threats and Countermeasures about Tor Anonymous Network Based on Meek Confusion Plug-in. International Conference on Robots & Intelligent System (ICRIS), Vol. 1, 246-249, doi:10.1109/icris.2017.69. O’Gorman, G., & McDonald, G. (2012). Ransomware: A Growing Menace, available at: http://www.symantec.com/content/en/us/enterprise/media/securi ty_response/whitepapers/ ransomware-a-growing-menace.pdf, accessed on 17 September 2019. Schawartau, W. (1997). What Exactly is Information Warfare? – Part 2, Journal Network Security, Issue 10, Amsterdam: Elsevier Science
Publishers. Schneier, B. (2013). Carry On: Sound Advice from Schneier on Security, New Jersey, USA: John Wiley & Sons. Sinisi, J. P. (2007). U.S. Patent No. 7,313,759, Washington, DC: U.S. Patent and Trademark Office. 197 Bereitgestellt von provisional account | Unauthentifiziert | Heruntergeladen 05.02.20 03:53 UTC Soma, J. T., Courson, J. Z., & Cadkin, J. (2009). Corporate Privacy Trend: The “Value” of Personally Identifiable Information (“PII”) Equals the “Value” of Financial Assets. Richmond Journal of Law & Technology, Vol. 15, Issue 4, 11. Stalder, F., & Hirsh, J. (2002). Open source intelligence. First Monday, Vol. 7, Issue 6, 1-8. Symantec Corporation. (n.d.). What Are Cookies?, available at: https:// us.norton.com/ internetsecurity-how-to-what-are-cookies.html, accessed on 07 July 2019. Tauber, A. (n.d.). Welcome to searx, available at: https://asciimoo.github.io/searx/, accessed on 03 December 2018. Tor Project. (n.d.). What is Tor Browser?, available at:
https://www.torproject.org/ projects/ torbrowser.html.en, accessed on 03 December 2018. Wang, T., Cai, C., Nithyanand, R., Johnson, R., & Goldberg, I. (2014). Effective Attacks and Provable Defenses for Website Fingerprinting. The Proceedings of the 23rd USENIX Security Symposium, San Diego, CA. Wang, P., Dawson, M., & Williams, K. L. (2018). Improving Cyber Defense Education through National Standard Alignment: Case Studies. International Journal of Hyperconnectivity and the Internet of Things (IJHIoT), Vol. 2, Issue 1, 12-28. Wichers, D. (2013). The Open Web Application Security Project (OWASP) Top10 -2013. OWASP Foundation. 198 Bereitgestellt von provisional account | Unauthentifiziert | Heruntergeladen 05.02.20 03:53 UTC

Recommended

Unprotected Data: Your Risk of Internet-Enabled Psychological and Information...
Unprotected Data: Your Risk of Internet-Enabled Psychological and Information...Unprotected Data: Your Risk of Internet-Enabled Psychological and Information...
Unprotected Data: Your Risk of Internet-Enabled Psychological and Information...Maurice Dawson
 
28658043 cyber-terrorism
28658043 cyber-terrorism28658043 cyber-terrorism
28658043 cyber-terrorismDharani Adusumalli
 
Lesson7-Hacktivism, Terrorism, Espionage, Disinformation Campaigns and Warfar...
Lesson7-Hacktivism, Terrorism, Espionage, Disinformation Campaigns and Warfar...Lesson7-Hacktivism, Terrorism, Espionage, Disinformation Campaigns and Warfar...
Lesson7-Hacktivism, Terrorism, Espionage, Disinformation Campaigns and Warfar...adnis1
 
ECON 202 Written AssignmentDue April 28th Submitted through Blac
ECON 202 Written AssignmentDue April 28th Submitted through BlacECON 202 Written AssignmentDue April 28th Submitted through Blac
ECON 202 Written AssignmentDue April 28th Submitted through BlacEvonCanales257
 
1Annotated BibliographyTamika S. BouldinLibe
1Annotated BibliographyTamika S. BouldinLibe1Annotated BibliographyTamika S. BouldinLibe
1Annotated BibliographyTamika S. BouldinLibecargillfilberto
 
WCIT 2014 Matt Stamper - Information Assurance in a Global Context
WCIT 2014 Matt Stamper - Information Assurance in a Global ContextWCIT 2014 Matt Stamper - Information Assurance in a Global Context
WCIT 2014 Matt Stamper - Information Assurance in a Global ContextWCIT 2014
 
Computer security incidents
Computer security incidentsComputer security incidents
Computer security incidentsassanesignate
 
IT Vulnerabilities - Basic Cyberspace Attacks- by Lillian Ekwosi-Egbulem
IT Vulnerabilities - Basic Cyberspace Attacks- by Lillian Ekwosi-EgbulemIT Vulnerabilities - Basic Cyberspace Attacks- by Lillian Ekwosi-Egbulem
IT Vulnerabilities - Basic Cyberspace Attacks- by Lillian Ekwosi-EgbulemLillian Ekwosi-Egbulem
 

Recommended

Unprotected Data: Your Risk of Internet-Enabled Psychological and Information...
Unprotected Data: Your Risk of Internet-Enabled Psychological and Information...Unprotected Data: Your Risk of Internet-Enabled Psychological and Information...
Unprotected Data: Your Risk of Internet-Enabled Psychological and Information...Maurice Dawson
 
28658043 cyber-terrorism
28658043 cyber-terrorism28658043 cyber-terrorism
28658043 cyber-terrorismDharani Adusumalli
 
Lesson7-Hacktivism, Terrorism, Espionage, Disinformation Campaigns and Warfar...
Lesson7-Hacktivism, Terrorism, Espionage, Disinformation Campaigns and Warfar...Lesson7-Hacktivism, Terrorism, Espionage, Disinformation Campaigns and Warfar...
Lesson7-Hacktivism, Terrorism, Espionage, Disinformation Campaigns and Warfar...adnis1
 
ECON 202 Written AssignmentDue April 28th Submitted through Blac
ECON 202 Written AssignmentDue April 28th Submitted through BlacECON 202 Written AssignmentDue April 28th Submitted through Blac
ECON 202 Written AssignmentDue April 28th Submitted through BlacEvonCanales257
 
1Annotated BibliographyTamika S. BouldinLibe
1Annotated BibliographyTamika S. BouldinLibe1Annotated BibliographyTamika S. BouldinLibe
1Annotated BibliographyTamika S. BouldinLibecargillfilberto
 
WCIT 2014 Matt Stamper - Information Assurance in a Global Context
WCIT 2014 Matt Stamper - Information Assurance in a Global ContextWCIT 2014 Matt Stamper - Information Assurance in a Global Context
WCIT 2014 Matt Stamper - Information Assurance in a Global ContextWCIT 2014
 
Computer security incidents
Computer security incidentsComputer security incidents
Computer security incidentsassanesignate
 
IT Vulnerabilities - Basic Cyberspace Attacks- by Lillian Ekwosi-Egbulem
IT Vulnerabilities - Basic Cyberspace Attacks- by Lillian Ekwosi-EgbulemIT Vulnerabilities - Basic Cyberspace Attacks- by Lillian Ekwosi-Egbulem
IT Vulnerabilities - Basic Cyberspace Attacks- by Lillian Ekwosi-EgbulemLillian Ekwosi-Egbulem
 
The big-data-a-twenty-first-century-arms-race
The big-data-a-twenty-first-century-arms-raceThe big-data-a-twenty-first-century-arms-race
The big-data-a-twenty-first-century-arms-raceHop Trieu Sung
 
Big Data: A Twenty-First Century Arms Race
Big Data: A Twenty-First Century Arms RaceBig Data: A Twenty-First Century Arms Race
Big Data: A Twenty-First Century Arms RaceDotmappers1
 
The 5 Biggest Cybersecurity Trends In 2020 Everyone Should Know About
The 5 Biggest Cybersecurity Trends In 2020 Everyone Should Know AboutThe 5 Biggest Cybersecurity Trends In 2020 Everyone Should Know About
The 5 Biggest Cybersecurity Trends In 2020 Everyone Should Know AboutBernard Marr
 
Online security – an assessment of the new
Online security – an assessment of the newOnline security – an assessment of the new
Online security – an assessment of the newsunnyjoshi88
 
(Lim Jun Hao) G8 Individual Essay for BGS
(Lim Jun Hao) G8 Individual Essay for BGS(Lim Jun Hao) G8 Individual Essay for BGS
(Lim Jun Hao) G8 Individual Essay for BGSJun Hao Lim
 
Student Presentation: AI & Government
Student Presentation: AI & GovernmentStudent Presentation: AI & Government
Student Presentation: AI & GovernmentShaynaBlum
 
Cyber terrorism, by definition, is the politically motivated use.docx
Cyber terrorism, by definition, is the politically motivated use.docxCyber terrorism, by definition, is the politically motivated use.docx
Cyber terrorism, by definition, is the politically motivated use.docxdorishigh
 
Securing information in the New Digital Economy- Oracle Verizon WP
Securing information in the New Digital Economy- Oracle Verizon WPSecuring information in the New Digital Economy- Oracle Verizon WP
Securing information in the New Digital Economy- Oracle Verizon WPPhilippe Boivineau
 
Looking Ahead Why 2019 Will Be The year of Cyberwarfare
Looking Ahead Why 2019 Will Be The year of CyberwarfareLooking Ahead Why 2019 Will Be The year of Cyberwarfare
Looking Ahead Why 2019 Will Be The year of CyberwarfareSecuricon
 
B susser researchpaper (2)
B susser researchpaper (2)B susser researchpaper (2)
B susser researchpaper (2)Bradley Susser
 
B susser researchpaper (2)
B susser researchpaper (2)B susser researchpaper (2)
B susser researchpaper (2)Bradley Susser
 
Cybercrime: An Analysis from Positive Law Perspective
Cybercrime: An Analysis from Positive Law PerspectiveCybercrime: An Analysis from Positive Law Perspective
Cybercrime: An Analysis from Positive Law PerspectiveAssociate Professor in VSB Coimbatore
 
Cybersecurity Business Risk, Literature Review
Cybersecurity Business Risk, Literature ReviewCybersecurity Business Risk, Literature Review
Cybersecurity Business Risk, Literature ReviewEnow Eyong
 
MASINT and Global War on Terror
MASINT and Global War on TerrorMASINT and Global War on Terror
MASINT and Global War on TerrorTpeisi Nesby
 
Invasion Of Privacy In Canadian Media
Invasion Of Privacy In Canadian MediaInvasion Of Privacy In Canadian Media
Invasion Of Privacy In Canadian MediaKelly Ratkovic
 
Can cloud computing survive the NSA disclosures
Can cloud computing survive the NSA disclosuresCan cloud computing survive the NSA disclosures
Can cloud computing survive the NSA disclosuresJason Fernandes
 
Branney-Gant Research Paper
Branney-Gant Research PaperBranney-Gant Research Paper
Branney-Gant Research PaperElizabeth Branney-Gant, CFE
 
Cyber Crime Essay
Cyber Crime EssayCyber Crime Essay
Cyber Crime EssayPaper Writing Service Reviews
 
Big Data Paper
Big Data PaperBig Data Paper
Big Data PaperAndile Ngcaba
 
Cyberterrorism can be in the form of Information attacks which a.docx
Cyberterrorism can be in the form of Information attacks which a.docxCyberterrorism can be in the form of Information attacks which a.docx
Cyberterrorism can be in the form of Information attacks which a.docxwhittemorelucilla
 
Written AssignmentPlease provide a comprehensive answer to the fol.docx
Written AssignmentPlease provide a comprehensive answer to the fol.docxWritten AssignmentPlease provide a comprehensive answer to the fol.docx
Written AssignmentPlease provide a comprehensive answer to the fol.docxouldparis
 
Writing Piece AnalysisWhat do you think are some steps this writ.docx
Writing Piece AnalysisWhat do you think are some steps this writ.docxWriting Piece AnalysisWhat do you think are some steps this writ.docx
Writing Piece AnalysisWhat do you think are some steps this writ.docxouldparis
 

More Related Content

Similar to Review of Data Misuse and Information Warfare in the Digital Age

The big-data-a-twenty-first-century-arms-race
The big-data-a-twenty-first-century-arms-raceThe big-data-a-twenty-first-century-arms-race
The big-data-a-twenty-first-century-arms-raceHop Trieu Sung
 
Big Data: A Twenty-First Century Arms Race
Big Data: A Twenty-First Century Arms RaceBig Data: A Twenty-First Century Arms Race
Big Data: A Twenty-First Century Arms RaceDotmappers1
 
The 5 Biggest Cybersecurity Trends In 2020 Everyone Should Know About
The 5 Biggest Cybersecurity Trends In 2020 Everyone Should Know AboutThe 5 Biggest Cybersecurity Trends In 2020 Everyone Should Know About
The 5 Biggest Cybersecurity Trends In 2020 Everyone Should Know AboutBernard Marr
 
Online security – an assessment of the new
Online security – an assessment of the newOnline security – an assessment of the new
Online security – an assessment of the newsunnyjoshi88
 
(Lim Jun Hao) G8 Individual Essay for BGS
(Lim Jun Hao) G8 Individual Essay for BGS(Lim Jun Hao) G8 Individual Essay for BGS
(Lim Jun Hao) G8 Individual Essay for BGSJun Hao Lim
 
Student Presentation: AI & Government
Student Presentation: AI & GovernmentStudent Presentation: AI & Government
Student Presentation: AI & GovernmentShaynaBlum
 
Cyber terrorism, by definition, is the politically motivated use.docx
Cyber terrorism, by definition, is the politically motivated use.docxCyber terrorism, by definition, is the politically motivated use.docx
Cyber terrorism, by definition, is the politically motivated use.docxdorishigh
 
Securing information in the New Digital Economy- Oracle Verizon WP
Securing information in the New Digital Economy- Oracle Verizon WPSecuring information in the New Digital Economy- Oracle Verizon WP
Securing information in the New Digital Economy- Oracle Verizon WPPhilippe Boivineau
 
Looking Ahead Why 2019 Will Be The year of Cyberwarfare
Looking Ahead Why 2019 Will Be The year of CyberwarfareLooking Ahead Why 2019 Will Be The year of Cyberwarfare
Looking Ahead Why 2019 Will Be The year of CyberwarfareSecuricon
 
B susser researchpaper (2)
B susser researchpaper (2)B susser researchpaper (2)
B susser researchpaper (2)Bradley Susser
 
B susser researchpaper (2)
B susser researchpaper (2)B susser researchpaper (2)
B susser researchpaper (2)Bradley Susser
 
Cybersecurity Business Risk, Literature Review
Cybersecurity Business Risk, Literature ReviewCybersecurity Business Risk, Literature Review
Cybersecurity Business Risk, Literature ReviewEnow Eyong
 
MASINT and Global War on Terror
MASINT and Global War on TerrorMASINT and Global War on Terror
MASINT and Global War on TerrorTpeisi Nesby
 
Invasion Of Privacy In Canadian Media
Invasion Of Privacy In Canadian MediaInvasion Of Privacy In Canadian Media
Invasion Of Privacy In Canadian MediaKelly Ratkovic
 
Can cloud computing survive the NSA disclosures
Can cloud computing survive the NSA disclosuresCan cloud computing survive the NSA disclosures
Can cloud computing survive the NSA disclosuresJason Fernandes
 
Cyberterrorism can be in the form of Information attacks which a.docx
Cyberterrorism can be in the form of Information attacks which a.docxCyberterrorism can be in the form of Information attacks which a.docx
Cyberterrorism can be in the form of Information attacks which a.docxwhittemorelucilla
 

Similar to Review of Data Misuse and Information Warfare in the Digital Age (20)

The big-data-a-twenty-first-century-arms-race
The big-data-a-twenty-first-century-arms-raceThe big-data-a-twenty-first-century-arms-race
The big-data-a-twenty-first-century-arms-race
 
Big Data: A Twenty-First Century Arms Race
Big Data: A Twenty-First Century Arms RaceBig Data: A Twenty-First Century Arms Race
Big Data: A Twenty-First Century Arms Race
 
The 5 Biggest Cybersecurity Trends In 2020 Everyone Should Know About
The 5 Biggest Cybersecurity Trends In 2020 Everyone Should Know AboutThe 5 Biggest Cybersecurity Trends In 2020 Everyone Should Know About
The 5 Biggest Cybersecurity Trends In 2020 Everyone Should Know About
 
Online security – an assessment of the new
Online security – an assessment of the newOnline security – an assessment of the new
Online security – an assessment of the new
 
(Lim Jun Hao) G8 Individual Essay for BGS
(Lim Jun Hao) G8 Individual Essay for BGS(Lim Jun Hao) G8 Individual Essay for BGS
(Lim Jun Hao) G8 Individual Essay for BGS
 
Student Presentation: AI & Government
Student Presentation: AI & GovernmentStudent Presentation: AI & Government
Student Presentation: AI & Government
 
Cyber terrorism, by definition, is the politically motivated use.docx
Cyber terrorism, by definition, is the politically motivated use.docxCyber terrorism, by definition, is the politically motivated use.docx
Cyber terrorism, by definition, is the politically motivated use.docx
 
Securing information in the New Digital Economy- Oracle Verizon WP
Securing information in the New Digital Economy- Oracle Verizon WPSecuring information in the New Digital Economy- Oracle Verizon WP
Securing information in the New Digital Economy- Oracle Verizon WP
 
Looking Ahead Why 2019 Will Be The year of Cyberwarfare
Looking Ahead Why 2019 Will Be The year of CyberwarfareLooking Ahead Why 2019 Will Be The year of Cyberwarfare
Looking Ahead Why 2019 Will Be The year of Cyberwarfare
 
B susser researchpaper (2)
B susser researchpaper (2)B susser researchpaper (2)
B susser researchpaper (2)
 
B susser researchpaper (2)
B susser researchpaper (2)B susser researchpaper (2)
B susser researchpaper (2)
 
Cybercrime: An Analysis from Positive Law Perspective
Cybercrime: An Analysis from Positive Law PerspectiveCybercrime: An Analysis from Positive Law Perspective
Cybercrime: An Analysis from Positive Law Perspective
 
Cybersecurity Business Risk, Literature Review
Cybersecurity Business Risk, Literature ReviewCybersecurity Business Risk, Literature Review
Cybersecurity Business Risk, Literature Review
 
MASINT and Global War on Terror
MASINT and Global War on TerrorMASINT and Global War on Terror
MASINT and Global War on Terror
 
Invasion Of Privacy In Canadian Media
Invasion Of Privacy In Canadian MediaInvasion Of Privacy In Canadian Media
Invasion Of Privacy In Canadian Media
 
Can cloud computing survive the NSA disclosures
Can cloud computing survive the NSA disclosuresCan cloud computing survive the NSA disclosures
Can cloud computing survive the NSA disclosures
 
Branney-Gant Research Paper
Branney-Gant Research PaperBranney-Gant Research Paper
Branney-Gant Research Paper
 
Cyber Crime Essay
Cyber Crime EssayCyber Crime Essay
Cyber Crime Essay
 
Big Data Paper
Big Data PaperBig Data Paper
Big Data Paper
 
Cyberterrorism can be in the form of Information attacks which a.docx
Cyberterrorism can be in the form of Information attacks which a.docxCyberterrorism can be in the form of Information attacks which a.docx
Cyberterrorism can be in the form of Information attacks which a.docx
 

More from ouldparis

Written AssignmentPlease provide a comprehensive answer to the fol.docx
Written AssignmentPlease provide a comprehensive answer to the fol.docxWritten AssignmentPlease provide a comprehensive answer to the fol.docx
Written AssignmentPlease provide a comprehensive answer to the fol.docxouldparis
 
Writing Piece AnalysisWhat do you think are some steps this writ.docx
Writing Piece AnalysisWhat do you think are some steps this writ.docxWriting Piece AnalysisWhat do you think are some steps this writ.docx
Writing Piece AnalysisWhat do you think are some steps this writ.docxouldparis
 
Written Assignment 1 Biology and Technology in the Real World.docx
Written Assignment 1 Biology and Technology in the Real World.docxWritten Assignment 1 Biology and Technology in the Real World.docx
Written Assignment 1 Biology and Technology in the Real World.docxouldparis
 
Writing question What are the sources of homophobia in South korea.docx
Writing question What are the sources of homophobia in South korea.docxWriting question What are the sources of homophobia in South korea.docx
Writing question What are the sources of homophobia in South korea.docxouldparis
 
Writing one pages  for each of the topicPlease separate Plea.docx
Writing one pages  for each of the topicPlease separate Plea.docxWriting one pages  for each of the topicPlease separate Plea.docx
Writing one pages  for each of the topicPlease separate Plea.docxouldparis
 
Writing one pages  for each of the topicTopic 1- Why Study .docx
Writing one pages  for each of the topicTopic 1- Why Study .docxWriting one pages  for each of the topicTopic 1- Why Study .docx
Writing one pages  for each of the topicTopic 1- Why Study .docxouldparis
 
Writing assignment to be completed in APA format, double spaced, and.docx
Writing assignment to be completed in APA format, double spaced, and.docxWriting assignment to be completed in APA format, double spaced, and.docx
Writing assignment to be completed in APA format, double spaced, and.docxouldparis
 
Writing Assignment (Part 1) Identifying the HypothesisDue in Week.docx
Writing Assignment (Part 1) Identifying the HypothesisDue in Week.docxWriting Assignment (Part 1) Identifying the HypothesisDue in Week.docx
Writing Assignment (Part 1) Identifying the HypothesisDue in Week.docxouldparis
 
Write a draft of no more than 1,800 words of the strategic plan fo.docx
Write a draft of no more than 1,800 words of the strategic plan fo.docxWrite a draft of no more than 1,800 words of the strategic plan fo.docx
Write a draft of no more than 1,800 words of the strategic plan fo.docxouldparis
 
Writing a Rhetorical CritiqueAudience and PurposeWho is the .docx
Writing a Rhetorical CritiqueAudience and PurposeWho is the .docxWriting a Rhetorical CritiqueAudience and PurposeWho is the .docx
Writing a Rhetorical CritiqueAudience and PurposeWho is the .docxouldparis
 
Writing a First Draft General Organization of an Argument .docx
Writing a First Draft General Organization of an Argument .docxWriting a First Draft General Organization of an Argument .docx
Writing a First Draft General Organization of an Argument .docxouldparis
 
Writing a compare and contrast essay.Prompt  Compare and cntr.docx
Writing a compare and contrast essay.Prompt  Compare and cntr.docxWriting a compare and contrast essay.Prompt  Compare and cntr.docx
Writing a compare and contrast essay.Prompt  Compare and cntr.docxouldparis
 
Writing Assignment Discuss a LegalEthical IssueWrite a paper bas.docx
Writing Assignment Discuss a LegalEthical IssueWrite a paper bas.docxWriting Assignment Discuss a LegalEthical IssueWrite a paper bas.docx
Writing Assignment Discuss a LegalEthical IssueWrite a paper bas.docxouldparis
 
Writing Assignment #2 Supreme Court DecisionIn this assignment,.docx
Writing Assignment #2 Supreme Court DecisionIn this assignment,.docxWriting Assignment #2 Supreme Court DecisionIn this assignment,.docx
Writing Assignment #2 Supreme Court DecisionIn this assignment,.docxouldparis
 
Writing Assignment (Part 1)  3 pagesConsider a social issue in .docx
Writing Assignment (Part 1)  3 pagesConsider a social issue in .docxWriting Assignment (Part 1)  3 pagesConsider a social issue in .docx
Writing Assignment (Part 1)  3 pagesConsider a social issue in .docxouldparis
 
writing a paragraph by answering the qustions on the file i alread.docx
writing a paragraph by answering the qustions on the file i alread.docxwriting a paragraph by answering the qustions on the file i alread.docx
writing a paragraph by answering the qustions on the file i alread.docxouldparis
 
Write an 1,050- to 1,400-word essay on technology and social chang.docx
Write an 1,050- to 1,400-word essay on technology and social chang.docxWrite an 1,050- to 1,400-word essay on technology and social chang.docx
Write an 1,050- to 1,400-word essay on technology and social chang.docxouldparis
 
Write a paper of no more than 700 words in which you do the follow.docx
Write a paper of no more than 700 words in which you do the follow.docxWrite a paper of no more than 700 words in which you do the follow.docx
Write a paper of no more than 700 words in which you do the follow.docxouldparis
 
Write a paper of no more than 1,050 words that incorporates id.docx
Write a paper of no more than 1,050 words that incorporates id.docxWrite a paper of no more than 1,050 words that incorporates id.docx
Write a paper of no more than 1,050 words that incorporates id.docxouldparis
 
Write a paper of no more than 1,050 words that incorporates idea.docx
Write a paper of no more than 1,050 words that incorporates idea.docxWrite a paper of no more than 1,050 words that incorporates idea.docx
Write a paper of no more than 1,050 words that incorporates idea.docxouldparis
 

More from ouldparis (20)

Written AssignmentPlease provide a comprehensive answer to the fol.docx
Written AssignmentPlease provide a comprehensive answer to the fol.docxWritten AssignmentPlease provide a comprehensive answer to the fol.docx
Written AssignmentPlease provide a comprehensive answer to the fol.docx
 
Writing Piece AnalysisWhat do you think are some steps this writ.docx
Writing Piece AnalysisWhat do you think are some steps this writ.docxWriting Piece AnalysisWhat do you think are some steps this writ.docx
Writing Piece AnalysisWhat do you think are some steps this writ.docx
 
Written Assignment 1 Biology and Technology in the Real World.docx
Written Assignment 1 Biology and Technology in the Real World.docxWritten Assignment 1 Biology and Technology in the Real World.docx
Written Assignment 1 Biology and Technology in the Real World.docx
 
Writing question What are the sources of homophobia in South korea.docx
Writing question What are the sources of homophobia in South korea.docxWriting question What are the sources of homophobia in South korea.docx
Writing question What are the sources of homophobia in South korea.docx
 
Writing one pages  for each of the topicPlease separate Plea.docx
Writing one pages  for each of the topicPlease separate Plea.docxWriting one pages  for each of the topicPlease separate Plea.docx
Writing one pages  for each of the topicPlease separate Plea.docx
 
Writing one pages  for each of the topicTopic 1- Why Study .docx
Writing one pages  for each of the topicTopic 1- Why Study .docxWriting one pages  for each of the topicTopic 1- Why Study .docx
Writing one pages  for each of the topicTopic 1- Why Study .docx
 
Writing assignment to be completed in APA format, double spaced, and.docx
Writing assignment to be completed in APA format, double spaced, and.docxWriting assignment to be completed in APA format, double spaced, and.docx
Writing assignment to be completed in APA format, double spaced, and.docx
 
Writing Assignment (Part 1) Identifying the HypothesisDue in Week.docx
Writing Assignment (Part 1) Identifying the HypothesisDue in Week.docxWriting Assignment (Part 1) Identifying the HypothesisDue in Week.docx
Writing Assignment (Part 1) Identifying the HypothesisDue in Week.docx
 
Write a draft of no more than 1,800 words of the strategic plan fo.docx
Write a draft of no more than 1,800 words of the strategic plan fo.docxWrite a draft of no more than 1,800 words of the strategic plan fo.docx
Write a draft of no more than 1,800 words of the strategic plan fo.docx
 
Writing a Rhetorical CritiqueAudience and PurposeWho is the .docx
Writing a Rhetorical CritiqueAudience and PurposeWho is the .docxWriting a Rhetorical CritiqueAudience and PurposeWho is the .docx
Writing a Rhetorical CritiqueAudience and PurposeWho is the .docx
 
Writing a First Draft General Organization of an Argument .docx
Writing a First Draft General Organization of an Argument .docxWriting a First Draft General Organization of an Argument .docx
Writing a First Draft General Organization of an Argument .docx
 
Writing a compare and contrast essay.Prompt  Compare and cntr.docx
Writing a compare and contrast essay.Prompt  Compare and cntr.docxWriting a compare and contrast essay.Prompt  Compare and cntr.docx
Writing a compare and contrast essay.Prompt  Compare and cntr.docx
 
Writing Assignment Discuss a LegalEthical IssueWrite a paper bas.docx
Writing Assignment Discuss a LegalEthical IssueWrite a paper bas.docxWriting Assignment Discuss a LegalEthical IssueWrite a paper bas.docx
Writing Assignment Discuss a LegalEthical IssueWrite a paper bas.docx
 
Writing Assignment #2 Supreme Court DecisionIn this assignment,.docx
Writing Assignment #2 Supreme Court DecisionIn this assignment,.docxWriting Assignment #2 Supreme Court DecisionIn this assignment,.docx
Writing Assignment #2 Supreme Court DecisionIn this assignment,.docx
 
Writing Assignment (Part 1)  3 pagesConsider a social issue in .docx
Writing Assignment (Part 1)  3 pagesConsider a social issue in .docxWriting Assignment (Part 1)  3 pagesConsider a social issue in .docx
Writing Assignment (Part 1)  3 pagesConsider a social issue in .docx
 
writing a paragraph by answering the qustions on the file i alread.docx
writing a paragraph by answering the qustions on the file i alread.docxwriting a paragraph by answering the qustions on the file i alread.docx
writing a paragraph by answering the qustions on the file i alread.docx
 
Write an 1,050- to 1,400-word essay on technology and social chang.docx
Write an 1,050- to 1,400-word essay on technology and social chang.docxWrite an 1,050- to 1,400-word essay on technology and social chang.docx
Write an 1,050- to 1,400-word essay on technology and social chang.docx
 
Write a paper of no more than 700 words in which you do the follow.docx
Write a paper of no more than 700 words in which you do the follow.docxWrite a paper of no more than 700 words in which you do the follow.docx
Write a paper of no more than 700 words in which you do the follow.docx
 
Write a paper of no more than 1,050 words that incorporates id.docx
Write a paper of no more than 1,050 words that incorporates id.docxWrite a paper of no more than 1,050 words that incorporates id.docx
Write a paper of no more than 1,050 words that incorporates id.docx
 
Write a paper of no more than 1,050 words that incorporates idea.docx
Write a paper of no more than 1,050 words that incorporates idea.docxWrite a paper of no more than 1,050 words that incorporates idea.docx
Write a paper of no more than 1,050 words that incorporates idea.docx
 

Recently uploaded

How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxmanuelaromero2013
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingTechSoup
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxNirmalaLoungPoorunde1
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfSoniaTolstoy
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeThiyagu K
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxheathfieldcps1
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13Steve Thomason
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 
Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Sakshi Ghasle
 
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991RKavithamani
 
MENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docxMENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docxPoojaSen20
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsanshu789521
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxiammrhaywood
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionSafetyChain Software
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxGaneshChakor2
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfchloefrazer622
 
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxContemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxRoyAbrique
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)eniolaolutunde
 

Recently uploaded (20)

Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptx
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy Consulting
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptx
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and Mode
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 
Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application )
 
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
 
MENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docxMENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docx
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha elections
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
 
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory Inspection
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptx
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdf
 
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxContemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)
 

Review of Data Misuse and Information Warfare in the Digital Age

  • 1. UNPROTECTED DATA: REVIEW OF INTERNET ENABLED PSYCHOLOGICAL AND INFORMATION WARFARE Francisco GARCIA MARTINEZ Illinois Institute of Technology, School of Applied Technology, Chicago, Illinois, USA [email protected] Maurice DAWSON Illinois Institute of Technology, School of Applied Technology, Chicago, Illinois, USA [email protected] ABSTRACT Since the last elections in the United States, France, and other nations, fake news has become a tool to manipulate voters. This creation of fake news creates a problem that ripples through an entire society creating division. However, the media has not scrutinized enough on data misuse. Daily it appears that there are breaches causing millions of users to have their personal information taken, exposed, and sold on the Dark Web in exchange of encrypted currencies. Recently, news has surfaced of major social media sites allowing emails to be read without user consent. These issues bring upon concern for the misuse of data
  • 2. and more importantly, how can this be used for information warfare and the exploitation of targeted groups through the use of the Internet. It is essential that organizations continuously review current data policies to ensure that they do not become victims of information warfare. KEYWORDS: data misuse, information warfare, Internet security, intelligence 1. Information Warfare In the battlefield, there is a type of warfare known as psychological operations. This aspect of warfare is used to create a favorable image, gaining adherents, and undermining opponents had already become a significant weapon of 20th-century warfare. However, “they are neither a substitute for power nor a panacea” (Headquarters Department of the Army, 1979, pp. 1-5) but employed correctly they can be instrumental, making the difference between success or failure in military operations. And not exclusively military operations, but also in numerous other fields, such as technology or marketing. Information warfare is, in general terms, a way of protecting one’s information infrastructure while attacking someone else’s by using computers. In the past century, it was commonly considered how future wars would take place and, more importantly, the
  • 3. mean by they would be won (Aldrich, 1996). Consequently, information warfare has become a significant issue in recent decades for both governments and private companies, who have often joined forces to strengthen their economies over their adversaries. For instance, in the United States, government agencies such as the Central Intelligence Agency (CIA), Federal Bureau of Investigation (FBI) or National Security Land Forces Academy Review Vol. XXIV, No 3(95), 2019 DOI: 10.2478/raft-2019-0022 © 2017. This work is licensed under the Creative Commons Attribution-NonCommercial-NoDerivatives 3.0 License. 187 Bereitgestellt von provisional account | Unauthentifiziert | Heruntergeladen 05.02.20 03:53 UTC Agency organiza protectio whose f Rona of such a (2003, p Internat the loss espionag billion i by the
  • 4. conclud surveyed espionag Th much i adversa informa confiden From th three l warfare and glob a single electron persona to, har theft o attacks informa specific ransomw (NSA) hav ations to on programs first recorde f the Boeing great impo p. 1) remar tional Trad in the Unite ge at $23.8 in 1989”. B
  • 5. University ded that 48 d admitted ge victims (S he primary information ary while ation infras ntiality, int he economic levels of , being th bal levels. T e individual nic privacy. al level incl rassment, e or blackma often con ation gatheri c targeted c ware (O’G ve cooperate create s (Elbirt, 20 ed use was g Corporation ortance that rks in his p
  • 6. de Commiss ed States du 8 billion in Besides, a stu y of Illin 8 % of th d to bei Schawartau Figu purpose is n as possib e protec structure, t tegrity, and c point of v impact in hese person The persona l or group . Attacks d lude, but ar extortion, p ailing. The nsist of an ing to, later ampaign of Gorman & ed with priv infrastruct
  • 7. 003). The ter by Thomas n in 1976, is t A. J. Elb paper that “ sion estima ue to econom 1987 and $ udy conduc nois in 19 he compan ing industr , 1997). ure no. 1: Inf to retrieve ble from cting on thus ensuri d availabili view, there n informati nal, corpora al level affe of individu directed to re not limi personal d ese kinds n individua r on, perform
  • 8. f blackmail & McDona vate ture rm, s P. s of birt “the ated mic $40 cted 988 nies rial a ph ma Al fav dis da inf cre Pr att co att (E nformation W
  • 10. as lev inv rel dis Ad Typical Denial of hishing, soc anipulation ll with the vorable pos srupting the ata. As a co formation w eated in 19 otection C tacker per onducting an tack plann Elbirt, 2003). Warfare Pro 012). Some cus on unau ivate inf isinformatio orrected, d reading of
  • 11. n individual nd the mali e resulting d When arfare attac organizatio industrial vel. The u volve comp lease of the srupting dditionally, information Service at cial engine or modi common sition over ir services o onsequence, warfare attack 998 the Nat Centre (NIP rforms th n attack: inf ning, and .
  • 12. ocess other per uthorizedly formation. on could be due to th data across l’s privacy cious activ damage is o the cond ks are elev ons, they ar espionage usual corpo petitor info eir propriet an adve there have n warfare att ttack (DoS eering, or ification o goal of ga their oppon or stealing c , threatened ks, the Unite tional Infra
  • 13. PC). Typic hree steps formation g attack e sonal level altering so Thought e easily rem he extreme the networ has been i vity has bee often irrepar ducted info vated to co re often ref e or the c orate level ormation th ary informa ersary’s e also been tacks are attack), deletion, of data. aining a nents by classified
  • 14. d by this ed States astructure ally, an when gathering, execution l attacks meone’s t this moved or ely fast rk. Once invaded, en done, rable. ormation ompanies ferred to corporate attacks heft, the ation, or activity. cases of 188 Bereitgestellt von provisional account | Unauthentifiziert | Heruntergeladen 05.02.20 03:53 UTC
  • 15. governments making use of Information Warfare tactics to provide information to a private organization within the country from a competitor of a foreign country. Elbirt gives an example of this kind of activity in his paper: “Hitachi paid IBM a reported $300 million in a settlement agreement after being caught spying on a new generation of IBM computer equipment and that French intelligence was proven to have spied on Boeing to help Airbus” (Elbirt, 2003, p. 5). Economic espionage, or global level attacks, refer to the government’s use of Information Warfare techniques to combat other countries or their allies in the desire of improving their economy or obtaining a better combative position. Nonetheless, these attacks are not limited to government activities, but they also include terrorist groups, such as Anonymous, Al-Qa’ida, or the famous Chinese cyber espionage group, Axiom. However, they require a large number of people involved and a significant monetary investment. A key aspect of being successful at the global level relays on being capable of organizing this vast number of people while maintaining a high level of privacy. Concerning data collection, databases can represent a great source of useful data within the information warfare. Numerous access control countermeasures have been
  • 16. developed and are implemented, preventing unauthorized users from accessing and retrieving confidential information. Nevertheless, those techniques do not address the inference control problem, where a user could perform legitimate general queries to the database as a whole while restricting him from extracting individual’s private information (Elmasri, 2008). Clifton and Marks (1996) introduce some possible solutions in their paper. To ensure that a company cannot infer private data from public data to, later, use it to gain a better position than its competitors in the information warfare. 2. All Source Intelligence Analyzing data could provide valuable information regarding an organization’s or individual’s activity with the use of Open Source Intelligence (OSINT) tools. OSINT data is unclassified information or data that is publicly available. OSINT is not to be a substitute for other sources of intelligence but rather complement existing methods to collect information such as Geospatial Intelligence (GEOINT), Signal Intelligence (SIGINT), Human Intelligence (HUMINT), and Measurement Intelligence (MASINT). This data collection method relies on information that is found publicly without the need to request access to it, and it can be used to generate reports (Stalder & Hirsh, 2002). Having access to this data allows an attacker to develop an intelligence analysis on the
  • 17. target. This analysis can be a culmination of information about the target’s movements, online behaviors, technical data, and more. With the Internet, several applications such as Maltego can make the profession of an OSINT analyst done with ease. This means they can create transforms, perform sentiment analysis of words, and review other public databases with ease. 3. Misuse of Data The widespread use of newer technologies and their correspondent tools and apps leads to infinite quantities of data released to the Internet. However, the most critical finding in the last recent years is that all this data has a value. All this information which was practically discarded was a source of intelligence that traditionally took a significant work effort to collect. Hence, enterprises have increased their investments in software, hardware, staff, education, and other associated items that constitute the digital world, by 50 %, to $4 trillion (Gantz & Reinsel, 2011). Grantz and Reinsel state in their paper that “the amount of information individuals create themselves – writing 189 Bereitgestellt von provisional account | Unauthentifiziert | Heruntergeladen 05.02.20 03:53 UTC
  • 18. documents, taking pictures, downloading music, etc. – is far less than the amount of information being created about them in the digital universe” (Gantz & Reinsel, 2011, p. 1). Therefore, we cannot imagine how significant this amount of data is, and even less wonder how to handle it. That is why companies are putting all their efforts to be able to generate value by extracting just the right information, or even by misusing the data for different purposes for what it was collected. Being capable of doing so would enormously help to position themselves in the “pole position” of the information warfare. It cannot be denied that the new features included in popular apps usually make someone’s life easier. However, the actual goal of the company for developing that new functionality remains unthinkable and unknown to the end user. These goals can range from the selling of data to third parties or collecting data to sell other products to the end user (Ahmed, 2004). It was probably not to make everyone’s lives more comfortable but to know more about them; to gather more useful information about the people which can later be transformed into personal-oriented marketing strategies and, eventually, more revenues to the corporation. What enterprises usually achieve with these techniques is to get more private information about their users’ data, or metadata, which, as a result, is growing extremely faster than the actual data itself.
  • 19. In recent years several patents can be found that deal with mobile data collection to (Sinisi, 2007). Facebook’s new “face recognition” or “tag suggestion” feature is an excellent example of this. This functionality identifies a user’s face in a picture and notifies him of the uploaded photo. Thus, the user can decide whether to be tagged in the photo or, even more, report someone who has uploaded a picture of him without consent. Although several privacy experts claim that it is an excellent advance in protecting someone’s privacy preventing fraud and identity theft, what Facebook does is maintaining what it is called a “template” (Fussell, 2018). This template is a string of numbers that is unique for each user, which could be considered similar to a fingerprint. As a consequence, Facebook becomes the owner of extremely protected biometric data of its customers, that could later be tasked for malicious purposes. According to John T. Soma et al. personally identifiable information (PII) “is now a commodity that companies trade and sell” (Soma, Couson & Cadkin, 2009, p. 1). Furthermore, it is equaling or even surpassing the value of traditional financial assets in large corporations. Nevertheless, the question is: are companies benefitting from the use and trade of PII without protecting the privacy interests of those PII owners? This entails consequences for commercial and technological sectors.
  • 20. In the marketing industry, the benefits of using PII are double (Soma, Couson & Cadkin, 2009). Imagine that an online store sells alcohol to its consumers. Collecting data such as gender or nationality may not make any difference, but, if it also collected age values, it could significantly narrow its target to old enough consumers. Thus, the store would not only increase its revenues by approaching more likely possible buyers but also reduce costs by discarding underage consumers. Moreover, consumers can also benefit from companies keeping their PII, tailoring them future activity. Cloud computing is becoming an excellent solution for many small and medium companies since it represents a great way of saving money by sharing resources with other organizations and 190 Bereitgestellt von provisional account | Unauthentifiziert | Heruntergeladen 05.02.20 03:53 UTC avoid buying and maintaining their servers. However, regarding security, cloud providers may have to face different risks and challenges to the ones in conventional IT environments. From the end user’s point of view, they are still reticent to cloud computing technologies, concerned about their data privacy and security issues —
  • 21. even more after knowing about the most significant cloud computing providers security breaches. Google Gmail was exposed to a severe vulnerability up to 4 hours in its VMware virtualization for Mac version in 2009, where attackers could take advantage of this vulnerability to execute malicious code on the host (Chen & Zhao, 2012). Microsoft Azure also suffered a severe outage accident on its cloud services for 22 hours earlier this year. Concerning the health sector, due to the augment of health information available in the Internet, patients tend to look for their symptoms online, sharing especially private data to everyone, without considering its associated security risks. Researchers comment that “Both specialists and patients can benefit from linking family health profiles so that all relevant information is available for reference when the need arises” (Gajanayake, Iannella & Sahama, 2011, p. 31) obviously, developing a safe and private environment. The access of illegitimate persons to one’s health information can have critical consequences when later being disclosed or misused since it contains sensitive data tremendously useful for ransom ware or social engineering attacks. Thus, they propose an information accountability mechanism as the solution to information misuse in the health field. Moreover, they claim that with their approach “when inappropriate misuse is detected, the agent defines methods of holding the users
  • 22. accountable for misuse” (Gajanayake, Iannella & Sahama, 2011, p. 37). 4. PII Exploits Krishnamurthy and Wills define personally Identifiable Information (PII) as “information which can be used to distinguish or trace an individual’s identity either alone or when combined with other public information that is linkable to a specific individual” (Krishnamurthy & Willis, 2009, p. 7). The term encompasses any information that can uniquely identify an individual, such as name, birthday, address, phone number, social security number, fingerprints, or a face photo. Social networking sites are web-based services that allow their members to build a public or semi-public profile and connect with other strangers based on shared interests, hobbies, or political thoughts (Boyd & Ellison, 2007). We could say that social media is an expansion of traditional media, offering individuals highly capable and nearly unlimited ways of communicating and networking with others. There are many different kinds of social media business models, varying from sharing live-photos of places you are currently visiting activities focused on growing your professional network and seek jobs. Nevertheless, just like everything in this world, social networking sites also have their drawbacks. Users do not often
  • 23. realize the massive amounts of personal data that they are sharing with their network and thus, how they are being exposed to exploits of these data. All social networks offer a wide range of possibilities concerning the privacy settings of their members. If an individual leaves these settings public by default, this can constitute a breach of privacy. Consequently, a malicious user can perform a reconnaissance attack and gather as much possible information to conduct a successful social engineering attack later. 191 Bereitgestellt von provisional account | Unauthentifiziert | Heruntergeladen 05.02.20 03:53 UTC However, having a public profile is not the only vulnerability to private information on a social networking site. In their paper, P. Gundecha et al. discuss how a social media user can become way more exposed to exploits of his data by merely adding a vulnerable friend. They define a vulnerable friend “from an individual user’s perspective is dependent on whether or not the user’s friends’ privacy settings protect the friend and the individual’s network of friends (which includes the user)” (Gundecha, Barbier & Liu, 2011, p. 511). Hence, a single user’s privacy settings can compromise its entire network.
  • 24. Frequently, social media websites partner with third-party servers to provide content and advertisements to their users. Although these websites claim in their privacy policies that they share cookies to third parties to offer a better user experience to their members, these cookies do not exclusively consist of Internet Protocol (IP) addresses (Symantec Corporation, n.d.). What is more, some third-party servers are in fact trackers or aggregators, that follow the user habits before, while and after the user’s interaction with the social media application (Krishnamurthy & Willis, 2009). Krishnamurthy and Wills define this action of combining this PII with other information and sharing it to external websites as “leakage”. In their paper, they present a study demonstrating how Online Social Networks (OSN) often provide information linked to a particular person to third parties via a combination of HTTP headers and cookies. Most of the times, when a person publishes a document or picture on the Internet, he is not aware of the PII or other identifiers attached to it, even less how to remove them. There are countless situations in which personal information is retrieved from documents with inappropriate security. Therefore, this private data can further be used to commit malicious activities. An example of information leak caused by inadequate attempts to secure
  • 25. protected information took place in 2000 when a secret CIA document about a coup in Iran was published in The New York Times website (Aura, Kuhn & Roe, 2006). The company unsuccessfully tried to erase the names of the persons involved by just painting white squares over their names. As a consequence, the names were still in the publication’s metadata and could easily be retrieved. 5. Where Stolen Data Can Be Found: Dark and Deep Web The types of data captured through poor security practices and improper coding techniques provide not only side channels into the organizations but a plethora of details. For example, a photo provides lots of metadata that can give insight into camera type, specific detailed information of photo taken, latitude, and longitude coordinates. These items can be used to create an intelligence analysis of a target with the number of connected devices and those on the Web with a lack of security protections. However, the key is where these stolen data and information end up do. The definition of the Internet as the mainstream perceives does not entirely represent what the entity is. Because of an increasing number of static HyperText Markup Language (HTML) pages, there is an enormous amount of information hidden in the layers of deep and dark Web where most
  • 26. search engines cannot have access (see Figure no. 2). The pathway to these remote Web locations is provided through static Uniform Resource Locator (URL) links due to their existence being depended on responses to queries submitted through the query interface of an underlying database. It is estimated that 43,000 to 96,000 deep Web sites exist along with 7,500 terabytes of data (He, Patel, Zhang & Chang, 2007). 192 Bereitgestellt von provisional account | Unauthentifiziert | Heruntergeladen 05.02.20 03:53 UTC Th website being th sense li Take th example database informin crawler all “kn website you nee searchin he issue w s is that t he site is no ike a standa
  • 27. he search e items a e by eith ng Google s looking fo nown” web is not ind ed to know ng for dir ith trying t they do no ot indexed i ard search engine Go are added her the w of their UR for, finding, bsites it fi dexed in e the URL of rectly. No Figure no. Figure n to locate de ot exist. T in a traditio engine wor
  • 28. oogle.com to Googl website its RL or the w , and indexi inds. A de ither capac f what you ow there 3: Example no. 2: Comp eep hat nal rks. for le’s self web ing eep city are are ex am are
  • 29. Du Do en sta In en sea Ho no tha e of the Duc plete Web xtensive data mounts of s e called uckDuckGo ogPile for ngines allo andard sear some case ngines can b arch terms owever, eve ot take into at is found o ckDuckGo S abases that search engi
  • 30. metasearc o (see Fig example. T ow you t rch engines es, as man be searched and the p en these me account th on the deep Search Page try to comp ine data, an ch engine gure no. These meta to search s all at on ny as 40-50 d with the press of a tasearch en he vast info web. e pile large
  • 31. nd these es like 3) and a search various ne time. 0 search entry of button. ngines do ormation 193 Bereitgestellt von provisional account | Unauthentifiziert | Heruntergeladen 05.02.20 03:53 UTC There are several specialty search engines such as TORCH and the Onion URL Repository which index as many deep websites that can be found. The key to these types of search engines is that they do not act like traditional searches. You need to have access to TOR networks which work as a semi-autonomous network that provides private browser and viewing of sites. Once you are on this network, you still be able to access repositories of different search engines usually broken down by subject matter and start you dig into the deep web. Another item of note is the deep web,
  • 32. and the dark web is not the same thing. While you may make use of TOR to access the dark web search engines that index the deep web. Both these environments are independent of each other. Deep websites sites can be found using traditional browsing methods as long as you know the URL for it where dark websites leverage a software package like TOR to access the pages. The Onion Router (TOR) gained popularity when the news was released around the globe about Edward Snowden exposing what the American government was doing with citizens’ data. The tool of choice used was TOR. The Tor Browser can be used on Gnu Not Unix (GNU) Linux, Windows, and Mac without the need for installation of any software (Tor Project, n.d.). Tor was developed further by the Defense Advanced Research Projects Agency (DARPA) after the first principle of onion routing developed from a United States Naval Research Laboratory scientist. In Figure no. 4 shown are two Tor Browsers on Ubuntu Linux. The other browser shows The Uncensored Hidden Wiki and some onion links that have been verified. The first browser window displays the welcome message for anonymous exploration. Figure no. 4: TOR Browsers 194 Bereitgestellt von provisional account | Unauthentifiziert |
  • 33. Heruntergeladen 05.02.20 03:53 UTC TOR is native in the Tails Operating Systems (OS) Tails is a Debian based Linux distribution which primary goal is the preserve privacy and anonymity to beat surveillance. In recent years, organizations such as the NSA have been attacks this browser. One attack revealed was the exploitation of the Tor Browser Bundle. When using the Tor Browser security that leaves a system vulnerable such as Flash become enabled in this attack (Schneier, 2013). This attack targeted the Firefox browser by identifying the Tor Users and executing attacks against the browser (Schneier, 2013). Other tools detected Hypertext Transfer Protocol (HTTP) through Capability Network Exploitation (CNE), which is the starting point for finding Tor users. Researchers at the University of Waterloo and Stony Brook University discuss active attacks for website fingerprinting to identify destination web pages by passively observing their communication traffic (Wang, Nithyanand, Johnson & Goldberg, 2014). However, these attacks have not deterred the use of Tor Browser. For users conducting illicit activities, this browser allows for undetected movement. One needs not to look too far to see the activities that occur on the Dark Web from the sale of
  • 34. illicit narcotics to human trafficking. Services from experienced hackers to assassins can be located using Tor and exploring Hidden Wiki. Some browsers allow the user to protect their privacy. One such browser is Searx that does not share the users’ IP, search history, and aggregates the results of more than seventy search engines (Tauber, n.d.). Searx browsers allow for advertisement filtering, personalization, and use of HTTP POST by default. Figure no. 5 shows the results of a search of Illinois Institute of Technology that populates that allows for files to be downloaded; pages scraped and allowed customization in terms of time. Figure no. 5: Searx Browser 195 Bereitgestellt von provisional account | Unauthentifiziert | Heruntergeladen 05.02.20 03:53 UTC There have been several occasions where the Tor network has been abused for personal gain. In 2013 a Harvard University student used this mean of anonymity to send emails to the school for a hidden bomb threat to avoid a final exam (Lin, Tong, Zhijie & Zhen, 2017). Silk Road is an online black market being accessed by nearly one million users through the exclusive access of the Onion Router. It includes illegal services like
  • 35. drug trafficking, child pornography, and arms trafficking; the value of its transactions has been calculated to be worth $12 billion. Its operations were shut down in October 2013 by the Federal Bureau of Investigation (Lin, Tong, Zhijie & Zhen, 2017). “Anonymous” the notorious worldwide hacker organization, launched a DDoS attack against Sony Corp in April 2011. They used the anonymous network and managed to steal the personal data of nearly 1 billion people. This attack had a disruptive financial impact of $171 million (Lin, Tong, Zhijie & Zhen, 2017). 6. Using Web for Targeted Warfare Researchers have discovered that Internet sites such as YouTube Kids and YouTube have detected unsafe content through nefarious promoters that target kids through psychological means (Kaushal, Saha, Bajaj & Kumaraguru, 2016). This means that the threat landscape is altering to include all active users regardless of age or other constraints previously considered off limits. In the past mainly adults have been the targets of individuals or nation states however due to technological advances and increased connectivity any connected user can be a target. Reviewing the Open Web Application Security Project (OWASP) top 10 over the last ten years, it is apparent that the same
  • 36. critical web application vulnerabilities are still found (Wichers, 2013). One such vulnerability is the Common Weakness Enumeration (CWE) 89: Structured Query Language (SQL) Injection, which is rather easy to exploit using an application called sqlmap. A simple search of php?id=[number] while bringing up several websites through a query that can be a potential target. 7. Conclusion The misuse of data and deficiency of knowledge to apply security controls is a critical issue across enterprise networks. The Internet has allowed for older techniques used for warfare to be modernized at levels that make a novice intelligence analyst near a Subject Matter Expert (SME). This is a drastic change to the landscape of the current battlefield in which is still evolving with the ever expansion of networked systems such as the Internet of Things (IoT) and 5G. The apparent scarcity of applied cybersecurity protections is allowing for threat agents to take advantage of organizations and individuals that lack the necessary knowledge for ensuring protection. This, combined with laws that do not require companies to have stronger security, enable attackers to perform exploits continuously. REFERENCES Ahmed, S. R. (2004). Applications of data mining in retail
  • 37. business. International Conference on Information Technology: Coding and Computing. Proceedings. ITCC, Vol. 2, 455-459. IEEE. Aldrich, R. W. (1996). The international legal implications of information warfare (No. INSS-OP-9). Colorado: Air Force Academy Colorado Springs Co. 196 Bereitgestellt von provisional account | Unauthentifiziert | Heruntergeladen 05.02.20 03:53 UTC Aura, T., Kuhn, T. A., & Roe, M. (2006). Scanning electronic documents for personally identifiable information. Proceedings of the 5th ACM workshop on Privacy in electronic society, 41-50, New York, USA: ACM. Boyd, D. M., & Ellison, N. B. (2007). Social network sites: Definition, history, and scholarship. Journal of Computer-Mediated Communication, Vol. 13, Issue 1, 210-230. Chen, D., & Zhao, H. (2012). Data security and privacy protection issues in cloud computing. International Conference on Computer Science and Electronics Engineering, Vol. 1, 647-651, IEEE. Clifton, C., & Marks, D. (1996). Security and privacy implications of data mining. ACM SIGMOD Workshop on Research Issues on Data Mining and
  • 38. Knowledge Discovery, 15-19. Elbirt, A. J. (2003). Information Warfare: Are you at risk?. IEEE Technology and Society Magazine, Vol. 22, Issue 4, 13-19. Elmasri, R. (2008). Fundamentals of database systems. India: Pearson Education. Fussell, S. (2018). Facebook’s New Face Recognition Features: What We Do (and Don’t) Know [Updated], available at: https://gizmodo.com/facebooks-new-face- recognition-features-what-we-do-an-1823359911, accessed on 18 March 2019. Gajanayake, R., Iannella, R., & Sahama, T. (2011). Sharing with care: An information accountability perspective. IEEE Internet Computing, Vol. 15, Issue 4, 31-38. Gantz, J., & Reinsel, D. (2011). Extracting value from chaos. IDC iview, 1142, 1-12. Gundecha, P., Barbier, G., & Liu, H. (2011). Exploiting vulnerability to secure user privacy on a social networking site. Proceedings of the 17th ACM SIGKDD international conference on Knowledge discovery and data mining, 511-519, New York, USA: Association for Computing Machinery. He, B., Patel, M., Zhang, Z., & Chang, K. C-C. (2007). Accessing the deep Web. Communications of the ACM, 50(5), 94-101.
  • 39. Headquarters Department of the Army (1979). Psychological Operations. Field Manual, No. 33-1, Washington: U.S. Government printing office. Kaushal, R., Saha, S., Bajaj, P., & Kumaraguru, P. (2016). KidsTube: Detection, characterization and analysis of child unsafe content & promoters on YouTube. 14th Annual Conference on Privacy, Security and Trust (PST), 157-164, IEEE. Krishnamurthy, B., & Wills, C. E. (2009). On the leakage of personally identifiable information via online social networks. Proceedings of the 2nd ACM workshop on Online social networks, 7-12, ACM. Lin, Z., Tong, L., Zhijie, M., & Zhen, L. (2017). Research on Cyber Crime Threats and Countermeasures about Tor Anonymous Network Based on Meek Confusion Plug-in. International Conference on Robots & Intelligent System (ICRIS), Vol. 1, 246-249, doi:10.1109/icris.2017.69. O’Gorman, G., & McDonald, G. (2012). Ransomware: A Growing Menace, available at: http://www.symantec.com/content/en/us/enterprise/media/securi ty_response/whitepapers/ ransomware-a-growing-menace.pdf, accessed on 17 September 2019. Schawartau, W. (1997). What Exactly is Information Warfare? – Part 2, Journal Network Security, Issue 10, Amsterdam: Elsevier Science
  • 40. Publishers. Schneier, B. (2013). Carry On: Sound Advice from Schneier on Security, New Jersey, USA: John Wiley & Sons. Sinisi, J. P. (2007). U.S. Patent No. 7,313,759, Washington, DC: U.S. Patent and Trademark Office. 197 Bereitgestellt von provisional account | Unauthentifiziert | Heruntergeladen 05.02.20 03:53 UTC Soma, J. T., Courson, J. Z., & Cadkin, J. (2009). Corporate Privacy Trend: The “Value” of Personally Identifiable Information (“PII”) Equals the “Value” of Financial Assets. Richmond Journal of Law & Technology, Vol. 15, Issue 4, 11. Stalder, F., & Hirsh, J. (2002). Open source intelligence. First Monday, Vol. 7, Issue 6, 1-8. Symantec Corporation. (n.d.). What Are Cookies?, available at: https:// us.norton.com/ internetsecurity-how-to-what-are-cookies.html, accessed on 07 July 2019. Tauber, A. (n.d.). Welcome to searx, available at: https://asciimoo.github.io/searx/, accessed on 03 December 2018. Tor Project. (n.d.). What is Tor Browser?, available at:
  • 41. https://www.torproject.org/ projects/ torbrowser.html.en, accessed on 03 December 2018. Wang, T., Cai, C., Nithyanand, R., Johnson, R., & Goldberg, I. (2014). Effective Attacks and Provable Defenses for Website Fingerprinting. The Proceedings of the 23rd USENIX Security Symposium, San Diego, CA. Wang, P., Dawson, M., & Williams, K. L. (2018). Improving Cyber Defense Education through National Standard Alignment: Case Studies. International Journal of Hyperconnectivity and the Internet of Things (IJHIoT), Vol. 2, Issue 1, 12-28. Wichers, D. (2013). The Open Web Application Security Project (OWASP) Top10 -2013. OWASP Foundation. 198 Bereitgestellt von provisional account | Unauthentifiziert | Heruntergeladen 05.02.20 03:53 UTC