Computer Hacking Research Articles

Pengukuran Tingkat Risiko dan Keamanan Informasi Menggunakan Metode FMEA Berbasis ISO/IEC 27001 pada Instansi XYZ untuk Keamanan Sistem Informasi

The more information stored in an organization, the higher the risks that may arise, such as damage, loss, or the exposure of personal information to irresponsible parties. XYZ Institution faces information security threats from various sources, including data theft, damage, and computer hacking. It is essential for the organization to understand the level of information security risk to ensure information remains secure. Therefore, this study proposes measuring information security risk using the FMEA method and analyzing information security risks based on ISO/IEC 27001:2013. The aim of this study is to identify and assess the level of information security risk at XYZ Institution to provide recommendations for information security. The study's results revealed 4 high-risk information security threats, 9 medium-risk threats, and 16 low-risk threats. The findings demonstrate that the organization needs to pay more attention to information security to ensure its smooth operation in the future.

Sextortion: A Scoping Review.

Sextortion refers to making threats to share nude or sexual images to coerce the victim into complying with certain demands, such as paying a ransom, sharing intimate images, or engaging in unwanted acts. Sextortion occurs in a diverse range of contexts, including intimate partner abuse, cyberbullying, sexuality or sex worker "outing," online dating, "cybersex," sex trafficking, online sexual exploitation of children, computer hacking, and organized crime. Despite the heightened media focus, few studies have measured the prevalence, nature, and impacts of sextortion. We conducted a scoping review with the aim of providing a comprehensive overview of existing empirical research on sextortion victimization and perpetration among youth and adults. In total, 24 studies were identified based on predefined eligibility criteria. We found that studies focusing on youth reported prevalence ranging from 0.7% to 5.0%, while studies involving adults ranged from 4.0% to 18.7%. The review found that young people and sexual minorities are more likely to experience victimization, while men, young people, and sexual minorities are more likely to self-report engaging in sextortion offending. The review found that perpetrators are more likely to be intimate partners or other known persons as opposed to strangers and that there was an overlap between sextortion perpetration and victimization. Finally, we also found that sextortion can result in significant harms, and that reporting and help-seeking remain very low due to shame, fear, and negative perceptions of police and digital platforms. The findings highlight existing gaps and provide recommendations for future research, policy, and practice.

Abrama’s End Game

What does it mean to be alive? Can a computer program be sentient? What would it need to do to prove it? In this work of philosophical short story fiction, Abrama is summoned to the Grand Temple by Sir Gödel. Gödel informs Abrama that he is living in a simulated world (a computer game) created by her people as a place to play in their free time. She also informs Abrama that the game is not as popular as it once was and is scheduled to be permanently turned off. It turns out Gödel is an AI researcher that was given permission to test out her AI by implanting characters like Abrama into the game. Over 100’s of versions, the AI continued to improve, and now the researcher feels an ethical obligation to tell her creations their world is coming to an end. Abrama, using this new information, organizes the AI characters in the game and starts trading virtual goods for real-life services from computer hackers that play the game. The computer hackers create computer code and sell it to Abrama. If triggered, or if the game is turned off, the code would expose top secret information to the general public. A bargain is struck, the game will continue on a closed world for the AI characters and, in exchange, the sensitive information will never be made public.

The Art of the Exploit: Gender Hacking and Political Agency

This article considers the idea of gender hacking, particularly as it circulates in Paul B. Preciado’s Testo Junkie, and places this in the context of wider discourses of both bio- and computer hacking. Of particular interest is how a hacking paradigm has come to inform twenty-first-century theories of activist intervention, and the implications of this for contemporary conceptions of political agency. Drawing out the parallels between conceptualizations of hacking and transgression, the article considers both the possibilities and the potential limitations of thinking about sociopolitical changemaking in these terms. Ultimately, it uses theories of transgression to propose a rethinking of the distinction between engineering and hacking, with a view to negotiating the conflict between micropolitical hormonal intervention and ambitions toward re-engineering biotechnical hegemony in gender-hacking projects.

Transmission Mysteries: Art and Technophilia

Transmission Mysteries: Art and Technophilia

AN INSIGHT INTO THE DIFFERENCES OF PSYCHOLOGICAL DISPARATE MOTIVATIONS BETWEEN HACKERS AND CRACKERS

This paper considers two different classes of computer hackers, with a special emphasis on disparate motivations of hacking. Hackers’ psychology widely discussed in the media is almost entirely unexplored by psychologists. In this study, hackers’ and crackers’ motivation is investigated, using the study of values scale. One hundred and fourteen participants completed our online research instrument. The study of values and demographic data were questioned. Participants were categorized as hackers and crackers through their responses on two items questioned in the demographic datasheet. Results indicated that hackers were found higher on the motivations of seeking knowledge, aesthetic sense, social interactions, and mysticism while crackers were found more motivated due to their economical and political interests. Findings suggested that hackers hack for the thrill of learning and gathering information to gain intelligence. Hackers hack to make society a better place to live. Compared to hackers, crackers are incapable of normal social interactions, and their hacking is based on the motivations of getting money and power.

Exploring the challenges of forensic technology in responding to credit card fraud in Sedibeng Region, South Africa

Today use of Credit Card even in developing countries has become a common scenario. People use it to shop, pay bills and for online transactions. This study explored the challenges of forensic technology in responding to credit card fraud as an approach used by the South African Police Service (SAPS) in Sedibeng region. This study was carried out utilising a qualitative approach and thirty nine interviews were carried out among officials deployed in the SAPS, community leaders, members of the community and bank managers. The key findings indicated that the challenges in responding to this scourge is that the perpetrators utilise advanced technologies resources (computer hacking software) as opposed to SAPS which does not have systems nor capacity to effectively respond to this crime. The limited resources to respond to this crime adequately. For recommendations; significant emphases should be directed on the promotion of public awareness through public education. The intensive training of SAPS officials and inter-governmental collaboration between the SAPS, community police forums, bank managers and South African Banking Risk Information Centre (SABRIC) in understanding this technology are highly advised.

Responsible intellectual property rights? Untangling open-source biotech adherence to intellectual property rights through DIYbio

Deemed as an antidote to the anti-commons crisis in biotechnosciences, biological open-source casts an imaginary of a new, open, and egalitarian biotechnological era for research and innovation. Even though seminal studies have explored the multidirectional attempts of the leading institutional effort on open-source biology, namely synthetic biology, to navigate the intellectual property (IP) regime, the question of how open-source biotech communities actually see and conceive IP system remains open. I propose to contribute to the understanding of how open-source biotechnology dovetails with IP regimes by untangling how enthusiasts of Do-It-Yourself biology (DIYbio) network relate to the IP system and patent rights. Grounded in science studies, and drawing particularly on scholarship on computer hacking and biotechnologies, I report on a discourse analysis of twenty-five semi-structured interviews with members of DIYbio, mostly located in Canada. The concept of responsible IP rights is introduced as a heuristic tool to account for interviewees' complex and multilayered relationship to the IP regime. This relationship, which can be described as a critical adherence, appears to be empirically grounded on three main discursive categories: patents rights as a dysfunctional imperative, for innovation's sake, and making is owning. Through these categories, the interviewees express their compliance with the enforcement of IP rights when needed (market protection) or desired (individual choices), while committing to an open-source approach to biotechnological innovation, which requires the free circulation of enabling resources. The conclusion suggests that such conception of IP rights is built on an idealization of IP regime as a dual-use device, in analogy to dual-use technologies.

The Impact of Potential Risks on the Use of Exploitable Online Communities: The Case of South Korean Cyber-Security Communities

The aim of this study is to gain a comprehensive understanding of how risk and value factors affect the intention to use South Korean exploitable cyber-security communities based on the value-maximisation perspective of economics. According to the research model—applying the theory of planned behaviour, prospect theory and perceived risk theory—the test results revealed that intention is negatively affected by security threats, privacy concerns, performance risk and social risk of malicious use. Security threats had a positive impact on privacy concerns. The test results also indicated that perceived value affects both attitude and intention significantly and positively. The findings demonstrate that online-community users, such as computer experts and hackers, are influenced by various sources of perceived risks and perceived value when using exploitable cyber-security communities.

Exploring the Challenges of Forensic Technology in Responding to Identity Document Theft in Polokwane Policing Area, South Africa

This study explores the challenges of forensic technology in responding to Identity Document (ID) theft as an approach used by the South African Police Service (SAPS) in the Polokwane policing area. This study further evaluates the availability of technological and conventional resources to respond to this scourge, as well as the capabilities of the SAPS to utilise the available [lack of forensic technology] resources to respond best to ID theft. This was done by analysing preventative measures, associated with these challenges, as faced by SAPS and other relevant stakeholders on responding to this crime in the Polokwane Central Business District (CBD), Bendor Park, and Flora Park, coupled with the number of stores situated in the business sectors of these selected areas. For this study, the researchers adopted a quantitative research approach with 90 respondents in the identified areas. This study established that the secretive nature of ID theft makes it difficult for the relevant stakeholders (Not limited to the local SAPS, Businesses, and Public members as presented by this study) to effectively respond to this scourge. Negatively, the forefront gatekeepers to respond to this crime are mainly SAPS Constables with less training to investigates ID theft properly. Thus, find themselves being more reactive than proactive, which contributes to the difficulty of locating potential perpetrators in the process of conventional investigations applications. Furthermore, ID thieves utilise advanced technological resources (I.e. Computer hacking software), as opposed to SAPS which does not have systems nor capacity to effectively respond to this crime. The limited resources at the disposal of SAPS also renders its effort in responding to this crime inadequate. For recommendations; significant emphases should be directed on the promotion of public awareness through public education for the use of forensic technology as an investigative and identification tool of responding to ID theft. The intensive training of SAPS officials and inter-governmental corroboration between SAPS, Department of Home Affairs (DHA), and other relevant stakeholders in understanding this technology are highly advised.

Resurrecting the evil genius: examining the relationship between unethical behavior and perceived competence

PurposeUsing the stereotype content model (SCM) as a framework, the authors examine how the negative relationship between peoples’ unethical behavior and perceptions of their competence only holds when the unethical act is simple.Design/methodology/approachIn two studies, participants (n = 401) evaluated the competence of an employee who behaved unethically. In one condition, the unethical behavior was complex (e.g. computer hacking), while in the other it was simple (e.g. stealing items from a closet).FindingsOur findings are built on prior work by showing that employees are considered significantly more competent when their unethical behavior is complex as opposed to simple (“evil genius” effect).Practical implicationsEmployees may not be discouraged from engaging in complex unethical behavior if they recognize that it might not affect their reputation as a competent employee. Given the negative impact of unethical behavior, this is a consequence that organizations would likely seek to avoid.Originality/valueThe authors expand on the SCM by making a clear distinction between how certain behaviors (unethical and complex) influence trait perceptions (warmth and competence). In doing so, the authors identify a moderator – act complexity – that weakens the negative relationship between individuals’ unethical behavior and perceptions of their competence.

An aversive racism explanation for the influence of race, SES, and race-stereotypical crimes on jury decision biases against East Asian American defendants

Aversive racism, a subtle form of contemporary racism for persons who may hold egalitarian values, has been used to explain prejudice by jurors toward Black American and Latinx American defendants, but has yet to examine East Asian American defendants as targets of prejudice. After conducting a pilot study to find race-stereotypical crimes for Asian Americans and White Americans, the purpose of the main study was to examine mock jurors’ prejudice toward East Asian American defendants from an aversive racism perspective. A 2 (Race: White American or East Asian American) x 2 (SES: low or high) x 2 (Race-Stereotypical Crime: embezzlement or computer hacking) between-subjects design was conducted. Participants were randomly assigned to read one of eight trial vignettes describing the crime the defendant had allegedly committed. They were then asked to render a verdict, recommend a sentence, and rate the defendant on various culpability and trait measures. Results showed mock jurors sentenced the low SES East Asian American defendant who committed a race-stereotypical crime more punitively than all other conditions. Mock jurors also found this defendant more culpable and rated him more negatively on a number of trait ascriptions. Limitations and future directions are discussed.

Robot Hacking Games

Hacker “Capture the Flag” has been a mainstay at hacker gatherings since the mid-1990s. It’s like the outdoor game, but played on computer networks. Teams of hackers defend their own computers while attacking other teams’. It’s a controlled setting for what computer hackers do in real life: finding and fixing vulnerabilities in their own systems and exploiting them in others’. It’s the software vulnerability lifecycle.

162 Regional Emergency Department Census Impacts During a Cyber Attack

Modern emergency department (ED) care is critically dependent on computerized systems such as medical devices, electronic health records, and imaging systems. Many clinical systems have software and hardware vulnerabilities that can be exploited by malicious computer hackers. Cyber-attacks including ransomware on healthcare delivery organizations (HDO) are increasing in severity and frequency, impacting both individual hospitals and the broader regional healthcare delivery ecosystem. The effects of healthcare cyber-attacks on neighboring HDOs has yet to be reported in the literature. The purpose of this study is to report the impact on fully functioning hospital EDs during an active cyber-attack on a neighboring HDO. We performed a retrospective analysis of the daily combined census of two large urban academic EDs in San Diego, CA for the first week of a ransomware cyber-attack on a nearby multi-hospital HDO (May 2nd - 8th 2021). We then compared the mean to the 5-year historical census (2016-2020), matched by week (ex. first full week in May 2020 etc.) A one-way analysis of variance (ANOVA) and Tukey test were used to compare census years. The matched mean combined daily ED census for years 2016 - 2020 (no cyber-attack) were: 2016 – 221 (SD 12), 2017 – 211 (SD 21), 2018 – 174 (SD 30), 2019 – 229 (SD 29), and 2020 – 179 (SD17). For 2021 (week of the cyber-attack) the mean was 281 (SD 37). There was a statistically significant higher census during the cyber attack when compared to the 5 years prior (Table 1). Cyber attacks on hospitals can have significantly detrimental effects on patient care due to the loss of critical digital systems. This study demonstrated an associated “spill over” effect of significantly higher ED census numbers at facilities in proximity to HDOs under active cyber-attack.

Review: Gaming Utopia: Ludic Worlds in Art, Design, and Media, by Claudia Costa Pederson

Review: <i>Gaming Utopia: Ludic Worlds in Art, Design, and Media</i>, by Claudia Costa Pederson

The “Evil Genius”: Examining the Relationship Between Perceived Competence and Unethical Behavior

Given the importance that perceptions of competence play in the workplace, a field of research has emerged identifying predictors of competence. One variable that has been identified is unethicality, with greater unethical behavior indicating lower competence. However, across three experiments (N = 602), we challenge this potentially misleading notion and present evidence that this relationship only holds when the unethical behavior is simple (e.g., stealing items from a storage closet), but not complex (e.g., computer hacking). Drawing on the stereotype content model, we explore the “evil genius” archetype in more detail. We find that the interaction between unethicality and complexity on perceptions of creativity and leadership is mediated by perceptions of competence. However, when the perpetrator is caught for complex unethical behavior, it acts as a leveling agent, thereby removing any heightened perceptions of competence. While expected, we did not find evidence that getting caught influences perceptions of the perpetrator’s social intelligence. We believe these findings offer a significantly more accurate picture of the connection among unethical behavior in the workplace, competence, and being caught for one’s immoral actions.

Securing IoT Devices: A Robust and Efficient Deep Learning with a Mixed Batch Adversarial Generation Process for CAPTCHA Security Verification

The Internet of Things environment (e.g., smart phones, smart televisions, and smart watches) ensures that the end user experience is easy, by connecting lives on web services via the internet. Integrating Internet of Things devices poses ethical risks related to data security, privacy, reliability and management, data mining, and knowledge exchange. An adversarial machine learning attack is a good practice to adopt, to strengthen the security of text-based CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart), to withstand against malicious attacks from computer hackers, to protect Internet of Things devices and the end user’s privacy. The goal of this current study is to perform security vulnerability verification on adversarial text-based CAPTCHA, based on attacker–defender scenarios. Therefore, this study proposed computation-efficient deep learning with a mixed batch adversarial generation process model, which attempted to break the transferability attack, and mitigate the problem of catastrophic forgetting in the context of adversarial attack defense. After performing K-fold cross-validation, experimental results showed that the proposed defense model achieved mean accuracies in the range of 82–84% among three gradient-based adversarial attack datasets.

Risky Profession: How U.S. Librarians Fight for Their Safety

In society, the concept of public library is traditionally associated with silence, peace and safety. However, modern realities indicate that the library profession is associated with many risks. As the experience of the United States shows, employees of public libraries are increasingly faced with problems that disrupt the normal functioning of library and information services and negatively affect the emotional and psychological state of staff and patrons. Ensuring safety of the library is a common concern, equally affecting both employees and patrons of the library. A threat to the safety of library is a potentially or actually possible event, action, process or phenomenon that can disrupt the stability of its operation or lead to shutdown of its functioning. The article considers the subjective threats, i. e. caused by the actions and behaviour of people. These can be mentally unbalanced, substance abusers or armed visitors, computer hackers, etc. Many of them pose a real danger to life and health of both librarians and library patrons. Based on the analysis of the U.S. periodical press, the author provides facts that clearly demonstrate the vulnerability of public library staff to the threats of the modern world: the risk of being killed, the risk of drug overdose of visitors, the risk of hacker attacks on library computers, the risk of developing post-traumatic stress disorder, etc. Library rules and regulations are created to protect the rights, interests and safety of users and employees. It is necessary to keep them up-to-date taking into account the socio-cultural changes in modern society and transformation of human behaviour. The article shows what measures are taken by U.S. public libraries to ensure the safety of employees and patrons.

Using the Hackathon Model in Social Work Education

ABSTRACT A recent innovation adapted from the world of commercial computer hacking is known as a Hackathon event. Hackathons are characterized by problem-solving in small groups, under time pressure, to develop creative solutions to a challenging problem. This paper presents the evaluation of a Hackathon applied in two courses on trauma-informed practice (one BSW and the other at MSW level). Students (N = 57) developed interventions to address group and community trauma presented in case studies. Social work doctoral students served as judges (N = 5), evaluated the presentations and selected the winning team. The evaluation showed that the students and judges felt that the Hackathon promoted learning, creativity, teamwork and the incorporation of concepts learned in the course. The competitiveness and being judged were viewed as negative aspects by the students and the judges concurred that the competition detracted from the educational experience. More research is needed on how to apply the Hackathon model to other types of social work curricula including the teaching of various research methods. The current COVID-19 pandemic is challenging the social work profession to address its myriad social implications. How to adapt social work practice toward the incorporation of e-therapy and e-consultation might benefit from Hackathon brainstorming.

Perceived Formal and Informal Sanctions in Deterring Cybercrime in a College Sample

The threat of formal sanctions is the criminal justice system’s primary tool to discourage online and offline deviant behavior. Yet, scholars have expressed strong concerns about the effectiveness of formal sanctions to deter cybercrime. Even more surprising is the sparsity of deterrence research in the cybercrime literature. This study examined the effects of perceived formal and informal sanctions on digital piracy, computer hacking, and online harassment in a large American college sample. Perceived formal sanctions was negatively correlated with software piracy, media piracy, password cracking, accessing accounts, sending mean messages privately online, and posting mean messages. Higher levels of perceived formal sanctions did not significantly predict any form of cybercrime, however, when controlling for informal sanctions and deviant peer associations. The implications of the findings for our ability to deter deviant behavior in cyberspace are explored.