The world has never been as connected as it is right now. We can view it as an achievement, but it can also be seen as a threat. People now have access to almost all the information they need, much of which goes far beyond their needs. The sheer amount of data is extremely large and it grows exponentially. With the expansion of the internet and the infrastructure it protects, the importance of cybersecurity has reached an all-time high. Cybersecurity ensures, or at least tries to ensure, the safety of sensitive information, networks, and systems against, for example, some third-party attacks using various measures and strategies. With the growing reliance on the internet and technology in general comes important ethical dilemmas. This paper explores the connection between cybersecurity and ethics, beginning with understanding cybersecurity and its role in everyday life. It also introduces ethics in general. It explores the ethical side of cybersecurity problems using real-life examples. It also discusses newly emerging issues in cybersecurity, such as artificial intelligence.
1 Introduction: Impact of digital connectivity
Firstly, I would like to expand on the ideas in the abstract part of this paper. As I already stated, the world is more interconnected now than ever before. From mobile phones to large communication networks, the internet and technology generally connects everyone. It connects not only people but businesses and governments as well. With this comes great benefits and risks.
1.1 Benefits of digital connectivity
Some benefits are, for example the access to information wherever you are and whenever you want, help for businesses, such as e-shops and online shopping, access to education, like the access to courses, research papers, e-books, and many more. Other benefits are also convenient, such as online banking systems, online shopping or online chatting. Entertainment benefits are also significantt, for instance, music or films are available online, and gaming is available through digital connectivity. Digital connectivity also increases the creation and collaboration of online communities that have same interests, it connects people globally in general.
Other benefits can also be Economical. Digital connectivity reduces poverty, increases income, and lowers consumer consumption. For example, in India, in the region of Kerala, by tracking weather conditions via internet access increased fishermen profits by about 8 %. Another example is from Peru, where due to an increase in mobile phone usage, families, who could now compare prices and inputs via their mobile phones, were able to eliminate costly journeys to the capital city, reduce uncertainty about prices, and minimize the risk of being taken advantage of in the markets (Nelson, 2022).
1.2 Risks of digital connectivity
On the other hand, digital connectivity brings some great danger or risks. A digital risk signifies a likelihood of a negative event caused by vulnerabilities that threaten businesses and people (Luo, 2022). Cyberattacks have increased in frequency and are more sophisticated with each year that passes. Cyberattacks mainly target financial institutions, energy grids, and many more. For example, the WannaCry ransomware attack in 2017 took down the United Kingdom’s NHS, which stands for National Health Service, even though it was not a specific target of the cyberattack. It affected more than 200,000 computers in many countries. It served as a wake-up call to healthcare organizations around the world (National Audit Office, 2017). However, not only these large-scale attacks are dangerous. Internet users can face risks like identity theft, phishing, and data breaches. For example, a 2020 HIMSS Cybersecurity revealed that 70% of hospitals had encountered a significant security threat within the past year, including phishing (Healthcare Information and Management Systems Society, 2020).
Connectivity is seen as both an outstanding achievement and help but also as a threat to national security, and people shows just how important it is to have strong cybersecurity.
2 A beginner-friendly overview of what exactly cybersecurity is
We touched on what cybersecurity is great and used for, but we have yet to really introduce a definition of what it exactly is. Since I am no expert in this field, I would like to present some definitions. „Cybersecurity is a set of standards and practices organizations use to protect their applications, data, programs, networks, and systems from cyberattacks and unauthorized access“ (Fortinet, n.d.). „Cybersecurity is the practice of protecting systems, networks, and programs from digital attacks“ (Cisco). According to Fasulo (2024), one of the many ways to describe cybersecurity is by using the CIA Triad. CIA stands for Confidentiality, Integrity and Availability. The CIA Triad is a security model meant to guide organizations on security procedures. Confidentiality has to do with keeping the organization’s data private, Integrity ensures that the data can be trusted, and Availability guarantees that the data is available to authorized users whenever they require.
2.1 Types of cybersecurity
In this part of the paper, I would like to show some classifications of cybersecurity into several types. The classification is not unified and differs from source to source. That is why I will only show the types I find the most intriguing and important.
2.1.1 Application security
Application security protects software and applications from potential threats. It needs to be updated regularly and it must be checked for any vulnerabilities. It tries to prevent unwanted access to applications (INSTITUTE OF DATA, 2024). It safeguards mobile, web and other applications from cyberattack threats. The four primary security efforts are secure coding, vulnerability assessments, patch management and penetration testing (Demirel, 2023).
2.1.2 Network security
Network security protects network infrastructures from cyberattacks. The security might involve VPNs, firewalls or antivirus software (CompTIA, n.d.). It includes not only software solutions but also hardware solutions against threats. The majority of cyberattacks begin with an attack on the network.
2.1.3 Operational security
Operational security is the implementation of policies and procedures to make the systems and networks safer. It requires conduction of risk checks often, training of employees and introduction of some responses to incidents so that the impacts of security threats are minimal (INSTITUTE OF DATA, 2024). It involves establishing protocols for monitoring unusual behaviours.
2.1.4 Critical infrastructure security
Critical infrastructure security is the general protection of all systems that need to stay operational for a company to function at all. That includes all technology, processes and other protections that keep the most critical systems running (CompTIA, n.d.).
2.1.5 Zero trust
Zero trust is an IT security framework from 2010. Its importance grew when there was no longer a network edge since networks can be local, cloud or even hybrid. The basic idea of the zero trust model is that no user nor human nor non-human from inside or outside of the network should be trusted until they meet some access requirements. It denies all access to digital resources by default (SailPoint, 2023).
2.2 Cybersecurity measures
2.2.1 Firewalls
Firewalls are used to decide whether to accept or reject a packet that travels through network traffic according to a sequence of rules. There is quite a large number of rules that a firewall can follow, some of which contradict each other. Because of that, analyzing and understanding firewalls can be exceedingly difficult (Liu et. al., 2005). In general, firewalls protect your network or computer from external networks, such as the internet. They check network traffic going out of your computer or network and traffic going into your computer or network and try to defend it against malicious data or attempts at access to your network or computer. Firewall can be compared to having a fence around your house to keep individuals with bad intentions away from it (Deshpande, 2024)
2.2.2 Encryption
Encryption was, prior to the modern age, effectively synonymous with cryptography. Cryptography is about studying how to keep a message secret between two users. On the other hand, encryption is the application of the techniques that cryptography studies. But they are still based on similar ideas. Encryption is a way to cypher and decypher some data using a specific decryption key. It keeps the information or data private while also ensuring the authenticity of the information or data by ensuring that it has not been changed from its original state (Fortinet, n.d.). The benefit of cybersecurity using encryption is that even when a third party intercepts your data, it will be encrypted and not readable without the correct decryption key.
There are many types of encryption, so for a simple understanding I will breifly explain two of those types.
Symmetric encryption: Symmetric encryption only has one decryption key, which is used both for the encryption and the decryption. It is the best-known encryption technique and also the simplest. It works with the presumption that both of the parties need an encryption key to decipher the information.
Asymmetric: Asymmetric encryption is quite a new method of encryption. It uses one public decryption key and one private decryption key, which are different but related. The public key is used for encrypting data, and the private key for its decryption. It is a stronger option relative to symmetric encryption (Fortinet, n.d.).
2.2.3 Multi-factor authentication
Multi-factor authentication (MFA) is another great way to protect your data. To access your data or some services, you usually use just one password or some other way to log into the account or get your data. MFA means that you have to use two or more forms of authentication to access the service (Higins, 2022). It requires the user to use some combination of a password or PIN (something you know), security key (something you have) and fingerprint or face ID (something you are) (NIST, 2024).
Today, multi-factor authentication is used quite commonly. Usually, it consists of a password and a code sent to your phone, or a code that is generated in an authentication app. It simply adds an extra layer of user protection and it discourages hackers.
2.2.4 Antivirus software
There are many antiviruses available on the market, such as Bitdefender, AVG antivirus, or the Czech company Avast. Nearly everyone has an antivirus downloaded on their computer or laptop. It commonly comes already installed when buying a notebook. People tend to feel quite safe, even when they possess just the free trial of an antivirus software. However, users tend to trust the antivirus software a little too much. They tend to think that having the antivirus program downloaded makes the device fully safe. Such an approach is wrong (Kobylinski et. al., 2012). It is important to say that no antivirus is 100 percent foolproof. Each day more than 350,000 new malware programs are created, and it is very likely that at least one of the newly created programs penetrates the antivirus software defence (Vigderman et. al., 2024).
2.3 Real-world examples of cybersecurity breaches
To fully understand the importance of cybersecurity, I will show examples of large cybersecurity breaches and their outcome for the development of cybersecurity and new preventions in general. I already listed the WannaCry ransomware attack in 2017. Because of that, I will only talk about a few other examples.
2.3.1 Optus data breach
Optus is a subsidiary of Singapore Telecommunications Ltd, which operates in Australia. The attack happened in November of 2022. It was and still is one of the most notable attacks in Australia history. Personal data, including names, birthdays, phone numbers, email contacts and passport and driving licence numbers. Luckily, Opta revealed that payment details and account passwords were not stolen by the hackers who were behind the attack. According to the government, roughly 2.8 million people were at a significant risk of identity theft. After a few hours, the thieves published a sample of stolen user data and issued a ransom threat, demanding A$1.5 million ($1 million) in cryptocurrency from Optus. The ransom threat was later deleted, and the hacker apologised to Optus (Turnbull, 2022). The government argued that the attack was unnecessarily easy for the hackers and that Optus „Left the window open“ for the criminals to hack their system. The government also criticised Optus for its role in the attack, stating that the company was uncooperative with the public and the government (Evans, 2022). Following this data breach, a new collaboration between the Australian Federal Police and Australian Signals Directorate was announced. It would result in the creation of a new task force dedicated to hacking the hackers (Whelan et. al., 2023).
2.3.2 WhatsApp user data leak
In November 2022, a user posted what they claimed to be up-to-date personal data of around 500 million WhatsApp users from more than 80 countries worldwide. The hacker was selling the data on a forum on the dark web. The hacker’s valuation was about a few thousand dollars for each country’s dataset, based on the amount of stolen personal data. The leak was first reported by news site CyberNews, which investigated the data and came to the conclusion that the hacker’s claims were „likely to be true“. The hacker never clarified how they collected such a large amount of data. Meta, however, denied such data leak (Powell, 2022).
2.3.3 Target data breach
The breach happened before in 2013. A malicious software was installed on Target’s security and payment systems. The software stole information on every credit card used for payment at any of Target’s locations. At that time, Target had a state-of-the-art security system. However, when the company was warned that the hackers attacked, Target just ignored it. The resulting data breach put millions of people at risk of identity theft (Manworren et. al., 2016).
2.3.4 Colonial Pipeline Ransomware Attack
The attack happened in 2021. A cybersecurity attack on the Colonial Pipeline Company has led to temporary interference in the delivery of petroleum products to most of the U.S. states in the southeast. The attackers used ransomware against the company’s business systems. The FBI confirmed that a well-known hacker group from Russia named DarkSide was behind the attacks. The company quickly deactivated certain systems that monitor the pipelines to ensure safety. Disconnecting the systems stopped the function of the pipeline operations (GAO, 2021). The response was immediate. The U.S. government paid a ransom consisting of 75 bitcoin, which was worth about $4.4 million, to DarkSide within a few hours of finding out about the attack. Later, it was reported that the U.S. investigators managed to recover millions in cryptocurrency from the money that was paid ransom to DarkSide. The Justice department said it recovered about 75 % of the bitcoin, which however, was now worth only about $2.3 million since the bitcoin was worth less at the time of the recovery (Perez et. al., 2021).
3 Understanding ethics
In this part of the paper, I would like to very quickly introduce what the term ethics means and what it is all about. I would also like to explain its relevance to decision-making.
3.1 What is ethics?
Ethics is a moral philosophy. It is the study of what is right and what is wrong. It is made to guide people, companies, and societies to make decisions. It is a set of predetermined moral rules that can change based on the subject of the ruling. Simply, it creates standards of behaviour that tell people what is right and what is wrong. It tells people and societies how to act in many situations they find themselves in, such as parents and friends, or professionals and citizens and so on (Velasquez et. al., 2009). Ethical principles are used for navigating moral dilemmas, like if it is acceptable to lie to protect someone. In cybersecurity, ethics try to balance business interests with privacy or security and many more customer rights. We will talk more about cybersecurity ethics in the next part of the paper.
There are many sources of ethical standards and many views on the matter. Some sources, like the Utilitarianian approach, emphasize that ethical action is the one that provides the most happiness and the least harm. In business, as well as in cybersecurity, the ethical action is viewed as the one where the least harm is done to the affected (customers and the company). It tries to increase the good outcome of an action and decrease the harmful outcome (Velasquez et. al., 2009).
In the rights approach, ethicists suggest that every person has a dignity based on their nature. Because of that, they should have the ability to choose freely what they think is right or wrong for their lives. On account of that, they should be treated as ends and not as means to other ends. The moral rights are, for instance, that a person has the right to make their own choices, to be told the truth even when it is hurtful and many more. Also, it states that with rights come duties, such as the duty to respect others’ rights (Velasquez et. al., 2009).
The justice approach comes from Greek philosophy. According to this approach all equals should be treated equally or fairly based on the way they contribute and a standard that is defensible. The Common good approach, which also comes from Greek philosophy, states that community is a good in itself, and relationships in society, like respect for all others, are required for ethical reasoning (Velasquez et. al., 2009).
I would also like to swiftly identify what ethics is not. Ethics is definitely not the same as feelings. Feelings are meant to provide us information to base ethical choices on. Some people have more developed feelings than others, meaning that they feel bad when they do something that is morally wrong. Ethics is also not religion, it applies to anyone, and is not based on faith. Following the law is also not always ethical. The better the system of law, the more ethical standards it sets (Velasquez et. al., 2009). I do not think law can be totally ehical, it is not possible, since there is not one ethical structure, so that makes it impossible. Also many ethical questions do not have any right answer, it depends on the subject you are questioning. Law should consider ethical questions and try to answer the ones, that are answerable.
3.2 Digital ethics
Internationally there is a growing feeling, that ethics should be of increased importance to education and usage in technological fields. The digital age has crated new and unique ethical challenges that require new ways of ethical thinking. The IEEE (the Institute for Electrical and Electronics Engineers) has an entire division devoted to ethics in technology. It is more important than ever to make sure the internet is a safe place for everyone. Poorly designed technologies and sites make it harder for users to live well. For instance, toxicity and unhealthy antisocial habits are a great danger to users (Vallor., n.d.). Digital ethics ask wherher certain policies are the right thing to do. The main actions are the collection of data and the use of it, the different treatment of individuals or groups that have some sociodemographic characteristics, which can be used in favour of the company or leading people to engage in addictive activities (Gorbatai, 2022).
There are many challenges in digital ethics, namely the problem of anonymity. It allows individuals to express themselves however they want, which in its roots is a great freedom for users, but it also undebatable leads to abuse and toxicity. Another challenge is that our devices, like phones and computers, save data about us for the security of users. But there is also a lingering question, is that what the user wants? We will tackle the dilemma between security and privacy later in the paper.
The principles used in digital ethics differ based on the type of organisation, but the framework nearly always matches. The main principles are responsibility, transparency, beneficence and justice. There are many views on the matter, but I will choose some I found interesting and agree with. For example. based on Formosa et. al. (2021), there are five principles. Beneficence (technologies should be used to benefit humans and increase their well-being), Non-maleficence (technologies should not be used to intentionally harm humans or to decrease their well-being), Autonomy (technologies should be used in ways that respect the human autonomy people should be able to make decisions about how the technology is used in their cases), Justice (technologies should used to promote fairness and equality) and Explicability (technologies should be used intelligibly, transparently and comprehensibly, it should also be clear who is responsible for the use). Another view on the matter is based on Macnish et. al. (2020), the principles are Respect for persons (treating individuals as autonomous and respecting their interests), Beneficence (maximize benefits, minimize harms), Justice (equal consideration of each person, benefits should be fairly distributed to individual needs), Respect for law and public interest (be transparent in methods and results, be accountable). Both are quite similar, so I will just swiftly introduce the principles from the first example, while also using some of the information from the second example.
Beneficence: Once we know that our systems and data are secure, we can promote positive benefits like well-being (having your data protected), protection of privacy, financial benefits, reputational benefits (improved reputation for the company) and trust (users trust companies with great cybersecurity more than companies with worse cybersecurity) (Formosa et. al., 2021). Harm is not intended on subjects, but the absence of intention does not amount to the absence of it. The company should keep subjects protected from harm, ensure their privacy and test the security of the system regularly (Macnish et. al., 2020).
Justice: It requires ensuring fairness, accessibility and preventing bias. The broad range justice covers can create tensions between different considerations. For instance, a focus on accessibility of data for vulnerable groups, such as not requiring multi-factor authentication, can lead to lower levels of protection (Formosa et. al., 2021). Most of cybersecurity research is conducted by and carried out by researchers from Western countries or the Western world who have little to no experience of less advanced countries elsewhere in the world. People from those countries care about different topics, and the ethics might be rather different (Macnish et. al., 2020).
Autonomy: Requires the users to have control over who can access their data. Consent is a key factor in autonomy. Through consent, we get access to the data and systems. It is pretty challenging to exactly pinpoint what a consent is (Formosa et. al., 2021).
Non-maleficence: When systems and data are unavailable, either due to a DDoS attack or some other problem, harm follows. Preventing these harms is a principle of non-maleficence. Understanding how severe the harm is and what the harm constitutes is critical for the application of non-maleficence (Formosa et. al., 2021).
Explicability: The cybersecurity systems need to be explainable, and transparent and organisations need to be held accountable for their operation, updates and effectiveness (Formosa et. al., 2021). Privacy: Nobody really has any very clear idea of what privacy really is. It is a moral concept, that is defined many different ways. That the private facts should not be available to anyone else. Freedom of thought, control over personal information and many others (Formosa et. al., 2021). Privacy is usually part of beneficence.
4 Common ethical problems in cybersecurity
In this part of the paper, I would like to explore some common ethical problems in cybersecurity. I will also include my view on each matter at the end of every part. There are many ethical problems, some more complicated than others, so I chose the easier ones to comprehend.
4.1 Privacy vs. security
The debate between privacy and security is said to be the central piece of cybersecurity ethical problems. Privacy refers to the users’ right to control who can use and see their personal information and data. Security aims to make sure their users are not at risk. On the one hand, security measures aim to protect users from threats. On the other hand, to ensure privacy, they often need to use the data and information of the users, so they violate individual user’s privacy. With the growing amounts of generated and gathered personal data, cyber threats present a danger to individual privacy. These potential attacks can have far-reaching consequences. As I stated, these breaches can lead to identity theft, where hackers use personal data to commit other crimes. They can also steal the data for financial gain, for instance, when an online banking system is attacked. About 93 % of data breaches are motivated by financial gain (Gomez, 2024). The harm can also be other than financial, like phishing attacks or blackmail.
There have been many incidents where the ethics of the action was questioned. For example, it was reported that some countries have access to private data of customers of some companies. The PRISM program was run in the US by the US National Security Agency (NSA). The program collected data from some globally well-known companies such as Microsoft, Yahoo!, Google, Facebook and others (Johnson et. al., n.d.). The gathered data consisted of electronic communications, emails, voice mails, and messages from the companies surveyed. It was made legal in 2008 because a new law was created that allowed government bodies to access Tech company’s servers. The data was presumably used to target terrorist threats and international criminals, in union, just foreign intelligence targets. The aftermath of the reveal of the PRISM program was that many of the companies denied any accusation of sharing user data, for example, Mark Zuckerberg, the CEO of Facebook, said the program is outrageous, and Facebook did not participate in any program gathering data by federal agencies (Glory, 2024). People were understandably outraged by the reveal and the ethical side of things needed to be studied. If we stick with what the US government and NSA declared, that the data was used only to target foreign international targets, we can argue that the NSA was looking after the US citizens and the user’s security. On the other hand, the privacy of a large number of users was reduced, and their personal data was used without their knowledge, which is a somewhat illegal invasion of their privacy.
A similar program was started by the UK’s Government Communications Headquarters (GCHQ) in 2008 called Tempora, which is conducting a similar surveillance of data (Kuner et. al., 2013). It collected data by tapping into fibre-optic cables and collecting IP addresses of users (Dencik et. al., 2016).
The problem with these programs was that they were not communicated to the users, whose data the programs ultimately used, even though they presumably did not use them unless they viewed them as threats. If we believe the government’s argument that it was done for the security of users and people, then we have to look at the ethical side of things. I believe that if the existence of the program was communicated to the users, that it would spark a debate about the actual use of the program. That would make the program useless because the actual targets would just avoid sites which are used for the investigation. I think that national security is more important than the privacy of users to some extent. The way it was done was ethically wrong, but I believe there was no other way about it. Although I understand the bigger threat, which is that people do not know how much information is actually private. These programs were never meant to be public, so if not for the people who leaked them. We can just guess how private our private data is.
I believe that privacy and security cannot be done in cybersecurity without negating each other. With more security comes less privacy for users and the other way around. Companies should try to balance the two.
4.2 Whistleblowing
A whistleblower is a person who reports unethical, harmful or illegal practices done by an organisation or company. Whistleblowing is done by organisations or companies’ employees. Whistleblowers disclose issues like corruption, safety violations and misuse of power. There are some protections for whistleblowers. An example is the US Whistleblower policy, which aims to encourage potential whistleblowers to report potential illegal practices (UC Berkeley, n.d.). There is also the Whistleblower Protection Act, which is similar to the Whistleblower policy. It is a federal or state law that protects employees from retaliation, such as termination or discrimination (Legal Information Institute, n.d.).
One of the most famous whistleblowers is Edward Snowden. He was the one behind the PRISM leak. He leaked classified documents revealing the extent of the surveillance. The exposure was viewed by some as a heroic act by some, making the world a safer and better place to live, thanks to the revelations of mass surveillance. Snowden also faced backlash for the revelation, with some saying he is un-American and that he compromised national security (Younger, 2020). Snowden was charged with two counts of espionage and shortly after fled to Russia, where he was gradually granted citizenship.
The law or directive that was in place when Snowden leaked the information was not adequate protection for whistleblowers. It did not initially include security contractors, like Snowden, despite their high numbers in the intelligence (Younger, 2020).
There are two potential ethical questions. One being whether it is better for someone who knows such information to leak it or to not expose it. In my opinion, the person or people should always reveal the information if they are sure it breaks the law or is ethically wrong. It is a question of when it is justifiable to breach confidentiality. The other question is whether the whistleblowers should be protected or not. I believe they should be protected. However, it depends on the actual case.
4.3 Hacktivism
Hacktivism is used to describe computer hacking. It is a combination of the words hacking and activism, which quite greatly explains what the premise is. It refers to online activists who use hacking as a medium to carry out direct action and resistance. Hacktivists are not motivated by financial gain (Gawel, 2024).
Undoubtedly, the most famous hacktivist group is Anonymous. It is a grassroots initiative. They choose a specific target and demand a specific demand. They use many methods of attack. For instance, they deface the web by replacing some graphics with their texts or messages, or they initiate DDoS attacks, which overload systems, making the networks unusable (Chandler, n.d.). One of many examples of their work is from 2011. Sony sued one of its customers for creating a method that allowed Playstation 3 users to run Linux on it. Before the launch of the Playstation 3, Sony advertised the Linux capability as a feature, but later withdrew the idea. These actions made by Sony were so outrageous to Anonymous that they sabotaged Sony’s Playstation Network. For a month, it was not accessible, and the stock price of Sony dropped massively. Anonymous got exactly what they wanted, which is headlines (Chandler, n.d.). The question is whether Anonymous was in the wrong for punishing Sony. Some people hate them, some love them. It really depends on the person you ask. The question is whether the “revenge“ is ethical. Again, it really depends on the exact case, but in general, some hacktivism attacks are more ethical than others. In my opinion, the hacktivism groups are sometimes a little bit too aggressive. Although I usually agree with them that the crime is punishable, I just feel it would be better to go the judicial direction. The attacks also commonly affect other users, so it is not only attacking the company or the idea but also innocent users, which affects their lives.
5 Emerging topics in cybersecurity ethics
As the world of technology evolves, new threats to cybersecurity. Cybersecurity faces new ethical problems and challenges. There are new emerging cybersecurity topics, for example, artificial intelligence (AI) or cyberwarfare. They both bring new dilemmas and questions and are shaping the future of digital security.
5.1 AI in cybersecurity
First and foremost, I would like to talk about the positive side of AI usage in cybersecurity. It is increasingly being adopted to strengthen cybersecurity. It helps with the detection of threats, which it can do far better than a human being. AI is also used for the response to cyber attacks and it is an important phishing defence mechanism.
Threat Detection: Through the AI’s ability to process large amounts of data at high speeds, it can learn patterns to potentially discover threats. They can also adapt to new, previously unknown attacks, making them irreplaceable for real-time detection. The AI monitors network traffic and analyzes it. It is always looking for signs of malicious activity within the networks. Traditional security tools struggle to keep up with the growth of sophisticated cyber threats. It is also highly accurate in detecting threats (Kelley, 2024).
Incident Response: As I presented, AI can detect threats very effectively. After it detects a threat, it can automate a response to the attack and, for example, isolate the affected parts of the network (Microsoft, n.d.). It can also prevent attacks by constantly learning new forms and types of attacks through machine learning. AI also helps with the identification and creation of strategies that can help with the defence against the attack and prevent future ones (NITRD, 2019).
AI unfortunately also raises several concerns in cybersecurity. AI is highly dependent on the quality of data it gets to learn. So if it receives large amounts of low-quality data, it will perform way worse. AI systems can also be the target of attacks, potentially being manipulated or compromised. People should also not be too dependent on AI (Kelley, 2024). One of the ethical topics is the dual-use risk of AI, which I have summarized above. It bolsters the defence of cybersecurity, but it can also become a cybersecurity threat. The question is whether it brings more good than bad. In my opinion, it is really important in cybersecurity. It helps safeguard networks almost perfectly. On the other hand, the threats are also bigger and better done than ever before. It is really a duality of AI. But I would say it brings more positive uses, and those uses are truly important for the security and well-being of people.
5.2 Cyberwarfare
Cyberwarfare is the action of a nation or organization to attack and try to damage another nation’s networks or computers through viruses and cyber attacks. It is widely used in todays warfare, being one of the best morale crushers. Cyberwarfare is politically motivated hacking (RAND, n.d.). It uses tactics such as deploying malware, disinformation, deepfake campaigns or hacking. The cyberwarfare targets are usually critical infrastructure (power grids, government networks, military bases networks and bank systems). Cyberwarfare offers attackers anonymity. They also do not have to directly contribute.
Nowadays, for example, Russia uses cyberwarfare in the war with Ukraine. Attacking not only Ukraine, but there have been some attacks on the countries of the European Union. For example, Russian secret service GRU is reportedly behind the attacks on the Czech republic and the SPD German political party (Valášek et. al., 2024).
Cyberwarfare is ethically wrong, in my opinion, and I would say everybody agrees. The disinformation campaigns, that take place are really dangerous for society. The damage cyber attacks leave on infrastructure, such as the power grid and hospitals is enormous. It affects people directly, even though it begins as a cybersecurity threat. Cyberwarfare challanges existing international law and ethics frameworks. The boundaries are not as clear as in traditional warfare. Also, identifying the attackers is rather difficult, so the lack of clarity undermines accountability and can escalate conflicts.
List of references
Nelson. (2022, August 17). Digital connectivity: The benefits of inclusive internet access. USGLC. https://www.usglc.org/blog/digital-connectivity-the-benefits-of-inclusive-internet-access/
Luo. (2022). A general framework of digitization risks in international business. https://www-webofscience-com.zdroje.vse.cz/wos/woscc/full-record/WOS:000655541900001
National Audit Office. (2017). Investigation: WannaCry cyber attack and the NHS. National Audit Office. https://www.nao.org.uk/wp-content/uploads/2017/10/Investigation-WannaCry-cyber-attack-and-the-NHS.pdf
Healthcare Information and Management Systems Society. (2020). 2020 HIMSS cybersecurity survey. https://www.himss.org/sites/hde/files/media/file/2020/11/16/2020_himss_cybersecurity_survey_final.pdf
Fortinet. (n.d.). What is cybersecurity? Different types of cybersecurity. Fortinet. https://www.fortinet.com/resources/cyberglossary/what-is-cybersecurity
Cisco. (n.d.). What is cybersecurity? Cisco. https://www.cisco.com/site/us/en/learn/topics/security/what-is-cybersecurity.html
Fasulo. (2024). What is the CIA triad? Definition, importance, & examples. SecurityScorecard. https://securityscorecard.com/blog/what-is-the-cia-triad/
Liu, AX (Liu, AX); Gouda, MG (Gouda, MG) ; Ma, HBH (Ma, HBH) ; Ngu, AHH (Ngu, AHH). (2005). Firewall queries. Web of science. https://www-webofscience-com.zdroje.vse.cz/wos/woscc/full-record/WOS:000231114900015
Deshpande, C. (2024). What is firewall: Types, how does it work & advantages | Simplilearn. Simplilearn.com. https://www.simplilearn.com/tutorials/cyber-security-tutorial/what-is-firewall
Fortinet. (n.d.). What is encryption? Definition, types & benefits. (n.d.). Fortinet. https://www.fortinet.com/resources/cyberglossary/encryption
Higgins. (2022). The importance of multifactor authentication. CIO.GOV. https://www.cio.gov/2022-10-26-importance-multifactor-authentication/
NIST, (2024). Multi-factor authentication. (2024). NIST. https://www.nist.gov/itl/smallbusinesscyber/guidance-topic/multi-factor-authentication
Kobylinski, A; Lipski, S. (2012). STUDY ON THE ANTIVIRUS SOFTWARE EFFECTIVENESS. Web of science. https://www-webofscience-com.zdroje.vse.cz/wos/woscc/full-record/WOS:000313136800076
Aliza Vigderman, Gabe Turner. (2024). Does antivirus stop hackers? Security.org. https://www.security.org/antivirus/hackers/
INSTITUTE OF DATA. (2024, April 2). What are the 7 types of cybersecurity? Institute of Data. https://www.institutedata.com/us/blog/what-are-the-7-types-of-cybersecurity/
Demirel. (2023, December 28). Types of cybersecurity: A comprehensive overview. Clarusway. https://clarusway.com/types-of-cybersecurity/
CompTIA. (n.d.). What is cybersecurity. CompTIA.org. https://www.comptia.org/content/articles/what-is-cybersecurity
SailPoint. (2023, July 29). Zero trust security: The zero trust model. sailpoint.com. https://www.sailpoint.com/identity-library/zero-trust-model
Turnbull. (2022, September 29). Optus: How a massive data breach has exposed Australia. BBC News. https://www.bbc.com/news/world-australia-63056838
Evans. (2022, September 26). Home affairs minister says Optus ‘left window open’ for cyber criminals to conduct simple hack. ABC (Australian Broadcasting Corporation). https://www.abc.net.au/news/2022-09-26/home-affairs-minister-blames-optus-for-cyber-attack-hack/101474636
Whelan, C; Martin, J. (2023, November). ‘Hacking the hackers’: reflections on state-implemented disruption as a ‘new model’ for cyber policing. Web of Science. https://www-webofscience-com.zdroje.vse.cz/wos/woscc/full-record/WOS:001104119400001
Powell. (2022, November 28). Hacker attempts to sell data of 500 million WhatsApp users on dark web. Cyber security hub. https://www.cshub.com/attacks/news/hacker-attempts-to-sell-data-of-500m-whatsapp-users-on-dark-web
Manworren, N; Letwat, J; Daily, O. (2016). Why you should care about the Target data breach. Science direct. https://www-sciencedirect-com.zdroje.vse.cz/science/article/abs/pii/S0007681316000033
GAO. (2021). Colonial pipeline cyberattack highlights need for better federal and private-sector preparedness (infographic). U.S. Government Accountability Office (U.S. GAO). https://www.gao.gov/blog/colonial-pipeline-cyberattack-highlights-need-better-federal-and-private-sector-preparedness-infographic
Evan Perez, Zachary Cohen, Alex Marquardt. (2021, June 8). First on CNN: US recovers millions in cryptocurrency paid to colonial pipeline ransomware hackers | CNN politics. CNN. https://edition.cnn.com/2021/06/07/politics/colonial-pipeline-ransomware-recovered/index.html
Manuel Velasquez, Dennis Moberg, Michael J. Meyer, Thomas Shanks, Margaret R. McLean, David DeCosse, Claire André, and Kirk O. Hanson. (2009, May). A Framework for Ethical Decision Making. Santa Clara University. https://www.cse.sc.edu/~mgv/csce390f23/MarkkulaFramework.pdf
Vallor, Ph.D. (n.d.). An Introduction to Cybersecurity Ethics. Santa Clara University. https://www.scu.edu/media/ethics-center/technology-ethics/IntroToCybersecurityEthics.pdf
Gorbatai. (2022, October 18). What is digital ethics? Vlerick Business School | Vlerick Business School. https://www.vlerick.com/en/insights/what-is-digital-ethics/
Paul Formosaa, Michael Wilsonb, Deborah Richards. (2021). A principlist framework for cybersecurity ethics. Web of Science. https://www-webofscience-com.zdroje.vse.cz/wos/woscc/full-record/WOS:000685459300019
Macnish, K; van der Ham, J. (2020, November). Ethics in cybersecurity research and practice. Web of Science. https://www-webofscience-com.zdroje.vse.cz/wos/woscc/full-record/WOS:000600846300012
Gomez. (2024, April 25). Cybersecurity ethics: Everything you need to know. Our Lady of the Lake University. https://www.ollusa.edu/blog/cybersecurity-ethics.html
Kevin Johnson, Scott Martin, Jayne O’Donnell and Michael Winte. (n.d.). NSA taps data from 9 major Net firms. usatoday.com. https://eu.usatoday.com/story/news/2013/06/06/nsa-surveillance-internet-companies/2398345/
Glory. (2024, November 14). What is PRISM program? Here is all you need to know about it. PrivacySavvy. https://privacysavvy.com/security/spying/prism-program/
Christopher Kuner, Fred H. Cate, Christopher Millard, Dan Jerker B. Svantesson. (2013). PRISM and privacy: will this change everything? watermark.silverchair.com. https://watermark.silverchair.com/ipt020.pdf?token=AQECAHi208BE49Ooan9kkhW_Ercy7Dm3ZL_9Cf3qfKAc485ysgAAA0swggNHBgkqhkiG9w0BBwagggM4MIIDNAIBADCCAy0GCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMl2tdmPwtwD3OaajlAgEQgIIC_nKCStWMzGCU_HskY0neZveprCYX6S41hBYWFFYxdAvVsOhAG2JNvhduKoWydfpqfaLuWUSGMx1a957M5Oz97pRUaX3bOfp4rJcmxnmENGFOtprqA15VCoRinGuZN87OyL0beToaSV_PqIEeFPCJFiVIiE3rdio4ZP4qKDFrgeRSOC0jHWV6H6G0Rv_TveEj8tQNLpcx2Ho6QjD1ROZQspZXHM1vE7pJAiBEyR2QUU5R3WcbNDdeMP_CntK8LPZyHNWNaJNIZua0bJ8WI9U2JFwUxfMKvmSb1V5Wi6NpurFGwFg2iSox5RX4ZFftaSFQtNPTow_DoiiMYoVyfxeKkCYbIgvVxcVysGXhvdGD8sROXT7uQUUbSuNA9nv1jKC-4DXgJCkSerBefCbKFfFOo-V3zIX7XwtO71b0Uq1RzOCAoPOa-E5tioFAT-5vgp070fQBR3hb1d0QcETC0tPe2vUapw3BwW9TWB4Jz-u4ifEHQPP88j0ZAg8Aa6msbhK5nMllhljoyN0Fm-caudgnls8mJ4AaI70kei1sHKAVFNzq-LqpTaHqmPzDPU2SrqyNSGtM6H-VI3MiNhDYVOU6LNQqhC94cZKPsWDGxhmnLpK6JSLPbrjM8sc7mYUtAoJ-mpsdiDtxenIEZeGC57bRCoWLLt4lOxq90tNQsFSv1vNVz-764A0qgcTYUJGInfcbV1YGKuTqSh96rDC8n6V_C85-z3aWJEUVT4bppEzyguKX2ayU9AgGheLHUEb3mK4u8TLr1Loc8oAuTD_OXVaAeoQCU4Z7AmgJY-sWfh5WBnKsnYdUV51WOandEkk3Fw983eI50Zd8bAzLsbS5TKVobPM909t4NeWlUsPwB97FCPdGlDWkawb60GelntvDMXc6DrfJ8O-t2090u5EZ7K-vZU-JsrcNG2sa-Gh-8-VsvjxvEetQcVkCvpBSSbaNGmTEzBtd7Mod4SVB-ZoADt45vA9swcf0_Y086cJUQzSTJmy_2EBHn_dVtJaYAziH3L8
Lina Dencik, Arne Hintz, Jonathan Cable. (2016, November 24). Towards data justice? The ambiguity of anti-surveillance resistance in political activism. Sage Journals. https://journals.sagepub.com/doi/full/10.1177/2053951716679678#bibr9-2053951716679678
UC Berkeley. (n.d.). What is the purpose of the whistleblower policy? https://chancellor.berkeley.edu/what-purpose-whistleblower-policy
Legal Information Institute. (n.d.). Whistleblower Protection Act. LII / Legal Information Institute. https://www.law.cornell.edu/wex/whistleblower_protection_act
Nick Younger. (2020, November 19). The case of Edward Snowden. National Whistleblower Center. https://www.whistleblowers.org/news/the-case-of-edward-snowden/
Gawel, H. (2024, April 24). The Hacktivism. Internet Policy Review. https://policyreview.info/glossary/hacktivism
Chandler. (n.d.). How Anonymous works. HowStuffWorks. https://computer.howstuffworks.com/anonymous.htm
Kelley. (2024, March 21). AI in cybersecurity: A comprehensive guide. Caltech. https://pg-p.ctme.caltech.edu/blog/cybersecurity/ai-in-cybersecurity
Microsoft. (n.d.). What is AI for cybersecurity? | Microsoft security. Microsoft security. https://www.microsoft.com/en-us/security/business/security-101/what-is-ai-for-cybersecurity
NITRD. (2019). Artificial Intelligence and Cybersecurity: A Detailed Technical Workshop Report. The Networking and Information Technology Research and Development (NITRD) Program. https://www.nitrd.gov/pubs/AI-CS-Detailed-Technical-Workshop-Report-2020.pdf
RAND. (n.d.). Cyber Warfare. https://www.rand.org/topics/cyber-warfare.html Lukáš Valášek, Adéla Jelínková. (2024, April 3). Útok hackerů. Česko poprvé ukázalo na ruskou tajnou služb. Seznam Zprávy. https://www.seznamzpravy.cz/clanek/domaci-kauzy-kyberneticke-vrbetice-na-cesko-utocili-hackeri-ruske-tajne-sluzby-gru-251109
