Fake news has been rampant globally especially in manipulating voters during the election season. The United States and France are some of the countries that act as a good example for this. The creation of these fake news has brought about division in the society and the media sector has not been able to come up with comprehensive measures to curb it. Sometimes, people get their information acquired and sold illegally and in most cases the information is used for malicious intention. There are a variety of sites that allow peoples’ emails to be accessed and read without their consent. There are a number of issues that arise out of the misuse of data which has been accessed without the consent of the owner. It is prudent that companies regularly review the data polies to avoid becoming victims of information warfare.
- What issues arise when it comes to unprotected data and the internet enabled psychological and information warfare?
- To investigate the issues that arise in unprotected data and the internet psychological and information warfare.
- Investigate the issues around unprotected data and the psychological and information warfare
- Identify the perpetrators of this information and psychological warfare.
- Identify their aim in perpetrating this psychological and information warfare
- Identify the possible ways to deal with these issues.
- This research will be made possible by the conduction of literature reviews and other relevant information from mother reports and other sources.
This topic has been under investigation for quite sometime and digging deeper to gather more information about it would be very useful. The information contained herein is would be very useful to individuals and organizations in getting to discover the real issues behind unprotected data and the psychological and information warfare. This would place them at a situation where they are in the know of what happens and the effects of this kind of warfare. It will also enable them to have knowledge on how to mitigate these issues within their areas of jurisdiction either at the individual level or at the organization level.
According to Fransisco Garcia and Maurice Dawson, in their research on unprotected data conducted in 2019, psychological and information warfare has been profound over the years. This information is acquired by attackers or hackers who tend to use it for their personal gains. Once the attacker gains access to the company or individual’s data, he or she utilizes the data to his or her advantage. In the organization setup, this information gained by the attacker may be used to psychologically torture the organization so as to get a first hand in a competitive advantage. The government can also engage in the information and psychological warfare with other countries in an attempt to beat the other countries into economic growth. When it comes to individuals this data is used to subdue the person into blackmailing and ransomware. The blackmailed person will not be in a position to deny the attacker anything they are in need of because of this vulnerability. The intention of the attacker is to place the organization or the individual at a lower bargaining level such that he or she gets the upper hand.
This data can also be misused. It can be subjected to other means for which it was not intended for. Companies have gone digital nowadays due to the technological advancement and as a result most of them have developed software and applications to ease the work of the client or customer. This step has been greatly received from the customer end. However, with some of this companies, the intention is not to offer convenience to the customers but rather to gain information from them which they will either use to sell or to utilize in improving its services. Either way, the benefit goes to both parties except in cases where the company is malicious. If the company is malicious then it may end up using the customer’s information for its personal gains which are harmful to the customer. It is advisable for companies to act in good faith and always stay up to date with the cybersecurity regulations to avoid collision with the laws.
Information warfare has turned out to be a very effective tool of warfare of the 20th century. This tool is used to attack the psychological operations. It creates an image that favors one side and undermines the other. This makes the undermined party to have some psychological retreats at the expense of thinking that the other party is more powerful or stands a better chance. This method can be very instrumental in bringing a difference between success and failure if used very well not only in the battlefield but in any other sector.
Basically, information warfare is a way for protecting your own information by attacking someone else’s information by the use of computers which are very instrumental in this whole thing. Traditionally this was just left to imagination and people could only think of such kind of warfare (Aldrich, 1996). In the recent years, information warfare has become a very powerful too which is being used not only by the government but also by companies in a bid to defeat their competitors or adversaries. It is a very calm way of claiming victory without necessarily going to the war itself. It demoralizes the opponent and forces him or her to submission though psychological torture. The government sometimes uses this tool to strengthen its economy. For instance, in the United States, there is a cooperation between the Federal Bureau of Instigations, the National Intelligence Service and private companies to create information protection programs (Elbirt, 2003).
This information warfare could have impacts on individuals, globally and at a corporate level. At the individual level the attack is directed towards a private person or a group of persons and they result to blackmailing, extortion and harassment. The individual information is collected and later used for blackmailing or ransomware (O’Gorman & McDonald, 2012). At the corporate level the information is stolen and used to disrupt the competitor’s operations. Databases are the greatest assets in in providing information warfare if they are not properly safeguarded. This has created the need for implementing and coming up with stringent measures to protect the information from unauthorized access. This way the information warfare is reduce and fair competition is maintained.
All source intelligence.
Open source intelligence tools which are readily available are one of the ways in which an organization or company’s data may be analyzed. In is a very important tool of analyzing which could provide very critical information about a company. This data is available to the public. This means that the information can be accessed without the need to ask for permission from anyone and used to come up with reports (Stalder & Hirshi, 2002). Accessing this data and generating a report gives the attacker a chance to device his or her attack in an intelligent way that would actually affect the said company or organization since the attack is from a point of knowledge. There are online systems that have made the analysis of open source intelligence so easy. Once the attacker has made his or her analysis, it will become very easy to study the organizations trend and most of the organization’s activities will be easier to predict using the same open source intelligence. This can also happen to individuals. Once this happens, the organization or the individual’s information is at the hand of the attacker and a weakness would have been created making them vulnerable to exploitation.
With this new and advanced technology that is ever changing, there is a lot of information being distributed around, either online or offline. The most interesting and shocking thing about this information being spread all over is that it has significant value. Some organizations have started placing themselves strategically in a position that they are able to create value out of the rightful extraction of data or at the misuse of data. Companies have gone digital and have gone to an extent of creating mobile applications to ease the lives of their clients or customers. But then sometimes the idea behind this creation of applications is to be able to sell certain information to these customers (Ahmed, 2004). Sometimes it is not about making their lives more comfortable and convenient to access certain services, but rather its about getting to know them. Extract useful information from them and sell it. This is an initiative taken by the company for its own purpose but because of how the customers view it from their end, they become so comfortable with it and give all the necessary information to the organization which in return the organization will monetize and improve its services.
Personal Identifiable information is very important in an organization. The benefits accrued from it are double especially in the marketing industry. For example, an online store that sell alcohol would collect information from their customers on gender and nationality, this may not impact on the profitability of the company, but if the company decides to collect information on their age, then they will be aware of the age limits to target with their products. In an attempt to avoid the expenses that are related to maintaining of serves, small companies have opted for cloud storage as an alternative for data storage and sharing.
Stolen data location.
Poorly coded websites and poor security practices place an organization at vulnerable state of having its data accessed by the unauthorized persons who may use it for malicious intent. For example, when a picture is taken, one could use intelligence analysis to tell a lot about the camera ranging from the latitudes and longitudes. There is a huge amount of information that is hidden in the layers of deep and dark web. Ost Search engines do not have access to these layers. The only route and means of locating these webs is by the use of Uniform Resource Locator (URL). There is an estimation of about 96000 deep web sites existing alongside over 75000 terabytes of data (Patel et al. 2007).
Locating a deep website is very difficult, you must know the exact URL for the website in order for you to trace it unlike the other sites which are easily located on the standard search engines without typing the whole URL. Dogpile and DuckDuckGo are some of the massive databases that compile huge amount of data from search engine. They allow you to search for a variety of different information at the same time. They can allow for almost 50 search engines to be searched with the entry of such terms and the click of a button. However, these metadata cannot access the data in the deep web also. Special engines such as TORCH and Onion URL are used to locate deep webs. This is because they do not act like the traditional search engines. TOR networks act as personal and private networks and they function as semi-autonomous networks for purposes of private browsing and accessing of sites.
Deep web and dark web are not the same. These two are independent of each other. TOR can be used to access the dark web search engines that index the deep web. Deep websites can be accessed using the traditional browsing methods as long as you know the URL but as for dark websites you will have to use TOR. The Onion Reuter (TOR) became well known around the world when a man by the name Edward Snowden started exposing the United states government about what it was doing with its citizens’ data. This news spread around the world. People were very curious to know the method or the tool that was used to access such information and it happened to be TOR. TOR can used without the need for installation especially on windows and Mac. After this initial development of TOR, it was further advanced by the Defense Advanced Research Projects Agency (DARP). Over the years there has been exploitation of TOR users but this has not hampered its usage.
There has been a discovery that YouTube and YouTube Kids has become vulnerable and unsafe as there are some promoters that are targeting the psychology of kids (Kaushal et al. 2016). Initially the target group was the adults but due to the technological advancement this has been disregarded and anyone, whether a child or adult, is vulnerable to these attacks. These promoters come up with certain clips which entice their target people to do something or to avoid something. In most cases the prompt is to do what favors them. Checking the Open Web Application Security Project, you will realize that over the last 10 years web application weaknesses have been present (Wichers, 2013). One such weakness is the Common Weakness Enumeration.
Misuse of data and information has become a common phenomenal in the 20th century. There has also been lack of knowledge or ignorance on the means or ways of dealing with this demerit. Internet has allowed the traditional techniques that were used in warfare to be civilized, advanced and modernized and used intelligently. This change is still under evolution as it has to take care of the needs of the ever-changing technology of the internet of things and 5G internet access network. The minimal or lack of cybersecurity regulations and protections has created way for attackers and hackers to take advantage of companies and organizations and individuals who do not have the technical knowhow of dealing with such vulnerabilities. This is coupled up with the weak laws that that do not have a comprehensive regulation on such attacks making the attackers to attack and get away with it.
Coming up with strong laws and regulations in the cybersecurity sector could deter these malicious attackers from exploiting these vulnerable organizations and individuals. Similarly, those in the Information Technology industry should be able to come up with stronger ways or mechanisms of protecting their information from being accessed by the unauthorized persons. This is a department that a company should invest in since it can make or unmake the company or it may give all the individual’s information to these persons who may use it for the wrong intent. Companies or organizations and individuals need to keep track and be in the know of the cybersecurity rules and regulations. If a company is collecting information from its clients, then it must ensure that it is acting in good faith and avoid malicious usage of such information.
Wichers, D. (2013). The Open Web Application Security Project (OWASP), Top 10-2013. OWASP Foundation.
Elbirt, A. (2003). Information Warfare: Are you at risk? IEEE Technology and Society Magazine. Vol. 22. Issue 4,13-19.
O’Gorman, G. & McDonald G. (2012). Ransomware; A growing menace. Retrieved from http://iisit.org/Vol14/IISITv14p087-099Ali3400.pdf.
Stalder, F. & Hirshi, J. (2012). Open Source Intelligence. First Monday. Vol 7, Issue 6.1-8.
Kaushal, R. Saha, S. Bajaj, P. & Kumaraguru, P. (2016). Kids Tube: Detection, characterization and analysis of child unsafe content and promoters on YouTube. 14th Annual Conference on Privacy, Security and Trust, 157-164, IEEE.