According to the 2017 Internet Crime Report, the Federal Bureau of Investigation received more than 300,000 complaints with reported losses of more than $1.4 Billion. The most common crime types reported by victims were non-payment and non-delivery, personal data breaches, and phishing/vishing/smishing/pharming scams. Despite an overwhelming amount of research regarding cybercrime, there remains important questions about the demographics of targets. For example, how do attackers conduct different forms of reconnaissance depending on the race, class, and gender of their intended targets?
A contributing factor to the lack of research regarding intersectionality and cybersecurity literature may be correlated with the underrepresentation of women and racial minorities. According to the United States Department Labor, only 18 percent of cybersecurity specialists are women while nearly 75 percent are white. This gender (Cooper 2006) and racial digital divide (US Census 2017) have been extensively, but important differences in how cybercriminals victimize populations have yet to be adequately addressed.
This module is designed for students to learn both sociology and cybersecurity concepts as they relate to their own social location and online behavior.
Network information, host information, security policies, and human information are all at risk during the reconnaissance phase. Network information includes IP addresses, subnet masks, network typology, and domain names. Host information includes user names, group names, and architecture type. Security policies include password requirements, physical security, firewalls, and intrusion detection systems. Human Information includes home address, telephone number, frequent hangouts, and interests.
Example of Occurence
In May 2018, Researchers reveal that a hacking group connected to Russian intelligence services had been conducting reconnaissance on the business and ICS networks of electric utilities in the US and UK since May 2017.