Introduction
Physical, human, and technical factors make up the three basic components of cyber security. All three of these components must be recognized and considered in order to adopt the finest cyber security practices. Effective cyber security can only be achieved through an approach that secures the physical, technical, and human elements (Sengan et al, 2020).
When discussing cyber security, the term “physical” is used to describe the actual physical form that our digital technology takes. Our smartphones are tangible things, yet it’s easy to forget that sometimes (Alibasic et al 2016). Our technological infrastructures, wherever they may be, are likewise included, as is their safety. Individuals who obtain access to computers and networks pose a physical threat to cyber security. This could involve getting past the company’s security personnel or figuring out a way to unlock the computer without using the keys. Internet of Things (IoT) gadgets increase the total number of accessible devices, and thus the total number of targets for cybercriminals (Umanailo et al, 2019).
The term “technical cyber security” refers to the many methods available for safeguarding our digital assets. Everything from virus scanners to ethical hacking to identify security holes falls under this category (Marcum & Higgins, 2019). Knowledge and modern technologies are brought together by experts to create defenses. Organizations may implement cyber security initiatives or conduct red team assessments to identify security flaws. Cyber security teams composed of technical experts analyze potential dangers and attempt to close any holes they find (Villegas-Ch et al, 2021).
When it comes down to it, human cyber security is all about the people who make a difference in the world of cyber security. People are a vital part of the cyber security ecosystem, both for their personal protection and the protection of those around them (Stewart & Jürjens, 2017). Humans are responsible for all aspects of the technology life cycle, from programming to cyber security to end-user consumption. To identify potential security holes, it is essential to examine how human actions can either strengthen or weaken cyber defenses. In order to determine how vulnerable an organization’s staff is to phishing and other scams, red team assessments frequently utilize ethical social engineers. A thorough understanding of how and why we practice good cyber security is necessary for this to be implemented; hence raising awareness is also highly important to the human side of cyber security (Tomić & McCann, 2017).
Background: Facts of the Case
According to documents released by NBC News from documents seized by Edward Snowden from the National Security Agency, a covert British intelligence unit established to launch cyberattacks against Britain’s adversaries has waged war on the hacktivists of LulzSec and Anonymous. Unfortunately, the intelligence agency’s blunt tool was also employed to disrupt the web communications of political dissidents who were not involved in any criminal hacking (NBC, 2014). Websites with nothing to do with Anonymous may have also been taken down.
British agents have created “dirty tricks” to be used against countries, hackers, terrorist organizations, suspected criminals, and arms dealers. These “dirty tricks” include the release of computer viruses, the monitoring of journalists and diplomats, the jamming of phones and computers, and the use of sex to entice targets into “honey traps” (Dunn, 2015).
Documents leaked by Snowden Edward from the NSA and gathered exclusively by NBC News specifics techniques employed by a covert British intelligence unit called the JTRIG (Joint Threat Research and Intelligence Group), whose stated goal is to take the offensive against enemies ranging from Iran to the hacktivist collective Anonymous. The records come from NSA cyber espionage conferences in 2010 and 2012, when the agency said its goal was to “deny, destroy, disrupt, and degrade” enemies by “discrediting,” “planting false material,” and “cutting off their communications” (Queally, 2021).
The documents claim that the British government was the first in the West to launch a DDOS (denial of service) attack, the very same method that hackers use to take down websites belonging to financial institutions, retailers, and governments. The attack was done by a part of the British NSA, which is called GCHQ (Government Communications Headquarters) (Musil, 2014).
Legal Challenges
The relationship between hacktivists and the law has historically been tense. In most cases, the law enforcement community and courts will not even consider the hacktivists’ ideological agenda when dealing with their illegal actions. This is most obvious when terrorist acts are committed against the state (De Paoli et al, 2021). One of the most frequently cited justifications for hacktivism suggests that online protests should be given the same consideration as offline ones. Academics at George Washington University have argued that the First Amendment, which guarantees the freedoms of expression, the press, assembly, and petition in the United States, may also protect hacktivism (Choi, Lee & Louderback, 2020). They also claim that the regulations that are now in place regarding cyberspace are inadequate for dealing with these types of protests. In response to claims that strict punishments in the legal system are the only way to curb hacktivism, the researchers said that governments and businesses might take preventative measures against the phenomenon by adopting better security policies (Saunders, 2017).
Ethical challenges for the investigators
Differences in stakeholder action and legal requirements for various levels of security contribute to a wide range of cybersecurity-related ethical dilemmas. It’s also essential to think about how serious the potential consequences for the people are (Gupta, 2017). Cybersecurity-related ethical concerns are becoming more widespread with the development of new technologies. They can arise in any sector of daily life (the economy, public safety, healthcare, transportation, etc.) and inflict varying degrees of harm to persons (Bustard, 2018).
The processing of personal data is fraught with dangers threatening individuals’ freedoms. The information could get misplaced, destroyed, improperly altered, shared with the wrong people, or processed illegally (Boss, Branson & Pickens, 2017). Depending on the specifics of the processing and its scope, different levels of risk may be associated with personal data processing. The risk to individuals increases when processing is done on a massive scale, especially when dealing with sensitive data (Mahalle, Yong & Tao, 2019). By anticipatorily identifying, addressing, and mitigating risks, the potential adverse effects on data subjects can be significantly reduced.
Privacy of personal information is crucial because it helps to level the playing field regarding the distribution of knowledge (Horan & Saiedian, 2021). When negotiating contracts involving the use of their data, individuals are typically disadvantaged and need more resources to verify that their counterparties are abiding by the agreement. Having legally binding data protection standards ensures that all data transfers are conducted under secure and fair conditions. Also, people have been safeguarded from bias thanks to the right to privacy of their personal information (Boss, Branson & Pickens, 2017). It is common knowledge that people’s privacy can be violated if their data is utilized in ways not intended by the original data collectors. This is especially true when new technology is used carelessly in the name of public safety. Protecting individuals, especially those from marginalized groups, against discrimination and injury, privacy legislation is limiting the dissemination of private information. Ultimately, privacy legislation will shield individuals from harmful influences that could compromise their dignity (Bustard, 2018).
Practical challenges for investigators
Cybercrime investigations face a number of potential challenges. The anonymity afforded by modern means of communication is one such barrier. With the ability to remain anonymous, people are free to pursue their interests without fear of repercussions from others (Shalaginov et al, 2021). Criminals on the Internet often utilize one of several methods to conceal their identities. The utilization of proxy servers is one example of such a method. A proxy server is a server that sits between a client (a computer) and the server the client is trying to access in order to retrieve certain data (Nukusheva et al, 2022).
Anonymizers, also known as anonymous proxy servers, protect users’ privacy by concealing their true Internet Protocol (IP) address (Yerjanov et al, 2017). Cybercriminals may use anonymity networks to hide their identities and activities online by encrypting (i.e. blocking access) communications and hiding their Internet Protocol address (or IP address), which is “a unique identity supplied to a computer [or other Internet-connected digital device] by an Internet service provider” (Nukusheva et al, 2022). Another difficulty investigators face when looking into cybercrime is determining responsibility. To attribute means to identify the person or thing that committed the infraction. The goal of this procedure is to pinpoint the digital device, user, and/or perpetrators of the cybercrime (Yeboah-Ofori, Abdulai & Katsriku, 2019). The term “back-tracing” or “traceback” refers to the method of tracing the origin of an illegal conduct back to its initiator and/or the device used to commit the cybercrime.
After a cybercrime has been committed or is discovered, the process of traceback begins (Blumbergs, 2019). Examining log files can disclose information about the cybercrime as part of a preliminary inquiry on how it occurred. Event logs are a useful tool because they “automatically record events that take place within a computer to establish an independent audit that can be utilized to understand, monitor, and diagnose activities and issues within the system” (Nukusheva et al, 2022).
Case study: Snowden Docs Show UK Spies Attacked Anonymous, Hackers
In accordance with documents from the National Security Agency that were disclosed by Edward Snowden and made public by NBC News, a clandestine British espionage unit created to launch cyberattacks against Britain’s adversaries has engaged in combat against the hacktivists of Anonymous and LulzSec. However, the intelligence agency’s heavy hand in targeting hackers disrupted the online communications of political dissidents who were not involved in any unlawful hacking. Even sites with nothing to do with Anonymous could have been taken down (NBC, 2014).
The United Kingdom’s government is the first Western power to be publicly implicated in an operation of this kind. It has been stated that Anonymous hacktivists’ communications were disrupted by a “denial of service” (Distributed denial of service) attack undertaken by an arm of GCHQ (Government Communications Headquarters), the British version of the NSA. PowerPoint slides from a 2012 NSA conference called SIGDEV reveal that the Joint Threat Research Intelligence Group (JTRIG) brags about utilizing a distributed denial-of-service (DDOS) attack named “Rolling Thunder” and other ways to drive away 80% of users from online Anonymous chat rooms (Bhat et al, 2019).
Since vandalism and theft of private property can now occur online, NBC News has argued that law enforcement and intelligence agencies should be permitted to go after those who are crossing the line from mere free speech into illegal activity. Furthermore, it says that while no one should be singled out for their ideas or words, there is also no justification for authorities to declare lawbreakers to be safe in the digital space. However, there are many who feel the British government went too far in its crackdown on hacktivists’ communications, and that this action infringed on the rights of those who were never formally accused of any wrongdoing. Many of the individuals targeted were also juveniles (NBC, 2014).
Anonymous, a loose global collective, launched an internet campaign in 2011 named “Operation Payback” against the online payment firm PayPal and many credit card companies. The FBI, CIA, and GCHQ websites were all hit by hackers as well as other U.S. and British government sites. In opposition to Chelsea Manning’s conviction for stealing thousands of sensitive documents from U.S. government servers, the hacktivists attacked companies that refused to handle payments to WikiLeaks, the website that released her secrets (Greenwald, 2014). To counter the rising tide of hacktivism, GCHQ formed a unit known as JTRIG. Officials from JTRIG claimed that the group’s objective included attacking and disrupting computer networks, conducting “Active Covert Internet Operations,” and conducting “Covert Technical Operations,” all of which were detailed in a document that Snowden stole from the NSA and provided to NBC News. The memo outlined several options, including pretending to be the enemy in a “false flag” operation and jamming phones, computers, and email accounts. According to the same document, GCHQ is placing a greater priority on employing cyber tools to attack adversaries (Lashmar, 2015).
Hacktivists Topiary, G-Zero, and p0ke (and a fourth whose name NBC News has censored to protect the hacker’s identity) all have examples of their “humint” (human intelligence) collection techniques in the presentation. Hacktivists found out that GCHQ operatives were posing as other hackers and contacting them through online forums. The presentation contains a transcript of instant messages exchanged between agents and hackers in 2011. A second chat takes place between a GCHQ agent and a hacker going by the name of GZero who claims to “operate with” the first hacktivist. GZero sends the agent a string of code that, once executed, will recruit the visitor’s machine into a “botnet” and use it to launch attacks on other computers (NBC, 2014).
After this, an agent will start talking to p0ke and will inquire as to what websites he has visited. The hacker retorts that he broke into a U.S. government server and obtained credit card data associated with congressional and military email addresses. When p0ke did click on the link, however, JTRIG was able to locate the IP address of the hacktivist’s VPN. In spite of the VPN’s best efforts to conceal his true identity, GCHQ was able to pry it loose in one of three ways: by breaking into the network itself; by directly requesting the hacker’s personal information from the VPN; or by having local law enforcement in the country where he was located make the request (NBC, 2014). A VPN spokesman informed NBC News that the service had not shared the hacker’s details with GCHQ but did note that the VPN has previously worked with local authorities. GCHQ, as shown in the slides, was able to determine p0ke’s true identity despite his or her best efforts to conceal them (NBC, 2014).
It was stated by Anonymous specialist and author Coleman (2020) that the United Kingdom government penalized too many people for the crimes of too few. Although an exact count of Anonymous members is impossible, it’s safe to assume that thousands of people were on their side throughout those events, including a small number of lawbreakers. He went on to say that it was an awful example of overreaction to silence criticism if thousands of people were punished for the actions of a few vandals.
According to p0ke’s further interrogation, the victim admitted that he had stopped hacking because he had gotten tired with it, was too busy with his studies, and was never a “hacktivist” anyhow because politics were never his inclination. In spite of the fact that there was never any evidence of how his identity was discovered in court documents, T-Flow, a British hacktivist who was tried for his involvement in the same hacking operation as Topiary, told NBC News that he had always suspected that the U.K. intelligence agencies had used hacker techniques to seize him. Mustafa Al-Bassam, also known as T-Flow, was only 16 years old when he was caught, so he was not sentenced to time in an adult facility (NBC, 2014).
Practical challenges for prosecutors
In the event of a criminal inquiry, law enforcement may be unable to access data at all or may have access to only a subset of data due to regulatory changes such as the General Data Protection Regulation. The proliferation of digital tools and the widespread adoption of the internet has created a situation where law enforcement agencies must sort through massive amounts of data from which it is often impossible to isolate any individual (Tikkinen-Piri, Rohunen & Markkula, 2018). Criminals use encryption to prevent police from accessing potentially incriminating information, and virtual currencies like Bitcoin give them anonymity when transacting with the money they make from their illicit activities. When police don’t have access to crucial information, investigations are slowed or even halted (Brayne, 2017).
While there is a risk of data loss due to the use of encryption and cryptocurrencies, as well as other technologies like the dark web and cloud storage, these tools also make it very difficult for law enforcement to pinpoint the precise location of criminals, electronic evidence, or criminal infrastructure. This brings up intricate jurisdictional problems, and it’s not clear whose job it is to conduct investigations (Dsouza, 2017).
Due to the different legal systems in each European country, it is challenging to investigate and prosecute cybercrime effectively across borders. The key differences lie in the prosecutable acts and the extent of any potential investigations (Mohammed, Mohammed & Solanke, 2019). An investigation into cybercrime relies heavily on both the collection of electronic evidence and the tracking of illicit activity on the internet. A global legal framework poses considerable barriers to international collaboration and the difficulties posed by variances in national frameworks among European member states. This becomes an even bigger issue when dealing with global cyber threats (Jordaan, 2019).
When it comes to dismantling criminal networks, the private sector may be an invaluable asset, as it is often in a position to provide law enforcement with essential data that might hasten investigations (Sozanskyy et al, 2020). The public and private sectors need to work together. Still, no overarching legal framework outlines how businesses can assist law enforcement without infringing on their customers’ rights to privacy and due process (Maglaras et al, 2019). Challenges are exacerbated by emerging technologies like quantum artificial intelligence and computing. Despite the benefits that could be realized by law enforcement and the commercial sector in terms of mitigation and detection, there is also the risk that illegal exploitation could increase the prevalence of cybercrime (Sutherland, 2018).
Ethical challenges for prosecutors
Examination of the case file, the overall quality of the investigation, warrants and sufficient evidence, officer credibility, witness credibility, and the reliability of forensic evidence and staff are all important legal problems that the ethical prosecutor should consider while exercising their discretion and evaluating the quality of the investigation (Naqvi, 2018). Ethical problems that arise in the pre-trial phase include practically overcharging criminal defendants, unlimited fundraising, grand jury abuse, plea deals and immunity, witness intimidation and harassment Brady violations, and the fabrication, falsification, and suppression of evidence. Trial ethics concerns include unethical questioning, inciting a witness to perjure themselves, and improper use of the courtroom during closing arguments (Bello & Griffiths, 2021).
Prosecutors have an ethical obligation to keep a copy of all discovery materials given to the defense, as well as any physical evidence acquired, even after a case has been closed. They need to be humble enough to confess when they’re wrong and reevaluate their position in light of fresh information (Saunders, 2017). There needs to be universally agreed upon ethical and professional guidelines for criminal prosecutors; ethics training should be required for all prosecutors working in criminal cases; courts and supervisors must take action against corrupt prosecutors by disciplining and reporting them to state bar associations; the professional and conviction integrity sections of the prosecutor’s office are part of the internal regulation of the office; and the elimination of prostitution as a motivating factor in the prosecution process (Friend et al, 2020).
Conclusions
Internet, gas, electric, and water. All of these contemporary necessities, but unlike other utilities, the Internet does not simply turn on or off. It has many facets in the internet world, and even the most novice surfer wants to know more. How fast are the downloads? upload rates Rates of ping? How reliable is the WiFi connection? Will I be able to play online games, shop online, and have face-to-face conversations with relatives who live in another country?
Therefore, it is absurd to argue that even the most basic user is unable to comprehend how the Internet may be used against them. The bulk of cyberattacks are the result of human error, so arming internet users who are lacking in fundamental digital literacy is the solution.
We all have a part to play as “cyber security experts,” including the UK government, which has unveiled a strategy to maintain the country at the forefront of the digital revolution by providing free digital skills to millions of people, nonprofit organizations, and enterprises by 2020. We shouldn’t, however, stop there. Since cybercriminals operate across international borders, it is particularly difficult for law enforcement to identify and pursue them. In the UK, for example, their direct reach is limited, and they can only police within their own borders. Governments and law enforcement agencies must cooperate to share intelligence and do more to pursue, disrupt, and punish cybercriminals in order to raise the risk and cost to those who commit such crimes. The threat is not limited to national borders. Even the Wild West was eventually tamed, after all.