I need a five page single spaced review on this paper on Martinez, F. G., & Dawson, M. (2019). Unprotected Data: Review of Internet Enabled Psychological and Information Warfare. Land Forces Acade

This aspect of warfare is used to create a favorable image, gain ing adherents, and undermining opponents ha d already become a significant weapon of 20th-century warfare.

However, “they are neither a substitute for power nor a panacea” (Headquarters Department of the Army, 1979, pp. 1-5) but employed correctly they can be instrumental, making the difference between success or failure in military operations. And not exclusively military operations, but also in numerous other fields, su ch as technology or marketing. Information warfare is, in general terms, a way of protec ting one’s information infrastructure while attacking someone else’s by using computers. In the past century, it was commonly considered how future wars would take place and, more importantly, the mean by they would be won (Aldrich, 1996).

Consequently, inform ation warfare has become a significant issue in recent decades for both governments an d private companies, who have often joined forces to strengthen their economies over th eir adversaries. For instance, in the United States, government agencies such as the Central Intelligence Agency (CIA), Fe deral Bureau of Investigation (FBI) or National Security Land Forces Academy Review Vol. XXIV, No 3(95), 2019 DOI: 10.2478/raft-2019-0022 © 2017. This work is licensed under the Creative Commons Attribution-NonCommercial-NoDerivatives 3.0 License. Unauthentifiziert | Heruntergeladen 22.03.20 17:53 UTC 187 Agency organiz a protecti o whose f Rona o f such a (2003, p Interna t the loss espiona g billion i by the conclu d surveye d espiona g Th much i advers a inform a confide n From t h three l warfare and glo b a singl e electro n person a to, ha r theft o attacks inform a specifi c ransom w (NSA) ha v ations to on program s first record e f the Boein g great imp o p. 1) rema r tional Tra d in the Unit e ge at $23. 8 in 198 9” . B Universit y ded that 4 8 d admitte d ge victi ms ( S he primary informatio n ary whil e ation infra s ntiality, in t he economi c levels of , being t h bal levels. T e individua l nic privacy . al level inc l rassment, e or blackm a often co n ation gather i c targeted c ware (O’ G ve cooperat e create s (Elbirt, 2 0 ed use was g Corporatio n ortance tha t rks in his p de Commis s ed States d u 8 billion in Besides, a st u y of Illi n 8 % of t h d to be i Schawartau Fig u purpose is n as possi b e prote c structure, t tegrity, an d c point of v impact i n hese perso n The person a l or group . Attacks d lude, but a r extortion, p ailing. Th e nsist of a n ing to, late r ampaign o f Gorman & ed with pri v infrastruc t 003). The te r by Thoma s n in 1976, i s t A. J. El b paper that “ sion estim a ue to econo m 1987 and $ udy condu c nois in 1 9 he compa n ing indust r , 1997).

ure no. 1: Inf W R U H W U L H Y H E O H I U R P F W L Q J R Q W K X V H Q V X U L G D Y D L O D E L O L Y L H Z W K H U H Q L Q I R U P D W L Q D O F R U S R U D D O O H Y H O D I I H R I L Q G L Y L G X G L U H F W H G W R U H Q R W O L P L S H U V R Q D O G H V H N L Q G V Q L Q G L Y L G X D U R Q S H U I R U P I E O D F N P D L O 0 F ' R Q D Y D W H W X U H U P V 3 V R I E L U W “the ated mic $40 cted 988 nies rial a p h ma Al fav dis da inf cre Pr at t co att (E nformation W e as the ne’s ing ity.

are ion ate, ects uals the ted data of al’s m a or ald, 2 0 foc pr i mi co sp a n an the wa or as le v inv rel dis Ad Typical Denial of hishing, so c anipulation ll with the vorable po s srupting the ata. As a c o formation w eated in 1 9 otection C tacker pe r onducting a n tack plan n Elbirt, 2003) . W arfare Pr o 012). Some cus on una u ivate in f isinformati o orrected, d reading of n individua l nd the mali e resulting d When arfare attac organizati o industrial vel. The u volve com p lease of th e srupting dditionally, informatio n Service a t cial engin e or mod i common sition over ir services o onsequence , warfare attac k 998 the Na t Centre (NI P rforms t h n attack: in f ning, and .

ocess other per uthorizedly formation.

on could b e due to t h data across l’s privacy cious acti v damage is o the con d ks are ele v ons, they a r espionag e usual corp o petitor inf o eir propriet an adv e there hav e n warfare at t ttack (DoS eering, or ification o goal of g a their oppo n or stealing c , threatene d ks, the Unit e tional Infr a PC). Typic hree steps formation g attack e sonal leve l altering so Though t e easily re m he extrem e the netwo r has been i vity has be e often irrepa r ducted inf o vated to c o re often re f e or the c orate level ormation t h ary inform a ersary’s e also been tacks are attack), deletion, of data.

aining a nents by classified d by this ed States astructure ally, an when gathering, execution l attacks meone’s t this moved or ely fast rk. Once invaded, en done, rable.

ormation ompanies ferred to corporate attacks heft, the ation, or activity.

cases of Unauthentifiziert | Heruntergeladen 22.03.20 17:53 UTC 188 governments making use of Information Warfare tactics to provide information to a private organization within the country from a competitor of a foreign country.

Elbirt gives an example of this kind of activity in his paper: “Hitachi paid IBM a reported $300 million in a settlement agreement after being caught spying on a new generation of IBM computer equipment and that French intelligence was proven to have spied on Boeing to help Airbus” (Elbirt, 2003, p. 5).

Economic espionage, or global level attacks, refer to the government’s use of Information Warfare techniques to combat other countries or their a llies in the desire of improving their economy or obtaining a better combative posi tion. Nonetheless, these attacks are not li mited to government activities, but they also include terrorist groups, such as Anonymous, Al-Qa’ida, or the famous Chinese cyber espionage group, Axiom. However, they require a large number of people invol ved and a significant monetary investment. A key aspect of being successful at the glob al level relays on being capable of organizing this vast number of people whil e maintaining a high level of privacy. Concerning data collection, databases can represent a great source of useful data within the information warfare. Numerous access control countermeasures have been developed and are implemented, preventing unauthorized users from accessing and retrieving confidential information.

Nevertheless, those techniques do not address the inference control problem, where a user could perform legitimate general queries to the database as a whole while restricting him from extracting individual’s private information (Elmasri, 2008). Clifton and Marks (1996) introduce some possible solutions in their paper.

To ensure that a company cannot infer private data from public data to, later, use it to gain a better positi on than its competitors in the information warfare. 2.

All Source Intelligence Analyzing data coul d provide valuable information rega rding an organization’s or individual’s activity with the use of Open Source Intelligence (OSINT) tools. OSINT data is unclassified information or data that is publicly available. OSINT is not to be a substitute for other sources of intelligence but rather complement ex isting methods to collect information such as Geospatial Intelligence (GEOINT), Signal Intelligence (SIGINT), Human Intelligence (HUMINT), and Measurement Intelligence (MASINT).

This data collectio n method relies on information that is found publicly without the need to request access to it, and it can be used to generate reports (S talder & Hirsh, 2002).

Having access to this data allows an attacker to develop an intelli gence analysis on the target. This analysis can be a culmination of information about the target’s movements, online behaviors, tech nical data, and more.

With the Internet, several applications such as Maltego can make the profession of an OSINT analyst done w ith ease. This means they can create transforms, perform sentiment analysis of words, and review other public databases with ease.

3.Misuse of Data The widespread use of newer technologies and their correspondent tools and apps leads to infinite quantities of data released to the Internet. However, the most critical finding in the last recent years is that all this data has a value. All this information which was practically discarded was a source of intelligence that traditionally took a significant work effort to collect. Hence, enterprises have increased their investments in software, hardware, staff, education, and other associated items that constitute the digital world, by 50 %, to $4 trillion (Gantz & Reinsel, 2011). Grantz and Reinsel state in their paper that “the amount of information individuals create themselves – writing Unauthentifiziert | Heruntergeladen 22.03.20 17:53 UTC 189 documents, taking pictures, downloading music, etc. – is far less than the amount of information being created about them in the digital universe” (Gantz & Reinsel, 2011, p. 1) . Therefore, we cannot imagine how significant this amount of data is, and even less wonder how to handle it. That is why companies are putting all their efforts to be able to generate value by extracting just the right information, or even by misusing the data for different purposes for what it was collected. Being capable of doing so would enormously help to position themselves in the “pole position” of the information warfare.

It cannot be denied that the new features included in popular apps usually make someone’s life easier. However, the actual goal of the company for developing that new functionality remains unthinkable and unknown to the end user. These goals can range from the selling of data to third parties or collecting data to sell other products to the end user (Ahmed, 2004).

It was probably not to make everyone’s lives more comfortable but to know more about them; to gather more useful information about the people wh ich can later be transformed into personal-oriented marketing strategies and, eventua lly, more revenues to the corporation. What enterprises usually achieve with these techniques is to get more private information about their users’ data, or metadata, which, as a result, is growing extremely faster than th e actual data itself.

In recent years several patents can be found that deal with mobile data collection to (Sinisi, 2007). Facebook’s new “face recognition” or “tag s uggestion” feature is an excellent example of this. This functionality identifies a user’s face in a picture and notifies him of the uplo aded photo. Thus, the user can decide whether to be tagged in the photo or, even more, re port someone who has uploaded a picture of him without consent.

Although several privacy experts claim that it is an excellent adva nce in protecting someone’s privacy preventing fraud and identity theft, wh at Facebook does is maintaining what it is called a “template” (Fussell, 2018). This te mplate is a string of numbers that is unique for each user, which could be considered similar to a fingerprint.

As a consequence, Facebook becomes the owner of extremely protected biometric data of its customers, that could later be tasked for malicious purposes. According to John T. Soma et al.

personally identifiable information (PII) “is now a commodity that companies trade and sell” (Soma, Couson & Cadkin, 2009, p. 1). Furthermore, it is equaling or even surpassing the value of traditional financial assets in large corpor ations. Nevertheless, the question is: are companies benefitting from the use and trade of PII without protecting the privacy interests of those PII owners? This entails consequences for commercial and technological sectors. In the marketing industry, the benefits of using PII are doubl e (Soma, Couson & Cadkin, 2009). Imagine that an online store sells alcohol to its consumers. Collecting data such as gender or nationality may not make any difference, but, if it also collected age values, it could sign ificantly narrow its target to old enough consumers. Thus, the store would not only increase its revenues by approaching more likely possible buyers but also reduce costs by discarding underage consumers. Moreover, consumers can also benefit from companies keeping their PII, tailoring them future activity.

Cloud computing is becoming an excellent solution for many small and medium companies since it represents a great way of savi ng money by sharing resources with other organizations and Unauthentifiziert | Heruntergeladen 22.03.20 17:53 UTC 190 avoid buying and maintaining their servers.

However, regardin g security, cloud providers may have to face different risks and challenges to the ones in conventional IT environments. From the end user’s point of view, they are still reticent to cloud computing technologies, concerned about their data privacy and security issues — even more after knowing about the most significant cloud com puting providers security breaches. Google Gmail was exposed to a severe vulnerability up to 4 hours in its VMware virtualization for Mac version in 2009, where attackers could take advantage of this vulnerability to execute malicious code on the host (Chen & Zhao, 2012). Microsoft Azure also suffered a severe outage accident on its cloud services for 22 hours earlier this year.

Concerning the health sector, due to the augment of health information available in the Internet, patie nts tend to look for their symptoms online, sharing especially private data to everyone, without considering its associated security risks.

Researchers comment that “Both specialists and patients can benefit from linking family health profiles so that all relevant information is availabl e for reference when the need arises” (Gajanayake, Iannella & Sahama, 2011, p. 31) o bviously, developing a safe and private environment. The access of illegitimate person s to one’s health information can have critical consequences when later being disclo sed or misused since it contains sensitive data tremendously useful for ransom ware or social engineering attacks.

Thus, they propos e an information accountability mechanis m as the solution to information misuse in the health field.

Moreover, they claim that with their approach “when inappropriate misu se is detected, the agent defines methods of holding the users accountable for misuse ” (Gajanayake, Iannella & Sahama , 2011, p. 37). 4.

PII Exploits Krishnamurthy and Wills define personally Identifiable Information (PII) as “information which can be used to distinguish or trace an individual’s identity either alone or when combined with other public information that is linkable to a specific individual” (Krishnamurthy & Willis, 2009, p. 7). The term encompasses any information that can uniquely identify an individual, such as name, birthday, address, phone number, social security number, fingerprints, or a face photo. Social networking sites are web-based services that allow their members to build a public or semi-public profile and connect with other strangers based on shared interests, hobbies, or political thoughts (Boyd & Ellison, 2007). We could say that social media is an expansion of traditional media, offering individuals highly capable and nearly unlimited ways of communicating and networking with others.

There are many different kinds of social media business models, varying from sharing live-photos of places you are currently visiting activities focused on growing your professional network and seek jobs. Nevertheless, just like everything in this world, social networking sites also have their drawbacks. Users do not often realize the massive amounts of personal data that they are sharing with their network and thus, how they are being exposed to exploits of these data.

All social networks offer a wide range of possibilities con cerning the privacy settings of their members. If an individual leaves these settings public by default, this can constitute a breach of privacy.

Consequently, a malicious user can perform a reconnaissance attack and gather as much possible information to conduct a successful social engineering attack later. Unauthentifiziert | Heruntergeladen 22.03.20 17:53 UTC 191 However, having a public profile is not the only vulnerability to private information on a social networking site. In their paper, P.

Gundecha et al. discuss how a social media user can become way more exposed to exploits of his data by merely adding a vulnerable friend. They define a vulnerable friend “from an individual user’s perspective is dependent on whether or not the user’s friends’ priv acy settings protect the friend and the individual’s network of friends (which includes the user)” (Gundecha, Barbier & Liu, 2011, p. 511).

Hence, a single user’s privacy settings can compromise its entire network.

Frequently, social media websites partner with third-party servers to provide content and advertisements to their users.

Although these websites claim in their privacy policies that they share cookies to third parties to offer a better user experience to their members, these cookies do not exclusively consist of Internet Protocol (IP) addresses (Symantec Cor poration, n.d.). What is more, some third-party servers are in fact trackers or aggregators, that follow the user habits before, while and after the user’s interaction with the social media application (Krishnamurthy & Willis, 2009).

Krishnamurthy and Wills de fine this action of combining this PII with other information and sharing it to external websites as “leakage”.

In their paper, they present a study demonstrating how Onli ne Social Networks (OSN) often provide info rmation linked to a particular person to third parties via a combination of HTTP headers and cookies.

Most of the times, when a person publishes a document or picture on the Internet, he is not aware of the PII or other identifiers attached to it, even less how to remove them. There are countless situations in which personal information is retrieved from documents with inappropriate security. Therefore, this private data can further be used to commit malicious activities. An example of information leak caused by inadequate attempts to secure protected information took place in 2000 when a secret CIA document about a coup in Iran was published in The New York Times website (Aura, Kuhn & Roe, 2006).

The company unsuccessfully tried to erase the names of the persons involved by just painting white squares over their names.

As a consequence, the names were still in the publication’s metadata and could easily be retrieved.

5.Where Stolen Data Can Be Found: Dark and Deep Web The types of data captured through poor security practices and improper coding techniques provide not only side channels into the organization s but a plethora of details. For example, a photo provides lots of metadata that can give insight into camera type, specific detailed information of photo taken, latitude, and l ongitude coordinates.

These items can be us ed to create an intelligence analysis of a target with the number of connected de vices and those on the Web with a lack of security protections.

However, the key is where these stolen data and information end up do. The definition of the Internet as the mainstream perceives does not entirely represent what the entity is. Because of an increasing number of static HyperText Markup Language (HTML) pages, there is an enormous a mount of information hidden in the layers of deep and dark Web where most search engines cannot have access (see Figure no. 2). The pathway to these remote Web locations is provided through static Uniform Resource Locator (URL) links due to their existence being depended on responses to queries submitted through the query interface of an underlying database. It is estimated that 43,000 to 96,000 deep Web sites exist along with 7,500 terabytes of da ta (He, Patel, Zhang & Chang, 2007). Unauthentifiziert | Heruntergeladen 22.03.20 17:53 UTC 192 Th website being t h sense l i Take t h exampl e databas e informi n crawler all “k n website you ne e searchi n he issue w s is that t he site is n o ike a stand a he search e items a e by eit h ng Google s looking fo nown” we b is not in d ed to know ng for di r ith trying t they do n o ot indexed i ard search engine G o are added her the w of their U R for, finding , bsites it f i dexed in e the URL o f rectly. N o Figure no. Figure n to locate d e ot exist. T in a traditio engine wo r oogle.com to Goog l website it s RL or the w , and index i inds. A d e ither capa c f what you ow there 3: Exampl e no. 2: Com p eep hat nal rks.

for le’s self web ing eep city are are ex am are Du Do en sta In en se a Ho no tha e of the Du c plete Web xtensive dat a mounts of s e called uckDuckG o ogPile for ngines all o andard sea r some cas e ngines can b arch terms owever, ev e ot take into at is found o ckDuckGo S abases that search eng i metasear c o (see Fi g example. T ow you t rch engine s es, as ma n be searche d and the p en these me account t h on the deep Search Pag e try to com p ine data, a n ch engin e gure no.

These met a to search s all at o n ny as 40-5 0 d with the press of a tasearch e n he vast inf o web.

e S L O H O D U J H Q G W K H V H H V O L N H \f D Q G D V H D U F K Y D U L R X V Q H W L P H V H D U F K H Q W U \ R I E X W W R Q Q J L Q H V G R R U P D W L R Q Unauthentifiziert | Heruntergeladen 22.03.20 17:53 UTC 193 Unauthentifiziert | Heruntergeladen 22.03.20 17:53 UTC TOR is native in the Tails Operating Systems (OS) Tails is a Debian based Linux distribution which primary goal is the preserve privacy and anonymity to beat surveillance. In recent years, organizations such as the NSA have been attacks this browser. One attack revealed was the exploitation of the Tor Browser Bundle. When using the Tor Browser security that leaves a system vulnerable such as Flash become enabled in this attack (Schneier, 2013). This attack targeted the Firefox browser by identifying the Tor Users and executing attacks against the browser (Schneier, 2013). Other tools detected Hypertext Transfer Protocol (HTTP) through Capability Ne twork Exploitation (CNE), which is the starting point for finding Tor users. Researchers at the University of Waterloo and Stony Brook University discuss active attacks for webs ite fingerprinting to identify destination web pages by passively observing their communica tion traffic (Wang, Nithyanand, Johnson & Goldberg, 2014). However, these attacks have not deterred the use of Tor Browser. For users conducting illicit activi ties, this browser allows for undetected movement. One needs not to look too far to see the activities that occur on the Dark Web from the sale of illicit narcotics to human trafficking.

Services from experienced hackers to assassins can be located using Tor and exploring Hidden Wiki. Some browsers allow the user to protect their privacy. One such browser is Searx that does not share the users’ IP, search history, and aggregates the results of more than seventy search en gines (Tauber, n.d.).

Searx browsers allow for advertisement filtering, personalization, and use of HTTP POST by default. Figure no. 5 shows the results of a search of Illinois Institute of Technology that popula tes that allows for files to be downloaded; pages scraped and allowed customization in terms of time. Figure no. 5: Searx Browser Unauthentifiziert | Heruntergeladen 22.03.20 17:53 UTC 195 There have been several occasions where the Tor network has been abused for personal gain. In 2013 a Harvard University student used this mean of anonymity to send emails to the school for a hidden bomb threat to avoid a final exam (Lin, Tong, Zhijie & Zhen, 2017). Silk Road is an online black market being accessed by nearly one million users through the excl usive access of the Onion Router. It includes illegal services like drug trafficking, child pornography, and arms trafficking; the value of its transactions has been calculated to be worth $12 billion.

Its operations were shut down in October 2013 by the Federal Bur eau of Investigation (Lin, Tong, Zhijie & Zhen, 2017).

“Anonymous” the noto rious worldwide hacker organization, launched a DDoS attack against Sony Corp in April 2011. They used the anonymous network and managed to steal the personal data of nearly 1 billion people.

This attack had a disrup tive financial impact of $171 million (Lin, Tong, Zhijie & Zhen, 2017). 6.Using Web for Targeted Warfare Researchers have discovered that Internet sites such as YouTube Kids and YouTube have detected unsafe content through nefarious promoter s that target kids through psychological means (Kaushal, Saha, Bajaj & Kumaraguru, 2016). This means that the threat landscape is altering to include all active us ers regardless of age or other constraints previously considered off limits. In the past mainly adults have been the targets of individuals or nation states however due to technological advances and increased connectivity any connected user can be a target. Reviewing the Open Web Application Security Project (OWASP) top 10 over the last ten years, it is apparent that the same critical web application vulnerabilities are still found (Wichers, 2013). One such vulnerability is the Common Weakness Enumeration (CWE) 89: Structured Query Language (SQL) Injec tion, which is rather easy to exploit using an application called sqlmap. A simple search of php?id=[number] while bringing up several websites through a query that can be a potential target. 7.Conclusion The misuse of data and deficiency of knowledge to apply security controls is a critical issue across enterprise networks. The Internet has allowed for older techniques used for warfare to be modernized at levels that make a novice intelligence analyst near a Subject Matter Expert (SME). This is a drastic change to the landscape of the cu rrent battlefield in which is still evolving with the ever expansion of networked systems such as the Internet of Things (IoT) and 5G. The apparent scarcity of applied cybersecurity protections is allowing for threat agents to take advantage of organizations and individuals that lack the necessary knowledge for ensuring protection. This, combined with laws that do not require companies to have stronger security, enable attackers to perform exploits continuously.

REFERENCES Ahmed, S. R. (2004). App lications of data mining in retail business. International Conference on Information Technology: Coding and Computing. Proceedings. ITCC , Vol. 2 , 455-459. IEEE. Aldrich, R. W. (1996). The international legal implications of information warfare (No. INSS-OP-9). Colorado: Air Force Academy Colorado Springs Co. Unauthentifiziert | Heruntergeladen 22.03.20 17:53 UTC 196 Aura, T., Kuhn, T. A., & Roe, M. (2006). Scanning electronic documents for personally identifiable information. Proceedings of the 5th ACM workshop on Privacy in electronic society, 41-50, New York, USA: ACM. Boyd, D. M., & Ellison, N. B. (2007). Social network sites: Definition, history, and scholarship. Journal of Computer-Mediated Communication, Vol. 13, Issue 1 , 210-230. Chen, D., & Zhao, H. (2012). Data security and privacy protection issues in cloud computing. International Conference on Computer Science and Electronics Engineering, Vol. 1, 647-651, IEEE. Clifton, C., & Marks, D. (1996). Security and privacy im plications of data mining. ACM SIGMOD Workshop on Research Issues on Data Mining and Knowledge Discovery, 15-19.

Elbirt, A. J. (2003). Informati on Warfare: Are you at risk?. IEEE Technology and Society Magazine, Vol. 22, Issue 4 , 13-19. Elmasri, R. (2008). Fundamentals of database systems . India: Pearson Education.

Fussell, S. (2018). Facebook’s New Face Recognition Features: What We Do (and Don’t) Know [Updated] , available at: https://gizmodo.com/facebooks-new-face- recognition-features-what-we-do-an-1823359911, accessed on 18 March 2019.

Gajanayake, R., Iannella, R., & Sahama, T. ( 2011). Sharing with care: An information accountability perspective. IEEE Internet Computing, Vol. 15, Issue 4 , 31-38. Gantz, J., & Reinsel, D. (2011). Extracting value from chaos. IDC iview, 1142, 1-12.

Gundecha, P., Barbier, G., & Liu, H. (2011). Exploiting vulnerability to secure user privacy on a social networking site. Proceedings of the 17th ACM SIGKDD international conference on Knowledge discovery and data mining , 511-519, New York, USA: Association for Computing Machinery.

He, B., Patel, M., Zhang, Z., & Chang, K. C-C. (2007). Accessing the deep Web.

Communications of the ACM, 50(5), 94-101.

Headquarters Department of the Ar my (1979). Psychological Operations . Field Manual, No. 33-1, Washington: U.S. Government printing office. Kaushal, R., Saha, S., Bajaj, P., & Kumaraguru, P. (2016). KidsTube: Detection, characterization and analysis of child unsafe content & promoters on YouTube. 14th Annual Conference on Privacy, Security and Trust (PST ), 157-164, IEEE. Krishnamurthy, B., & Wills, C. E. (2009). On the leakage of personally identifiable information via online social networks. Proceedings of the 2nd ACM workshop on Online social networks, 7-12, ACM.

Lin, Z., Tong, L., Zhijie, M., & Zhen, L. (2017). Research on Cyber Crime Threats and Countermeasures about Tor Anonymous Ne twork Based on Meek Confusion Plug-in.

International Conference on Robots & Intelligent System (ICRIS), Vol. 1 , 246-249, doi:10.1109/icris.2017.69. O’Gorman, G., & McDonald, G. (2012). Ransomware: A Growing Menace, available at: http://www.symantec.com/content/en/us/enter prise/media/security_response/whitepapers/ ransomware-a-growing-menace.pdf , accessed on 17 September 2019.

Schawartau, W. (1997). What Exactly is Information Warfare? – Part 2, Journal Network Security, Issue 10 , Amsterdam: Elsevier Science Publishers. Schneier, B. (2013). Carry On: Sound Advice fr om Schneier on Security, New Jersey, USA: John Wiley & Sons. Sinisi, J. P. (2007). U.S. Patent No. 7,313,759, Washington, DC: U.S. Patent and Trademark Office. Unauthentifiziert | Heruntergeladen 22.03.20 17:53 UTC 197 Soma, J. T., Courson, J. Z., & Cadkin, J. (2009). Corporate Privacy Trend: The “Value” of Personally Identifiable Information (“PII” ) Equals the “Value” of Financial Assets.

Richmond Journal of Law & Technology, Vol. 15, Issue 4 , 11.

Stalder, F., & Hirsh, J. (2002) . Open source intelligence. First Monday, Vol. 7, Issue 6 , 1-8.

Symantec Corporation. (n.d.). What Are Cookies?, available at: https:// us.norton.com/ internetsecurity-how-to-what-are-cookies.html, accessed on 07 July 2019. Tauber, A. (n.d.). Welcome to searx, available at: https://asciimoo.github.io/searx/, accessed on 03 December 2018. Tor Project. (n.d.). What is Tor Browser?, available at: https://www.torproject.org/ projects/ torbrowser.html.e n, accessed on 03 December 2018.

Wang, T., Cai, C., Nithyanand, R., Johnson, R., & Goldberg, I. (2014). Effective Attacks and Provable Defenses for Website Fingerprinting. The Proceedings of the 23rd USENIX Security Symposium , San Diego, CA. Wang, P., Dawson, M., & Williams, K. L. ( 2018). Improving Cyber Defense Education through National Standard Alignment: Case Studies. International Journal of Hyperconnectivity and the Inte rnet of Things (IJHIoT), Vol. 2, Issue 1, 12-28. Wichers, D. (2013). The Open Web Application Security Project (OWASP) Top10 -2013. OWASP Foundation . Unauthentifiziert | Heruntergeladen 22.03.20 17:53 UTC 198