Week 2 Exercises: Ecosystem Thinking

Before today’s class, I highly recommend that you read the surprisingly interesting academic article titled “Cybercrime is often boring”, written by a team at the University of Cambridge Cybercrime Center who spent years studying and talking to people who worked in cybercrime to understand what it was like to be a cyber criminal. The title of the paper gives you a hint at what they learned.

Today, in class, we will spend a while talking about the “ecosystem” of cybersecurity – the surprisingly complicated group of people, organizations, groups, and governments who all have an influence over what happens in cybersecurity.

In class, please read today’s case study (only read one; they both contain the same info):

• Sweden’s SAS Airlines faces $3 million ransom DDoS
• SAS Airlines hit by $3 million ransom demand

Today, in class, we will take this apart and try to look at the ecosystem of actors – both on the hacker side and on the defender side – that are involved in attacks like these. Understanding the range of people involved and their motivations is an important first step in trying to deal with attacks like these. To do this, the instructor will lead the class in a dissection and discussion of the actors likely involved, most of which are not mentioned in this article.

---

More reading about topics mentioned in lecture, in case you are interested:

• Academic description of booter services: academic paper
• A Univeristy of Hawaii student ran a booter service (until recently): news article
• Typical costs for a booter service: news report
• Examples of very large DDoS attacks: webpage
• How police can stop booters: academic paper
  • More examples of police action: blog post
• A description of financial fraud in general, and triangle scams in particular: blog post
  • And an example of a real life triangle scam: news article
• A discussion of gender in cybercrime: report (h/t: Dorothea Salo)