Скачать или смотреть 11/19/2020 IU Ethics, Values & Tech Series - Josephine Wolff

Cybersecurity incidents tend to receive the most attention from media outlets and regulators at the moment when they are first discovered and announced to the public, but the financial, legal, and societal impacts of these incidents continue to play out over a period of months and even years following their initial detection. This talk will trace the aftermath of three case studies of financially motivated cybercrimes: the 2006 breach of payment card numbers stored by retailer TJX Inc., the 2012 breach of the South Carolina Department of Revenue tax records, and the 2014 spread of the CryptoLocker ransomware. Who was held responsible for these incidents and who ended up paying for them? What roles can different online intermediaries play in trying to mitigate the impacts of these types of breaches and what incentives do they have to assume those responsibilities? The talk will explore how evolving models of cybercrime have shifted the defensive landscape, involving different intermediaries and requiring new types of defensive interventions on the part of application designers, system administrators, and policy-makers.