Leo Gadd's Blog

Bad behavior occurs all the time on the internet and can be from anyone and aimed at anyone. It can happen at any time and can be targeted or random. There are many different ways for someone to be affected by bad behavior on the internet, but one of the most common forms of online bad behavior would be online harassment. Harassment is caused by the use of information and communication by someone intended to cause harm to another person. In one specific case, harassment and threats led to legal action; 

“In 2016, Andrew Anglin, publisher of the neo-Nazi site The Daily Stormer, called on his readers to engage in a “troll storm” against a Jewish woman in Montana named Tanya Gersh and her family. Confronted with a barrage of threats and hateful messages, she and her family fled their home. With the assistance of the Southern Poverty Law Center, Gersh filed suit against Anglin for “invasion of privacy, intentional infliction of emotional distress and violation of the Montana Anti-Intimidation Act.” A federal magistrate judge ruled against Anglin in 2019 after he failed to appear in court, ordering him to pay over $14 million in damages to Gersh.

In the landmark case of Elonis v. United States, a man in the process of divorcing his wife posted seemingly threatening song lyrics on Facebook. Anthony Elonis included disclaimers that the violent lyrics were “fictitious” and “therapeutic.” Elonis was prosecuted under federal law (18 U.S.C. § 875(c)) which prohibits making threats over the internet. The Supreme Court ruled that this provision of federal law required that prosecutors allege and prove that the defendant had the “intent” to commit a crime. The court determined that it did not matter whether a reasonable person would have been threatened by the statement. What mattered is whether the actual defendant had the subjective intent to threaten. In effect, this decision significantly increased the difficulty of prosecuting the posting of threats on social media.”

In this case, Tanya Gersh and her family were played victims, coming from targeted online attacks led by Andrew Anglin. Due to this, Tanya and her family left their home in worry about the online threats that they received. This led to a lawsuit filed against Andrew for “invasion of privacy, intentional infliction of emotional distress and violation of the Montana Anti-Intimidation Act.” This eventually led to the outcome of $14 million owed to Tanya and her family. The was a large financial loss for Andrew Anglin, as well as severe damage to his reputation and his career. The criminal in this case was indeed held accountable and was forced to pay the fine. From this, we can learn to think about our actions and their consequences. There should be zero threats and attacks whether that be personal or generalized. These comments can severely hurt other people and their careers, including your own. The message–think about your actions on the internet.

Online Harassment Case Studies

Throughout my corporation, I encounter some digital threats to my organization. Some of these include; data breaching, computer malware, viruses, denial of service attacks, and malicious insiders. Data breaching exposes classified or confidential information to someone outside of the organization. These can happen randomly and can be from anyone. This data can be stolen, copied, transferred, or viewed. These threats can be seriously harming to organizations, and can potentially corrupt them. These can be dangerous, even if they seem so basic. Computer malware is intrusive and hazardous software that infiltrates computers to steal information and corrupt platforms. These can be targeted and can potentially destroy computers and their systems. Viruses are malicious software that damages software and data. These aim to disrupt systems and cause operational issues. They infect certain programs and replicate themselves to infiltrate and insert their own code into systems. Denial of service attacks aims to make a system or computer unavailable to its intended users. These can disrupt services to certain networks and will ultimately shut down machines and block users from accessing certain sites. Malicious insiders is someone inside of an organization that chooses to sabotage their own information and can leak content, as well as steal and share the information. They use their privileged position to commit some devious acts and can lead to many issues within the organization.

I can use a plethora of utilities to help keep my organization safe, such as Cyber Resilience Reviews, Assessment Evaluation and Standardization Programs, Vulnerability Scanning, External Dependencies, and Safe Organization Practices. Cyber Resilience Reviews are interviews to assess the trustworthiness of employees and determine the organization’s operational resilience and cybersecurity practices. These could be exploited by false user input and lies, leading to potential moles still in the system. Assessment Evaluation and Standardization Programs is a program launched by the CISA to expand the availability of organizations and individuals qualified to administer cybersecurity assessments in accordance with CISA’s standards and in a manner that provides data back to CISA for risk management purposes. This can also be corrupt by false user input, but is much harder as it is monitored by the CISA. Vulnerability Scanning is a process of identifying certain vulnerabilities and flaws in systems of organizations in order to help the organization respectively fix the situation. These could be manipulated by moles and they can find these weaknesses and use them against the organization. External Dependencies are certain factors that outside organizations and higher ups can set in place to help maintain boundaries in an organization. These can only be corrupted if there is a mole in the higher up organization, which is highly unlikely. Safe Organization Practices can be used to safely implement employees and maintain rules within an organization and stop threats from not letting them in to begin with. This could be exploited by lies and fraud.

The recommendations that I give to my company would be to; hiring, virus protection, install firewalls, strong passwords, and CISA protection. Better hiring for employees and harsher interviews to create a more challenging competition and slow the traffic of moles. Virus protection would protect the organization from viruses and keep files more protected. Firewalls would increase protection into the organization and would block out many outsider hackers. Strong passwords that would only be shared with a few employees and higher ups would create a challenge for both insider and outsider hackers to access confidential information. The CISA has many great protection standards and have tools to help keep your organization protected and safe.