Beruflich Dokumente
Kultur Dokumente
Senior Capstone
Joe Fogelman
Author Note
Research conducted by Joseph Fogelman, Math and Science Academy, Ocean Lakes
High School.
This project was conducted as a part of the Math and Science Academy Senior Capstone
Project. Special thank to Mrs. Allison Graves for acting as my advisor through my experience.
Also special thanks to my mentor Mr. Caleb Hansen for allowing me to shadow him.
Email: joefog13@gmail.com
CURRENT OVERVIEW OF ONLINE SECURITY 2
Introduction
Technology is continuously changing the world. Many never expected computers to fit in
our pockets or cars with the ability to drive themselves. However, with these tremendous
advancements comes great danger. It is estimated that 8.7 billion devices are connected to the
Internet as of 2012. This proliferation of technology creates a gold mine for malicious hackers to
take advantage. (Singer & Friedman, 2014) With this rapid advancement of technology hackers
now have more tools to exploit systems. Their strategies are always evolving just like the
This quick evolution creates massive problems for the older generation who don’t
understand the problems of IT and cyber security. Therefore, it is difficult for politicians to make
policies on these problems without knowledge of the field. Considering the older generation
comprises most of our government’s leaders, our country suffers from the lack of technology
awareness. (Singer & Friedman, 2014) From the Clinton email scandal to general
unauthorized use of electronic data or the measures taken to achieve this. Even though digital
attacks can be dated back to the creation of the Internet, the invention of this field of study is still
very new. As a matter of fact, many government agencies are still without a cybersecurity expert
within their firm. This oversight can be attributed to either the lack of personnel in the field or
Many large corporations have ignored the threat of a cyber attack because it is invisible.
With many other attacks victims can see the threat rising and therefore you make a plan to
counteract it. However, in a hack all of your information can be stolen in an instant. In the Yahoo
hack disclosed in August 2017, it was reported that over 3 billion user accounts were
compromised dating all the way back to 2013 (Selyukh, 2017). These acts can happen all at once
or over a long period of time, nonetheless with poor cybersecurity monitoring there is no way of
mitigating the risk. Since these large scale hacks, many have increased awareness to the cyber
threat, but governments still struggle to create policies on the issue. They question how to
Even though there are many large-scale problems related to cybersecurity, it is still
important to be protected on an individual scale. There are many measures individuals can take
to keep themselves protected. People can start with always keeping their computer and software
updated. Bug in programs are always being found and corrected so keeping your computer up to
date can help correct these mistakes (Hoffman, 2017). It is also very important to use anti-virus
and anti-malware programs. A virus can be defined as a piece of code capable of copying itself
and producing a detrimental effect. These programs constantly scan your system to ensure that
no code is corrupting a user’s personal data or harming a user’s computer in any way.
The most important aspect of online security is keeping a good password. Passwords are
the key to keeping any online account secure. If someone exploits a person’s password, that
person could possibly lose everything. Individuals can protect themselves by keeping passwords
different for different accounts and always changing them. (Hoffman 2017) They may also go an
extra step and add encryption to their passwords through programs like FileVault and BitLocker.
Cookies should also be managed properly by constantly deleting them from websites that you no
CURRENT OVERVIEW OF ONLINE SECURITY 4
longer use. What are cookies? These are small pieces of data sent by a website to the user’s
browser and are stored there temporarily (Cookies, 2017). The ever prevalent threat of a cyber
war hangs over our heads, but many have yet to see it.
The Story
At the beginning of my senior project journey, I wasn’t completely sure what I wanted to
do. Some seniors have set topics that they have been researching from the beginning of high
school and others are more undecided. In my initial Isearch, I investigated biogeography and bio
mineralization, which at the time was very interesting to me. Most people would disagree and
now looking back I feel the same way. I ditched that topic and decided to move onto something
else.
During the start of my junior year, I steered more into the engineering world because of
my interest in physics. When deciding which field of engineering I wanted to explore, I chose to
look into the developing field of environmental engineering. This seemed to merge my love for
the environment and interest in physics. Coincidentally, Mrs. Graves posted about a possible
reached out, but they were only taking one student and the spot happened to fall to another
individual.
I was very frustrated considering I was betting on that mentor opportunity for all of
January, and I had to start from scratch with finding a new mentor. I moved onto my symposium
project that dealt with building an easy to use water purifier. I didn’t work on finding a mentor
for another 3 months until the May deadline approached. However, during this time my focus
shifted, and I decided I didn’t want to look into engineering anymore. Instead, I wanted to
CURRENT OVERVIEW OF ONLINE SECURITY 5
investigate the developing world of cybersecurity. This seemed to me to be the hottest topic
Shortly after this change, I was able to secure a mentorship with Mr. Caleb Hansen, the
FSO (Facility Security Officer) of RMGS Inc. I was able to get this contact from my dad who is
good friends with Mr. Hansen. The initial meeting with Mr. Hansen went very well, and he had a
I started the mentorship on June 20th, a week after school ended. Their office was located
near Mount Trashmore, so it was about a 15 to 20 minute drive. I was expected to show up in
business casual clothes everyday between 9:30 to 10. These were definitely conditions that were
easy to follow. Overall, the workplace was very relaxed in terms of what to wear and when to
show up. Nonetheless, I always showed up on time except for once but my mentor didn’t care
too much.
On my first day, I started with setting up my office space and meeting everyone in the
company. It was important to learn the business structure and hierarchy so that I would know
who to look to when I had a problem. Everyone immediately accepted me as the new intern,
which was very welcoming. They were even able to give me my own room as an office space.
The most significant person I met on the first day was Mrs. Stafford, the president of the
company. Most of the first day was spent explaining what interests and topics I wanted to
include in my senior project and then I was sent to research them further. I did do some paper
shredding as well.
The second day was similar to the first except I had nothing to set up so I spent my time
researching cybersecurity and learning code. There were many days like these throughout my
CURRENT OVERVIEW OF ONLINE SECURITY 6
mentorship where Mr. Hansen had nothing for me to do so I spent my time researching and
learning code. Other times he was doing work that was beneficial for me to see, but I needed a
security clearance. Nonetheless, I was able to learn a decent amount about coding, specifically
python, and the cyber world. My first involvement in the company came when Mrs. Stafford
asked me to help construct the WBS (Work Breakdown Schedule) for an upcoming proposal.
I worked with Micky, an independent contractor that was also working on the WBS. The
WBS had to be made using Microsoft Project which was a program I had never used before.
Micky seemed to be an expert on it, and she was being paid to make the WBS. Dave Buffalo, the
CEO of another company that was working with RMGS on the proposal, sent me the
chronological events of what the site advisor would be doing during the proposal. Basically
multiple defense contracting companies were submitting bids to the government hoping to win
the contract so that they can bring in money. The WBS made up a big part of the proposal, so I
was honored to be doing something important. It took a lot of time to understand Microsoft
Project and how Mrs. Stafford wanted the information to be displayed. There ended up being a
lot of technological problems, but in the end I was able to fix them.
the 2nd was completed they sent Micky away and I had to do the other 3 on my own. The
proposals were for contracts in Addis Ababa, Somalia, Mogadishu, Nairobi and Cameroon; these
are all places in Africa. It was very interesting to be doing work that had practical use in other
locations around the world. Even though these WBSs had no applicability to cybersecurity or
security in general, I still was able to learn something. I learned a lot about how small businesses
work and that communication is very important. I also learned a good amount about how
Microsoft Project works, which according to Micky can be very useful in the future. The WBSs
CURRENT OVERVIEW OF ONLINE SECURITY 7
did take up a lot of my time and weren’t related to my interests, but I wasn’t too disappointed. I
could at least say that I helped the company with something in return for allowing me to be
different threats to security within a business. I also had to find out how to mitigate these risks.
Even though this was a small assignment it opened my eyes to the fact that there are other threats
to security as well. I always knew that the scope of security extended beyond the cyber world but
I didn’t know to what degree. Before there were computers, the biggest physical threat to any
organization was people. The most prevalent example is the Cold War. Computers were used
during this time but the largest problem for both the United States and the Soviet Union was the
exchange of information by people. People can be the largest concern for security as well.
Through this assignment I was able to better understand that cybersecurity is not the only focus
Coincidentally during my time at RMGS they had a physical threat of their own.
One of the janitors was suspected of stealing phones and expensive items from their offices
during his cleaning shift. My mentor then had to buy security cameras to work to resolve the
problem. We then placed the security cameras unboxed and in plain sight, however they were not
set up yet. The janitor must have saw these cameras because he stopped taking things.
Throughout my mentorship we never ended up installing these cameras and I don’t know that
they ever were. Nonetheless, this was an interesting experience and really makes someone
realize that breaches to security can come from anyone and sometimes people you would least
expect. Most of the security threats Mr. Hansen deals with occurs on the courses that the
When my mentor had some free time he set me up on CDSE (Center for Development of
Security Excellence) training courses. He were online courses that helped with the protection of
physical threats more related to people. Nonetheless, I was still able to learn what to detect from
a potential insider threat. I was also able to get certified in CDSE training which may prove to be
very useful which seeking a job later on. These courses were made up of a series of videos that
would have to watch in succession before taking the final exam. If you get an 80% or above on
the final exam they give you a certificate of completion. Surprisingly government contract work
has a lot to do with whether or not you are certified. My mentor has various certifications and
clearances, some through CDSE, that allow him to do the work he does. This also helps the
company win contracts with the government by how qualified their employees are. The downfall
of these clearances was that I was limited on my experience because I didn’t have these
clearances. However, the system is designed that way to prohibit outsider to obtain and leak
information that they shouldn’t have had access to in the first place.
During the end of my mentorship, the company hired a cybersecurity contractor to set-up
and isolated system for a course that was coming up. They had to pay him close to $100 an hour!
This partially had to do with the fact that he was certified to do that form of work and that he
would get the job done right. I have found that this parallel can be seen with any contracting
company whether it is corporate or even a construction company must have a lot background
before they can be seen as reliable. Nonetheless, the cybersecurity expert set up a laptop that was
completely off-the-grid disconnected from all online services. He then conducted an anti-virus
scan and had the software run continuously offline. All programs that needed to be entered into
the computer would be through a disk. These methods seemed to be barbaric, but they didn’t
Product
From my research and mentorship I felt that I needed to inform people about methods to
make them safer while using online services. I decided to combine what I learned about coding
html and what I knew about online protection to create an informative website. The initial idea
was for me to code a website from scratch and not use any pre-designed website making
software. However, coding a website proved to be a challenge and took a lot more time than I
thought it would. I also had to find some useful information that would be practical for the
common individual and someone who wanted advanced knowledge. When I was finished with
the coding piece, the web hosting services proved to be the next challenge. It was difficult to find
web hosting that was free and a free domain name. I ended up settling with 000webhosting.com
because they offered both of these services for free, but I didn’t get the domain name I had hoped
for.
Overall, the website looked good considering it was the first one I had ever constructed.
After reviewing other website designing software, I would definitely recommend using those
over coding a website yourself. Coding the website yourself does give a little more freedom to
how you want it to look, but takes a lot longer and in the end I don’t think it’s worth it.
Nonetheless, I was able to learn some important things about html code that I wouldn’t have
I decided to present this website to my AP Computer Science class since this seemed to
be the most practical environment. I gave a 10 minute presentation while they browsed around
the website I created. It was important for me to emphasize the risks that can come out of the
hacks that were described in my website. The overall structure of the website consisted of a
CURRENT OVERVIEW OF ONLINE SECURITY 10
header titling “Online Security.” There were then tabs labeled with “Basic”, “Advanced”, and
“Additional Information.” The basic tab had basic information that any common individual
would understand on how to protect yourself online. The things discussed in this section
focussed more on the individual level. The advanced section was made up of hacking techniques
that hackers use to take over networks of corporations. The additional information section gave
an overview for my intentions of this website and a google form to get some feedback on how
my presentation went.
I felt that the material I presented in the class was meaningful and could assist the
students to make better online decisions. After reviewing my google form, the responses were
scattered. Every student said they learned something new from the website. Most of them said
they already knew the information presented in the basic section of the website. Some were
displeased by the color scheme of the website and its visual appeal. Those responses won’t
Overall the experience that I have gained from this journey has been fantastic. I can
gladly say that I have spent the past 140 hours doing something that I enjoy. This journey has
helped me to better understand what I want to do in my future career path. I definitely understand
the growing concern of cybersecurity and hope to inform others of the threats online. Many
claim that a cyber war will be the next world war but few understand that it has already began.
Thousands of attacks are launched every day in the hopes of compromising a system. I will
always remember this experience as it has helped me to learn a tremendous amount about the
career path I am about to enter. It has also helped me to actually have fun learning about
CURRENT OVERVIEW OF ONLINE SECURITY 11
something in school. I have also found additional cyber topics very important like the dark web
security risks but these additional topics will be useful to understand as well. This entire
experience has allowed me to open my eyes to a field that is rapidly developing and allowed me
References
Dilon, G. (2006, March 19). 10 Basic Online Security Rules. Retrieved October 25, 2017, from
http://www.georgedillon.com/web/security.shtml#firewall
Cookies, W. W. (2017). What Are Cookies?Computer Cookies Explained. Retrieved October 25,
Crypto Policy Project. (2016, June 24). Retrieved October 25, 2017, from
http://cyberlaw.stanford.edu/our-work/projects/crypto-policy-project
Singer P.W., Friedman A. (2014). Cybersecurity and Cyberwar: What Everyone Needs to Know.
Hoffman, C. (2017, October 12). Basic Computer Security: How to Protect Yourself from
https://www.howtogeek.com/173478/10-important-computer-security-practices-you-
should-follow/
Selyukh, A. (2017, October 03). Every Yahoo Account That Existed In Mid-2013 Was Likely
way/2017/10/03/555016024/every-yahoo-account-that-existed-in-mid-2013-was-likely-
hacked
Shekhar, A. (2017, February 10). Top 10 Common Hacking Techniques You Should Know