User:Secure Cyberspace/Choose an Article

Please list articles that you're considering for your Wikipedia assignment below. Begin to critique these articles and find relevant sources.

Article title

Colonial Pipeline Ransomware Attack: Colonial Pipeline ransomware attack

Article Evaluation

• The article is relevant to our topic, securing cyberspace, because it is about a ransomware attack on the energy sector. Preventing malware (like that used in the Colonial Pipeline attack) is one of the most important ways to secure important computer systems in North Carolina.
• After the article’s summary section, it starts with a short section of background information, an explanation of the results of the attack, and the government response to the incident. It provided me with enough detail to form a nearly-complete picture on the topic and enough links to continue reading about similar topics.
• The article seems to be written with a neutral tone, as is expected on Wikipedia, and most claims that could appear biased were quoted. (i.e. “Russian authorities ‘have some responsibility to deal with this’” in the Investigations section)
• Most claims that I found, especially ones with exact figures, had citations linked.
• When discussing the effects on gasoline prices, the article cites a tertiary source which should be removed (a local news station citing GasBuddy - citation #28). Other than that, the article cites a wide variety of source, including news articles from sources like Bloomberg, Al Jazeera, NPR, CBS, the NYT, and the WSJ, which are generally known for being reliable, and a research paper from the IEEE about the incident, which must have been peer-reviewed to be published.
• All of the discussion on the Talk page is from 2021, within a few months of the incident, while details about the government response were still new and developing.

Sources

https://www.justice.gov/opa/pr/department-justice-seizes-23-million-cryptocurrency-paid-ransomware-extortionists-darkside Further reading on the White House’s response to the hack: https://www.whitehouse.gov/briefing-room/statements-releases/2021/05/11/fact-sheet-the-biden-harris-administration-has-launched-an-all-of-government-effort-to-address-colonial-pipeline-incident/ More information could be added about the response to the event from this CISA article: https://www.cisa.gov/news-events/news/attack-colonial-pipeline-what-weve-learned-what-weve-done-over-past-two-years

Article title

Automotive Security: Automotive security

Article Evaluation

• The article focuses on Electronic Control Units, common cyberattack methods, and countermeasures. It also mentions a cyberattack experiment on Jeep Cherokee Vehicles. Since this article heavily discusses threats to automotive security, it is very relevant to our topic on cybersecurity.
• Throughout the article, only facts and key concepts are given. This gives it a very neutral tone as it leans away from any bias or opinions.
• Most claims in the article are backed by citations, such as the Jeep Cherokee hack example. However, some statements could be too generalized, especially when the article discussed threat models. This could be where citations could be more detailed.
• The citations appear to be reliable, as they include references to well-known researchers like Charlie Miller and Chris Valasek in the Jeep Cherokee hack example. It also includes established automotive security concepts and research. However, some of the citations were pretty outdated so the article could benefit from more recent research.
• The article sticks closely to the topics related to automotive security so there were no mentions of underrepresented or misrepresented populations or subjects.

Sources

https://www.wired.com/2015/07/hackers-remotely-kill-jeep-highway/ https://www.goldengooseaward.org/01awardees/fastandcurious https://evita-project.org/Publications/HRSW09.pdf

Article title

Cybersecurity and Infrastructure Security Agency: Cybersecurity and Infrastructure Security Agency

Article Evaluation

• The article’s content is relevant to the topic. It explains the organization's purpose, a brief history, and lists its divisions, programs, and committees. Many of the items listed under the Programs and Organization sections contain references to topics that are not covered by a Wikipedia article, so there is an opportunity to expand by writing articles about them.
• The article maintains a neutral point of view and all claims that I could find were quoted from primary sources.
• Most important claims are covered by citations from primary sources; however, some smaller claims do not have references cited, like the NPPD’s original goal and some services that CISA provides, like incident response and intrusion detection. To the best of my knowledge, these claims are true, but they are not linked to a primary source from the Wikipedia article.
• There is not much discussion on the Talk page other than an old discussion about merging the CISA article with another article about the NPPD, which no longer exists and was converted into CISA.

Sources

https://www.cisa.gov/about https://www.cisa.gov/sites/default/files/publications/CISA-Factsheet_16-Dec-2021-V4_508.pdf https://www.cisa.gov/resources-tools/programs/cybersecurity-quality-services-management-office-qsmo/shared-service-provider-department-justice-doj

Article title

U.S. Ransomware Task Force: U.S. Ransomware Task Force

Article Evaluation

• While the article is very short, its content is relevant to the agency. It goes over the RTF’s initiatives and a brief history of why, when, and how it was created.
• It is rated as a “Start-class” article, meaning it does not have much content and needs to be expanded to be considered a full article.
• The article appears to be written in an unbiased manner.
• The claim that 2021 was the worst year for cyberattacks in the United States needs to be contextualized. This claim was made by the DOJ in a memo when they announced the creation of their own ransomware task force; however, it is likely no longer true.
• The claim that the Colonial Pipeline hackers were “Russian operatives” has not been confirmed according to the main article on the Pipeline ransomware attack. It is likely, but there is not enough evidence to confirm.
• The explanation of the RTF’s 2021 report’s recommendations to the White House contained an unquoted section that was taken verbatim from the source: the White House should lead a “whole of government, intelligence-driven anti-ransomware campaign.”
• There is no discussion on the Talk page. It is clear that this article needs contributions from Wikipedians to become more objective and reliable.

Sources

https://www.zdnet.com/article/darkside-the-ransomware-group-responsible-for-colonial-pipeline-cyberattack-explained/ https://www.state.gov/darkside-ransomware-as-a-service-raas/

Article title

2015 Ukraine power grid hack: 2015 Ukraine power grid hack

Article Evaluation

• The article discusses an event where a group of Russians used malware to hack into a Ukrainian power grid, shutting it down indefinitely. As this explains an example of a cybersecurity threat in the energy field, it is relevant to our topic on secure cyberspace.
• There is no sense of bias throughout the article and it sticks strictly to the details of the events that unfolded. This gives the article a neutral tone.
• The article successfully adds a citation for every claim given. For example, when explaining that the hack was traced back to the Russian Federation, it cites a source that goes into further detail on how this was discovered.
• Most sources are from secondary sources such as news articles or blogs so it’s hard to say if they can be reliably used.
• The article does not mention any underrepresentation or misrepresentation in the population and sticks closely to the cyberattack event.

Sources

https://www.reuters.com/article/us-ukraine-cybersecurity-sandworm-idUSKBN0UM00N20160108/ https://www.wired.com/2016/03/inside-cunning-unprecedented-hack-ukraines-power-grid/ https://www.nytimes.com/2021/12/20/us/politics/russia-ukraine-cyberattacks.html