6. Identify unethical conduct within cyber security (AC 3.2)

If we're talking about unethical conduct in a workplace, the infamous British Post Office/ Horizon IT scandal comes to mind. Described as the "greatest miscarriages of justice in British History." Where nearly a thousand subpostmasters were blamed to apparent financial shortfalls caused by faults in the Horizon (Fujitsu) accounting system. Many of the subpostmasters had reported problems with the new software, but Horizon help line assured them(lied) that there is no problem and that they are the only ones experiencing the problem (lie). This is great example of an extremely unethical conduct. I acknowledge this isn't strictly cyber security field, but the misconduct by the The Post Office, Horizon and Fujitsu stands out as cautionary tale for anyone. It's clear none of the people behind the coverup and the cause of the scandal have never even heard of ethics. According to the documentary, it was all done in the name of reputation of The Post office, putting the reputation of an organisation above people's livelihoods and their lives. This article on Sellafield Nuclear site, where due to cyber security issues, they will have to pay nearly £400,000. Reading through it, it seems to me that there wasn't anyone who followed any rules or regulations. "External contractors being able to plug memory sticks into its system while unsupervised", "hacked by groups linked to Russia and China", "75% of its computer servers were vulnerable to cyber-attacks", sensitive information left in "obsolete technology including Windows 7 and Windows 2008". This to me is a clear sign of unethical conduct either a) Intentional Sabotage or b) Withdrawal, explained here as "disengaging from work, causing a slow erosion of productivity". Whatever the cause was, it was a serious problem. An example of cyber misconduct is using your cyber knowledge for your own private gains. Abi Waddell, "an animal rights sympathiser, used her expert IT skills to gain access to email, social media and cloud storage accounts of hunt officials and other hunt supporters across the country." This lead to thousands of their members' details being leaked online. According to Abi Waddell's profile on sans.org her "recent research has focused on improving OSINT techniques and Digital Forensics". I guess her research took her to illegal places.