Three Distinct Perspectives of Applied Ethics in IT Ethics
VerifiedAdded on 2023/06/10
|6
|2597
|291
AI Summary
This report analyzes the ethical dilemma faced by South Korean web design company Nayana during the Ransomware attack. The report discusses the situation from professional, philosophical, and sociological ethics perspectives. The report highlights the violation of professional codes of ethics by the organization and the importance of taking precautions to ensure data security. The report also emphasizes the need for maintaining privacy and confidentiality. The report concludes with a comprehensive list of references conforming to APA style conventions.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
SCHOOL OF COMPUTING AND MATHS, Charles Sturt University
IT Ethics
Assignment 1: Three Distinct Perspectives of Applied Ethics
Your Name
Student Number
Word Count: 1500
IT Ethics
Assignment 1: Three Distinct Perspectives of Applied Ethics
Your Name
Student Number
Word Count: 1500
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
IT Ethics
1. Introduction
Ethical dilemma also known as the ethical paradox is situation when there exists certain
problems while making of decisions between two or more moral imperatives amongst which
neither of them is unambiguously acceptable or preferred. In this type of situation no
straight forward decisions cannot be made which initially makes it hard to prioritize one
decision over the other. It is possible to analyze this situation so as to understand the pros
as well as the cons of each and every direction and after understanding it is possible to
choose the option which is less severe (Trevino & Nelson, 2016). This report would be
discussing about the ethical dilemma that was faced by numerous organizations during the
Ransomware attack in one of the South Korean web design company Nayana where it was
forced to pay US$ 1.65 million in the form of Bitcoin. In the year of 2017 million of dollars
were paid to the cyber criminals. Ransomware is considered to be one type of virus which
enters the user’s computer system or database which initially encrypts the files of the user
which makes it impossible for the user to read their own files. Once encryption is done by
the ransomers they starts asking for money from the user in order to provide them with the
encryption key (straitstimes.com, 2018). At the initial phase of the attack the ransomer
demanded an amount of 550 bitcoins that worth around $1.62 million but after negotiation
the amount was reduced to an amount of 397.6 bitcoins which worth around $1 million
dollar. This type of attack was achieved by Erabus along with a note that in case if the
ransom not paid within 96 hours then all the files would be deleted.
2. Professional Ethics Perspectives
Professional ethics is associated with encompassing the personal as well as the
corporate standard behavior which is expected by the professionals. This is something
which might be considered to be a measure which is professionally acknowledged by
individuals and the business regarding the processes conducted, values and the principle
guidelines. It is better to consider as a code of conduct which are applicable in various
professions. This are generally set up by the expert members who belong to that specific
profession or professional organization. The South Korean web hosting provider criminals
has been associated with demanding around 550 Bitcoins which amounted to around
US$1.65 million (Darwall, 2018). According to professional ethics the organization should
always strive for excellence which would be helping a lot in achieving greatness. From the
prespective of professional ethics it can be stated that the organization has defied the
professional codes of ethics. There exists various situation when a company might face
problems like this and due to this reason the organizations needs to prepare itself from any
kind of outside attack by taking certain precautions so as to ensure the security and to make
sure that their fies cannot be corrupted by the ransomeware or any kind of similar malware.
But in this case it was seen that the organization was having such precautions so it can be
stated that it has defied the professional codes of ethics (Moore & Ahmed, 2016). This
attack initially made the customers face certain problems and they were not capable of
Your Name
1. Introduction
Ethical dilemma also known as the ethical paradox is situation when there exists certain
problems while making of decisions between two or more moral imperatives amongst which
neither of them is unambiguously acceptable or preferred. In this type of situation no
straight forward decisions cannot be made which initially makes it hard to prioritize one
decision over the other. It is possible to analyze this situation so as to understand the pros
as well as the cons of each and every direction and after understanding it is possible to
choose the option which is less severe (Trevino & Nelson, 2016). This report would be
discussing about the ethical dilemma that was faced by numerous organizations during the
Ransomware attack in one of the South Korean web design company Nayana where it was
forced to pay US$ 1.65 million in the form of Bitcoin. In the year of 2017 million of dollars
were paid to the cyber criminals. Ransomware is considered to be one type of virus which
enters the user’s computer system or database which initially encrypts the files of the user
which makes it impossible for the user to read their own files. Once encryption is done by
the ransomers they starts asking for money from the user in order to provide them with the
encryption key (straitstimes.com, 2018). At the initial phase of the attack the ransomer
demanded an amount of 550 bitcoins that worth around $1.62 million but after negotiation
the amount was reduced to an amount of 397.6 bitcoins which worth around $1 million
dollar. This type of attack was achieved by Erabus along with a note that in case if the
ransom not paid within 96 hours then all the files would be deleted.
2. Professional Ethics Perspectives
Professional ethics is associated with encompassing the personal as well as the
corporate standard behavior which is expected by the professionals. This is something
which might be considered to be a measure which is professionally acknowledged by
individuals and the business regarding the processes conducted, values and the principle
guidelines. It is better to consider as a code of conduct which are applicable in various
professions. This are generally set up by the expert members who belong to that specific
profession or professional organization. The South Korean web hosting provider criminals
has been associated with demanding around 550 Bitcoins which amounted to around
US$1.65 million (Darwall, 2018). According to professional ethics the organization should
always strive for excellence which would be helping a lot in achieving greatness. From the
prespective of professional ethics it can be stated that the organization has defied the
professional codes of ethics. There exists various situation when a company might face
problems like this and due to this reason the organizations needs to prepare itself from any
kind of outside attack by taking certain precautions so as to ensure the security and to make
sure that their fies cannot be corrupted by the ransomeware or any kind of similar malware.
But in this case it was seen that the organization was having such precautions so it can be
stated that it has defied the professional codes of ethics (Moore & Ahmed, 2016). This
attack initially made the customers face certain problems and they were not capable of
Your Name
IT Ethics
using the web hosting services properly which mainly happened due to the fact that the
ransomware strain was successful in encrypting the data that were present in the server of
the company (Branche, 2017). In the beginning the company faced an ethical dilemma if to
pay the amount or not. In the beginning when they realized that they have been attacked
then they had no intension of paying the amount so they started negotiating with the
attackers. Rather than negotiating with the attacker they should have thought of taking
alternative steps in order to protect the data and this negotiation can be considered to a
violation of the professional code of ethics. According to the professional code of ethics the
company should have necessarily included the integrity, transparency, honesty,
confidentiality and many more. But the company did not included any of this in their code.
They were also not capable of informing the other parties about the attack and the results
of this attacks which initially led to rise of more problems (Crane & Matten, 2016). This
inability to inform can be considered to be the violation of the professional code of ethics.
Another major concern of the code of professional ethics is the maintenance of privacy and
confidentiality which was at risk during the attack so to prevent the disclosure of that
information the CEO of the organization decided to quick actions which is totally according
the code of professional ethics that is performing the respective duties. It is the duty of the
CEO to secure the information in the server.
3. Philosophical Ethics Perspectives
Ethics is also considered to be a part of ethics that is associated with dealing the fact
that if the acts conducted by humans are good or bad, or right or wrong. This perspective is
associated with asking several questions which includes the following: “What are things
that are good?”, “What are the actions that are to be taken by someone who faces ethical
dilemma?”, and many more. From the perspective of philosophical ethics the situation of
South Korean web design company Nayana can be judged in two ways. First of all the paying
of the amount to the ransomers is totally bad and not at all right. Whereas when seen from
the perspective of solving the problems of the users it is totally good and right. From the
first perspective this situation is wrong and paying of the amount is not the solution to the
problem (Grace & Cohen, 2015). The organization should have thought of some other
measures in order to protect the privacy of the files stored in the server. They should also
have kept backups for situations like this. Whereas from the second perspective this is
totally justified due to reason that in case the payment is made then the solution would be
received at a faster rate and proper service would be provided to the customers. Another
major concern is if the decision is for self-interest or for morality. The company had thought
of the fact that it is right to make the payment demanded by the ransomer as recovering
from the attack was not possible for the within 96 hours after which all the data would be
deleted. Their main aim was to save the data of the customers so as to retain the privacy.
Privacy of the customers is one of the major concern for a business so fast action was
required in order to protect the privacy of the customers so the company took fast actions
by making the payments in order to get encryption key (Swanson & Frederick, 2016). The
amount was high but it was later reduced which was also in interest of the company.
Your Name
using the web hosting services properly which mainly happened due to the fact that the
ransomware strain was successful in encrypting the data that were present in the server of
the company (Branche, 2017). In the beginning the company faced an ethical dilemma if to
pay the amount or not. In the beginning when they realized that they have been attacked
then they had no intension of paying the amount so they started negotiating with the
attackers. Rather than negotiating with the attacker they should have thought of taking
alternative steps in order to protect the data and this negotiation can be considered to a
violation of the professional code of ethics. According to the professional code of ethics the
company should have necessarily included the integrity, transparency, honesty,
confidentiality and many more. But the company did not included any of this in their code.
They were also not capable of informing the other parties about the attack and the results
of this attacks which initially led to rise of more problems (Crane & Matten, 2016). This
inability to inform can be considered to be the violation of the professional code of ethics.
Another major concern of the code of professional ethics is the maintenance of privacy and
confidentiality which was at risk during the attack so to prevent the disclosure of that
information the CEO of the organization decided to quick actions which is totally according
the code of professional ethics that is performing the respective duties. It is the duty of the
CEO to secure the information in the server.
3. Philosophical Ethics Perspectives
Ethics is also considered to be a part of ethics that is associated with dealing the fact
that if the acts conducted by humans are good or bad, or right or wrong. This perspective is
associated with asking several questions which includes the following: “What are things
that are good?”, “What are the actions that are to be taken by someone who faces ethical
dilemma?”, and many more. From the perspective of philosophical ethics the situation of
South Korean web design company Nayana can be judged in two ways. First of all the paying
of the amount to the ransomers is totally bad and not at all right. Whereas when seen from
the perspective of solving the problems of the users it is totally good and right. From the
first perspective this situation is wrong and paying of the amount is not the solution to the
problem (Grace & Cohen, 2015). The organization should have thought of some other
measures in order to protect the privacy of the files stored in the server. They should also
have kept backups for situations like this. Whereas from the second perspective this is
totally justified due to reason that in case the payment is made then the solution would be
received at a faster rate and proper service would be provided to the customers. Another
major concern is if the decision is for self-interest or for morality. The company had thought
of the fact that it is right to make the payment demanded by the ransomer as recovering
from the attack was not possible for the within 96 hours after which all the data would be
deleted. Their main aim was to save the data of the customers so as to retain the privacy.
Privacy of the customers is one of the major concern for a business so fast action was
required in order to protect the privacy of the customers so the company took fast actions
by making the payments in order to get encryption key (Swanson & Frederick, 2016). The
amount was high but it was later reduced which was also in interest of the company.
Your Name
IT Ethics
4. Sociological/Descriptive Ethics Perspectives
Descriptive ethics is generally considered to be an empirical form of research regarding
the attitude that an individual or a group of people is having. This is generally considered to
be a division of the physiological or general ethics that mainly involves making of
observations regarding the moral decision making process with a goal of describing the
entire phenomenon. The works done on descriptive ethics are associated with reveling the
belief of people regarding the values, what are the things which are correct, and many more
(Baek et al., 2018). The CEO of the organization was forced to may an amount of around
$1million when the customer’s data were stolen. He had been associated with negotiating
the ransom amount and this payment was done in three different steps. The 1st and the 2nd
payments were done in quick succession. The CEO of the organization was aware of the
even if the payment is made it is not sure if they would be receiving the encryption key or
not. The organization should have made sure before the attack that their system is totally
secure from any kind of intrusion (Hämäläinen, 2016). The services provided to the users
were also interrupted due to this the CEO thought that in order to protect the customers
data and to save the organization he made a quick payment. Besides this the data of the
customers were also held for quite some time unless and until the payment was paid by the
organization (Baek et al., 2018). The CEO considered the fact that it is not possible to
recover the data from the attacker within 96 hours so instant decision was taken by him to
pay the amount in the form of bitcoin but he also tried to negotiate the amount and he was
also successful in doing so. Almost 153 Linux servers were affected which contained data of
more than 3400 customers. This can be considered to be massive attack when the entire
number of business is taken into account. From the perspective of the users who are getting
the service from the web hosting company is that it is the responsibility of the company to
save the data of its customers. The customers considered the fact that it is the companies
fault that they have not adopted the adequate number of steps for protecting the data of
the customers which initially acted as the major reason for this attack.
5. References
Baek, S., Jung, Y., Mohaisen, A., Lee, S., & Nyang, D. (2018, July). SSD-Insider: Internal
Defense of Solid-State Drive against Ransomware with Perfect Data Recovery.
In 2018 IEEE 38th International Conference on Distributed Computing Systems
(ICDCS). IEEE.
Branche, P. O. (2017). Ransomware: An Analysis of the Current and Future Threat
Ransomware Presents (Doctoral dissertation, Utica College).
Crane, A., & Matten, D. (2016). Business ethics: Managing corporate citizenship and
sustainability in the age of globalization. Oxford University Press.
Darwall, S. (2018). Philosophical Ethics: An Historical and Contemporary Introduction.
Routledge.
Grace, D., & Cohen, S. (2015). Business ethics.
Hämäläinen, N. (2016). Descriptive Ethics: What Does Moral Philosophy Know about
Morality?. Springer.
Your Name
4. Sociological/Descriptive Ethics Perspectives
Descriptive ethics is generally considered to be an empirical form of research regarding
the attitude that an individual or a group of people is having. This is generally considered to
be a division of the physiological or general ethics that mainly involves making of
observations regarding the moral decision making process with a goal of describing the
entire phenomenon. The works done on descriptive ethics are associated with reveling the
belief of people regarding the values, what are the things which are correct, and many more
(Baek et al., 2018). The CEO of the organization was forced to may an amount of around
$1million when the customer’s data were stolen. He had been associated with negotiating
the ransom amount and this payment was done in three different steps. The 1st and the 2nd
payments were done in quick succession. The CEO of the organization was aware of the
even if the payment is made it is not sure if they would be receiving the encryption key or
not. The organization should have made sure before the attack that their system is totally
secure from any kind of intrusion (Hämäläinen, 2016). The services provided to the users
were also interrupted due to this the CEO thought that in order to protect the customers
data and to save the organization he made a quick payment. Besides this the data of the
customers were also held for quite some time unless and until the payment was paid by the
organization (Baek et al., 2018). The CEO considered the fact that it is not possible to
recover the data from the attacker within 96 hours so instant decision was taken by him to
pay the amount in the form of bitcoin but he also tried to negotiate the amount and he was
also successful in doing so. Almost 153 Linux servers were affected which contained data of
more than 3400 customers. This can be considered to be massive attack when the entire
number of business is taken into account. From the perspective of the users who are getting
the service from the web hosting company is that it is the responsibility of the company to
save the data of its customers. The customers considered the fact that it is the companies
fault that they have not adopted the adequate number of steps for protecting the data of
the customers which initially acted as the major reason for this attack.
5. References
Baek, S., Jung, Y., Mohaisen, A., Lee, S., & Nyang, D. (2018, July). SSD-Insider: Internal
Defense of Solid-State Drive against Ransomware with Perfect Data Recovery.
In 2018 IEEE 38th International Conference on Distributed Computing Systems
(ICDCS). IEEE.
Branche, P. O. (2017). Ransomware: An Analysis of the Current and Future Threat
Ransomware Presents (Doctoral dissertation, Utica College).
Crane, A., & Matten, D. (2016). Business ethics: Managing corporate citizenship and
sustainability in the age of globalization. Oxford University Press.
Darwall, S. (2018). Philosophical Ethics: An Historical and Contemporary Introduction.
Routledge.
Grace, D., & Cohen, S. (2015). Business ethics.
Hämäläinen, N. (2016). Descriptive Ethics: What Does Moral Philosophy Know about
Morality?. Springer.
Your Name
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
IT Ethics
Moore, B. J., & Ahmed, S. A. (2016). Efficacy of Philosophical Ethics Uptake in E-learning.
straitstimes.com (2018). Record $1.5m ransomware payoff stirs controversy in South Korea.
[online] The Straits Times. Available at: https://www.straitstimes.com/asia/east-
asia/record-15m-ransomware-payoff-stirs-controversy-in-korea [Accessed 30 Jul.
2018].
Swanson, D. L., & Frederick, W. C. (2016). Denial and leadership in business ethics
education. Business ethics: New challenges for business schools and corporate
leaders, 222-240.
Trevino, L. K., & Nelson, K. A. (2016). Managing business ethics: Straight talk about how to
do it right. John Wiley & Sons.
Do not remove the following marking sheet.
Marking Sheet
Criteria Standards
Marks
awarde
d
Use professional,
philosophical, and
sociological/descripti
ve ethics
perspectives to
analyse the ethical
issues involved in
the case.
(Value 70%)
HD: Comprehensive understanding of the professional, philosophical, and
sociological/descriptive ethics perspectives through in-depth discussion
and analysis of three most relevant ethical issues involved in your chosen
case. (59.5-70)
DI: Mostly comprehensive understanding of the professional,
philosophical, and sociological/descriptive ethics perspectives through in-
depth discussion and analysis of three most relevant ethical issues
involved in your chosen case. (52.5-58.8)
CR: Some understanding of the professional, philosophical, and
sociological/descriptive ethics perspectives through some discussion and
analysis of two relevant ethical issues involved in your chosen case.
(45.5-51.8)
PS: Basic understanding of the professional, philosophical, and
sociological/descriptive ethics perspectives through some discussion and
analysis of two relevant ethical issues involved in your chosen case. (35-
44.8)
FL: Major omissions in understanding of the professional, philosophical,
and sociological/descriptive ethics perspectives and irrelevant ethical
issues are identified and analysed. (0-34.3)
Writing & structure
(Value 20%)
HD: Language features and structures are used to convey meaning
effectively, concisely, unambiguously, and in a tone appropriate to the
audience and purpose with no spelling, grammatical, or punctuation
errors. (17-20)
DI: Well developed skills in expression & presentation of ideas. Fluent
writing style appropriate to assessment task/document type. Grammar &
spelling accurate. (15-16.8)
CR: Good skills in expression & clear presentation of ideas. Mostly fluent
writing style appropriate to assessment task/document type. Grammar &
spelling contains a few minor errors. (13-14.8)
PS: The text contains frequent errors in spelling, grammar, word choice,
and structure, lacks clarity, and is not concise, but the meaning is
apparent to the reader with some effort. (10-12.8)
FL: Rudimentary skills in expression & presentation of ideas. Not all
Your Name
Moore, B. J., & Ahmed, S. A. (2016). Efficacy of Philosophical Ethics Uptake in E-learning.
straitstimes.com (2018). Record $1.5m ransomware payoff stirs controversy in South Korea.
[online] The Straits Times. Available at: https://www.straitstimes.com/asia/east-
asia/record-15m-ransomware-payoff-stirs-controversy-in-korea [Accessed 30 Jul.
2018].
Swanson, D. L., & Frederick, W. C. (2016). Denial and leadership in business ethics
education. Business ethics: New challenges for business schools and corporate
leaders, 222-240.
Trevino, L. K., & Nelson, K. A. (2016). Managing business ethics: Straight talk about how to
do it right. John Wiley & Sons.
Do not remove the following marking sheet.
Marking Sheet
Criteria Standards
Marks
awarde
d
Use professional,
philosophical, and
sociological/descripti
ve ethics
perspectives to
analyse the ethical
issues involved in
the case.
(Value 70%)
HD: Comprehensive understanding of the professional, philosophical, and
sociological/descriptive ethics perspectives through in-depth discussion
and analysis of three most relevant ethical issues involved in your chosen
case. (59.5-70)
DI: Mostly comprehensive understanding of the professional,
philosophical, and sociological/descriptive ethics perspectives through in-
depth discussion and analysis of three most relevant ethical issues
involved in your chosen case. (52.5-58.8)
CR: Some understanding of the professional, philosophical, and
sociological/descriptive ethics perspectives through some discussion and
analysis of two relevant ethical issues involved in your chosen case.
(45.5-51.8)
PS: Basic understanding of the professional, philosophical, and
sociological/descriptive ethics perspectives through some discussion and
analysis of two relevant ethical issues involved in your chosen case. (35-
44.8)
FL: Major omissions in understanding of the professional, philosophical,
and sociological/descriptive ethics perspectives and irrelevant ethical
issues are identified and analysed. (0-34.3)
Writing & structure
(Value 20%)
HD: Language features and structures are used to convey meaning
effectively, concisely, unambiguously, and in a tone appropriate to the
audience and purpose with no spelling, grammatical, or punctuation
errors. (17-20)
DI: Well developed skills in expression & presentation of ideas. Fluent
writing style appropriate to assessment task/document type. Grammar &
spelling accurate. (15-16.8)
CR: Good skills in expression & clear presentation of ideas. Mostly fluent
writing style appropriate to assessment task/document type. Grammar &
spelling contains a few minor errors. (13-14.8)
PS: The text contains frequent errors in spelling, grammar, word choice,
and structure, lacks clarity, and is not concise, but the meaning is
apparent to the reader with some effort. (10-12.8)
FL: Rudimentary skills in expression & presentation of ideas. Not all
Your Name
IT Ethics
material is relevant &/or is presented in a disorganised manner. Meaning
apparent, but writing style not fluent or well organised. Grammar &
spelling contains many errors. (0-9.8)
Referencing
(Value 10%)
HD: Referencing is comprehensive, demonstrates academic integrity, and
conforms exactly to APA style conventions. (8.5-10)
DI: Very good referencing, including reference list and citations. High
quality references. (7.5-8.4)
CR: Good referencing, including reference list and citations. Good quality
references. (6.5-7.4)
PS: Referencing is comprehensive, mostly accurate according to APA
style conventions, and demonstrates academic integrity. Some minor
errors or omissions in style and formatting choices (e.g. italics,
punctuation, etc) don’t impact on the transparency and traceability of the
source, or demonstration of academic integrity. (5-6.4)
FL: Sub-standard (or no) referencing. Poor quality (or no) references. (0-
4.9)
Total Marks
Your Name
material is relevant &/or is presented in a disorganised manner. Meaning
apparent, but writing style not fluent or well organised. Grammar &
spelling contains many errors. (0-9.8)
Referencing
(Value 10%)
HD: Referencing is comprehensive, demonstrates academic integrity, and
conforms exactly to APA style conventions. (8.5-10)
DI: Very good referencing, including reference list and citations. High
quality references. (7.5-8.4)
CR: Good referencing, including reference list and citations. Good quality
references. (6.5-7.4)
PS: Referencing is comprehensive, mostly accurate according to APA
style conventions, and demonstrates academic integrity. Some minor
errors or omissions in style and formatting choices (e.g. italics,
punctuation, etc) don’t impact on the transparency and traceability of the
source, or demonstration of academic integrity. (5-6.4)
FL: Sub-standard (or no) referencing. Poor quality (or no) references. (0-
4.9)
Total Marks
Your Name
1 out of 6
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.