AI Ethics & Cybercrime

Yesterday, my Cybersecurity & Business Bachelor class at Hochschule für Technik und Wirtschaft Berlin gathered at Bitvavo’s event space (many thanks for opening your doors to us, dear Niklas Becher!)

We listen to these experts:

🤖 Alexandra Wudel talked about ethical AI in governmental use - and quickly made clear why this topic is so hard and yet so urgent.

Ethical AI often sounds abstract, but the classic self-driving car dilemma captures the problem perfectly: If an algorithm must decide between harming person A or endangering person B - who defines the rule, and on what normative basis?

The EU AI Act talks about ”trustworthy AI”, embedding ethics into legal, technical, and governance requirements. Alexandra highlighted that it took years to develop that framework, precisely because protecting human rights, democracy, and societal values cannot be reduced to efficiency metrics.

Key takeaways:

🔸 A human-centric approach must remain the guiding principle for public-sector AI

🔸 Technology is not neutral - it inherits and perpetuates societal bias

🔸 Ethical AI risks threaten to become a vague checkbox exercise in public administration

🕵️ Next was  Lars Huwald, cybercrime investigator @ Polizei Berlin who shared a view from the front line about what cybercrime today is:

🔸 radically international: servers, operators, payments, clouds in different jurisdictions;

🔸 highly professionalised: “hobby hackers” have almost disappeared; cybercrime has industrialised;

🔸 extremely profitable, especially in ransomware markets: Ransomware attacks are now double extortion schemes (encryption + data leakage threats); and

🔸 backups alone no longer protect you - once data is exfiltrated, control is lost 👉 63% of intrusions persist undetected for over a year, often infecting backups too.

Interesting fact 

🌍 Geopolitically, cybercrime and cyber-espionage follow different logics:

Russia dominates organised cybercrime; China focuses on large-scale data espionage tied to strategic technological leadership.

❗ 95% of fraud cases could be avoided if victims did not unknowingly support the fraudster. Yes, somebody made a mistake. But a blame-and-shame culture is counterproductive: it discourages early reporting, exactly when swift disclosure is most critical. 

→ You may not fully secure systems, but make sure you protect your people. This includes those responsible for cybersecurity, whose burnout rates are alarmingly high and lead to a constant loss of experienced professionals. 

⚠️ Ultimately

Resilience is not only a technical challenge; it is a human one. 

And: Prevention matters - but detection and response readiness matter more.

🙏 Many thanks to our host, speakers and Olaf Borries and our earlier guest speakers in this class: Holger Koether, Christina Kratsch, Christoph Endres, Florian Daniel, Ben R. Hansen, LL.M. and Michael Scherrer for your support of the HTW Berlin Cybersecurity & Business class! You made this course truly special 🧡