Cybercrime Pervasiveness, Consequences, and Sustainable Counter Strategies

As our connectivity and dependency on technology increases, so does our vulnerability. Technology has provided not only new tools, but also new opportunities for criminals in the digital world. The abuse of new technologies has been threatening economic and Jinancial security and actually devastating the lives of affected indivicluals. In Nigeria, cybercrime has recorded mostly foregin-based individuals and organizations as victims thereby getting Nigeria ranked among the nations with notorious pemasiveness of high-tech crimes. Indeed, adequately formulating a strategy to contain the menace of cybercrime presents aformidable challenge to law enforcement. This paper x-rays noted instances of cybercrime pervasiveness, its devastating consequences, and up-to-date countermeasures in Nigeria It develops an enforceable/sustainable framework to determine how critical infrastructures are put at risk snd how law enforcement should react in responding to the threats

EU cybersecurity capacity building in the Mediterranean and the Middle East

Cyberthreats on the Rise The 2008 Report on the implementation of the European Security Strategy included “cybersecurity” for the first time among the priorities of the EU’s external action, stating that: “modern economies are heavily reliant on critical infrastructure including transport, communication and power supplies, but also the Internet.” If the EU Strategy for a Secure Information Society, adopted two years before, already addressed “cybercrime,” the proliferation of cyber-attacks “against private or government IT systems” gave the spread of cyber-capabilities a “new dimension, as a potential new economic, political and military weapon.” An EU Cybersecurity Strategy was adopted in 20132 followed, in 2016, by a first EU “Directive on Security of Network and Information Systems,” known as the “NIS Directive,” which harmonized the EU Member States’ legislations

INTERNATIONAL AND REGIONAL ORGANIZATIONS WITH ATTRIBUTES AND PREOCCUPATIONS IN PREVENTING AND FIGHTING AGAINST CYBERCRIME AND THEIR MAIN ACCOMPLISHMENTS

At global level, there are various organizations which are constantly concerned with the analysis of the latest manifestations and evolution of cybercrime, setting up work groups to develop strategies for the prevention and fight of cybercrimes. Besides these international organizations which act globally, several other organizations focus on certain regions, dealing with issues related to cybercrime.cybercrime, organizations, declaration, resolution, convention

Government and private sector cooperation on security of critical information infrastructures

A Research Report submitted to the Faculty of Management, University of the Witwatersrand, in 50% fulfilment of the requirements for the Degree of Master of Management in Public Policy (in the field of Security).Information and Communications Technologies (ICTs), in particular interconnected computer and related digital systems, create opportunities for innovation, competitiveness and economic growth. These technologies also expose key sectors of the economy such as banking, telecommunications, manufacturing, emergency services, transportation, energy, and social services to new security risks and threats. This security challenge has given rise to a need for the adoption of appropriate strategies to secure critical information systems commonly referred to as Critical Information Infrastructures or CIIs. The European Union defines CIIs as ICT systems that are critical and essential for the operation of Critical Infrastructures, such as telecommunications, computers, the internet, and communications satellites. The African Union has defined CIIs as the cyber infrastructures essential to vital services for public safety, economic stability, national security, international stability, and the sustainability and restoration of critical cyberspace. Given their complexity and sophistication, CIIs are increasingly owned or operated by the private sector, and governments generally purchase these services on behalf of the general public. This interdependence between the public and private sectors calls for structured co-operation aimed at ensuring the security and uninterrupted availability of CIIs. This study examines the extent to which South Africa’s public policies for securing CIIs promote co-operation between the government and the private sector. It includes a literature review which shows that policy aimed at promoting and regulating public-private cooperation is a key element of efforts to secure CIIs and combat cybercrime in Europe, the Americas and Asia. The report also shows that the Council of Europe, through the Budapest Convention, has played a central role in creating a legal framework for combating cybercrime and promoting public- private cooperation on cybersecurity. Government and private sector cooperation on security of Critical information Infrastructures Page 11 of 80 Research also shows that not much has been done in Africa to combat cybercrime. Some initiatives have been undertaken by Senegal, Morocco, South Africa and Mauritius. These countries are members of the Budapest Convention, and participated in initiatives of the Council of Europe in their capacity as members of the Convention. In 2014, the AU adopted the AU Convention on Cyber Security and Personal Data Protection. This convention has only been signed by eight of 54 African countries, and has not entered into force because it has not been ratified by the required number of countries. This means that there is no valid instrument for promoting cooperation on cyber security in Africa. Since 2002, the South African government has adopted various policies and laws aimed at promoting cooperation with the private sector. However, there is no evidence of these policies or legislation being implemented. The research also shows that the government has failed to develop a consistent strategy for implementing policy in this field. In 2015, the government approved the National Cybersecurity Policy Framework (NCPF), which calls for public–private partnerships and cooperation. However, the research shows that it has not adopted a strategy that will allow this approach to succeed. In this regard, the research report points to the 5C protocol as a useful guide to successful policy implementation. In interviews conducted for this study, senior government officials acknowledge that, as in many other areas of governance, good policy has been made, but implementation is lagging. The study concludes with recommendations for improving cyber security in South Africa. These include fast-tracking the Cybersecurity and Cybercrimes Bill, which has been tabled in Parliament; developing and institutionalising a policy implementation framework in line with the 5C protocol; and developing the required skills and capacity to institutionalise and structure cooperation between the government the private sector in identifying and protecting CIIs, and pursuing a regional approach to cybersecurityGR201

Between Hype and Understatement: Reassessing Cyber Risks as a Security Strategy

Most of the actions that fall under the trilogy of cyber crime, terrorism,and war exploit pre-existing weaknesses in the underlying technology.Because these vulnerabilities that exist in the network are not themselvesillegal, they tend to be overlooked in the debate on cyber security. A UKreport on the cost of cyber crime illustrates this approach. Its authors chose to exclude from their analysis the costs in anticipation of cyber crime, such as insurance costs and the costs of purchasing anti-virus software on the basis that "these are likely to be factored into normal day-to-day expenditures for the Government, businesses, and individuals. This article contends if these costs had been quantified and integrated into the cost of cyber crime, then the analysis would have revealed that what matters is not so much cyber crime, but the fertile terrain of vulnerabilities that unleash a range of possibilities to whomever wishes to exploit them. By downplaying the vulnerabilities, the threats represented by cyber war, cyber terrorism, and cyber crime are conversely inflated. Therefore, reassessing risk as a strategy for security in cyberspace must include acknowledgment of understated vulnerabilities, as well as a better distributed knowledge about the nature and character of the overhyped threats of cyber crime, cyber terrorism, and cyber war

The effect of cyber-attacks on stock returns

A widely debated issue in recent years is cybercrime. Breaches in the security of accessibility, integrity and confidentiality of information involve potentially high explicit and implicit costs for firms. This paper investigates the impact of information security breaches on stock returns. Using event-study methodology, the study provides empirical evidence on the effect of announcements of cyber-attacks on the market value of firms from 1995 to 2015. Results show that substantial negative market returns occur following announcements of cyber-attacks. Financial entities often suffer greater negative effects than other companies and non-confidential cyber-attacks are the most dangerous, especially for the financial sector. Overall findings seem to show a link between cybercrime and insider trading

Adversarial behaviours knowledge area

The technological advancements witnessed by our society in recent decades have brought improvements in our quality of life, but they have also created a number of opportunities for attackers to cause harm. Before the Internet revolution, most crime and malicious activity generally required a victim and a perpetrator to come into physical contact, and this limited the reach that malicious parties had. Technology has removed the need for physical contact to perform many types of crime, and now attackers can reach victims anywhere in the world, as long as they are connected to the Internet. This has revolutionised the characteristics of crime and warfare, allowing operations that would not have been possible before. In this document, we provide an overview of the malicious operations that are happening on the Internet today. We first provide a taxonomy of malicious activities based on the attacker’s motivations and capabilities, and then move on to the technological and human elements that adversaries require to run a successful operation. We then discuss a number of frameworks that have been proposed to model malicious operations. Since adversarial behaviours are not a purely technical topic, we draw from research in a number of fields (computer science, criminology, war studies). While doing this, we discuss how these frameworks can be used by researchers and practitioners to develop effective mitigations against malicious online operations.Published versio