Effects Of Information Seeking Modes On Users’ Online Social Engineering Vulnerabilities

Hackers are increasingly exploiting the social movement on the Internet, which is responsible for domestication of the web and its associated technologies, by using novel methods of online social engineering (OSE) . While most research to date in this field has focused on one type of OSE vector-phishing, there is a need to understand user vulnerabilities to other types of OSE attack vectors. This research in progress proposal first extends prior published classifications and presents a new typology of OSE attack vectors that manifest during the various information seeking contexts that users engage while online. This provides a conceptual starting point to build our empirical model that we propose will be useful in testing variance in human vulnerability to the different OSE attack vectors. The results of this research should be of interest to academic researchers, practitioners, consumer protection agencies and government regulatory authorities

A Typology Of Social Engineering Attacks – An Information Science Perspective

Hackers are increasingly exploiting the social movement on the Internet, which is responsible for domestication of the web and its associated technologies, by using novel methods of online social engineering. However, there is not enough support in the form of published research that can help us gain a holistic understanding of human vulnerabilities that are central to online social engineering attacks. This paper extends prior published classifications and presents a new typology of online social engineering methods that manifest during the various information seeking contexts that users engage while online. Concepts borrowed from the field of information science hel p us to build this typology that groups attack vectors with different human information seeking modes. The typology can be readily used as educational material to improve end user awareness about online social engineering. In addition, the typology can be used as a conceptual starting point for future empirical research on human vulnerabilities in different information seeking contexts which in turn can informsystems designers to design more effective solutions that can help mitigate the effects of such attacks

Travel Behaviour Response to Major Transport System Disruptions: Implications for Smarter Resilience Planning

No abstract available

Capital markets and e-fraud: policy note and concept paper for future study

The technological dependency of securities exchanges on internet-based (IP) platforms has dramatically increased the industry's exposure to reputation, market, and operational risks. In addition, the convergence of several innovations in the market are adding stress to these systems. These innovations affect everything from software to system design and architecture. These include the use of XML (extensible markup language) as the industry IP language, STP or straight through processing of data, pervasive or diffuse computing and grid computing, as well as the increased use of Internet and wireless. The fraud is not new, rather, the magnitude and speed by which fraud can be committed has grown exponentially due to the convergence of once private networks on-line. It is imperative that senior management of securities markets and brokerage houses be properly informed of the negative externalities associated with e-brokerage and the possible critical points of failure that exist in today's digitized financial sector as they grow into tomorrow's exchanges. The overwhelming issue regarding e-finance is to determine the true level of understanding that senior management has about on-line platforms, including the inherent risks and the depth of the need to use it wisely. Kellermann and McNevin attempt to highlight the various risks that have been magnified by the increasing digitalization of processes within the brokerage arena and explain the need for concerted research and analysis of these as well as the profound consequences that may entail without proper planning. An effective legal, regulatory, and enforcement framework is essential for creating the right incentive structure for market participants. The legal and regulatory framework should focus on the improvement of internal monitoring of risks and vulnerabilities, greater information sharing about these risks and vulnerabilities, education and training on the care and use of these technologies, and better reporting of risks and responses. Public/private partnerships and collaborations also are needed to create an electronic commerce (e-commerce) environment that is safe and sound.Environmental Economics&Policies,Insurance&Risk Mitigation,Financial Intermediation,ICT Policy and Strategies,Banks&Banking Reform

Travel Behaviour Response to Major Transport System Disruptions: Implications for Smarter Resilience Planning

No abstract available

South American Expert Roundtable : increasing adaptive governance capacity for coping with unintended side effects of digital transformation

This paper presents the main messages of a South American expert roundtable (ERT) on the unintended side effects (unseens) of digital transformation. The input of the ERT comprised 39 propositions from 20 experts representing 11 different perspectives. The two-day ERT discussed the main drivers and challenges as well as vulnerabilities or unseens and provided suggestions for: (i) the mechanisms underlying major unseens; (ii) understanding possible ways in which rebound effects of digital transformation may become the subject of overarching research in three main categories of impact: development factors, society, and individuals; and (iii) a set of potential action domains for transdisciplinary follow-up processes, including a case study in Brazil. A content analysis of the propositions and related mechanisms provided insights in the genesis of unseens by identifying 15 interrelated causal mechanisms related to critical issues/concerns. Additionally, a cluster analysis (CLA) was applied to structure the challenges and critical developments in South America. The discussion elaborated the genesis, dynamics, and impacts of (groups of) unseens such as the digital divide (that affects most countries that are not included in the development of digital business, management, production, etc. tools) or the challenge of restructuring small- and medium-sized enterprises (whose service is digitally substituted by digital devices). We identify specific issues and effects (for most South American countries) such as lack of governmental structure, challenging geographical structures (e.g., inclusion in high-performance transmission power), or the digital readiness of (wide parts) of society. One scientific contribution of the paper is related to the presented methodology that provides insights into the phenomena, the causal chains underlying “wanted/positive” and “unwanted/negative” effects, and the processes and mechanisms of societal changes caused by digitalization

The global vulnerability discovery and disclosure system: a thematic system dynamics approach

Vulnerabilities within software are the fundamental issue that provide both the means, and opportunity for malicious threat actors to compromise critical IT systems (Younis et al., 2016). Consequentially, the reduction of vulnerabilities within software should be of paramount importance, however, it is argued that software development practitioners have historically failed in reducing the risks associated with software vulnerabilities. This failure is illustrated in, and by the growth of software vulnerabilities over the past 20 years. This increase which is both unprecedented and unwelcome has led to an acknowledgement that novel and radical approaches to both understand the vulnerability discovery and disclosure system (VDDS) and to mitigate the risks associate with software vulnerability centred risk is needed (Bradbury, 2015; Marconato et al., 2012). The findings from this research show that whilst technological mitigations are vital, the social and economic features of the VDDS are of critical importance. For example, hitherto unknown systemic themes identified by this research are of key and include; Perception of Punishment; Vendor Interactions; Disclosure Stance; Ethical Considerations; Economic factors for Discovery and Disclosure and Emergence of New Vulnerability Markets. Each theme uniquely impacts the system, and ultimately the scale of vulnerability based risks. Within the research each theme within the VDDS is represented by several key variables which interact and shape the system. Specifically: Vender Sentiment; Vulnerability Removal Rate; Time to fix; Market Share; Participants within VDDS, Full and Coordinated Disclosure Ratio and Participant Activity. Each variable is quantified and explored, defining both the parameter space and progression over time. These variables are utilised within a system dynamic model to simulate differing policy strategies and assess the impact of these policies upon the VDDS. Three simulated vulnerability disclosure futures are hypothesised and are presented, characterised as depletion, steady and exponential with each scenario dependent upon the parameter space within the key variables