807 research outputs found
The Rise of Crypto Malware: Leveraging Machine Learning Techniques to Understand the Evolution, Impact, and Detection of Cryptocurrency-Related Threats
Crypto malware has become a major threat to the security of cryptocurrency holders and exchanges. As the popularity of cryptocurrency continues to rise, so too does the number and sophistication of crypto malware attacks. This paper leverages machine learning techniques to understand the evolution, impact, and detection of cryptocurrency-related threats. We analyse the different types of crypto malware, including ransomware, crypto jacking, and supply chain attacks, and explore the use of machine learning algorithms for detecting and preventing these threats. Our research highlights the importance of using machine learning for detecting crypto malware and compares the effectiveness of traditional methods with deep learning techniques. Through this analysis, we aim to provide insights into the growing threat of crypto malware and the potential benefits of using machine learning in combating these attacks
How Artificial Intelligence Can Protect Financial Institutions From Malware Attacks
The objective of this study is to examine the potential of artificial intelligence (AI) to enhance the security posture of financial institutions against malware attacks. The study identifies the current trends of malware attacks in the banking sector, assesses the various forms of malware and their impact on financial institutions, and analyzes the relevant security features of AI. The findings suggest that financial institutions must implement robust cybersecurity measures to protect against various forms of malware attacks, including ransomware attacks, phishing attacks, mobile malware attacks, APTs, and insider threats. The study recommends that financial institutions invest in AI-based security systems to improve security features and automate security tasks. To ensure the reliability and security of AI systems, it is essential to incorporate relevant security features such as explain ability, privacy, anomaly detection, intrusion detection, and data validation. The study highlights the importance of incorporating explainable AI (XAI) to enable users to understand the reasoning behind the AI's decisions and actions, identify potential security threats and vulnerabilities in the AI system, and ensure that the system operates ethically and transparently. The study also recommends incorporating privacy-enhancing technologies (PETs) into AI systems to protect user data from unauthorized access and use. Finally, the study recommends incorporating robust security measures such as anomaly detection and intrusion detection to protect against adversarial attacks and data validation and integrity checks to protect against data poisoning attacks. Overall, this study provides insights for decision-makers in implementing effective cybersecurity strategies to protect financial institutions from malware attacks
Security Posture: A Systematic Review of Cyber Threats and Proactive Security
In the last decade, several high-profile cyber threats have occurred with global impact and devastating consequences. The tools, techniques, and procedures used to prevent cyber threats from occurring fall under the category of proactive security. Proactive security methodologies, however, vary among professionals where differing tactics have proved situationally effective. To determine the most effective tactics for preventing exploitation of vulnerabilities, the author examines the attack vector of three incidents from the last five years in a systematic review format: the WannaCry incident, the 2020 SolarWinds SUNBURST exploit, and the recently discovered Log4j vulnerability. From the three cases and existing literature, the author determined that inventory management, auditing, and patching are essential proactive security measures which may have prevented the incidents altogether. Then, the author discusses obstacles inherent to these solutions, such as time, talent, and resource restrictions, and proposes the use of user-friendly, open-source tools as a solution. The author intends through this research to improve the security posture of the Internet by encouraging further research into proactive cyber threat intelligence measures and motivating business executives to prioritize cybersecurity
Ransomware and Academic International Medicine
Healthcare is among the leading industries targeted by cyber-criminals. Ransomware exploits vulnerabilities to hijack target information technology (IT) infrastructures for monetary gain. Due to the nature and value of information, access to medical information enables cyber-criminals to commit identity theft, medical fraud, and extortion, and illegally obtain controlled substances. The utility and versatility of medical information, extensive centralized storage of medical information, relatively weak IT security systems, and the expanding use of healthcare IT infrastructure all contribute to an increase in cyber-attacks on healthcare entities. Research suggests that an individual’s medical information is 20–50 times more valuable to cyber-criminals than personal financial information. As such, cyber-attacks targeting medical information are increasing 22% per year. This chapter explores the history of ransomware attacks in healthcare, ransomware types, ransom payment, healthcare vulnerabilities, implications for international health security, and means of institutional protection
Measuring Cyber Security Awareness within Groups of Medical Professionals in Poland
The goal of this study is to measure the cyber security awareness of medical professionals in Poland, i.e. to verify whether healthcare specialists have knowledge and understanding of basic cyber security threats. This survey was based on the cyber security recommendations from the European Union Agency for Network and Information Security and the U.S. Department of Health and Human Services. The survey consisted of 23 single and multiple-choice questions divided into four parts. The results categorized the respondents and measured the level of cyber security awareness. Among the 620 persons invited to participate in the survey, 300 (48.39%) responded and answered all of the questions. The results show a an unsatisfactory level of knowledge regarding information security in Poland. The main conclusion drawn from the survey is that the quality of cyber security training among medical professionals should be improved and frequency of the trainings should be increased
The Mega Healthcare Data Breaches in the United States (2009 – 2023): A Comparative Document Analysis
This paper presents a comprehensive analysis of the predominant healthcare data breaches in the United States from October 2009 to September 2023, utilizing a mixed-methods approach centered on seven publicly available breach reports. It aims to identify patterns, common factors, and measures to enhance cybersecurity within the sector. Through comparative document analysis, the study examines the nature, causes, and repercussions of these breaches, recognizing external attacks, internal errors, and software vulnerabilities as critical weaknesses. The consequences range from financial and reputational damage to erosion of patient trust. The findings stress the necessity for improved preventive strategies, bolstering of security practices, employee training, vendor oversight, and effective incident response mechanisms. The paper also offers insights into the legal and ethical implications of breaches. It suggests robust cybersecurity measures, including the adoption of emerging technologies like blockchain and AI/ML to deter threats. The recommendations guide healthcare organizations toward establishing robust protections for sensitive health data, ensuring regulatory compliance, and facilitating continuity of trust and care. The paper serves as a call to action for ongoing study into the multidimensional impact of data compromises in healthcare.
Addressing telecommuting in cyber security guidelines
Cyber security threats are becoming more common than before. New phenomena in society
include new cyber security threats which organisations and society should prepare for. One of
these phenomena is telecommuting. Telecommuting has its roots already in the 1970s, but it has
become increasingly popular during the last years. Especially the pandemic caused by Covid-19
has changed the way of working drastically. Pandemic and the social distancing forced many
organisations to have their employees working from home. Information technology has abled
telecommuting, but it has also brought some problems such as security issues. Cyber security
threats have increased and become more diverse during the mass telecommuting caused by Covid-19. Telecommuting has some special features that can increase cyber security threats and risks.
In this research the following cyber security threats relating to telecommuting were identified to
be most relevant: cyber attacks, social engineering, unauthorized access and physical security.
Previous literature has identified that there exist cyber security threats in telecommuting, but it
has remained unclear how organisations manage and mitigate these in practice. Many of the
identified threats relate to employees’ unwanted behaviour. Employees are unaware of the threats
facing the organisation in telecommuting. Some employees have not been provided with proper
guidelines and instruction on secure way of working. Information security policies and guidelines
are important for maintaining cyber security in organisations. Policies can be even seen as the
basis for organisation’s cyber security. This research studied which guidelines could be applicable
in a telecommuting environment in order to mitigate the common cyber security threats. Most
prominent cyber security guidelines for telecommuting identified in this research were guidelines
for personal and mobile devices, guidelines for social engineering, guidelines for physical
security, network guidelines, password guidelines and guidelines for online meetings.
Case study of multiple cases was used as a method for this study. The cases are seven Finnish
universities. The empirical data consists of cyber security and telecommuting guidelines from the
universities. These guidelines were analysed by reflecting to the theoretical framework. The
analysis showed that especially guidelines for physical security and online meetings were lacking.
The presence of outsiders in the telecommuting environment was addressed poorly. Outsiders are
a threat both to physical and online meeting security as outsiders may see or hear confidential
things. In addition, guidelines were not addressing data labelling and information release. Threats
specific to Covid-19 were also addressed poorly even though cyber criminals have exploited the
pandemic. Guidelines seemed to be otherwise comprehensive. Threats that were addressed poorly
have been especially relevant during the pandemic which suggests that organisations’ guidelines
are not quite up to date even though otherwise applicable. Organisations should review and update
their guidelines periodically and if a major change occurs in the operation environment.Kyberturvallisuusuhat ovat yleistymässä. Uudet ilmiöt tuovat mukanaan uusia
kyberturvallisuusuhkia, joihin organisaatioiden ja yhteiskunnan tulee varautua. Yksi näistä
ilmiöistä on etätyö. Etätyön juuret ovat jo 1970-luvulla, mutta sen suosio on kasvanut viime
vuosina. Erityisesti Covid-19 ja sen aiheuttama pandemia ovat muuttaneet työn toimintatapoja
radikaalisti, sillä pandemia pakotti monet työntekijät etätyöhön. Tietotekniikka on mahdollistanut
etätyön, mutta se on tuonut myös ongelmia liittyen kyberturvaan. Kyberturvallisuusuhat ovat
lisääntyneet ja monipuolistuneet pandemian aiheuttaman laajalle levinneen etätyön myötä.
Etätyössä on joitain erityispiirteitä, jotka voivat lisätä kyberturvallisuusuhkia ja -riskejä
perinteiseen työntekoon verraten. Tässä tutkimuksessa tärkeimmiksi etätyöhön liittyviksi
kyberuhiksi tunnistettiin kyberhyökkäykset, sosiaalinen manipulointi, valtuuttamaton pääsy ja
huono fyysinen turvallisuus.
Aikaisemmassa kirjallisuudessa on havaittu, että etätyöhön liittyy kyberturvallisuusuhkia, mutta
on jäänyt epäselväksi, miten organisaatiot hallitsevat ja vähentävät niitä käytännössä. Monet
tunnistetuista uhista liittyvät työntekijöiden ei-toivottuun käyttäytymiseen. Työntekijät eivät
välttämättä ole tietoisia etätyön uhista organisaatiolle. Osalle työntekijöistä ei ole myöskään
annettu asianmukaisia ohjeita kyberturvallisista työskentelytavoista. Tietoturvapolitiikat ja -
ohjeet ovat tärkeitä organisaatioiden kyberturvallisuuden ylläpitämisessä. Politiikkoja voidaan
pitää jopa organisaation kyberturvallisuuden perustana. Tässä tutkimuksessa selvitettiin,
minkälaisia ohjeita tarvitaan etätyössä yleisten kyberturvallisuusuhkien lieventämiseksi. Tässä
tutkimuksessa tunnistetut kyberturvallisuusohjeet etätyöhön liittyivät henkilökohtaisten ja
mobiililaitteiden käyttöön, sosiaaliseen manipulointiin, fyysiseen turvallisuuteen, turvattomiin
verkkoihin, salasanoihin ja online-kokouksiin.
Tutkimusmetodina tässä tutkimuksessa käytettiin usean tapauksen tapaustutkimusta. Tapauksina
toimivat seitsemän suomalaista yliopistoa. Empiirinen data koostuu Suomessa toimivien
yliopistojen kyberturvallisuus- ja etätyöohjeista. Nämä ohjeet analysoitiin teoreettiseen
viitekehyksen avulla ja siihen viitaten. Analyysi osoitti, että erityisesti fyysistä turvallisuutta ja
online-kokouksia koskevat ohjeet ovat puutteellisia. Ulkopuolisten läsnäolo etätyöympäristössä
on huomioitu huonosti. Ulkopuoliset ovat uhka sekä fyysiselle että online-kokousten
turvallisuudelle, koska ulkopuoliset voivat nähdä tai kuulla luottamuksellisia asioita. Lisäksi
datan merkitsemiseen ja tiedon jakamiseen liittyvät ohjeet puuttuivat. Covid-19 oli myös
huomioitu huonosti, vaikka pandemian aikana on ollut useita kyberhyökkäyksiä, jotka ovat
hyödyntäneet Covid-19 tuomaa epävarmuutta. Yliopistojen ohjeet näyttivät muuten olevan
kattavat. Huonosti huomioon otetut ohjeet ovat sellaisia, jotka ovat olleet esillä etenkin
pandemian aikana. Vaikuttaa siltä, että organisaatioiden ohjeet eivät ole täysin ajan tasalla, vaikka
ne muuten olisivat tarkoituksenmukaiset. Organisaatioiden tuleekin tarkistaa ja päivittää ohjeitaan
säännöllisesti ja aina, jos toimintaympäristössä tapahtuu suuria muutoksia
Recommended from our members
A SYSTEMATIC LITERATURE REVIEW OF RANSOMWARE ATTACKS IN HEALTHCARE
This culminating experience project conducted a Systematic Literature Review of ransomware in the healthcare industry. Due to COVID-19, there has been an increase in ransomware attacks that took healthcare by surprise. Although ransomware is a common attack, the current healthcare infrastructure and security mechanisms could not suppress these attacks. This project identifies peer-viewed literature to answer these research questions: “What current ransomware attacks are used in healthcare systems? “What ransomware attacks are likely to appear in the future?” and “What solutions or methods have been used to prepare, prevent, and recover from these attacks?” The purpose of this research is to identify a possible increasing trend of seeing ransomware in the future and to see what technologies are used to combat these attacks. The findings focus on three solutions, artificial intelligence (AI), machine learning (ML), and blockchain as there can be many solutions that could have been included. Because the healthcare industry has many different types of systems involved, limitations of the research are solutions suggested being other studies may not work with other studies. For future studies, indicating a specific type of healthcare organization may be recommended and will have better results
DECEPTION BASED TECHNIQUES AGAINST RANSOMWARES: A SYSTEMATIC REVIEW
Ransomware is the most prevalent emerging business risk nowadays. It seriously affects business continuity and operations. According to Deloitte Cyber Security Landscape 2022, up to 4000 ransomware attacks occur daily, while the average number of days an organization takes to identify a breach is 191. Sophisticated cyber-attacks such as ransomware typically must go through multiple consecutive phases (initial foothold, network propagation, and action on objectives) before accomplishing its final objective. This study analyzed decoy-based solutions as an approach (detection, prevention, or mitigation) to overcome ransomware. A systematic literature review was conducted, in which the result has shown that deception-based techniques have given effective and significant performance against ransomware with minimal resources. It is also identified that contrary to general belief, deception techniques mainly involved in passive approaches (i.e., prevention, detection) possess other active capabilities such as ransomware traceback and obstruction (thwarting), file decryption, and decryption key recovery. Based on the literature review, several evaluation methods are also analyzed to measure the effectiveness of these deception-based techniques during the implementation process
- …