Data Exfiltration:A Review of External Attack Vectors and Countermeasures

AbstractContext One of the main targets of cyber-attacks is data exfiltration, which is the leakage of sensitive or private data to an unauthorized entity. Data exfiltration can be perpetrated by an outsider or an insider of an organization. Given the increasing number of data exfiltration incidents, a large number of data exfiltration countermeasures have been developed. These countermeasures aim to detect, prevent, or investigate exfiltration of sensitive or private data. With the growing interest in data exfiltration, it is important to review data exfiltration attack vectors and countermeasures to support future research in this field. Objective This paper is aimed at identifying and critically analysing data exfiltration attack vectors and countermeasures for reporting the status of the art and determining gaps for future research. Method We have followed a structured process for selecting 108 papers from seven publication databases. Thematic analysis method has been applied to analyse the extracted data from the reviewed papers. Results We have developed a classification of (1) data exfiltration attack vectors used by external attackers and (2) the countermeasures in the face of external attacks. We have mapped the countermeasures to attack vectors. Furthermore, we have explored the applicability of various countermeasures for different states of data (i.e., in use, in transit, or at rest). Conclusion This review has revealed that (a) most of the state of the art is focussed on preventive and detective countermeasures and significant research is required on developing investigative countermeasures that are equally important; (b) Several data exfiltration countermeasures are not able to respond in real-time, which specifies that research efforts need to be invested to enable them to respond in real-time (c) A number of data exfiltration countermeasures do not take privacy and ethical concerns into consideration, which may become an obstacle in their full adoption (d) Existing research is primarily focussed on protecting data in ‘in use’ state, therefore, future research needs to be directed towards securing data in ‘in rest’ and ‘in transit’ states (e) There is no standard or framework for evaluation of data exfiltration countermeasures. We assert the need for developing such an evaluation framework

The NEBLINE, March 2009

Contents:4-H Embryology: More Than Just a Science Project!How to Account for Differences in Moisture Content in CommoditiesControlling Winter Annual Brome with HerbicidesCanada Geese Populations are IncreasingManaging Pocket GophersDo a “Don’t Do” List!5 More Main Dishes—Each Using Only 5 IngredientsFamily & Community Education (FCE) Clubs: Presidents’ View—Bonnie’s BitsFCE News & EventsHousehold Hints: Removing Soot from CarpetTips to Help Parents Talk to Their Kids About Sex and TechnologyLocal Bagworm Control Initiative2009 Great Plants SelectionsEarly Detection is Key to Minimizing Insecticide Use in Home GardensBird House Care Is Important To Make It LastFertilizing House Plants4-H Speech Contest4-H Achievement Night2008 Outstanding 4-H Club AwardsLincoln’s Free Tax Preparation and FilingExtension News: New and Outgoing Lancaster County Extension Board MembersFebruary\u27s Heart of 4-H Award Winner: Jim BaumanU.S. Drought Monitor Map Weed Awareness Special Pullout Sectio

A Deep Dive into Technical Encryption Concepts to Better Understand Cybersecurity & Data Privacy Legal & Policy Issues

Lawyers wishing to exercise a meaningful degree of leadership at the intersection of technology and the law could benefit greatly from a deep understanding of the use and application of encryption, considering it arises in so many legal scenarios. For example, in FTC v. Wyndham1 the defendant failed to implement nearly every conceivable cybersecurity control, including lack of encryption for stored data, resulting in multiple data breaches and a consequent FTC enforcement action for unfair and deceptive practices. Other examples of legal issues requiring use of encryption and other technology concepts include compliance with security requirements of GLBA & HIPAA, encryption safe harbors relative to state data breach notification laws and the CCPA, the NYDFS Cybersecurity Regulation, and PCI standards. Further, some policy discussions have taken place in 2020 regarding encrypted DNS over HTTPS, and lawyers would certainly seem to benefit from a better understanding of relevant encryption concepts to assess the privacy effectiveness of emerging encryption technologies, such as encrypted DNS. Finally, the need for technology education for lawyers is evidenced by North Carolina and Florida requiring one or more hours in technology CLE and New York in 2020 moving toward required CLE in the area of cybersecurity specifically. This article observes that there is a continuing desire for strong encryption mechanisms to advance the privacy interests of civilians’ online activities/communications (e.g., messages or web browsing). Law enforcement advocates for a “front door,” requiring tech platforms to maintain a decryption mechanism for online data, which they must produce upon the government providing a warrant. However, privacy advocates may encourage warrant-proof encryption mechanisms where tech platforms remove their ability to ever decrypt. This extreme pro-privacy position could be supported based on viewing privacy interests under a lens such as Blackstone’s ratio. Just as the Blackstone ratio principle favors constitutional protections that allow ten guilty people to go free rather than allowing one innocent person suffer, individual privacy rights could arguably favor fairly unsurveillable encrypted communications at the risk of not detecting various criminal activity. However, given that the internet can support large-scale good or evil activity, law enforcement continues to express a desire for a front door required by legislation and subject to suitable privacy safeguards, striking a balance between strong privacy versus law enforcement’s need to investigate serious crimes. In the last few decades, law enforcement appears to have lost the debate for various reasons, but the debate will likely continue for years to come. For attorneys to exercise meaningful leadership in evaluating the strength of encryption technologies relative to privacy rights, attorneys must generally understand encryption principles, how these principles are applied to data at rest (e.g., local encryption), and how they operate with respect to data in transit. Therefore, this article first explores encryption concepts primarily with regard to data at rest and then with regard to data in transit, exploring some general networking protocols as context for understanding how encryption can applied to data in transit, protecting the data payload of a packet and/or the routing/header information (i.e., the “from” and “to” field) of the packet. Part 1 of this article briefly explores the need for lawyers to understand encryption. Part 2 provides a mostly technical discussion of encryption concepts, with some legal concepts injected therein. Finally, Part 3 provides some high level legal discussion relevant to encryption (including arguments for and against law enforcement’s desire for a front door). To facilitate understanding for a non-technical legal audience, I include a variety of physical world analogies throughout (e.g., postal analogies and the like)

Wi-Fi Enabled Healthcare

Focusing on its recent proliferation in hospital systems, Wi-Fi Enabled Healthcare explains how Wi-Fi is transforming clinical work flows and infusing new life into the types of mobile devices being implemented in hospitals. Drawing on first-hand experiences from one of the largest healthcare systems in the United States, it covers the key areas associated with wireless network design, security, and support. Reporting on cutting-edge developments and emerging standards in Wi-Fi technologies, the book explores security implications for each device type. It covers real-time location services and emerging trends in cloud-based wireless architecture. It also outlines several options and design consideration for employee wireless coverage, voice over wireless (including smart phones), mobile medical devices, and wireless guest services. This book presents authoritative insight into the challenges that exist in adding Wi-Fi within a healthcare setting. It explores several solutions in each space along with design considerations and pros and cons. It also supplies an in-depth look at voice over wireless, mobile medical devices, and wireless guest services. The authors provide readers with the technical knowhow required to ensure their systems provide the reliable, end-to-end communications necessary to surmount today’s challenges and capitalize on new opportunities. The shared experience and lessons learned provide essential guidance for large and small healthcare organizations in the United States and around the world. This book is an ideal reference for network design engineers and high-level hospital executives that are thinking about adding or improving upon Wi-Fi in their hospitals or hospital systems

Multibiometric security in wireless communication systems

This thesis was submitted for the degree of Doctor of Philosophy and awarded by Brunel University, 05/08/2010.This thesis has aimed to explore an application of Multibiometrics to secured wireless communications. The medium of study for this purpose included Wi-Fi, 3G, and WiMAX, over which simulations and experimental studies were carried out to assess the performance. In specific, restriction of access to authorized users only is provided by a technique referred to hereafter as multibiometric cryptosystem. In brief, the system is built upon a complete challenge/response methodology in order to obtain a high level of security on the basis of user identification by fingerprint and further confirmation by verification of the user through text-dependent speaker recognition. First is the enrolment phase by which the database of watermarked fingerprints with memorable texts along with the voice features, based on the same texts, is created by sending them to the server through wireless channel. Later is the verification stage at which claimed users, ones who claim are genuine, are verified against the database, and it consists of five steps. Initially faced by the identification level, one is asked to first present one’s fingerprint and a memorable word, former is watermarked into latter, in order for system to authenticate the fingerprint and verify the validity of it by retrieving the challenge for accepted user. The following three steps then involve speaker recognition including the user responding to the challenge by text-dependent voice, server authenticating the response, and finally server accepting/rejecting the user. In order to implement fingerprint watermarking, i.e. incorporating the memorable word as a watermark message into the fingerprint image, an algorithm of five steps has been developed. The first three novel steps having to do with the fingerprint image enhancement (CLAHE with 'Clip Limit', standard deviation analysis and sliding neighborhood) have been followed with further two steps for embedding, and extracting the watermark into the enhanced fingerprint image utilising Discrete Wavelet Transform (DWT). In the speaker recognition stage, the limitations of this technique in wireless communication have been addressed by sending voice feature (cepstral coefficients) instead of raw sample. This scheme is to reap the advantages of reducing the transmission time and dependency of the data on communication channel, together with no loss of packet. Finally, the obtained results have verified the claims

Cyberloafing While Working From Home: Exploring the Conceptualisation, Drivers and Implications

Abstract The world has changed massively after the Covid-19 pandemic outbreaks. The situation has made a significant impact on how people work all over the world. Mandatory working from home is one kind of remote work that has become an everyday norm. In this paper, we provide an integrated cyberloafing conceptual framework based on qualitative research to identify the different aspects to better understand contemporary cyberloafing drivers and outcomes in the context of working from home. This master thesis describes cyberloafing in working from home as a multidimensional concept with external incentives and internal impulses as its drivers. We analysed 480 response statements derived from 48 participants in open-ended essays with employees from various sectors in the United Kingdom and the United States using the Gioia content analysis method. Based on our analyses, we conceptualise important aspects of cyberloafing behaviour in work from home settings. The essential element driving cyberloafing behaviour in working from home is the work tasks factors, followed by the working environment factors and monitoring and restriction factors. Psychological reasons and instant gratifications are identified as internal impulses in this study. In addition, the study proposes personal and professional implications that have both potentially negative and positive impacts. Finally, the master thesis discusses theoretical and practical implications and future research directions. Oppsummering Verden har endret seg kraftig etter utbruddet av Covid-19 pandemien. Spesielt gjelder dette hvordan mennesker over hele verden arbeider. Bruken av hjemmekontor er ikke lenger et fjernt begrep, men derimot normen for veldig mange arbeidstakere. I denne masteroppgaven, vil vi legge frem et integrert cyberloafing rammeverk basert på en kvalitativ undersøkelse. Dette for å bedre identifisere forskjellige aspekter ved cyberloafing, slik som pådrivere og utfall i konteksten av hjemmekontor. Denne oppgaven beskriver cyberloafing i konteksten av hjemmekontor som et multidimensjonelt konsept med eksterne insentiver og interne impulser som sentrale drivere for økt cyberloafing-aktivitet blant ansatte. Oppgaven analyserer 480 åpne svars-besvarelser fra 48 respondenter fra ansatte i et bredt spekter av sektorer i Storbrittania og USA. Gioa metoden blir brukttil åanalyserebesvarelsene. Basertpåvåreresultaterkonseptualisererviviktigeaspekterav cyberloafing-aktivitet. Essensielle drivere av cyberloafing er faktorer som: arbeidsoppgaver, arbeidsmiljø og overvåkning & begrensninger. Psykologiske årsaker og umiddelbar tilfredsstillelse, blir identifisert som sentrale interne impulser. I tillegg, vil oppgaven foreslå personlige og profesjonelle utfall av cyberloafing som vil ha både negative og positive og konsekvenser for både arbeider og arbeidsgiver. Avslutningsvis, vil denne masteroppgaven diskutere potensielle teoretiske og praktiske konsekvenser av resultatene lagt frem i denne oppgaven for både arbeidere og arbeidsgivere. Oppgaven avsluttes ved å legge frem forslag for fremtidige forskningsretninger

Cyberloafing While Working From Home: Exploring the Conceptualisation, Drivers and Implications

Abstract The world has changed massively after the Covid-19 pandemic outbreaks. The situation has made a significant impact on how people work all over the world. Mandatory working from home is one kind of remote work that has become an everyday norm. In this paper, we provide an integrated cyberloafing conceptual framework based on qualitative research to identify the different aspects to better understand contemporary cyberloafing drivers and outcomes in the context of working from home. This master thesis describes cyberloafing in working from home as a multidimensional concept with external incentives and internal impulses as its drivers. We analysed 480 response statements derived from 48 participants in open-ended essays with employees from various sectors in the United Kingdom and the United States using the Gioia content analysis method. Based on our analyses, we conceptualise important aspects of cyberloafing behaviour in work from home settings. The essential element driving cyberloafing behaviour in working from home is the work tasks factors, followed by the working environment factors and monitoring and restriction factors. Psychological reasons and instant gratifications are identified as internal impulses in this study. In addition, the study proposes personal and professional implications that have both potentially negative and positive impacts. Finally, the master thesis discusses theoretical and practical implications and future research directions. Oppsummering Verden har endret seg kraftig etter utbruddet av Covid-19 pandemien. Spesielt gjelder dette hvordan mennesker over hele verden arbeider. Bruken av hjemmekontor er ikke lenger et fjernt begrep, men derimot normen for veldig mange arbeidstakere. I denne masteroppgaven, vil vi legge frem et integrert cyberloafing rammeverk basert på en kvalitativ undersøkelse. Dette for å bedre identifisere forskjellige aspekter ved cyberloafing, slik som pådrivere og utfall i konteksten av hjemmekontor. Denne oppgaven beskriver cyberloafing i konteksten av hjemmekontor som et multidimensjonelt konsept med eksterne insentiver og interne impulser som sentrale drivere for økt cyberloafing-aktivitet blant ansatte. Oppgaven analyserer 480 åpne svars-besvarelser fra 48 respondenter fra ansatte i et bredt spekter av sektorer i Storbrittania og USA. Gioa metoden blir brukt til å analysere besvarelsene. Basert på våre resultater konseptualiserer vi viktige aspekter av cyberloafing-aktivitet. Essensielle drivere av cyberloafing er faktorer som: arbeidsoppgaver, arbeidsmiljø og overvåkning & begrensninger. Psykologiske årsaker og umiddelbar tilfredsstillelse, blir identifisert som sentrale interne impulser. I tillegg, vil oppgaven foreslå personlige og profesjonelle utfall av cyberloafing som vil ha både negative og positive og konsekvenser for både arbeider og arbeidsgiver. Avslutningsvis, vil denne masteroppgaven diskutere potensielle teoretiske og praktiske konsekvenser av resultatene lagt frem i denne oppgaven for både arbeidere og arbeidsgivere. Oppgaven avsluttes ved å legge frem forslag for fremtidige forskningsretninger