Towards an aligned South African National Cybersecurity Policy Framework

Chigada, Joel

22 August 2023

This thesis measured and aligned factors that contribute to the misalignment of the South African National Cybersecurity Policy Framework (SA-NCPF). The exponential growth rate of cyber-attacks and threats has caused more headaches for cybersecurity experts, law enforcement agents, organisations and the global business economy. The emergence of the global Corona Virus Disease-2019 has also contributed to the growth of cyber-attacks and threats thus, requiring concerted efforts from everyone in society to devise appropriate interventions that mitigate unacceptable user behaviour in the reality of cyberspace. In this study, various theories were identified and pooled together into an integrative theoretical framework to provide a better understanding of various aspects of the law-making process more comprehensively. The study identified nine influencing factors that contributed to misalignment of the South African National Cybersecurity Policy Framework. These influencing factors interact with each other continuously producing complex relationships, therefore, it is difficult to measure the degree of influence of each factor, hence the need to look at and measure the relationships as Gestalts. Gestalts view individual interactions between pairs of constructs only as a part of the overall pattern. Therefore, the integrative theoretical framework and Gestalts approach were used to develop a conceptual framework to measure the degree of alignment of influencing factors. This study proposed that the stronger the coherence among the influencing factors, the more aligned the South African National Security Policy Framework. The more coherent the SA-NCPF is perceived, the greater would be the degree of alignment of the country's cybersecurity framework to national, regional and global cyberlaws. Respondents that perceived a strong coherence among the elements also perceived an effective SA-NCPF. Empirically, this proposition was tested using nine constructs. Quantitative data was gathered from respondents using a survey. A major contribution of this study was that it was the first attempt in South Africa to measure the alignment of the SA-NCPF using the Gestalts approach as an effective approach for measuring complex relationships. The study developed the integrative theoretical framework which integrates various theories that helped to understand and explain the South African law making process. The study also made a significant methodological contribution by adopting the Cluster-based perspective to distinguish, describe and predict the degree of alignment of the SA-NCPF. There is a dearth of information that suggests that past studies have adopted or attempted to address the challenge of alignment of the SA-NCPF using the cluster-based and Gestalts perspectives. Practical implications from the study include a review of the law-making process, skills development strategy, a paradigm shift to address the global Covid-19 pandemic and sophisticated cybercrimes simultaneously. The study asserted the importance of establishing an independent cybersecurity board comprising courts, legal, cybersecurity experts, academics and law-makers to provide cybersecurity expertise and advice. From the research findings, government and practitioners can draw lessons to review the NCPF to ensure the country develops an effective national cybersecurity strategy. Limitations and recommendations for future research conclude the discussions of this study.

Alignment

Cybercrime

Cyberlaws

Cybersecurity

Information Systems Security

National Cybersecurity Policy Framework

A Systematic Review of Cryptocurrencies Use in Cybercrimes

Human, Kieran B D

01 January 2023

Cryptocurrencies are one of the most prominent applications of blockchain systems. While cryptocurrencies promise many features and advantages, such as decentralization, anonymity, and ease of access, those very features can be abused. For instance, as documented in various recent works, cryptocurrencies have been frequently abused in many different forms of cybercrime. Despite the plethora of works on measuring and understanding the abuse of cryptocurrencies in the digital space, there has been no work on systemizing this knowledge by comprehensively understanding those contributions, contrasting them based on their merit, and understanding the gap in this research space. This thesis initiates the systematic review and understanding of the literature on cryptocurrencies and their utilization in cybercrime. Starting with a rich set of research efforts published exclusively at some of the most highly selective avenues in the cyber security research community, we built a taxonomy of cryptocurrencies, enumerating the most prominent ones based on their use. We then categorize the literature in this space based on the objectives of the tools built and the blockchain systems they target. We then extend our effort by categorizing the reviewed work on cybercrime based on the type of attacks (coordinated vs. individual fraud) and targeted entity (marketplace vs. exchange). Each of those elements in our taxonomy enumerates various aspects of abuse, including their use in underground forums, the trade of drugs, weapons, and stolen credentials, money laundering, malware distribution, ransomware, etc. Accompanying our review, we discuss the gaps in research that call for further investigation.

Cryptocurrency

Blockchain

Cybercrime

Bitcoin

Ethereum

Cyber Security

Computer Sciences

Information Security

The rise of crypto-ransomware in a changing cybercrime landscape: Taxonomising countermeasures

Connolly, Lena Y., Wall, D.S.

16 June 2020

Yes / Year in and year out the increasing adaptivity of offenders has maintained ransomware's position as a major cybersecurity threat. The cybersecurity industry has responded with a similar degree of adaptiveness, but has focussed more upon technical (science) than ‘non-technical’ (social science) factors. This article explores empirically how organisations and investigators have reacted to the shift in the ransomware landscape from scareware and locker attacks to the almost exclusive use of crypto-ransomware. We outline how, for various reasons, victims and investigators struggle to respond effectively to this form of threat. By drawing upon in-depth interviews with victims and law enforcement officers involved in twenty-six crypto-ransomware attacks between 2014 and 2018 and using an inductive content analysis method, we develop a data-driven taxonomy of crypto-ransomware countermeasures. The findings of the research indicate that responses to crypto-ransomware are made more complex by the nuanced relationship between the technical (malware which encrypts) and the human (social engineering which still instigates most infections) aspects of an attack. As a consequence, there is no simple technological ‘silver bullet’ that will wipe out the crypto-ransomware threat. Rather, a multi-layered approach is needed which consists of socio-technical measures, zealous front-line managers and active support from senior management. / This work was supported by the Engineering and Physical Sciences Research Council and is part of the EMPHASIS (EconoMical, PsycHologicAl and Societal Impact of RanSomware) project [EP/P011721/1].

Crypto-ransomware

Malware

Social engineering

Security countermeasures

Management support

Organisational settings

Cybercrime

Evropská právní úprava kyberzločinů s porovnáním právní úpravy kyberzločinů ve Spojených státech amerických / European legal regulation of cybercrimes in a comparison with the legal regulation of cybercrimes in the USA

Nováčková, Eliška

January 2015

6 Abstract Thesis title: European legal regulation of cybercrimes in a comparison with the legal regulation of cybercrimes in the USA The diploma thesis deals with the legislation of cybercrime and cyber security of the United States of America and the European Union. The introduction defines the basic concepts and important moments of history of related legislation and discusses key policy documents adopted in the transatlantic area. It also presents the politics of these two units and their key legislation and describes the international Convention on Cybercrime. Selected documents are subsequently compared and evaluated in the context of legal terminology, technological development and application of regulations in practice. The thesis is concluded by the basic steps of transatlantic cooperation on issues of cyber security. The conclusion summarizes the lessons learned by comparing documents, particularly international emphasis on ratification of the Convention on Cybercrime and adequate levels of awareness of cyber space, and highlights some terminological inaccuracies. Keywords Cyber threats * cyber security * cybercrime * international cooperation * strategic documents

Une lecture de la cyberviolence : la rencontre du sujet et du cyberespace dans les infractions à caractère sexuel envers mineurs réalisées sur Internet / A take on cyberviolence : the encounter of the subject and cyberspace in online sex offences against minors

Ventéjoux, Aude

30 January 2019

Le développement des technologies de l’information et de la communication s’est accompagné de l’apparition de phénomènes violents et/ou infractionnels, qui se tiennent sur, ou grâce à, Internet. Existe-t-il une spécificité de ces conduites de cyberviolence, qui s’inscrivent dans ce que l’on nomme cyberespace ? La psycho-criminologie et la cyberpsychologie seront convoquées afin de proposer une réponse à cette question. Le présent travail étudiera, dans une approche clinique et qualitative, des situations d’infractions à caractère sexuel envers mineurs réalisées sur Internet. Ce travail proposera, à partir des données recueillies, une grille de lecture de la cyberviolence, qui s’intéressera au rapport du sujet auteur d’infractions avec la conduite infractionnelle, la victime, et le cyberespace. La cyberviolence naît d’une rencontre, celle d’un sujet vulnérable avec un cyberespace porteur d’opportunités. Il s’agira alors d’interroger cette rencontre, afin de saisir les processus et les dynamiques qui l’animent. / The development of information and communication technologies was followed by the emergence of violent and/or offensive phenomena that exist on or thanks to the Internet. Is there a specificity to these behaviors of cyberviolence, which are rooted in what one calls cyberspace? This question will be answered partly thanks to psycho-criminological and cyberpsychological theories. This work takes a close look at sex offences against minors on the Internet. Thanks to the collected data, this work will offer a perspective on cyberviolence, with an interest in the relationship between the offender and the offence, the victim, and cyberspace. Cyberviolence arises from an encounter between a vulnerable subject and a cyberspace bearing opportunities. This encounter will thus be questioned, in order to understand the process and dynamics it stems from.

Cyberviolence

Cybercriminalité

Pédopornographie

Grooming

Cyberpsychologie

Cyberviolence

Cybercrime

Child pornography

Grooming

Online sex offenses

Cyberpsychology

150

La sécurisation du commerce électronique dans l'espace OHADA / Securing electronic commerce in OHADA space

Billong Billong, Abel Henri

09 February 2017

La thèse a pour ambition de faire un état des lieux de la sécurisation du commerce électronique dans l'espace OHADA. Compte tenu de l'inexistence d'un Acte uniforme dédié à la matière et que les Actes uniformes consacrés par le législateur OHADA concerne surtout les aspects traditionnels de du commerce, il sera également question d'accroître la sécurité en améliorant le processus qui y conduit. L’intérêt du sujet tient notamment au fait que le commerce électronique n’a pas encore fait l’objet d’une réglementation en droit OHADA. Il s’agit d’une réflexion prospective visant à dégager des propositions pour une évolution de la matière. De notre point de vue, la réglementation OHADA actuelle, est illisible et source de difficultés par rapport aux objectifs de sécurisation poursuivis en Afrique. Il est donc intéressant de proposer un modèle de sécurisation à partir des initiatives existantes dans l’espace OHADA et dans le droit français et européen très en avance en la matière. / Besides the opportunity of a regulation on electronic commerce and its actors, the rules governing the construction process particularly interested observer. Regarding supervision of business law, the position of the common legislator OHADA is not indisputable. New methods to achieve commercial transactions in Africa have indeed revealed the fragility of its foundations. Thus, the balance inherent in the establishment of OHADA is increasingly threatened .The intervention of the common organization was actively expected in order to legally manage the consequences of using the Internet. Those expectations have not been actually entirely satisfied. Indeed, OHADA has not yet released any uniform act dedicated to e-commerce. This leads to the usage of the existing rules, still embryonic. This is the state initiatives whose legitimacy and effectiveness depend on the principles of OHADA. Although likely to fill gaps of the latter, they are nevertheless clearly insufficient. They do not make it possible to grasp all the changes and developments of practices inherent in dematerialization and ubiquity.Yet, as far as their vehicles namely the Internet, the emergence of online economic activity generates important security needs. The control of multiple security risks depends on the emergence of other standard-setting initiatives. The model building should reinforce the coherence of the process as well as the modernization of the rules concerned. In addition to French and community laws, despite the observed imperfections, processes and resulting rules represent a nourishing source of secure e-commerce model in OHADA.

Commerce électronique

Cybercriminalité

Sécurisation

Espace OHADA

Harmonisation

Internet

Cybersécurité

Securisation

E-Commerce

Cybercrime

Cybersecurity

Security

Safety

Harmonization

Internet

Ohada

340

Approche comportementale pour la sécurisation des utilisateurs de réseaux sociaux numériques mobiles / A behaviour-based approach to protecting mobile social network users

Perez, Charles

21 May 2014

Notre société doit faire face à de nombreux changements dans les modes de communication.L’émergence simultanée des terminaux nomades et des réseaux sociaux numériques permet désormais de partager des informations depuis presque n’importe quel lieu et potentiellement avec toutes les entités connectées.Le développement de l’usage des smartphones dans un cadre professionnel ainsi que celui des réseaux sociaux numériques constitue une opportunité, mais également une source d’exposition à de nombreuses menaces telles que la fuites d’information sensible, le hameçonnage, l’accès non légitime à des données personnelles, etc.Alors que nous observons une augmentation significative de la malveillance sur les plateformes sociales, aucune solution ne permet d’assurer un usage totalement maîtrisé des réseaux sociaux numériques. L’apport principal de ce travail est la mise en place de la méthodologie (SPOTLIGHT) qui décrit un outil d’analyse comportementale d’un utilisateur de smartphone et de ses contacts sur les différents médias sociaux. La principale hypothèse est que les smartphones, qui sont étroitement liés à leurs propriétaires, mémorisent les activités de l’utilisateur (interactions) et peuvent être utiles pour mieux le protéger sur le numérique.Cette approche est implémentée dans un prototype d’application mobile appelé SPOTLIGHT 1.0 qui permet d’analyser les traces mémorisées dans le smartphone d’un utilisateur afin de l’aider à prendre les décisions adéquates dans le but de protéger ses données / Our society is facing many changes in the way it communicates. The emergence of mobile terminals alongside digital social networks allows information to be shared from almost anywhere with the option of all parties being connected simultaneously. The growing use of smartphones and digital social networks in a professional context presents an opportunity, but it also exposes businesses and users to many threats, such as leakage of sensitive information, spamming, illegal access to personal data, etc.Although a significant increase in malicious activities on social platforms can be observed, currently there is no solution that ensures a completely controlled usage of digital social networks. This work aims to make a major contribution in this area through the implementation of a methodology (SPOTLIGHT) that not only uses the behaviour of profiles for evaluation purposes, but also to protect the user. This methodology relies on the assumption that smartphones, which are closely related to their owners, store and memorise traces of activity (interactions) that can be used to better protect the user online.This approach is implemented in a mobile prototype called SPOTLIGHT 1.0, which analyses traces stored in users’ smartphone to help them make the right decisions to protect their data

Criminalité informatique

Analyse de données

Réseaux sociaux (internet)

Smartphones

Identité numérique

Cybercrime

Data analysis

Online social networks

Smartphones

Online identities

005

An Exploratory Study of Macro-Social Correlates of Online Property Crime

Song, Hyojong

05 July 2017

Despite the recent decreasing trend of most traditional types of crime, online property crime (OPC), referring to crime committed online with a financial orientation such as online frauds, scams, and phishing, continues to increase. According to the Internet Crime Complaint Center, the number of reported complaints about OPC have increased by approximately sixteen fold from 16,838 cases in 2000 to 288,012 cases in 2015, and referred financial losses have also increased about sixty times from $17.8 million in 2001 to $1 billion in 2015. The increase in OPC might be directly related to advanced online accessibility due to the accelerated progress of information and communication technology (ICT). Since the progress of ICT continues forward and the advanced ICT infrastructure can affect our routine activities more significantly, issues regarding OPC may become more various and prevalent. The present study aims to explore a macro-social criminogenic structure of OPC perpetration. Specifically, this study focused on exploring probable macro-social predictors of OPC rates and examining how effectively these possible macro-social predictors account for variance in OPC perpetration rates. In addition, this study explored possible predictors of macro-level online opportunity structure, which is expected to have a direct relationship with OPC rates. It also examined how much variance in online opportunity structure was explained by the included possible predictors. With these research purposes, the current study analyzed state-level data of the fifty states in the U.S. by applying a partial least square regression (PLSR) approach. The results indicated that predictors related to macro-social economic conditions such as economic inequality, poverty, economic social support, and unemployment had a significant association with OPC. As expected, indicators in the domain of economic inequality predicted greater OPC rates and those in the domain of economic social support were related to lower OPC rates. However, poverty and unemployment predictors were negatively associated with OPC, which is the opposite direction of the relationships between these predictors and traditional street crime. In addition, indicators of online opportunity structure were found to have a significantly positive relationship to OPC as expected. The PLSR model for predicting OPC applied in the current study accounted for approximately 50% of variance in OPC rates across states. For predictors of online opportunity structure, the results indicated that online opportunity was associated with state-level economic and socio-demographic characteristics. States with less poverty, more urban population, and more working age adults were more likely to report more online opportunities. The PLSR model for predicting online opportunity structure explained about 80% of variance in measured online opportunity. These results may imply that some types of macro-social conditions may have an indirect effect on OPC through online opportunity structure as well as their direct effects on OPC. Future study should pay more attention to examining structural relationships of macro-social contexts, online opportunity structure, and OPC to understand macro-level criminogenic mechanism of OPC.

online property crime

cybercrime

macro-social correlates

state-level analysis

partial least square

Criminology and Criminal Justice

Other Sociology

Sociology

Právní rámec vyšetřování počítačové kriminality / Legal framework of computer crime investigation

Rademacherová, Kristina

January 2016

Master's thesis is focused on computer crime, with an emphasis on the process of investigation. New systematics in Czech computer crime terminology is offered. Within the thesis, cybercrime is perceived as a part of computer crime. Special attention is put on various aspects of criminalistics, as the topic of investigation itself is understood from the point of view of such science. Nevertheless, criminological findings are discussed likewise. Particular emphasis is put on a link between Czech legal regulation and expert literature from the fields of law, criminalistics, criminology and technology. Master's thesis is based on Czech literature, as well as English and French writings, in addition to national and international case law. The text itself is divided into three chapters. First chapter is introducing the issue of computer and cybercrime with selected criminological characteristics, including specifics of offending within the Internet. Second chapter discusses evidence of computer crime, the electronic or digital evidence, from the point of view of criminalistics. Particular problems of digital evidence usage within Czech criminal procedure are revealed. The core of master's thesis is the third chapter. Methodology of computer crime investigation is discussed, as well as selected individual...

Analýza trhu bezpečnostního softwaru / Market analysis of security software

Doležal, Ladislav

January 2013

In this thesis, I analyze the global supply of security software (for operating system Win-dows) with a focus on anti-virus programs, which currently mostly implicitly include vari-ous modules of security software. In the first part of my thesis, I will focus on the clarification of issues related to IS / IT se-curity and cybercrime. I describe here the security IS / IT in general, describes the basic concepts and information safety, so that readers gain a basic understanding of this issue. I explain the concept of cybercrime and characterize its main crime. The second part will focus on the clarification of issues relating to security and safety not only domestic, but also corporate computers. I further characterize the greatest threats of our time for PC users and the possibility of prevention. In the third part, I will analyze the security software market analysis due to their market shares and qualifying tests conducted by recognized independent organizations, so to currently provide their full offer. Using the survey I will find out what is the awareness on the selection and use of antivirus software, and on this basis determine what antivirus software are most popular by users.