Spelling suggestions: "subject:"2security countermeasures"" "subject:"bsecurity countermeasures""
1 |
The rise of crypto-ransomware in a changing cybercrime landscape: Taxonomising countermeasuresConnolly, Lena Y., Wall, D.S. 16 June 2020 (has links)
Yes / Year in and year out the increasing adaptivity of offenders has maintained ransomware's position as a major cybersecurity threat. The cybersecurity industry has responded with a similar degree of adaptiveness, but has focussed more upon technical (science) than ‘non-technical’ (social science) factors. This article explores empirically how organisations and investigators have reacted to the shift in the ransomware landscape from scareware and locker attacks to the almost exclusive use of crypto-ransomware. We outline how, for various reasons, victims and investigators struggle to respond effectively to this form of threat. By drawing upon in-depth interviews with victims and law enforcement officers involved in twenty-six crypto-ransomware attacks between 2014 and 2018 and using an inductive content analysis method, we develop a data-driven taxonomy of crypto-ransomware countermeasures. The findings of the research indicate that responses to crypto-ransomware are made more complex by the nuanced relationship between the technical (malware which encrypts) and the human (social engineering which still instigates most infections) aspects of an attack. As a consequence, there is no simple technological ‘silver bullet’ that will wipe out the crypto-ransomware threat. Rather, a multi-layered approach is needed which consists of socio-technical measures, zealous front-line managers and active support from senior management. / This work was supported by the Engineering and Physical Sciences Research Council and is part of the EMPHASIS (EconoMical, PsycHologicAl and Societal Impact of RanSomware) project [EP/P011721/1].
|
2 |
Internet of Things based Smart Homes : Security Risk Assessment and RecommendationsAli, Bako January 2016 (has links)
The Internet of Things (IoT) is an emerging paradigm focusing on the inter-connection of things or devices to each other and to the users. Over time, the most of connections in IoT are shifting from ‘Human to Thing’ to ‘Thing to Thing’. This technology is anticipated to become an essential milestone in the development of smart homes to bring convenience and efficiency into our lives and our homes. But, by bringing this IoT technology into our homes there will be important implications for security in these technologies. Connecting every smart objects inside the home to the internet and to each other results in new security and privacy problems, e.g., confidentiality, authenticity, and integrity of data sensed and exchanged by objects. These technologies are very much vulnerable to different security attacks that make an IoT-based smart home unsecure to live in and therefore it is necessary to evaluate the security risks to judge the situation of the smart homes. For any technology to be successful and achieve widespread use, it needs to gain the trust of users by providing sufficient security and privacy assurance. As in all sectors, maintaining security will be a critical challenge to overcome. As homes are increasingly computerized and filled with devices, potential computer security attacks and their impact on residents need to be investigated. This report uses OCTAVE Allegro Methodology which focuses mainly on information assets and considers containers (technical, physical and people) and conducts a security risk assessment with the goal of highlighting various security flaws in IoT-based smart home, impacts and proposing countermeasures to the identified issues satisfying most of security requirements. Finally, it comes up with some recommendations to the users. The research findings documented into a thesis paper for secure IoT-based smart home systems and the resulted list and recommendations will be some useful contribution which can be used as a foundation for the specification of security requirements. For future work, the assessment will be extended to include more types of smart home applications rather than just typical one. / <p>Validerat; 20160620 (global_studentproject_submitter)</p>
|
3 |
Assessing security measures at hotels : a case study from GautengCebekhulu, Nomsa Pride 09 1900 (has links)
This study is about assessing security measures in the hotel industry in Gauteng Province, South Africa. The researcher divided Gauteng into five regions (Mogale City; Tshwane; Central Johannesburg; Ekurhuleni; and Sedibeng). The researcher adopted the qualitative approach where one-on-one interviews were conducted with the participants. There were 20 hotels that were selected to participate in the study. From the 20 hotels, where only one participant from each was involved, the researcher conducted one-on-one interviews with twenty (20) Security Managers or anybody who was responsible for the security functions at senior level at the hotels. A semi-structured interview schedule with probing questions was used as a guide to obtain comprehensive information about security measures from the participants. Random sampling approach was used in the study. From the population of 70 hotels in Gauteng, where the sample of twenty (20) was derived, was the group within which the researcher was interested in for obtaining data. Since Gauteng Province is huge, the researcher only conducted research within the four metropolitan areas consisting of Johannesburg, Mogale City, Tshwane and Ekurhuleni.
The aims and objectives of the research study are as follows:
• Outline the nature of business that hotels are engaged in;
• Investigate if there are security policies and procedures as part of effective security component;
• Examine what important assets need to be protected at hotel facilities;
• Uncover the risks facing assets in the hotel facilities;
• Determine what incidents of loss took place in the hotel facilities;
• Examine what assets are mainly targeted by perpetrators at hotels;
• Uncover the profile and modus operandi of hotel perpetrators;
• Examine the effectiveness of security measures and systems that are put in place at hotels;
• Explore if security systems are integrated at hotels;
• Determine the frequency of conducting risk assessment at hotels;
• Check if pre and post-employment screening is conducted for security officers at hotels;
• Find out if the guests inquire about security measures when making reservations; and
• Find out how guests feel about security at the hotel facilities.
The study revealed the following:
• Hotels are business entities which attract different types of guests, nationally and internationally. Different services that are offered at the hotels which make hotels the main choice of destination to the guests are: accommodation for sleeping, leisure, and work commitments such as workshops or conferences. The study also revealed that most of the clientele comes from the corporate sector.
• There are basic security measures in place in the hotels. These range from security policies, security procedures, physical security (for example, technological security such as Close Circuit Television (CCTV) surveillance system, adequate security lighting, security personnel (contract or in-house), alarm systems, armed response, access control systems and security fence or walls). The security measures were also appeared to be put in place in accordance with the location of the hotel. If the hotel was surrounded by other business areas, the level of security was more focused in the inner security layer. If the hotel was standing alone, the different security layers (the inner security layer, the outer and the middle security layers) were adequately protected.
• Hotels are faced with different risks such as theft, prostitution, murder and assault, among others. Theft however was found to be across the board; for example, people were stealing the hoteliers’ property or the guests’ property.
• Prostitution was found to be prevalent at hotels. Prominent people from political arena, corporate environment and other guests were interested in the prostitutes. Prostitutes were said to have their own modus operandi of using drugs to their prospective clients and then rob them of their money and belongings thereafter.
• Most of the assets which are targeted by hotel perpetrators were found to be: guests/hotel money, hotel goods, guests’ cars, goods in guests’ cars, televisions, home music systems and mobile devices such as laptops and cell phones.
• The profile and modus operandi of hotel perpetrators.
• Security assessments are conducted at hotels so as to figure out what security risks are facing the hotels.
• Hotels need to be protected at all times against criminality as it tarnishes their image.
• Most of the guests do enquire about the safety of the hotel before making a booking. Some of the guests mainly from the corporate sector do send their security specialists to assess the level of security at the hotel prior to making a booking.
As the findings on this study were based on aims and objectives, recommendations for crime combating, proactive protection and future research were identified. The recommendations will, hopefully, also improve any inadequate security measures that may have been revealed by the study. / Criminology and Security Science / M.A. (Criminal Justice)
|
Page generated in 0.1032 seconds