ABSTRACT
Information Technology (IT) has become the integral part of majority of businesses. Healthcare sector is also one such sector where IT adoption is increased in recent times. This adoption of IT has increased the internet exposure and hence increased the attack surface of the organisations working in healthcare sector. During covid outbreak, we have observed various cyber-attack and threats on organisations operating in healthcare sector. This paper focuses on cyber threat pattern in healthcare sector during covid-19 outbreak and post-covid-19 period. This research paper also aims to generate basic cyber awareness through generic cyber sanity checks to secure healthcare sector from malicious threat actors. The adaptation of proactive measures required to enhance the cyber hygiene of organisations becomes very essential in this sector. © 2023 IEEE.
ABSTRACT
Cybersecurity is an increasingly important factor in consumer attitudes toward online shopping. Online shopping has become an essential part of our lives in this digital era. As the popularity of online and e-commerce shopping continues to grow, so does the potential for cyber threats and attacks. As more and more consumers turn to online shopping, cyber threats such as hacking, identity theft, and credit card fraud have become more frequent. Therefore, understanding the factors of cybersecurity that affect consumer attitude is essential to build trust and creating a safe and sound shopping environment. This research explores the factors of cybersecurity that affect consumers' attitudes to shopping online and uses a survey to test several hypotheses related to influential cyber factors. Bangladesh is a developing country in Southeast Asia, and like many other countries, has experienced an increase in cyber threats and attacks in recent years. Consumers in Bangladesh face many of the same cyber threats, such as phasing attacks, malware, data breach, and other types of cyber security threats over online shopping. As a result of these cyber threats, online consumers are increasingly concerned about online security risks which may impact their willingness to engage in online shopping. Therefore, it is essential to identify critical factors of cyber security that impact consumers's attitudes toward online shopping to mitigate cyber risk and improve consumer trust in online shopping. This paper provides the result of a research study that will provide a better understanding of factors that influence consumer's trust and engagement with online and E-commerce platforms in Bangladesh) . © 2023 IEEE.
ABSTRACT
Health care is always a top priority, and that has not changed no matter how far we have come in terms of technology. Since the coronavirus epidemic broke out, almost every country has made health care a top priority. Therefore, the best way to deal with the coronavirus pandemic and other urgent health problems is through the use of IoHT. The tremendous growth of IoT devices and networks especially in the healthcare domain generates massive amounts of data, necessitating careful authentication and security. Other domains include agriculture, smart homes, industry, etc. These massive data streams can be evaluated to determine undesirable patterns. It has the potential to reduce functional risks, avoid problems that are not visible, and eliminate system downtime. Past systematic and comprehensive reviews have significantly aided the field of cybersecurity. However, this research focuses on IoT issues relating to the medical or healthcare domain, using the systematic literature review method. The current literature in health care is not enough to analyze the anomaly of IoHT. This research has revealed that fact. In our subsequent work, we will discuss the architecture of IoHT and use AI techniques such as CNN and SVM to detect intrusions in IoHT. In the interest of advancing scientific knowledge, this study identifies and suggests potential new lines of inquiry that may be pursued in this area of study. © 2023, The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
ABSTRACT
As the COVID-19 pandemic resulted in school closures since early 2020, children have spent more time online through virtual classrooms using educational technology (EdTech) and videoconferencing applications. This increased presence of children online exposes them to more risk of cyber threats. Here, we present a review of the current research and policies to protect children while online. We seek to answer four key questions: what are the online threats against children when learning online, what is known about children's cybersecurity awareness, what government policies and recommendations are implemented and proposed to protect children online, and what are the proposed and existing efforts to teach cybersecurity to childrenƒ Our study emphasizes the online risks to children and the importance of protective government policies and educational initiatives that give kids the knowledge and empowerment to protect themselves online. © 2023 IEEE.
ABSTRACT
Since the first half of 2020, the COVID-19 epidemic has continued to spread across the country. Based on this background, with the continuous promotion of a new round of technological innovation and industrial transformation, and the combined impact of the epidemic factors, the digital economy has become a new pillar of the steady development of China's macro economy. Emerging industries have provided good opportunities for the digital economy. Cyber security has risen to the height of national sovereignty, which is the direct embodiment of national competitiveness and the foundation for the healthy development of the digital economy. However, with the concentration of massive data and the progress of information technology, the data is easily and conveniently used, personal privacy security, corporate business secrets and even national security suffered serious damage, and network security protection has also become the bottleneck of the digital economy to a new level. It is particularly important to strengthen the network security governance capacity, improve the network security laws and regulations, and implement the hierarchical protection system. © 2023 SPIE.
ABSTRACT
The substantially revised third edition of The Handbook of Security provides the most comprehensive analysis of scholarly security debates and issues to date. It reflects the developments in security technology, the convergence of the cyber and security worlds, and the fact that security management has become even more business focused. It covers newer topics like terrorism, violence, and cybercrime through various offence types such as commercial robbery and bribery. This handbook comprises mostly brand new chapters and a few thoroughly revised chapters, with discussions of the impact of the pandemic. It includes contributions from some of the world's leading scholars from an even broader geographic scale to critique the way security is provided and managed. It speaks to professionals working in security and students studying security-related courses. Chapter 5 is available open access under a Creative Commons Attribution 4.0 International License via link.springer.com. © The Author(s), under exclusive license to Springer Nature Switzerland AG 2022. All rights reserved.
ABSTRACT
The COVID-19 pandemic caused a tectonic shift in the way that institutions, ranging from k-12 to higher education, approach their teaching and learning strategies. It is an understatement to say that teaching effective and gamified Cybersecurity courses amidst the COVID19 pandemic placed an extreme pressure on faculty. While Zoom, WebEx, and Google Classroom virtual meeting were sufficient for some, others were in pursuit of platforms which could address the hands-on interaction component that happens in a class setting while isolating and/or removing some of the distractive and engagement-adverse ingredients that occur in traditional remote meeting platforms. To this end we present some challenges and opportunities which exist in the intersection of Cybersecurity learning and teaching through the Metaverse. As an extension we plan to measure the effectiveness of Metaverse towards Cybersecurity gamified remote learning by providing future research directions towards the ultimate goal of metamorphosing traditional Cybersecurity classrooms. © 2023 IEEE.
ABSTRACT
During COVID-19 pandemic, there has been unprecedented increase in the number of employees working outside an organisations IT infrastructure due to the use of personal devices. The scale and sophistication of cyberattacks also continue to increase post-COVID-19 and it has become critical for SMEs (Small and Medium Sized Enterprises) to safeguard their information and IT assets. COVID19 proved to be a major catalyst for the adoption of digital approaches to remote working that many organisations did not previously believe to be feasible. The systems are becoming increasingly exposed to cyber-attacks as a result of remote access technology and cloud networks. The literature points to a gap in the existing knowledge to address the cybersecurity requirements for SMEs in India working in a virtual setup. The purpose of this paper is to develop a cybersecurity evaluation model (CSEM) that can be leveraged by SMEs which will eventually help them assess their cyber-risk portfolio. Based on the research project and the methodology used in the past for similar research, a quantitative approach will be chosen for this research. This research requires the researcher to roll out an online survey, which will enable the participants to evaluate cybersecurity risks by responding to the survey questionnaire. Analysing and implementing a CSEM will not only assist SMEs in identifying their strengths and weaknesses but will also include simple best practice guidelines for effectively plugging their cybersecurity flaws while working remotely. © 2022 IEEE.
ABSTRACT
Recently, with the normalization of non-face-to-face online environments in response to the COVID-19 pandemic, the possibility of cyberattacks through endpoints has increased. Numerous endpoint devices are managed meticulously to prevent cyberattacks and ensure timely responses to potential security threats. In particular, because telecommuting, telemedicine, and tele-education are implemented in uncontrolled environments, attackers typically target vulnerable endpoints to acquire administrator rights or steal authentication information, and reports of endpoint attacks have been increasing considerably. Advanced persistent threats (APTs) using various novel variant malicious codes are a form of a sophisticated attack. However, conventional commercial antivirus and anti-malware systems that use signature-based attack detection methods cannot satisfactorily respond to such attacks. In this paper, we propose a method that expands the detection coverage in APT attack environments. In this model, an open-source threat detector and log collector are used synergistically to improve threat detection performance. Extending the scope of attack log collection through interworking between highly accessible open-source tools can efficiently increase the detection coverage of tactics and techniques used to deal with APT attacks, as defined by MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK). We implemented an attack environment using an APT attack scenario emulator called Carbanak and analyzed the detection coverage of Google Rapid Response (GRR), an open-source threat detection tool, and Graylog, an open-source log collector. The proposed method expanded the detection coverage against MITRE ATT&CK by approximately 11% compared with that conventional methods. © 2023 Tech Science Press. All rights reserved.
ABSTRACT
The Fourth Industrial Revolution (4IR) stands poised to transform the geopolitics and geoeconomics of the Great Power Competition (GPC) as digital and cyber worlds permeate societies, governments, and nation-states. The United States must reconceptualize its public-private approach to cybersecurity, starting with the Defense Industrial Base (DIB). As policymakers continue to grapple with the COVID-19 pandemic, the World Economic Forum (WEF) warns that "we should prepare for a COVID-like global cyber pandemic that will spread faster and further than a biological virus, with an equal or greater economic impact" (Davis & Pipkaite in What the COVID-19 pandemic teaches us about cybersecurity-And how to prepare for the inevitable global cyberattack. World Economic Forum, 2020, [3]). Despite this warning, the new cybersecurity regulations being rolled out under what is commonly known as Cybersecurity Maturity Model Certification (CMMC) are inadequate to protect the DIB from future cyber threats. Underpinned by the conceptual framework of stakeholder capitalism, this chapter posits that cybersecurity regulations must be reimagined to foster greater process and systems agility, transparency, and trust between the government and the private sector. © The Author(s), 2022. All rights reserved.
ABSTRACT
Internet usage has grown exponentially, with individuals and companies performing multiple daily transactions in cyberspace rather than in the real world. The coronavirus (COVID-19) pandemic has accelerated this process. As a result of the widespread usage of the digital environment, traditional crimes have also shifted to the digital space. Emerging technologies such as cloud computing, the Internet of Things (IoT), social media, wireless communication, and cryptocurrencies are raising security concerns in cyberspace. Recently, cyber criminals have started to use cyber attacks as a service to automate attacks and leverage their impact. Attackers exploit vulnerabilities that exist in hardware, software, and communication layers. Various types of cyber attacks include distributed denial of service (DDoS), phishing, man-in-the-middle, password, remote, privilege escalation, and malware. Due to new-generation attacks and evasion techniques, traditional protection systems such as firewalls, intrusion detection systems, antivirus software, access control lists, etc., are no longer effective in detecting these sophisticated attacks. Therefore, there is an urgent need to find innovative and more feasible solutions to prevent cyber attacks. The paper first extensively explains the main reasons for cyber attacks. Then, it reviews the most recent attacks, attack patterns, and detection techniques. Thirdly, the article discusses contemporary technical and nontechnical solutions for recognizing attacks in advance. Using trending technologies such as machine learning, deep learning, cloud platforms, big data, and blockchain can be a promising solution for current and future cyber attacks. These technological solutions may assist in detecting malware, intrusion detection, spam identification, DNS attack classification, fraud detection, recognizing hidden channels, and distinguishing advanced persistent threats. However, some promising solutions, especially machine learning and deep learning, are not resistant to evasion techniques, which must be considered when proposing solutions against intelligent cyber attacks. © 2023 by the authors.
ABSTRACT
Social media, such as Twitter, allow people to interact with ongoing events and share their sentiments. Therefore, people use social media to report and express their emotions about events they are experiencing. Furthermore, some officials take advantage of the popularity of social media to keep the public informed, especially during emergent events. Researchers have covered sentiment analysis on Twitter in many fields, such as movie reviews, stocks, politics, health, and sports. However, there is a research gap in studying the public's concerns on social media when a cybersecurity breach occurs and how people's sentiment changes over time. To fill the gap, The researchers selected the cyberattacks against Universal Health Services (UHS) during the late days of September 2020 and collected a large dataset of related tweets over five weeks. Live-streaming tweets and historical ones both were compiled. The focus while gathering tweets was in the context of cyberattacks on UHS using keywords and hashtags such as Universal Health System, UHS cyberattack, UHS Ransome, UHS security breach, and UHS locked. Then, the researchers determined tweets' sentiment classification on this developing event using deep learning of Long Short-Term Memory (LSTM) and Artificial Neural Networks (ANN) and their accuracies. Furthermore, the researchers performed exploratory data analysis for the dataset supplying information about how sentiment has changed over time to compare the sentiment per week since the start of these cyberattacks on UHS. This study is the first to provide an analysis of the public's sentiment toward a significant cybersecurity breach on a healthcare provider dealing with COVID-19 based on a large-scale dataset extracted from social media feeds. © 2023 IEEE.
ABSTRACT
Because of the increase in cyberattacks in the Internet era, cybersecurity is a crucial area that still requires many more human resources. Security handson training plays an important role in educating a skilled workforce. However, delivering hands-on training with a large number of participants during the COVID-19 pandemic was a big challenge. In this paper, we discuss differences between onsite and online penetration testing hands-on training, during the COVID-19 pandemic in 2020 and 2021. We share our teaching experiences and lessons learned and provide recommendations for preparing and delivering online hands-on training efficiently. © 2022 IEEE.
ABSTRACT
The coronavirus outbreak has far-reaching ramifications for civilizations all around the world. People are worried and have a lot of requests. A research department from Covid19 Awareness was our recommendation. We supplemented it with AI-based chatbot models to aid hospitals, patients, medical facilities, and congested areas such as airports. We propose to develop this chatbot to support current scenarios and enable hospitals or governments to achieve more to solve the objective, given the two primary factors that inexpensive and fast production is now necessary. It is an immediate necessity in this epidemic circumstance. We built this bot from the ground up to be open source, so that anybody or any institution can use it to fight Corona, and commercialization is strictly prohibited. This bot isn't for sale;instead, we'd like to devote it to the country to help with current pandemic situations. The design of advanced artificial intelligence is presented in this paper (AI). If patients are exposed to COVID-19, the chatbot assesses the severity of the illness and consults with registered clinicians if the symptoms are severe, evaluating the diagnosis and recommending prompt action. © 2023, The Author(s), under exclusive license to Springer Nature Switzerland AG.
ABSTRACT
This is an overview of the IQSI Mini-track within the special track on Software Engineering Education and Training. The IQSI mini-track includes 7 accepted papers on a diverse set of topics, including industry studies, cybersecurity, social issues including remote teaching during Covid and gender, and other topics related to quality. © 2022 IEEE Computer Society. All rights reserved.
ABSTRACT
COVID-19 is one of the deadliest pandemics of this century's that affected the whole world. As the COVID-19 spread the government had to impose lockdown that pushed the people to follow some new lifestyle like social distancing, work from home, hand washing, and the country have to shut down industries, businesses and public transport. At the same time, doctors were occupied in saving life's and on other side cyber criminals were busy taking this situation as advantage, which creates an another silent pandemic i.e. cyber-security pandemic. During this pandemic with overloaded ICT infrastructure, cyber space was gaining attention of more cyber attacker and number of attacks/threats increased exponentially. This is one of the rapidly growing global challenges for industry as well as for human life. In this paper a systematic surveys and review is done on recent trends of cyber security attacks during and post COVID-19 pandemic and their countermeasures. The relevant information has been collected from different trusted sources and impact landscape discussed with importance of cyber security education and future research challenges highlights. © 2023 IEEE.
ABSTRACT
The increasingly remote workforce resulting from the global coronavirus pandemic has caused unprecedented cybersecurity concerns to organizations. Considerable evidence has shown that one-pass authentication fails to meet security needs when the workforce work from home. The recent advent of continuous authentication (CA) has shown the potential to solve this predicament. In this paper, we propose NF-Heart, a physiological-based CA system utilizing a ballistocardiogram (BCG). The key insight is that the BCG measures the body's micro-movements produced by the recoil force of the body in reaction to the cardiac ejection of blood, and we can infer cardiac biometrics from BCG signals. To measure BCG, we deploy a lightweight accelerometer on an office chair, turning the common chair into a smart continuous identity "scanner". We design multiple stages of signal processing to decompose and transform the distorted BCG signals so that the effects of motion artifacts and dynamic variations are eliminated. User-specific fiducial features are then extracted from the processed BCG signals for authentication. We conduct comprehensive experiments on 105 subjects in terms of verification accuracy, security, robustness, and long-term availability. The results demonstrate that NF-Heart achieves a mean balanced accuracy of 96.45% and a median equal error rate of 3.83% for CA. The proposed signal processing pipeline is effective in addressing various practical disturbances. © 2023 ACM.
ABSTRACT
The purpose of the article is to reflect on cyber threats among children and adolescents, the main cause of which is usually behavior, based on the emotions and needs of young people. Another purpose of the paper is to try to identify and describe mainly the phenomenon of exhibitionism occurring in cyberspace. The problem raised in the article also indicates the need for cooperation of institutions responsible for the safety of young people in cyberspace. An important point of reference, is the experience of the COVID-19 pandemic, which forced people to intensify their interaction with each other in the virtual world. Using a comparative perspective, based on data from before the lock down as well as after it was lifted, a characterization will be made of the scale of digital threats occurring among young people. This, in turn, will make it possible to answer the question: whether a real threat such as a pandemic can have an impact on the growth of digital threats. © The Author(s), under exclusive license to Springer Nature Switzerland AG 2023.
ABSTRACT
The energy sector is highly vulnerable to cyber-attacks due to its inherently complex ecosystem of both physical and cyber infrastructure spreading across the globe. Cyber-security breaches in this domain could have a significant impact not only on the global economy but also on citizens' lives. This paper aims at evaluating the security awareness and competency of European Electrical Power and Energy Systems (EPES) organisations' workforce during the COVID-19 pandemic and the Ukrainian war. A targeted assessment campaign has been designed and conducted from 11th February 2022 until 18th March 2022. During that period, 132 participants, out of the 266 invited employees, participated in the campaign. The collected results were analysed from different perspectives unveiling significant findings regarding information security readiness and resilience of individuals and, consequently, organisations in the European energy sector. Key findings are discussed in detail concluding with various cyber-security recommendations addressing both the emerged vulnerabilities and the need for security culture evolution. © 2023 Elsevier Ltd
ABSTRACT
Teaching cybersecurity to children is not a trivial task due to the complexity of explaining online-threat-related topics such as sexting or cyberbullying. Moreover, most of the courses designed to raise awareness in these controversial subjects has been mainly produced in English. However, during the Covid-19 pandemic, getting access to Spanish-based training for protecting children online became a priority for parents in countries such as Ecuador, which was not prepared to have children studying at home whilst being exposed to such threats. In this paper, we show that it is feasible to design a virtual course (MOOC) to teach cybersecurity to Spanish-speaking children with acceptable usability levels and minor usability issues. Our proposed methodology combines ADDIE, DPIPE and UDL for developing the course, and uses both SUS and Nielsen as methods to assess the MOOC from an usability point of view. For enhancing user engagement, our course uses novel 3D anthropomorphic characters and storyboards to aid the learning process. Regarding usability results, our proposed MOOC has very high and acceptable scores, with around 86/100 using the SUS scale, and less than 3 in the Nielsen score. © 2022 IEEE.