ABSTRACT
Information Technology (IT) has become the integral part of majority of businesses. Healthcare sector is also one such sector where IT adoption is increased in recent times. This adoption of IT has increased the internet exposure and hence increased the attack surface of the organisations working in healthcare sector. During covid outbreak, we have observed various cyber-attack and threats on organisations operating in healthcare sector. This paper focuses on cyber threat pattern in healthcare sector during covid-19 outbreak and post-covid-19 period. This research paper also aims to generate basic cyber awareness through generic cyber sanity checks to secure healthcare sector from malicious threat actors. The adaptation of proactive measures required to enhance the cyber hygiene of organisations becomes very essential in this sector. © 2023 IEEE.
ABSTRACT
Cybersecurity is an increasingly important factor in consumer attitudes toward online shopping. Online shopping has become an essential part of our lives in this digital era. As the popularity of online and e-commerce shopping continues to grow, so does the potential for cyber threats and attacks. As more and more consumers turn to online shopping, cyber threats such as hacking, identity theft, and credit card fraud have become more frequent. Therefore, understanding the factors of cybersecurity that affect consumer attitude is essential to build trust and creating a safe and sound shopping environment. This research explores the factors of cybersecurity that affect consumers' attitudes to shopping online and uses a survey to test several hypotheses related to influential cyber factors. Bangladesh is a developing country in Southeast Asia, and like many other countries, has experienced an increase in cyber threats and attacks in recent years. Consumers in Bangladesh face many of the same cyber threats, such as phasing attacks, malware, data breach, and other types of cyber security threats over online shopping. As a result of these cyber threats, online consumers are increasingly concerned about online security risks which may impact their willingness to engage in online shopping. Therefore, it is essential to identify critical factors of cyber security that impact consumers's attitudes toward online shopping to mitigate cyber risk and improve consumer trust in online shopping. This paper provides the result of a research study that will provide a better understanding of factors that influence consumer's trust and engagement with online and E-commerce platforms in Bangladesh) . © 2023 IEEE.
ABSTRACT
E-commerce sites are flourishing nowadays in lockdown. A lot of entrepreneurs are making their own sites and selling them online. In 2020, one of INTERPOL's private sector partners detected 907,000 spam messages, 737 malware incidents, and 48,000 malware URLs connected to COVID-19 during the period from January to April. 'Cybercriminals are developing and boosting their attacks at an alarming pace, exploiting the fear and uncertainty caused by the unstable social and economic situation created by COVID-19.' states Jürgen Stock, INTERPOL Secretary General. The main threats during this pandemic are Malware/Ransomware(36%), Phishing/Scam(59%), Fake News(14%) and Malicious Domains(22%). Cybercriminals are active in these pandemic times and the developers designing stunning user interfaces without basic cybersecurity knowledge is a great attraction for these criminals. Our goal is to explain how easily hackers gain access by selecting 10 top vulnerabilities from OWASP and exploiting them. © 2023 IEEE.
ABSTRACT
In 2020, while the USA was experiencing suc-cessive waves of COVID-19, Universal Health Services experienced a major cyber attack that crippled electronic systems in over 200 hospitals, including a major academic medical centre that was playing a key regional role in COVID-19 care and clinical trials. This paper discusses the impact of the attack on clinical operations, infor-matics, research and teaching, contextualising the case study within more wide-scale trends driving the rise in cyber attacks on health-care systems. The compounding relationships between COVID-19, healthcare workforce depletion and cyber-security vulnerabilities form the framework of the discussion and action plan. Commitments to institutional best prac-tices, large-scale investments in infrastructure, and above all increasing support for the crit-ical human actors carrying out the work, are urgently needed to secure the healthcare system against these destabilising threats. Within this context, this paper argues that information security in the healthcare sector must be reimagined and integrated with greater support for the needs of frontline healthcare workers. © Henry Stewart Publications, 1749–9216.
ABSTRACT
During COVID-19 pandemic, there has been unprecedented increase in the number of employees working outside an organisations IT infrastructure due to the use of personal devices. The scale and sophistication of cyberattacks also continue to increase post-COVID-19 and it has become critical for SMEs (Small and Medium Sized Enterprises) to safeguard their information and IT assets. COVID19 proved to be a major catalyst for the adoption of digital approaches to remote working that many organisations did not previously believe to be feasible. The systems are becoming increasingly exposed to cyber-attacks as a result of remote access technology and cloud networks. The literature points to a gap in the existing knowledge to address the cybersecurity requirements for SMEs in India working in a virtual setup. The purpose of this paper is to develop a cybersecurity evaluation model (CSEM) that can be leveraged by SMEs which will eventually help them assess their cyber-risk portfolio. Based on the research project and the methodology used in the past for similar research, a quantitative approach will be chosen for this research. This research requires the researcher to roll out an online survey, which will enable the participants to evaluate cybersecurity risks by responding to the survey questionnaire. Analysing and implementing a CSEM will not only assist SMEs in identifying their strengths and weaknesses but will also include simple best practice guidelines for effectively plugging their cybersecurity flaws while working remotely. © 2022 IEEE.
ABSTRACT
Wireless sensor networks (WSN) playa significant role in the collection and transmission of data. The principal data collectors and broadcasters are small wireless sensor nodes. As a result of their disorganized layout, the nodes in this network are vulnerable to intrusion. Every aspect of human life includes some form of technological interaction. While the Covid-19 pandemic has been ongoing, the whole corporate and academic world has gone digital. As a direct result of digitization, there has been a rise in the frequency with which Internet-based systems are attacked and breached. The Distributed Denial of Service (DDoS) and Distributed Reflective Denial of Service (DRDoS) assaults are new and dangerous type of cyberattacks that can quickly bring down any service or application that relies on the Internet's infrastructure. Cybercriminals are always refining their methods of attack and evading detection by using techniques that are out of date. Traditional detection systems are not suited to identify novel DDoS attacks since the volume of data created and stored has expanded exponentially in recent years. This research provides a comprehensive overview of the relevant literature, focusing on deep learning for DDoS and DRDoS detection. Due to the expanding number of loT gadgets, distributed DDoS and DRDoS attacks are becoming more likely and more damaging. Due to their lack of generalizability, current attack detection methods cannot be used for early detection of DDoS and DRDoS, resulting in significant load or service degradation when implemented at the endpoint. In this research, a brief review is performed on the models that are used for identification of DDoS and DRDoS attacks. The working of the existing models and the limitations of the models are briefly analyzed in this research. © 2023 IEEE.
ABSTRACT
Internet usage has grown exponentially, with individuals and companies performing multiple daily transactions in cyberspace rather than in the real world. The coronavirus (COVID-19) pandemic has accelerated this process. As a result of the widespread usage of the digital environment, traditional crimes have also shifted to the digital space. Emerging technologies such as cloud computing, the Internet of Things (IoT), social media, wireless communication, and cryptocurrencies are raising security concerns in cyberspace. Recently, cyber criminals have started to use cyber attacks as a service to automate attacks and leverage their impact. Attackers exploit vulnerabilities that exist in hardware, software, and communication layers. Various types of cyber attacks include distributed denial of service (DDoS), phishing, man-in-the-middle, password, remote, privilege escalation, and malware. Due to new-generation attacks and evasion techniques, traditional protection systems such as firewalls, intrusion detection systems, antivirus software, access control lists, etc., are no longer effective in detecting these sophisticated attacks. Therefore, there is an urgent need to find innovative and more feasible solutions to prevent cyber attacks. The paper first extensively explains the main reasons for cyber attacks. Then, it reviews the most recent attacks, attack patterns, and detection techniques. Thirdly, the article discusses contemporary technical and nontechnical solutions for recognizing attacks in advance. Using trending technologies such as machine learning, deep learning, cloud platforms, big data, and blockchain can be a promising solution for current and future cyber attacks. These technological solutions may assist in detecting malware, intrusion detection, spam identification, DNS attack classification, fraud detection, recognizing hidden channels, and distinguishing advanced persistent threats. However, some promising solutions, especially machine learning and deep learning, are not resistant to evasion techniques, which must be considered when proposing solutions against intelligent cyber attacks. © 2023 by the authors.
ABSTRACT
The proliferation of the internet and computing devices has drawn much attention during the Covid-19 pandemic stay home and work, and this has led the organization to adapt to staying home. Also, to let the organization work due to the infrastructure for working on proxy during the pandemic. The alarming rate of cyber-attacks, which through this study infer that phishing is one of the most effective and efficient ways for cyber-attack success. In this light, this study aims to study phishing attacks and mitigation methods in play, notwithstanding analysing performance metrics of the current mitigation performance metrics. Results indicate that business enterprises and educational institutions are the most hit using email (social engineering) and web app phishing attacks. The most effective mitigation methods are training/awareness campaigns on social engineering and using artificial intelligence/machine learning (AI/ML). To gain zero or 100% phishing mitigation, AI/ML need to be applied in large scale to measure its efficiency in phishing mitigation. © 2023, The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
ABSTRACT
Social media, such as Twitter, allow people to interact with ongoing events and share their sentiments. Therefore, people use social media to report and express their emotions about events they are experiencing. Furthermore, some officials take advantage of the popularity of social media to keep the public informed, especially during emergent events. Researchers have covered sentiment analysis on Twitter in many fields, such as movie reviews, stocks, politics, health, and sports. However, there is a research gap in studying the public's concerns on social media when a cybersecurity breach occurs and how people's sentiment changes over time. To fill the gap, The researchers selected the cyberattacks against Universal Health Services (UHS) during the late days of September 2020 and collected a large dataset of related tweets over five weeks. Live-streaming tweets and historical ones both were compiled. The focus while gathering tweets was in the context of cyberattacks on UHS using keywords and hashtags such as Universal Health System, UHS cyberattack, UHS Ransome, UHS security breach, and UHS locked. Then, the researchers determined tweets' sentiment classification on this developing event using deep learning of Long Short-Term Memory (LSTM) and Artificial Neural Networks (ANN) and their accuracies. Furthermore, the researchers performed exploratory data analysis for the dataset supplying information about how sentiment has changed over time to compare the sentiment per week since the start of these cyberattacks on UHS. This study is the first to provide an analysis of the public's sentiment toward a significant cybersecurity breach on a healthcare provider dealing with COVID-19 based on a large-scale dataset extracted from social media feeds. © 2023 IEEE.
ABSTRACT
Because of the increase in cyberattacks in the Internet era, cybersecurity is a crucial area that still requires many more human resources. Security handson training plays an important role in educating a skilled workforce. However, delivering hands-on training with a large number of participants during the COVID-19 pandemic was a big challenge. In this paper, we discuss differences between onsite and online penetration testing hands-on training, during the COVID-19 pandemic in 2020 and 2021. We share our teaching experiences and lessons learned and provide recommendations for preparing and delivering online hands-on training efficiently. © 2022 IEEE.
ABSTRACT
Telemedicine and telehealth care system show the revolutionary and modern way to deal with the coronavirus 2019 pandemic. However, such systems are facing increased security risks. As a result, healthcare providers and academic institutions must be well-informed, safe, and prepared to respond to any cyber-attack. The aim of this paper is to conduct a review of healthcare information systems together with how security can be provided for such systems. The paper main focus is on the adoption of blockchain technology to support the security of the healthcare system. This adoption has been investigated and assessed to show its benefits compared with other conventional technologies. Finally, a recommendation was pointed out for the security of healthcare with the usage of blockchain technology. © 2022 IEEE.
ABSTRACT
COVID-19 is one of the deadliest pandemics of this century's that affected the whole world. As the COVID-19 spread the government had to impose lockdown that pushed the people to follow some new lifestyle like social distancing, work from home, hand washing, and the country have to shut down industries, businesses and public transport. At the same time, doctors were occupied in saving life's and on other side cyber criminals were busy taking this situation as advantage, which creates an another silent pandemic i.e. cyber-security pandemic. During this pandemic with overloaded ICT infrastructure, cyber space was gaining attention of more cyber attacker and number of attacks/threats increased exponentially. This is one of the rapidly growing global challenges for industry as well as for human life. In this paper a systematic surveys and review is done on recent trends of cyber security attacks during and post COVID-19 pandemic and their countermeasures. The relevant information has been collected from different trusted sources and impact landscape discussed with importance of cyber security education and future research challenges highlights. © 2023 IEEE.
ABSTRACT
COVID-19 pandemic has changed the lifestyle of all aspects of life. These circumstances have created new patterns in lifestyle that people had to deal with. As such, full and direct dependence on the use of the unsafe Internet network in running all aspects of life. As example, many organizations started officially working through the Internet, students moved to e-education, online shopping increased, and more. These conditions have created a fertile environment for cybercriminals to grow their activity and exploit the pressures that affected human psychology to increase their attack success. The purpose of this paper is to analyze the data collected from global online fraud and cybersecurity service companies to demonstrate on how cybercrimes increased during the COVID-19 epidemic. The significance and value of this research is to highlight by evident on how criminals exploit crisis, and for the need to develop strategies and to enhance user awareness for better detection and prevention of future cybercrimes.
ABSTRACT
The year 2020-21 has shown us that the likelihood of extreme events is greater than we would have expected. When organizational resources are stretched to their limits due to extreme events, they are also more vulnerable to cyber-attacks and knowledge risks. Based on the events that took place during the 2020-21 period, we identify five knowledge risks and categorize them as technical, behavioral, and legal risks. We identify possible controls to mitigate these knowledge risks: proper knowledge identification, guidelines for employee knowledge behavior, identification and evaluation of online communication channels, and risk re-assessment to knowledge. © 2022 IEEE Computer Society. All rights reserved.
ABSTRACT
The medical system has been targeted by the cyber attackers, who aim to bring down the health security critical infrastructure. This research is motivated by the recent cyber-attacks happened during COVID 19 pandemics which resulted in the compromise of the diagnosis results. This study was carried to demonstrate how the medical systems can be penetrated using AI-based Directory Discovery Attack and present security solutions to counteract such attacks. We then followed the NIST (National Institute of Standards and Technology) ethical hacking methodology to launch the AI-based Directory Discovery Attack. We were able to successfully penetrate the system and gain access to the core of the medical directories. We then proposed a series of security solutions to prevent such cyber-attacks. © 2022 Creative Commons.
ABSTRACT
The energy sector is highly vulnerable to cyber-attacks due to its inherently complex ecosystem of both physical and cyber infrastructure spreading across the globe. Cyber-security breaches in this domain could have a significant impact not only on the global economy but also on citizens' lives. This paper aims at evaluating the security awareness and competency of European Electrical Power and Energy Systems (EPES) organisations' workforce during the COVID-19 pandemic and the Ukrainian war. A targeted assessment campaign has been designed and conducted from 11th February 2022 until 18th March 2022. During that period, 132 participants, out of the 266 invited employees, participated in the campaign. The collected results were analysed from different perspectives unveiling significant findings regarding information security readiness and resilience of individuals and, consequently, organisations in the European energy sector. Key findings are discussed in detail concluding with various cyber-security recommendations addressing both the emerged vulnerabilities and the need for security culture evolution. © 2023 Elsevier Ltd
ABSTRACT
The world is recovering from Covid-19, and along with that it has brought the zeal to use the digital media, concepts like work from home, connecting the whole world using applications and social media. However, with good things follow bad and we observe a lot of people being affected by social engineering attack via multiple means be it as elementary as an unfamiliar person calling us to ask us about our day or complicated and puzzling as someone acting like the victim's senior. In some cases, people are aware of the process but are unaware of the terms they are victimized with others do not know many kinds of social engineering attacks. Therefore, it is imperative for an organization and an individual that they are aware of how Social Engineering is carried out. In this paper, we represent the survey filled by more than 100 people from diverse age groups and work profiles seeking their views on the attack and knowledge about social engineering. © 2022 IEEE.
ABSTRACT
Childcare, a critical infrastructure, played an important role to create community resiliency during the COVID-19 pandemic. By finding pathways to remain open, or rapidly return to operations, the adaptive capacity of childcare providers to offer care in the face of unprecedented challenges functioned to promote societal level mitigation of the COVID-19 pandemic impacts, to assist families in their personal financial recoveries, and to provide consistent, caring, and meaningful educational experiences for society's youngest members. This paper assesses the operational adaptations of childcare centers as a key resource and critical infrastructure during the COVID-19 pandemic in the Greater Rochester, NY metropolitan region. Our findings evaluate the policy, provider mitigation, and response actions documenting the challenges they faced and the solutions they innovated. Implications for this research extend to climate-induced disruptions, including fires, water shortages, electric grid cyberattacks, and other disruptions where extended stay-at-home orders or service critical interventions are implemented. © 2022 IEEE.
ABSTRACT
COVID-19 epidemic has changed many people's life. There has been an increase in cybercrime and cyber-attacks on infrastructure systems throughout the world. To reduce the impact of social alienation, a significant rise has been observed in the utilization and dependence on computers, handheld devices, and web to perform day-to-day activities like communication, work, online transactions for shopping, and medical diagnostics throughout the pandemic. Criminals were able to take advantage of new weaknesses generated because of movement of the work place to home for their own individual advantage. In a postpandemic world, ab roader and diverse cyber security approach is required to assure the well-being and continuation of crucial systems on which our mankind depends. This research work shows the preliminary design of the proposed solution, which is built based on the concept of Artificial Intelligence (AI) enabled self-replication system. © 2023 IEEE.
ABSTRACT
Events that attract worldwide attention, such as the Olympic and Paralympic Games and international exhibitions, have become easy targets for cyber attacks, and it is no longer rare to hear of reports of damage from such attacks. The Olympic and Paralympic Games Tokyo 2020 was held in 2021 after a oneyear delay due to the novel coronavirus (COVID-19), and NTT, as a Gold Partner (Telecommunications Services), had the responsibility of managing the network infrastructure supporting the Tokyo 2020 Games, thus dealing with the threat of cyber attacks. This article describes how NTT-CERT (NTT Computer Security Incident Response and Readiness Coordination Team) of NTT Social Informatics Laboratories faced cyber attacks as the representative computer security incident response team of the NTT Group. © 2022 Nippon Telegraph and Telephone Corp.. All rights reserved.