ABSTRACT
Information Technology (IT) has become the integral part of majority of businesses. Healthcare sector is also one such sector where IT adoption is increased in recent times. This adoption of IT has increased the internet exposure and hence increased the attack surface of the organisations working in healthcare sector. During covid outbreak, we have observed various cyber-attack and threats on organisations operating in healthcare sector. This paper focuses on cyber threat pattern in healthcare sector during covid-19 outbreak and post-covid-19 period. This research paper also aims to generate basic cyber awareness through generic cyber sanity checks to secure healthcare sector from malicious threat actors. The adaptation of proactive measures required to enhance the cyber hygiene of organisations becomes very essential in this sector. © 2023 IEEE.
ABSTRACT
Cybersecurity is an increasingly important factor in consumer attitudes toward online shopping. Online shopping has become an essential part of our lives in this digital era. As the popularity of online and e-commerce shopping continues to grow, so does the potential for cyber threats and attacks. As more and more consumers turn to online shopping, cyber threats such as hacking, identity theft, and credit card fraud have become more frequent. Therefore, understanding the factors of cybersecurity that affect consumer attitude is essential to build trust and creating a safe and sound shopping environment. This research explores the factors of cybersecurity that affect consumers' attitudes to shopping online and uses a survey to test several hypotheses related to influential cyber factors. Bangladesh is a developing country in Southeast Asia, and like many other countries, has experienced an increase in cyber threats and attacks in recent years. Consumers in Bangladesh face many of the same cyber threats, such as phasing attacks, malware, data breach, and other types of cyber security threats over online shopping. As a result of these cyber threats, online consumers are increasingly concerned about online security risks which may impact their willingness to engage in online shopping. Therefore, it is essential to identify critical factors of cyber security that impact consumers's attitudes toward online shopping to mitigate cyber risk and improve consumer trust in online shopping. This paper provides the result of a research study that will provide a better understanding of factors that influence consumer's trust and engagement with online and E-commerce platforms in Bangladesh) . © 2023 IEEE.
ABSTRACT
To combat the ongoing Covid-19 pandemic, many new ways have been proposed on how to automate the process of finding infected people, also called contact tracing. A special focus was put on preserving the privacy of users. Bluetooth Low Energy as base technology has the most promising properties, so this survey focuses on automated contact tracing techniques using Bluetooth Low Energy. We define multiple classes of methods and identify two major groups: systems that rely on a server for finding new infections and systems that distribute this process. Existing approaches are systematically classified regarding security and privacy criteria.Copyright © 2021 ACM.
ABSTRACT
Given that cyber security underwrites public trust in digital services and technologies, the new cyber strategy sets out a vision for reducing the cyber security risk to health and social care organizations across the Department of Health and Social Care (DHSC), National Health Service (NHS) organizations, local authorities, independent social care providers, and suppliers-which includes pharmaceutical manufacturers. [...]attacks can cause a complete loss of access to clinical and administrative information technology (IT) systems, resulting in significant disruption in day-to-day operations. According to the NCSC, ransomware attacks are increasingly seen to include data theft and extortion with a threat of data leaks (3). According to the UK government's recently published policy paper outlining the new cyber security strategy, "all these threats pose risk not just to patient and staff safety, but also to public trust in a health and social care system that can and must safeguard people's data" (2).
ABSTRACT
Attacks on the University of Ottawa Heart Institute and the Newfoundland and Labrador health system in 2021, Toronto Sick Kids Hospital in December 2022, and Ross Memorial Hospital in February 2023 are just some examples of recent cyberattacks on healthcare targets (CBC News, 2021;Mosleh, 2023;Solomon, 2022). [...]while LockBit apologized for the attack on Toronto Sick Kids Hospital in December (Mosleh, 2023), the increase in frequency and scope of ransomware attacks on our healthcare system is a national concern. Remote work often involves using personal devices and unsecured networks, which can make it easier for cybercriminals to gain access to hospital networks, especially if staff have poor password hygiene. [...]hospitals need an incident response plan in place to minimize the impact of a ransomware attack and prevent disruption to patient care in the event of a breach. Attacks on the University of Ottawa Heart Institute and the Newfoundland and Labrador health system in 2021, Toronto Sick Kids Hospital in December 2022, and Ross Memorial Hospital in February 2023 are just some examples of recent cyberattacks on healthcare targets (CBC News, 2021;Mosleh, 2023;Solomon, 2022). [...]while LockBit apologized for the attack on Toronto Sick Kids Hospital in December (Mosleh, 2023), the increase in frequency and scope of ransomware attacks on our healthcare system is a national concern. Remote work often involves using personal devices and unsecured networks, which can make it easier for cybercriminals to gain access to hospital networks, especially if staff have poor password hygiene. [...]hospitals need an incident response plan in place to minimize the impact of a ransomware attack and prevent disruption to patient care in the event of a breach.
ABSTRACT
2020-2022 provided nearly ideal circumstances for cybercriminals, with confusion and uncertainty dominating the planet due to COVID-19. Our way of life was altered by the COVID-19 pandemic, which also sparked a widespread shift to digital media. However, this change also increased people's susceptibility to cybercrime. As a result, taking advantage of the COVID-19 events' exceedingly unusual circumstances, cybercriminals launched widespread Phishing, Identity theft, Spyware, Trojan-horse, and Ransomware attacks. Attackers choose their victims with the intention of stealing their information, money, or both. Therefore, if we wish to safeguard people from these frauds at a time when millions have already fallen into poverty and the remaining are trying to survive, it is imperative that we put an end to these attacks and assailants. This manuscript proposes an intelligence system for identifying ransomware attacks using nature-inspired and machine-learning algorithms. To classify the network traffic in less time and with enhanced accuracy, Genetic Algorithm (GA) and Particle Swarm Optimization (PSO), two widely used algorithms are coupled in the proposed approach for Feature Selection (FS). Random Forest (RF) approach is used for classification. The system's effectiveness is assessed using the latest ransomware-oriented dataset of CIC-MalMem-2022. The performance is evaluated in terms of accuracy, model building, and testing time and it is found that the proposed method is a suitable solution to detect ransomware attacks. © 2022 IEEE.
ABSTRACT
The whole world has been witnessing the gigantic enemy in the form of COVID-19 since March 2020. With its super-fast spread, it has devastated a major part of the world and found to be the most dangerous virus of the 21st Century. All countries went into a lockdown to control the spread of the virus, and the economy dropped down to an all- time low index. The major guideline to avoid the spread of diseases like COVID- 19 at work is avoiding contact with people and their belongings. It is not safe to use computing devices because it may result in the spread of the virus by touching them. This paper presents an Artificial Intelligence- based virtual mouse that detects or recognizes hand gestures to control the various functions of a personal computer. The virtual mouse Algorithm uses a webcam or a built-in camera of the system to capture hand gestures, then uses an algorithm to detect the palm boundaries similar to that of the face detection model of the media pipe face mesh algorithm. After tracing the palm boundaries, it uses a regression model and locates the 21 3D hand-knuckle coordinate points inside the recognized hand/palm boundaries. Once the Hand Landmarks are detected, they are used to call windows Application Programming Interface (API) functions to control the functionalities of the system. The proposed algorithm is tested for volume control and cursor control in a laptop with the Windows operating system and a webcam. The proposedsystem took only 1ms to identify the gestures and control the volume and cursor in real-time. © 2023 IEEE.
ABSTRACT
E-commerce sites are flourishing nowadays in lockdown. A lot of entrepreneurs are making their own sites and selling them online. In 2020, one of INTERPOL's private sector partners detected 907,000 spam messages, 737 malware incidents, and 48,000 malware URLs connected to COVID-19 during the period from January to April. 'Cybercriminals are developing and boosting their attacks at an alarming pace, exploiting the fear and uncertainty caused by the unstable social and economic situation created by COVID-19.' states Jürgen Stock, INTERPOL Secretary General. The main threats during this pandemic are Malware/Ransomware(36%), Phishing/Scam(59%), Fake News(14%) and Malicious Domains(22%). Cybercriminals are active in these pandemic times and the developers designing stunning user interfaces without basic cybersecurity knowledge is a great attraction for these criminals. Our goal is to explain how easily hackers gain access by selecting 10 top vulnerabilities from OWASP and exploiting them. © 2023 IEEE.
ABSTRACT
Ransomware is the most severe threat to companies and organizations, snowballing daily. Ransomware comes in various types that are difficult for non-specialists to distinguish and evolve and change encryption techniques to avoid detection. Ransomware has become a worldwide incidence during the Corona pandemic and remote work, accountable for millions of dollars of losses annually;This malware threatens victims to lose sensitive data unless they pay a ransom, usually by encrypting the victims' hard drive contents until the ransom is paid. The study focused on literature reviews and publications issued by international organizations interested in ransomware analysis to build a strong background in this field. Used static analysis and reverse engineering methodology to investigate ransomware to understand its purpose, functionality, and effective countermeasures against it. Finally, after Dearcry and Babuk ransomware were analyzed, written the Yara rule to detect and suggested countermeasures against them to help cybersecurity professionals better understand the inner workings of real ransomware and develop advanced countermeasures against similar attacks in the future. © 2023 by the authors.
ABSTRACT
The Corona Virus Disease 2019 (COVID-19) effect has made telecommuting and remote learning the norm. The growing number of Internet-connected devices provides cyber attackers with more attack vectors. The development of malware by criminals also incorporates a number of sophisticated obfuscation techniques, making it difficult to classify and detect malware using conventional approaches. Therefore, this paper proposes a novel visualization-based malware classification system using transfer and ensemble learning (VMCTE). VMCTE has a strong anti-interference ability. Even if malware uses obfuscation, fuzzing, encryption, and other techniques to evade detection, it can be accurately classified into its corresponding malware family. Unlike traditional dynamic and static analysis techniques, VMCTE does not require either reverse engineering or the aid of domain expert knowledge. The proposed classification system combines three strong deep convolutional neural networks (ResNet50, MobilenetV1, and MobilenetV2) as feature extractors, lessens the dimension of the extracted features using principal component analysis, and employs a support vector machine to establish the classification model. The semantic representations of malware images can be extracted using various convolutional neural network (CNN) architectures, obtaining higher-quality features than traditional methods. Integrating fine-tuned and non-fine-tuned classification models based on transfer learning can greatly enhance the capacity to classify various families of malware. The experimental findings on the Malimg dataset demonstrate that VMCTE can attain 99.64%, 99.64%, 99.66%, and 99.64% accuracy, F1-score, precision, and recall, respectively. © 2023 Tech Science Press. All rights reserved.
ABSTRACT
Social media, such as Twitter, allow people to interact with ongoing events and share their sentiments. Therefore, people use social media to report and express their emotions about events they are experiencing. Furthermore, some officials take advantage of the popularity of social media to keep the public informed, especially during emergent events. Researchers have covered sentiment analysis on Twitter in many fields, such as movie reviews, stocks, politics, health, and sports. However, there is a research gap in studying the public's concerns on social media when a cybersecurity breach occurs and how people's sentiment changes over time. To fill the gap, The researchers selected the cyberattacks against Universal Health Services (UHS) during the late days of September 2020 and collected a large dataset of related tweets over five weeks. Live-streaming tweets and historical ones both were compiled. The focus while gathering tweets was in the context of cyberattacks on UHS using keywords and hashtags such as Universal Health System, UHS cyberattack, UHS Ransome, UHS security breach, and UHS locked. Then, the researchers determined tweets' sentiment classification on this developing event using deep learning of Long Short-Term Memory (LSTM) and Artificial Neural Networks (ANN) and their accuracies. Furthermore, the researchers performed exploratory data analysis for the dataset supplying information about how sentiment has changed over time to compare the sentiment per week since the start of these cyberattacks on UHS. This study is the first to provide an analysis of the public's sentiment toward a significant cybersecurity breach on a healthcare provider dealing with COVID-19 based on a large-scale dataset extracted from social media feeds. © 2023 IEEE.
ABSTRACT
All malware are harmful to computer systems;however, crypto-ransomware specifically leads to irreparable data loss and causes substantial economic prejudice. Ransomware attacks increased significantly during the COVID-19 pandemic, and because of its high profitability, this growth will likely persist. To respond to these attacks, we apply static analysis to detect ransomware by converting Portable Executable (PE) header files into color images in a sequential vector pattern and classifying these via Xception Convolutional Neural Network (CNN) model without transfer learning, which we call Xception ColSeq. This approach simplifies feature extraction, reduces processing load, and is more resilient against evasion techniques and ransomware evolution. The proposed method was evaluated using two datasets. The first contains 1000 ransomware and 1000 benign applications, on which the model achieved an accuracy of 93.73%, precision of 92.95%, recall of 94.64%, and F-measure of 93.75%. The second dataset, which we created and have made available, contains 1023 ransomware, grouped in 25 still active and relevant families, and 1134 benign applications, on which the proposed method achieved an accuracy of 98.20%, precision of 97.50%, recall of 98.76%, and F-measure of 98.12%. Furthermore, we refined a testing methodology for a particular case of zero-day ransomware attacks detection—the detection of new ransomware families—by adding an adequate amount of randomly selected benign applications to the test set, providing representative evaluation performance metrics. These results represent an improvement over the performance of the current methods reported in the literature. Our advantageous approach can be applied as a technique for ransomware detection to protect computer systems from cyber threats. © 2023 Elsevier Ltd
ABSTRACT
COVID-19 is one of the deadliest pandemics of this century's that affected the whole world. As the COVID-19 spread the government had to impose lockdown that pushed the people to follow some new lifestyle like social distancing, work from home, hand washing, and the country have to shut down industries, businesses and public transport. At the same time, doctors were occupied in saving life's and on other side cyber criminals were busy taking this situation as advantage, which creates an another silent pandemic i.e. cyber-security pandemic. During this pandemic with overloaded ICT infrastructure, cyber space was gaining attention of more cyber attacker and number of attacks/threats increased exponentially. This is one of the rapidly growing global challenges for industry as well as for human life. In this paper a systematic surveys and review is done on recent trends of cyber security attacks during and post COVID-19 pandemic and their countermeasures. The relevant information has been collected from different trusted sources and impact landscape discussed with importance of cyber security education and future research challenges highlights. © 2023 IEEE.
ABSTRACT
COVID-19 pandemic has changed the lifestyle of all aspects of life. These circumstances have created new patterns in lifestyle that people had to deal with. As such, full and direct dependence on the use of the unsafe Internet network in running all aspects of life. As example, many organizations started officially working through the Internet, students moved to e-education, online shopping increased, and more. These conditions have created a fertile environment for cybercriminals to grow their activity and exploit the pressures that affected human psychology to increase their attack success. The purpose of this paper is to analyze the data collected from global online fraud and cybersecurity service companies to demonstrate on how cybercrimes increased during the COVID-19 epidemic. The significance and value of this research is to highlight by evident on how criminals exploit crisis, and for the need to develop strategies and to enhance user awareness for better detection and prevention of future cybercrimes.
ABSTRACT
To provide the ease control and remote monitoring, Internet of Things (IoT) plays an important role in smart devices. The IoT system ranges from smart city to healthcare sector, and supply chain management. This extent of advancement generated a huge amount of data which may be the reason of malware threats of the IoT system. IoT Malware is a threat which may affects all sectors such as business, network, telecoms, media, military, etc. The recent report claimed the proliferation of global cost of malware estimated that till 2023 it would be around 8 trillion dollars annually which may double due to coronavirus outbreak. The analysis of IoT malware needs serious concern as now warfare and digital retaliation can cause serious damage than the war lead on ground. The major aim of this paper is performing the critical analysis of an IoT malware named Emotet. The IoT malware analysis can be categorized in two types such as static and dynamic malware analysis. Static analysis is the process of analyzing malware or binary without executing it. It is considered a more effective method when it comes to the diversity of processor architecture. While dynamic analysis is based on the detection of malware and its behavior with real-time execution. This paper focused on the testbed and Analysis of Emotet malware statically and dynamically using distinguished malware analysis tools. © 2023 IEEE.
ABSTRACT
Covert communication channels are a concept in which a policy-breaking method is used in order to covertly transmit data from inside an organization to an external or accessible point. VoIP and Video systems are exposed to such attacks on different layers, such as the underlying real-time transport protocol (RTP) which uses Transmission Control Protocol (TCP) or User Datagram Protocol (UDP) packet streams to punch a hole through Network address translation (NAT). This paper presents different innovative attack methods utilizing covert communication and RTP channels to spread malware or to create a data leak channel between different organizations. The demonstrated attacks are based on a UDP punch hole created using Skype peer-to-peer video conferencing communication. The different attack methods were successfully able to transmit a small text file in an undetectable manner by observing the communication channel, and without causing interruption to the audio/video channels or creating a noticeable disturbance to the quality. While these attacks are hard to detect by the eye, we show that applying classical Machine Learning algorithms to detect these covert channels on statistical features sampled from the communication channel is effective for one type of attack.
ABSTRACT
Cyber security is not merely about securing devices and focusing on software and hardware. Staff members with skills and know-how are among the most valuable assets in the context of cyber security. Globally, there is a lack of competent cyber security experts available and cyber security skills should be educated more widely. One of the most effective practices for training cyber security experts is a cyber security exercise. During a cyber security exercise, the learning audience train their skills with a realistic scenario depicting a hectic and stressful cyber incident or cyber attack. In order to successfully implement a cyber security exercise, there must be sufficient technical infrastructure mimicking required systems and networks. The infrastructure should allow the use of realistic threat actors with realistic attack vectors and real malware without compromising any production environments. Facilities offering such infrastructure are widely known as the cyber ranges. There are two special requirements raised by modern cyber range exercises: (i) cyber range collaboration, including capabilities for sharing and pooling cyber range services, and (ii) on-line cyber security exercises without restrictions of being on-site on the exercise premises. The requirement of implementing on-line exercises has increased especially after the spread of COVID-19 pandemic. In this study, we introduce Flagship 2, a multinational state-of-the-art on-line cyber security exercise based on cyber range federation. We analyse the technical implementation of the cyber range federation and the learning outcomes of the exercise event based on a participant survey and relevant theories. The analysed results are explained with identified future research topics. © 2022 ACM.
ABSTRACT
Organizations regardless of their size are rapidly transforming, adopting and embracing digitalization amid the COVID pandemic. The pandemic forced organizations to ratio- nalize offline operations and swift towards online operations. Many organizations have digitized their services and have witnessed increasing Multistage cyber-attacks. Further, a lot of organizations have enabled remote access to the enterprise resources and services. As a result, organizations are striving to defend against Multistage cyber-attacks. These multistage attacks often spread across many stages, which is best described by MITRE Adversarial Tactics, Techniques, and Common Knowl- edge (ATT&CK) Framework. There are many research efforts for static detection of malicious binaries but very few or limited research targeting run-time detection of malicious processes in the system. Detection of these malicious processes are key for identifying new variants of multistage attacks or malware in the real world. This paper proposes a system for detecting multistage attacks in real-time or run-time by leveraging Machine learning and MITRE ATT&CK Framework. Machine learning facilitates detecting the malicious process in the system, and the MITRE ATT&CK framework offers insight into adversary techniques. Combination of these two is very effective in detecting multistage attacks and identifying individual stages. The proposed system shows promising results when tested on real-time/latest malware. Test result shows that our system can achieve 95.83% of accuracy. This paper discusses the challenges in detection of runtime malware, dataset generation © 2022 IEEE.
ABSTRACT
The malicious actors continuously produce malicious Android applications with a COVID-19 theme in the context of the pandemic. Users frequently grant the necessary permissions to install those phoney apps without paying much attention. Android permissions are essential points of weakness. Major privacy issues often result from this vulnerability. Hackers with malicious intent have viewed the COVID-19 pandemic as an opportunity to conduct malware attacks to profit financially and advance their nefarious goals. Through COVID-19-related content, people are becoming victims of phishing scams. The android malware seen explicitly during the pandemic of Covid-19 is discussed in this study, and we next analyze malware detection methods with a focus on these Covid-19-Themed malware mobile applications. This research paper attempts to identify dangerous android permissions and the malware families that erupted during the Covid-19 outbreak. © 2023 IEEE.