ABSTRACT
COVID-19 is one of the deadliest pandemics of this century's that affected the whole world. As the COVID-19 spread the government had to impose lockdown that pushed the people to follow some new lifestyle like social distancing, work from home, hand washing, and the country have to shut down industries, businesses and public transport. At the same time, doctors were occupied in saving life's and on other side cyber criminals were busy taking this situation as advantage, which creates an another silent pandemic i.e. cyber-security pandemic. During this pandemic with overloaded ICT infrastructure, cyber space was gaining attention of more cyber attacker and number of attacks/threats increased exponentially. This is one of the rapidly growing global challenges for industry as well as for human life. In this paper a systematic surveys and review is done on recent trends of cyber security attacks during and post COVID-19 pandemic and their countermeasures. The relevant information has been collected from different trusted sources and impact landscape discussed with importance of cyber security education and future research challenges highlights. © 2023 IEEE.
ABSTRACT
The article highlights the need to monitor factors, risks and threats to financial security at different levels of the social hierarchy. The tools are examined for identifying threats to financial and socio-economic security. The study generalizes international experience of monitoring the financial security of the state and business in terms of the COVID-19 pandemic. Threats to Ukraine's financial security have been identified with the help of modern approaches adapted to the conditions of the pandemic. Reserves of digitalization of business are investigated. The identification of risks and threats to social security of Ukraine by its components has been carried out. The article analyzes the impact of the pandemic on rising unemployment. The number of households in crisis conditions caused by the pandemic and quarantine measures is estimated as an indicator of socio-economic security. The impact of the pandemic on financial and social security is summarized at different levels of the social hierarchy. It is proved that updating the list of indicators and qualitative enrichment of the analytical system of threat identification with dynamic indicators of digitalization of the economy will enable identifying additional threats to financial security at different levels of the social hierarchy. Additional risks for the national financial system related to globalization and digitalization of the state financial system are identified, which are not taken into account by the current methodological recommendations for calculating the level of economic security of Ukraine. Additional risks for the national social system connected with intrastate machinery, social and political changes are identified, which are not taken into account by the current methodological recommendations for calculating the level of economic security of Ukraine. It is proved that due to the slow implementation of reforms in the social and economic spheres of security activities, the existing socio-economic security system turned out to be vulnerable to an intense crisis event, i.e. the COVID-19 pandemic, which has led to a number of threats. © 2023, The Author(s), under exclusive license to Springer Nature Switzerland AG.
ABSTRACT
El objeto de este artículo es realizar una propuesta teórico-metodológica a partir del modelo de análisis de la Escuela de seguridad de Copenhague para incorporar el examen de textos legislativos al estudio de los procesos de securitización. Con este objetivo, se realiza una aproximación al estudio de la securitización de la pandemia de la covid-19 a través del análisis comparativo de dos textos que han dado cobertura legislativa a la gestión de esta crisis sanitaria en España. El texto de la Ley orgánica 4/1981 sobre los estados de alarma, excepción y sitio;y el texto de la Ley 2/2021 del Parlamento Vasco de medidas para la gestión de la pandemia. Metodológicamente, este artículo analiza la securitización de la covid-19 a partir del modelo propuesto por la Escuela de seguridad de Copenhague desarrollado a raíz de la publicación de Security: A New Framework For Analysis (Buzan et al., 1997). Numerosas investigaciones han aplicado este modelo de análisis en el estudio de las políticas de seguridad sobre fenómenos como los movimientos migratorios (Müller y Gerbauer, 2021), la emergencia climática o la crisis sanitaria de la covid-19, examinando objetos tan diversos como los textos publicados en medios de comunicación social (Karyotis et al., 2021), el análisis de las audiencias (Bengtsson y Rhinard, 2019) o los discursos políticos (Kuleteva y Clifford, 2021). Un modelo que también se nutrió de las contribuciones posteriores de Balzacq (2005), Salter (2008) y Stritzel (2007, 2012) que ampliaron aún más los objetos de estudio de la securitización, que dejaron de ser exclusivamente textos de carácter político comunicados de manera lineal, para incorporar el análisis de la audiencia como un agente que interactúa y participa de la creación del discurso securitizador, la performance asociada a la ejecución del discurso o la interactividad del discurso en las redes sociodigitales. Sin embargo, pese a esta diversificación de estudios, la mayoría de las investigaciones sobre la securitización siguen centrándose en textos pertenecientes a discursos políticos o mediáticos. Se observa una ausencia de análisis de otro tipo de textos como aquellos de carácter legislativo, que también es interesante estudiar en el marco de estos procesos. Se trata de textos que, en muchos casos, dan cobertura legislativa a la aplicación de políticas de seguridad y podrían representar la cristalización legal de discursos político mediáticos previos. Dicho esto, dado el carácter jurídico de los textos que se examinan en este artículo, conviene señalar que el análisis que se propone es de carácter discursivo. Sin analizar las implicaciones jurídicas de los textos, cuestión que necesitaría otro tipo de tratamiento teórico-metodológico, nos proponemos observar la construcción discursiva de la seguridad que subyace en ellos y las consecuencias que, siguiendo las hipótesis de la Escuela de seguridad de Copenhague, esto conlleva. El artículo se estructura en tres partes. En el primer apartado, se realiza un breve acercamiento a la evolución de la investigación sobre seguridad en el campo de las Relaciones Internacionales y a la teoría de la securitización elaborada por la Escuela de seguridad de Copenhague en los años noventa. En el segundo apartado, se describe el contexto de crisis sanitaria global y, en concreto, en el caso de España, junto con los procesos de securitización que la acompañan. En tercer lugar, se presentan los documentos examinados y la operacionalización que permite su análisis. Posteriormente, se aborda la discusión sobre los resultados y las conclusiones.Alternate abstract:The aim of this article is to present a theoretical-methodological proposal based on a model of analysis from the Copenhagen School of Security Studies, which incorporates the examination of legislative texts into the study of securitization processes. With this objective, we propose an approach to the study of the securitization of the Covid-19 pandemic through the comparative analysis o two texts that have given legislative coverage to the management of this health crisis in Spain. The text of (1) Organic Law 4/1981 on the states of alarm, exception and siege;and the text of (2) Law 2/2021 of the Basque Parliament on measures for managing the pandemic. After the publication of Security:A New Framework For Analysis (Buzan et al.l997), numerous investigations have used the securitization analysis model of the Copenhagen School of Security Studies to study security policies on phenomena such as migratory movements (Müller and Gerbauer, 2021), the climate emergency, or the health crisis of Covid-19 by examining the texts published on social media (Karyotis et al., 202l),or the analysis of the audiences (Bengtsson and Rhinard, 2019) or political discourses (Kuleteva and Clifford, 2021). Securitization theory holds that what gives an issue the status of threat results from an interaction between an actor, whether it is a state, an organization, or the media, and which tries to define a certain problem as an existential threat, and an audience that accepts or rejects this attempt. Under this premise, security is considered a social construct, which has enormous consequences when it comes to its study.The analysis of the security agenda no longer consists of evaluating those threats considered real, but rather aims at the communicative processes through which actors and audiences agree to securitize an issue. The contributions of Balzacq (2005), Salter (2008) and Stritzel (2007;20l2), among others, have also broadened the objects of study of securitization, which have ceased to be exclusively texts of a political nature communicated in a linear manner to incorporate also the audience as an agent that interacts and participates in the creation of the securitizing discourse, the performance associated with the execution of the discourse or the interactivity of the discourse in socio-digital networks. However, despite this diversification in the approach to the study of securitization, most research continues to focus on texts belonging to political or media discourse.There is an absence of analysis of securitization in other types of texts, such as those of a legislative nature which are also interesting to study within the framework of these processes.That is, texts that, in many cases, give legislative coverage to the application of security policies and could represent the legal crystallization of previous political-media discourses. That said, given the legal nature of the texts examined in this article, it is important to make clear that the analysis proposed is, following the model of the Copenhagen School, a discursive analysis. This article does not carry out a legal analysis of the documents or a study on the legal consequences of the implementation of these laws, a study that would need another theoretical-methodological approach. Without conducting a legal analysis, we propose to observe the discursive construction of security that underlies the texts analyzed and the consequences that, according to the hypothesis of the Copenhagen School, this entails. Thus, the current analysis is about the securitization processes of the Covid-19 crisis.This health crisis has been one of the most disruptive episodes globally in recent decades. The unexpected appearance of the virus and its rapid spread made Covid-19, in just a few weeks, as UN Secretary General Antonio Guterres pointed out, the greatest threat to global security. The pandemic surpassed any of the established international protocols, and the lack of multilateral agreements between different countries and measures against the virus showed in turn a lack of global governance to deal with this type of threat. At first sight, we could say that Covid-19, an illness that, being new, poses a threat to the health of the entire world population since most people do not have immunity against it. However, this health crisis is once again a good scenario in which to observe that the threat is perceived and constructed in a very diverse way among the populatio .The study by Kirk (2022) on the securitization of Covid-19 in the United States refers to this. She analyzes the discursive battle between different security narratives about the health crisis in a country where the wearing or not wearing of a mask in public places often becomes an expression of a political position. The delimitation of the object of study to the examination of the texts of the Organic Law 4/1981 on states of alarm, exception, and siege, and (2) the Law 2/2021 of the Basque Parliament on measures for the management of the pandemic, is done for several reasons. In the first place, both texts, of an eminently legal nature, respond to the necessary characteristics to carry out the analysis in accordance with the objective of the study. Secondly, despite the substantial differences that both laws maintain in their preamble and the context of their drafting, the two texts have served as a legal framework for taking measures to deal with similar events, specifically, the crisis health of covid-19. This allows, following the proposal of the Copenhagen School, to contextualize the analysis of the securitization construction of the texts based on these facts. Third, the choice of texts, which share a legal framework, responds to the proposal to carry out an analysis of a state nature, and not an international one, given the prominence of state legislation in the coverage of policies and implementation of the security measures against the covid-19 disease because of the lack of international legal frameworks. The article is structured in three parts. In the first section, a brief theoretical-methodological approach is elaborated on the evolution of security research in the field of International Relations and to the theory of securitization developed bythe Copenhagen School. In the second, the context of the global health crisis and the case of Spain are described together with the securitization processes that accompany it.Thirdly, the documents examined and the operationalization that allows their analysis are presented. Subsequently, the discussion on the results and conclusions is addressed.
ABSTRACT
Particularly amid Covid-19, enterprises' digital transformation has rapidly accelerated, making cybersecurity an even bigger challenge. Financial institutions adopt FinTech technologies to advance their service and achieve an enhanced customer experience that creates a competitive edge in the market. FinTech products utilise open banking API services to allow communication between a financial institution and a FinTech provider. However, such an integration introduces significant security concerns. Therefore, financial firms must ensure that a robust API service to protect the bank's infrastructure and its customers' information. To address this concern, we propose a Framework for Open Banking API security that utilises STRIDE model to identify security threats in FinTech integration via Open Banking API and Bayesian Attack Graphs to automate predictions of the most exploitable attack paths. © 2022 IEEE.
ABSTRACT
New information and communication technologies (ICT) are being applied in various industries to upgrade the value of the major service items. Moreover, data collection, storage, processing, and security applications have led to the creation of an interrelated ICT environment in which one industry can directly influence the other. This is called the "internet of blended environments" (IoBE), as it is an interrelated data environment based on internet-ofthings collection activities. In this environment, security incidents may increase as size and interconnectivity of attackable operations grow. Consequently, preemptive responses to combined security threats are needed to securely utilize IoBE across industries. For example, the medical industry has more stringent information protection measures than other industries. Consequently, it has become a major target of attackers, as more clinician-patient interactions occur over the internet owing to COVID-19. Therefore, this study aims to acquire security for IoBE while focusing on the medical industry. Among the various types of medical ICT services, this study analyzes data flow and potential security threats from the e-prescription lifecycle perspective, which is highly utilized, strongly data-centric, and has numerous security issues. Based on our analysis, we propose a secure authentication and data-sharing scheme. © 2023 CRL Publishing. All rights reserved.
ABSTRACT
Due to the growth of internet technology, there is a sharp rise in the growth of IoT enabled devices. IoT (Internet of Things) refers to the connection of various embedded devices with limited processing and memory. With the heavy adoption of IoT applications, cloud computing is gaining traction with the ever-increasing demand to process and compute a massive amount of data coming from various devices. Hence, cloud computing and IoT are often related to each other. However, there are two challenges in deploying the IoT and cloud computing frameworks: security and Privacy. This article discusses various types of security threats affecting IoT and cloud computing, and threats are classified using machine learning (ML). ML has gained much momentum in recent years and is applied in various domains. One of the main subdomains of machine learning is used in IoT and cloud security. A machine learning model can be trained with data based on which the model can predict the impending security threats. Popular security techniques to protect IoT devices from hackers are IoT authentication, access control, malware detection, and secure overloading. Supervised learning algorithms can be used to detect malware in the runtime behavior of applications. The malware is detected from network traffic and is labeled based on its suspicious behavior. Post identification of malware, the application data is stored in a database trained via an ML classifier algorithm (KNN or Random Forest). With increased training, the model can identify malware applications with higher accuracy. © 2022 IEEE.
ABSTRACT
In the year of 2020. the Covid-19 global epidemic poses a major challenge to national and global governance. On the one hand, this epidemic is a test of national responses to major public emergencies, and on the other hand, it exposes the dilemma of global governance in non-traditional security areas. International health organizations, including the World Health Organization (WHO), have not played their proper role in the prevention and control of the epidemic, while national actors have been brought back to the center of global governance. After the Covid-19, non-traditional security threats have brought harm to countries and international communities even beyond the traditional security threats. Against this backdrop, the failure of global governance by international organizations and major power politics has been demonstrated, while the governance capacity of national state has provided the strongest support for the global governance system in terms of cross-border solutions, and diversified development ideas. China's concept of global governance is rooted in its national governance philosophy. It has evolved from its original position as a participant in the global governance system to a recent position as a defender and facilitator, and then to the current position as an innovator and leader after several transformations of governmental functions. Being a responsible power, China is continuously strengthening the modernization of its national governance capacity, advocating the concept of consultation, contribution and shared benefits, and promoting the reform of the global governance system. © 2022 Aalborg University. All rights reserved.
ABSTRACT
Previous studies have shown wine tourism destinations to remain resilient in the face of both natural and anthropogenic security threats. This has been attributed, especially in the case of the latter, to their low population density rural locations being perceived as safer than more densely populated urban areas. The outbreak of COVID19 in late 2019, which had become a global pandemic by early 2020, decimated the tourism industry and showed that previous perceptions of safety may no longer hold true. This research analyzes the influence of this health-related security threat, i.e., COVID-19, on wine tourism from a winery perspective. A sample of 228 wineries in wine-producing countries, surveyed during October 2020, were analyzed. Results show that wine tourism has been negatively affected by the pandemic, despite the relative ease of outdoor gathering and social distancing. Likewise, results exhibit geographically asymmetric effects, indicating that New World wineries, which generally have a more developed tourism infrastructure, were more likely to perceive COVID19's impact on wine tourism as more severe than Old World wineries. Managerial implications for wineries are also discussed.
ABSTRACT
With the fourth industrial revolution, there is a digitization wave going on for the transformation of existing systems into modern digital systems. This has opened the window for many opportunities, but at the same time, there is a multitude of cyber-security threats that need to be addressed. This paper considers one such threat posed by phishing and ransomware attacks to the healthcare infrastructures. Phishing has also been the most prevalent attack mechanism on the healthcare infrastructures during the ongoing COVID-19 pandemic. The paper proposes two intervention strategies as a step towards catering to the challenges posed by phishing and ransomware attacks in the context of healthcare infrastructures. © 2022, IFIP International Federation for Information Processing.
ABSTRACT
Security across network has become a major concern during this Covid-19 scenario. Security threats happens due to variety of reasons like theft of analytical property, software attacks, identity theft, stealing of equipment or information, sabotage, and information extraction. The wrong use of protocols over network also causes security threat. Introduction of data mining techniques in network security field plays a major role with data extraction, data transformation and analysation of the huge amount of data. The various data mining algorithms provides an insight to analyse and predict the data and the threats over the computer networks. This paper focusses on the approaches to predict security threats over networks using various classification algorithms. The four-classification algorithm majorly focussed here is Naive Bayes Classifier, Decision Tree Classifier, K Nearest Neighbours and Logistic Regression. It compares the performance of the above-mentioned classification algorithms to detect the threats.
ABSTRACT
South African institutions of higher education suffered serious disruptions during the COVID-19 pandemic which, resulted in migrating most teaching and learning activities to various online platforms, of which many depended on the open web. This has the potential to expose lecturers and students to cyber security threats and risks. As such cyber security awareness (CSA) becomes important. This study investigated the CSA among preservice teachers pursuing a Bachelor of Education studies in Further Education and Training (FET) at a university in Cape Town, South Africa. The purpose of the study was to gain an insight into CSA among preservice teachers who had been using digital technologies to support learning during the COVID-19 pandemic. An electronic questionnaire was administered to a random sample of 300 preservice teachers. The findings show that preservice teachers were limited in their awareness of cyber security threats and risks likely to affect their use of various digital technologies for remote learning. Furthermore, preservice teachers implemented basic strategies to mitigate basic cyber security threats and attacks. These basic strategies were found not to be sufficient for advanced attacks. The study concluded that lack of proper CSA and knowledge among preservice teachers presented them with challenges in solving threat attacks associated with denial-of-service (DoS), data theft and phishing when using personal digital devices. © 2022, Springer Nature Switzerland AG.
ABSTRACT
The COVID-19 pandemic has changed many aspects of behavior, often leading to more cautious lifestyles. Financial transactions have not been an exception;as people have reduced cash transactions due to fears of virus transmission. Naturally, this was accompanied by an acceleration of growth of online payment services. Online transactions, Mobile Money, and Near-Field Communication (NFC) contactless payments have all experienced noticeable growth during the pandemic. Consequently, related cyber-risks have simultaneously increased. This paper reviews the impact of the COVID-19 pandemic on NFC contactless payments internationally and in the Kingdom of Bahrain. Then the paper briefly explains the technological components of NFC payments, comparing NFC card payments and NFC mobile payments. It then reviews three recently identified NFC payments security threats and their respective protection methods. Finally, the paper analyzes the common factors between these threats and provides recommendations related to physical security and user awareness. © 2021 IEEE.
ABSTRACT
Remote unlocking for Android devices may benefit both users and manufacturers. Users can continue using the device without factory-resetting when they unexpectedly forget their passphrases. Manufacturers can improve non-face-To-face customer services in the COVID-19 era. Nevertheless, not many manufacturers support remote unlocking services for Android devices. If the remote unlocking service is triggered by requests over-The-Air, it may increase the attack surface of Android security. Android security is hardware-based (e.g., hardware-backed Keystore), so we seek to preserve this security level by designing a new remote unlocking service without modifying trusted execution environments. Our design supports two-factor authentication, distributed authority, trust-boundary minimization, and key management. Since a synthetic password used for remote unlocking is not exposed to the outside of an Android device, the manufacturer still cannot unlock the device without user consent. We identify 208 security threats in the proposed remote unlocking service using the STRIDE model and ensure that our design has countermeasures for all high-level security threats. After passing quality verification and penetration tests, the proposed remote unlocking service has been officially installed on commercial devices. © 2021 IEEE.
ABSTRACT
Cybersecurity has been vital for decades and will remain vital with upcoming ages with new technological developments. Every new day brings advancement in technology, which leads to new horizons, and at the same time, it brings new security challenges. Numerous researchers around the globe are continuously striving hard to provide better solutions for the daily basis of new arising security issues. However, the challenges are always there. These challenges become new norms during the current Covid pandemic, where most industries, small industrial enterprises, education, finance, public sectors, etc. were under several attacks and threats globally. The hacker has more opportunities during the pandemic period by shifting most of the operations live. This research enlightened the several cybersecurity attacks and threats during this pandemic time globally. It provided the best possible recommendations to avoid them using the cyber awareness and with appropriately linked training. This research can provide a guideline to the above stated sector by identifying the related attacks.
ABSTRACT
IoT can be described as billions of devices connected to internet for the purpose of collection and sharing of data across the globe. Many technical and business sectors have been actively researching on IoT for past two decades. With the current scenario of COVID-19 pandemic, IoT can offer better solution for health care and lifestyle and can help to maintain the SOP issued by the government. However, it still faces many issues to deal with and is not mature enough This paper deals with the characteristics and limitation of IoT, study of IoT market globally and in India, role of IoT during pandemic and general security issues of IoT. © 2021 IEEE.