Review and insight on the behavioral aspects of cybersecurity
- PDF / 1,830,451 Bytes
- 18 Pages / 595 x 791 pts Page_size
- 72 Downloads / 194 Views
(2020) 3:10 Ait Maalem Lahcen et al. Cybersecurity https://doi.org/10.1186/s42400-020-00050-w
REVIEW
Open Access
Review and insight on the behavioral aspects of cybersecurity Rachid Ait Maalem Lahcen1* , Bruce Caulkins2 , Ram Mohapatra1 and Manish Kumar3
Abstract Stories of cyber attacks are becoming a routine in which cyber attackers show new levels of intention by sophisticated attacks on networks. Unfortunately, cybercriminals have figured out profitable business models and they take advantage of the online anonymity. A serious situation that needs to improve for networks’ defenders. Therefore, a paradigm shift is essential to the effectiveness of current techniques and practices. Since the majority of cyber incidents are human enabled, this shift requires expanding research to underexplored areas such as behavioral aspects of cybersecurity. It is more vital to focus on social and behavioral issues to improve the current situation. This paper is an effort to provide a review of relevant theories and principles, and gives insights including an interdisciplinary framework that combines behavioral cybersecurity, human factors, and modeling and simulation. Keywords: Cybersecurity, Behavioral aspects, Human factors, Crime theories
Introduction Gary Warner delivered in March 1, 2014, a TEDX Birmingham presentation about our current approach to cybercrime. Warner, the Director of the Center for Information Assurance and Joint Forensics Research, at the University of Alabama, Birmingham, explained the challenges of protecting individuals and reporting cybercrimes. Benefits of making money and conducting low risk illegal acts drive cybercriminals. The Internet Security Threat Report (Symantec 2017) shows that the average ransom was $373 in 2014 and it was $294 in 2015. It jumped to $1077 in 2016, and we surmise that it is due to the upsurge value of Bitcoin. A digital currency preferred by ransomware criminals because they can accept it globally without having to reveal their identities. The same report shows that the number of detection of ransomware increased to 463,841, in 2016; and more than 7.1 billion identities have been compromised in cyber attacks in the last 8 years. Malware attacks are on the rise, for instance, the recurrence of disk wiping malware *Correspondence: [email protected] University of Central Florida, Mathematics Department, Orlando, FL 32816, USA Full list of author information is available at the end of the article 1
"Shamoon" in the Middle East, and cyber attacks against Ukrainian targets involving the KillDisk Trojan. To show a historical damage that such malware can do, we give the example of the Ukranian power grid that suffered a cyber attack in December 2015. It caused an outage of around 225,000 customers. A modified KillDisk was used to delete the master boot record and logs of targeted systems’ organizations; consequently, it was used in stage two to amplify attacks by wiping off workstations, servers, and a Human Machine Interface card inside of a Remote Terminal Unit. Trojan Horse
Data Loading...
