When large values are at stake, the attacker and the attacker’s motives cannot be easily modeled, since both the organization at stake and the possible attackers are unique and have complex motives. Hence, rather than using stereotypical attacker models, recent work proposes realistic profiling of the opponent by the use of user-centered design principles in form of the persona methodology. Today, cybercrime is often organized, i.e., attacks are planned and executed by an organization that has put together a tailor- made team consisting of the necessary skills for the task. The actual individuals taking part in the attack might not be aware of or interested in the overall organizational motives. Rather, taking motives behind espionage, fraud, etc., into account requires consideration of the attacking organization rather than the individuals. In this paper, based on interviews with IT security experts, we build on the attacker persona methodology and extend it with methodology to also handle organizational motives in order to tackle organized cybercrime. The resulting framework presented in the paper extends the attacker persona methodology by also using narratives in order to assess the own organization’s security. These narratives give rise to intrigue sketches involving any number of attacker personas, which hence, make it possible to take organized cybercrime into account. Keywords: organization, attacker models, espionage, fraud, cybercrime, security experts, framework, persona methodology.
The issue of cyber security is one that has been discussed by many people in various perspectives, most coming at it from different sides than the others. Cyber-crimes have gone beyond conventional crimes and now have threatening ramifications to the national security of all countries, even to technologically developed countries as the United States. The illegal act may be targeted at a computer network or devices e.g., computer virus, denial of service attacks (DOS), malware (malicious code). However, ethical hacking has been used by various telecommunication companies to cover the loophole and this study is identifying the problems and providing an overview on the issues and the solutions. Cybersecurity through ethical hacking plays an important role in the ongoing development of telecommunication industry, as well as Internet services. Enhancing Cybersecurity and protecting critical information infrastructures are essential to each nation’s security and economic well-being (Odinma, 2013). Making the Internet safer (and protecting Internet users) has become integral to the development of new services as well as government policy. An ethical hacker is a computer and networking expert who systematically attempts to penetrate a computer system or telecommunication network on behalf of its owners for the purpose of finding security vulnerabilities that a malicious hacker could potentially exploit (Okonigene & Adekanle, 20016). Ethical hackers use the same methods and techniques to test and bypass a system's defenses as their less-principled counterparts, but rather than taking advantage of any vulnerabilities found, they document them and provide actionable advice on how to fix them so the organization can improve its overall security (Laura, 2015). The purpose of ethical hacking is to evaluate the security of a network or system's infrastructure. It entails finding and attempting to exploit any vulnerabilities to determine whether unauthorized access or other malicious activities are possible. Vulnerabilities tend to be found in poor or improper system configuration, known and unknown hardware or software flaws, and operational weaknesses in process or technical countermeasures. One of the recent examples of ethical hacking occurred in the 2010, when the United States government used groups of experts called "red teams" to hack its own computer systems (Laura, 2015). It has become a sizable sub-industry within the information security market and has expanded to also cover the physical and human elements of an organization's defenses. A successful test doesn't necessarily mean a network or system is 100% secure, but it should be able to withstand automated attacks and unskilled hackers. The exceptional outbreak of cyber-crime in Nigeria in recent times was quite alarming, and the negative impact on the socio-economy of the country is highly disturbing. Over the past twenty years, immoral cyberspace users have continued to use the internet to commit crimes; this has evoked mixed feelings of admiration and fear in the general populace along with a growing unease about the state of cyber and personal security (Oliver, 2010). This phenomenon has seen sophisticated and extraordinary increase recently and has called for quick response in providing laws that would protect the cyber space and its users. Nigerian cyber criminals are daily devising new ways of perpetrating this form of crime and the existing methods of tracking these criminals are no longer suitable for dealing with their new tricks (Adebusuyi, 2018). The victims as well, show increasing naivety and gullibility at the prospects incited by these fraudsters. This paper seeks to give an overview of ethical hacking and cyber-security in Nigerian telecommunication industry, outline some challenges and proffer solutions. KEYWORDS: CYBERSECURITY, ETHICAL HACKING, TELECOMMUNICATION, CHALLENGES, INFRASTRUCTURES, VULNERABILITIES.
The recent outbreak of COVID-19 has taken the world by surprise, forcing lockdowns and straining public health care systems. COVID-19 is known to be a highly infectious virus, and infected individuals do not initially exhibit symptoms, while some remain asymptomatic. Thus, a non-negligible fraction of the population can, at any given time, be a hidden source of transmissions. In response, many governments have shown great interest in smartphone contact tracing apps that help automate the difficult task of tracing all recent contacts of newly identified infected individuals. However, tracing apps have generated much discussion around their key attributes, including system architecture, data management, privacy, security, proximity estimation, and attack vulnerability. The use of Covid-19 contact tracing applications is close to be unheard of in Nigeria. We are far behind in leveraging on mobile app technology to combat the continued spread of this deadly virus. This project proposes a mobile app solution that provides adequate information to the contacted victims and as well warns the non-contacted of the dangers of leaving home without their kits. KEYWORDS: Covid-19, covid-19 contact tracing, contact tracing apps, coronavirus, mobile app, covid-19 alert.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
customersupport@researchsolutions.com
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.