Tae-hoi Huh,Sangho Lee,Woo-Young Chang

DOI: https://doi.org/10.1177/223386590701000112

2007-03-01

International Area Review

Abstract:with rapid development of science and technology and the evolution of information revolution, International security environment is being reshaped. Important factors that determine national security competence—military operations, intelligence information on advanced weapons and enemy forces, economic activities that form the poles of national power, government's major systems—are exposed to hostile cyber attacks or accidental intrusions. Therefore, protecting information systems has emerged as an urgent national security issue. In particular, in waging wars, the concept of electronic/communications war that seek destruction of enemy command and control system, has been transformed into a more comprehensive and proactive concept of information warfare by the introduction of the cyber war doctrine. Information warfare encompasses pursuit of paralysis and destruction of a nation's all social infrastructure system and military control power. The existing concept of security strategy, which is a passive concept devised for protection of national information and information system, has been replaced by the proactive and aggressive concept of information warfare strategy. Information warfare seek early and effective victory by cyber attacks that can destroy the enemy's war capability and morale. Korea, which is a leader in information technology as well as a country vulnerable to attacks challenging information security, should prepare for information warfare of the twenty first century. Provision of more systematic and detailed measures—new response strategies, the establishment of national information security response system, creation or reorganization of institutions, and training of human resources—to cope with changes in international information security environment is called for. In addition, the private, public, and military organizations should work together to introduce joint defense strategies and organizations. As an organic integrated defense system has to be established, the government has to establish a governmental system for systematic system for threat assessment, judgment, and response. In particular, the role and responsibilities of the NSC should be upgraded. The government has been tilted toward domestic security and social issues as it responded to cyber crimes and terrors. Such tendency should be guarded against.

Yinan Wang,Wei Li,Gangfeng Yan,Sumian Song

DOI: https://doi.org/10.1109/icit.2017.7915433

2017-01-01

Abstract:This paper proposes an unified framework for electrical cyber physical systems (ECPSs) and studies the mechanism of cyber attacks and cyber security. Communication networks are designed by characteristics of power grids. This model is universal to both transmission and distribution grids. The fragility of ECPSs under cyber attacks (DoS attacks and false data injection attacks) is analyzed in three scenarios based on different types and attackers' acknowledgments of the ECPSs. It has been proved that attacks happen at information uploading routers or control strategy downloading routers will influence the system differently. The effectiveness of relay protection policies and cyber security policies are verified by experimental results.

Sheng Xu,Yongxiang Xia,Hui-Liang Shen

DOI: https://doi.org/10.1109/tcsii.2020.2999875

2020-01-01

Abstract:In this brief, we analyze the damage caused by malware-induced cyber attacks in Cyber-Physical Power Systems (CPPSs). Incubation period and detection probability of the malware are considered in our analytical framework. From attacker's perspective, the trade-off between attack effectiveness and detection risk is studied to help choose the best attack timing and obtain the maximum payoff. Moreover, we conduct case studies in CPPSs formed by coupling IEEE 118-Bus System with scale-free communication networks. Simulation results reveal that the maximum expected payoff for the attacker is affected by the coupling pattern and the structure of communication network in CPPSs.

Jaepil Youn,Kookjin Kim,Daeyoung Kang,Jaeil Lee,Moosung Park,Dongkyoo Shin

DOI: https://doi.org/10.3390/electronics11244142

IF: 2.9

2022-12-13

Electronics

Abstract:North Korean cyber-attack groups such as Kimsuky, Lazarus, Andariel, and Venus 121 continue to attempt spear-phishing APT attacks that exploit social issues, including COVID-19. Thus, along with the worldwide pandemic of COVID-19, related threats also persist in cyberspace. In January 2022, a hacking attack, presumed to be Kimsuky, a North Korean cyber-attack group, intending to steal research data related to COVID-19. The problem is that the activities of cyber-attack groups are continuously increasing, and it is difficult to accurately identify cyber-attack groups and attack origins only with limited analysis information. To solve this problem, it is necessary to expand the scope of data analysis by using BGP archive data. It is necessary to combine infrastructure and network information to draw correlations and to be able to classify infrastructure by attack group very accurately. Network-based infrastructure analysis is required in the fragmentary host area, such as malware or system logs. This paper studied cyber ISR and BGP and a case study of cyber ISR visualization for situational awareness, hacking trends of North Korean cyber-attack groups, and cyber-attack tracking. Through related research, we estimated the origin of the attack by analyzing hacking cases through cyber intelligence-based profiling techniques and correlation analysis using BGP archive data. Based on the analysis results, we propose an implementation of the cyber ISR visualization method based on BGP archive data. Future research will include a connection with research on a cyber command-and-control system, a study on the cyber battlefield area, cyber ISR, and a traceback visualization model for the origin of the attack. The final R&D goal is to develop an AI-based cyber-attack group automatic identification and attack-origin tracking platform by analyzing cyber-attack behavior and infrastructure lifecycle.

engineering, electrical & electronic,computer science, information systems,physics, applied

Jae Kwon Bae,Gwang Heon Hong,

DOI: https://doi.org/10.38115/asgba.2023.20.6.133

2023-12-31

The Academic Society of Global Business Administration

Abstract:In the era of digital financial innovation, the importance of financial security is being emphasized day by day as the financial sector expands its use of technologies such as the Internet of Things(IoT), Cloud, BigData, and Artificial Intelligence(AI). Financial security refers to Fintech security and involves establishing and operating an integrated security control system against cyber threats that take advantage of security vulnerabilities resulting from the introduction of innovative technologies, responding to intrusion incidents, and analyzing and assessing vulnerabilities. In particular, security risks are emerging as cloud services are utilized throughout the financial industry, and financial security control and abnormal financial transaction detection are being advanced by applying AI technology. Additionally, in the financial sector, data security and information protection are emerging as very important issues in the era of the MyData platform. As the MyData service expands, where a large number of personal information is concentrated in one place, the threat of personal information infringement due to indiscriminate information collection and service hacking is also increasing. Accordingly, it is necessary to strengthen personal information protection within the MyData service and increase awareness of cyber security and financial security. Against this background, this study first examines changes in the security environment of the financial sector (internal control and abnormal financial transaction detection) and the components of the integrated security control system. Next, we would like to derive security threats to the financial sector such as phishing and smishing using social engineering techniques, authentication information theft, Ransomware, Emotet, Soggolish, BEC, and TOAD. Lastly, in relation to cyber security policies in the financial sector, we would like to discuss countermeasures against Ransomware in the financial sector, plans to build a next-generation financial security control system, MyData information protection and information security, and the applicability of the Zero Trust model in the financial sector.

English Else

DOI: https://doi.org/10.33140/aurdp.01.01.02

2024-02-27

Abstract:Background: Cyber Security is to protect online data and software from cyber threats. These cyberattacks are typically intended to gain access to, change, or delete sensitive information; extort money from users; or disrupt regular corporate activities. It is difficult to keep up a regular follow up with new technologies, so it is necessary to keep the important data safe from cyber threats. There are many types of cyber threats, malware, ransomware, social engineering, phishing etc. To prevent cyber-attacks one can, use password manager tools like LastPass and others. People also use two factor authentication for double security on their accounts. Methods: Boards such as the National Institute of Standards and Technology (NIST) are developing frameworks to assist firms in understanding their security risks, improving cybersecurity procedures, and preventing cyber assaults. The fight against cybercrimes and attack, organizations needed a strong base there are 5 types of cyber securities: Critical Infrastructure Security, application security, network security, cloud security and (IoT) Security. In the modern time the US is highly based on computers and on different software, so it is really important for the US to be more conscious about the security as they get many threats almost every day for hacking their data and accounts. Results and Conclusion: Nowadays, even small businesses rarely recover their loss from the cyber-attacks and many back-off from continuing their businesses after being target of hackers. The first cybercrime attack was recorded in 1988 by a graduate student. Now that large companies and even small businesses are aware of cyber-attacks, they try their best to take every precaution to prevent hacking with double security and password manager tools.

Stephanie Ness,Tushar Khinvasara

DOI: https://doi.org/10.9734/jerr/2024/v26i21075

2024-01-29

Journal of Engineering Research and Reports

Abstract:Currently, the majority of economic, commercial, cultural, social, and governmental activity and contacts between countries, encompassing individuals, non-governmental organizations, and government institutions, occur in the virtual realm known as cyberspace. In recent times, numerous private enterprises and governmental institutions worldwide have encountered the issue of cyber- attacks and the peril associated with wireless communication technology. The modern society heavily relies on electronic technology, and safeguarding this data from cyber-attacks poses a formidable challenge. Cyber-attacks are intended to inflict financial harm onto companies. Cyber- attacks may serve military or political objectives in certain instances. Some examples of these damages include PC infections, knowledge breaches, data distribution service (DDS), and other attack routes. For this purpose, different companies employ diverse strategies to mitigate the harm caused by cyber-attacks. Cybersecurity monitors up-to-date information on the most recent IT data. Researchers worldwide have proposed several techniques to prevent cyber-attacks or mitigate their impact. Several approaches are currently in the operational phase, while others are still in the study phase. The objective of this study is to conduct a thorough examination and evaluation of the latest advancements in the field of cyber security, with the purpose of identifying and analyzing the problems, vulnerabilities, and strengths of the proposed methodologies. A comprehensive analysis is conducted on several forms of novel descendant attacks. The discussion revolves around conventional security frameworks, encompassing their historical context and early-generation approaches to cyber-security. Furthermore, this report presents the latest advancements and developing patterns in the field of cyber security, as well as the current problems and risks to security. The comprehensive review study offered for IT and cyber security researchers is anticipated to be beneficial.

Moatsum Alawida,Abiodun Esther Omolara,Oludare Isaac Abiodun,Murad Al-Rajab

DOI: https://doi.org/10.1016/j.jksuci.2022.08.003

Abstract:This study analyzed the Coronavirus (COVID-19) crisis from the angle of cyber-crime, highlighting the wide spectrum of cyberattacks that occurred around the world. The modus operandi of cyberattack campaigns was revealed by analyzing and considering cyberattacks in the context of major world events. Following what appeared to be substantial gaps between the initial breakout of the virus and the first COVID-19-related cyber-attack, the investigation indicates how attacks became significantly more frequent over time, to the point where three or four different cyber-attacks were reported on certain days. This study contributes in the direction of fifteen types of cyber-attacks which were identified as the most common pattern and its ensuing devastating events during the global COVID-19 crisis. The paper is unique because it covered the main types of cyber-attacks that most organizations are currently facing and how to address them. An intense look into the recent advances that cybercriminals leverage, the dynamism, calculated measures to tackle it, and never-explored perspectives are some of the integral parts which make this review different from other present reviewed papers on the COVID-19 pandemic. A qualitative methodology was used to provide a robust response to the objective used for the study. Using a multi-criteria decision-making problem-solving technique, many facets of cybersecurity that have been affected during the pandemic were then quantitatively ranked in ascending order of severity. The data was generated between March 2020 and December 2021, from a global survey through online contact and responses, especially from different organizations and business executives. The result show differences in cyber-attack techniques; as hacking attacks was the most frequent with a record of 330 out of 895 attacks, accounting for 37%. Next was Spam emails attack with 13%; emails with 13%; followed by malicious domains with 9%. Mobile apps followed with 8%, Phishing was 7%, Malware 7%, Browsing apps with 6%, DDoS has 6%, Website apps with 6%, and MSMM with 6%. BEC frequency was 4%, Ransomware with 2%, Botnet scored 2% and APT recorded 1%. The study recommends that it will continue to be necessary for governments and organizations to be resilient and innovative in cybersecurity decisions to overcome the current and future effects of the pandemic or similar crisis, which could be long-lasting. Hence, this study's findings will guide the creation, development, and implementation of more secure systems to safeguard people from cyber-attacks.

Changsok Yoo,Byung-Tak Kang,Huy Kang Kim

DOI: https://doi.org/10.1007/s11042-014-1888-3

IF: 2.577

2014-02-14

Multimedia Tools and Applications

Abstract:The security risk of internet banking has increased rapidly as internet banking services have become commonly used by the public. Among the various security methods, OTP (one time password) is known as one of the strongest methods for enforcing security, and it is now widely used in internet banking services. However, attack methods which can detour OTP have been developed that additional security for OTP is now needed. In this study, we discovered that a new kind of attack through OTP is theoretically possible through an analysis of the currently implemented OTP system and known attack methods. Based on our theory, we tested the new attack method on Korean internet banking services, and empirically proved that it could effectively detour around all of the currently implemented OTP security systems in Korea. To prevent this, we also suggested solutions based on the root cause analysis of the OTP vulnerabilities.

computer science, information systems, theory & methods,engineering, electrical & electronic, software engineering

DOI: https://doi.org/10.54060/a2zjournals.jase.42

2024-01-01

Abstract:Due to the quick development of technology, the digital age has brought with it ad-vantages never before seen, but it has also opened the door to a flood of new cyber security concerns. This study offers detailed analysis of the cyber threat environment in the digital era along with suggestions for doable protective measures. The report outlines a number of cyber threats, including malware, phishing scams, ransomware, and insider threats. It looks at the continually evolving tactics employed by cyber-criminals, such as social engineering, zero-day flaws, and sophisticated persistent threats. The growing hazards associated with cutting-edge technology, such as the Internet of Things (IoT), cloud computing, and artificial intelligence, are also exam-ined. The importance of a multi-layered security strategy to counter these attacks is emphasized in the article. Among the important preventative measures that are presented are robust network security, secure coding methodologies, user awareness training, encryption, access controls, and incident response planning. It also high-lights how crucial it is for people, businesses, and governments to collaborate in or-der to confront cyber risks. By using the recommended solutions and promoting a culture of cyber security awareness, people and organizations may navigate the dig-ital age with confidence and protect themselves from the continuously evolving environment of cyber risks.

Ahmed Sleem,

DOI: https://doi.org/10.54216/jcim.100204

2022-01-01

Journal of Cybersecurity and Information Management

Abstract:The digital age has ushered in a new era of connectivity and opportunity. However, it has also made us more vulnerable to cyber threats. In recent years, we have seen a rise in the number and sophistication of cyberattacks. These attacks can have a devastating impact on businesses, governments, and individuals. This paper provides a comprehensive overview of cybersecurity threats and countermeasures. It begins by discussing the different types of cybersecurity threats, including malware, phishing, denial-of-service attacks, and data breaches. The paper then discusses the different types of cybersecurity countermeasures, including firewalls, antivirus software, and intrusion detection systems. The paper concludes by discussing strategies for mitigating risks in the digital age including 1) Investing in cybersecurity solutions, 2) Educating employees about cybersecurity best practices, and 3) Having a plan in place to respond to cyberattacks. By following these strategies, businesses, governments, and individuals can help to protect themselves from cyber threats.

Kashif Ishaq,Sidra Fareed

2023-08-26

Abstract:In the wake of the arrival of digital media, the Internet, the web, and online social media, a flood of new cyber security research questions have emerged. There is a lot of money being lost around the world because of cyber-attacks. As a result, cyber security has emerged as one of the world's most complex and pressing issues. Cyber security experts from both industry and academia institutions are now analyzing current cyber-attacks occurring around the world and developing various strategies to defend systems from possible cyber-threats and attacks. This paper examines recent cyber security attacks as well as the financial losses incurred as a result of the growing number of cyber-attacks. Our findings indicate that the majority of the research chosen for this study focused solely on a small number of widespread security flaws, such as malware, phishing, and denial-of-service attacks. A total of over 50 major studies that have been published in reputable academic journals and conferences have been chosen for additional examination. A taxonomy of cyber-attacks elements that is based on the context of use in various environments has also been suggested, in addition to a review of the most recent studies on countermeasures for cyber-attacks being the state of the art. Lastly, the research gaps in terms of open issues have been described in order to offer potential future directions for the researchers working in the field of cyber security.

Cryptography and Security

Osama Hussien,Usman Butt,Rejwan Bin Sulaiman

2023-10-02

Abstract:Individuals, businesses, and governments all face additional difficulties because of the rise of sophisticated cyberattack attacks. This paper investigates the targeting of journalists and activists by the malware Pegasus. To gain a deeper understanding of the tactics utilized by cybercriminals and the vulnerabilities that facilitate their scope, this research looks on numerous occurrences and identifies recurring patterns in the strategies, methods, and practices employed. In this paper, a comprehensive analysis is conducted on the far-reaching consequences of these attacks for cybersecurity policy, encompassing the pressing need for enhanced threat intelligence sharing mechanisms, the implementation of more resilient incident response protocols, and the allocation of greater financial resources towards the advancement of cybersecurity research and development initiatives. The research also discusses how Pegasus will affect SCADA systems and critical infrastructure, and it describes some of the most important tactics that businesses may use to reduce the danger of cyberattacks and safeguard themselves against the 21st century's growing threats. The extent of Pegasus spyware, which can access various data and communications on mobile devices running iOS and Android potentially jeopardise the civil rights and privacy of journalists, activists, and political leaders throughout the world, was found to be worrying

Cryptography and Security

Maria Bada,Jason R. C. Nurse

DOI: https://doi.org/10.48550/arXiv.1909.13256

2019-09-29

Computers and Society

Abstract:Cyber-attacks have become as commonplace as the Internet itself. Each year, industry reports, media outlets and academic articles highlight this increased prevalence, spanning both the amount and variety of attacks and cybercrimes. In this article, we seek to further advance discussions on cyber threats, cognitive vulnerabilities and cyberpsychology through a critical reflection on the social and psychological aspects related to cyber-attacks. In particular, we are interested in understanding how members of the public perceive and engage with risk and how they are impacted during and after a cyber-attack has occurred. This research focuses on key cognitive issues relevant to comprehending public reactions to malicious cyber events including risk perception, protection motivation, culture, and attacker characteristics (e.g., attacker identity, target identity and scale of attack). To consider the applicability of our findings, we investigate two significant cyber-attacks over the last few years, namely the WannaCry attack of 2017 and the Lloyds Banking Group attack in the same year.

Mazaher Kianpour

DOI: https://doi.org/10.48550/arXiv.2103.04901

2021-03-08

Cryptography and Security

Abstract:Increased connectivity has made us all more vulnerable. Cyberspace, besides all its benefits, spawned more devices to hack and more opportunities to commit cybercrime. Criminals have found it lucrative to target both individuals and businesses, by holding or stealing their assets via different types of cyber attacks. The cyber-enabled theft of Intellectual Property (IP), as one of the most important and critical intangible assets of nations, organizations and individuals, by foreign countries has been a devastating challenge of the United States (U.S.) in the past decades. In this study, we conduct a socio-technical root cause analysis to investigate one of the recent cases of IP theft by employing a holistic approach. It concludes with a list of root causes and some corrective actions to stop the impact and prevent the recurrence of the problem in the future. Building upon the findings of this study, the U.S. requires a detailed revision of IP strategies bringing the whole socio-technical regulatory system into focus and strengthen IP rights protection considering China's indigenous innovation policies. It is critical that businesses and other organizations take steps to reduce their exposure to cyber attacks. It is particularly important to train employees on how to spot potential threats, and to institute policies that encourage workers to report potential security failures so that action can be taken quickly. Finally, we discuss how cyber ranges can provide an efficient and safe platform for dealing with such challenges. The results of this study can be expanded to other countries in order to protect their IP rights and deter or prevent and respond to future incidents.

Jinwoo Kim,Minjae Seo,Seungsoo Lee,Jaehyun Nam,Vinod Yegneswaran,Phillip Porras,Guofei Gu,Seungwon Shin

DOI: https://doi.org/10.1016/j.comnet.2024.110203

IF: 5.493

2024-01-26

Computer Networks

Abstract:Over the last 15 years, Software-Defined Networking (SDN) has gained widespread support from both research communities and the industry owing to its open nature and programmability. This paradigm empowers stakeholders, including researchers, practitioners, and developers, to craft innovative networking services using robust APIs and a global network view, free from reliance on vendor-dependent control planes. However, the flexible architecture of SDN has introduced a plethora of security challenges absent in traditional network environments. While many surveys have presented existing attacks, there has been a lack of systematization of attacks from a penetration perspective, which is crucial for understanding attacks and their root causes. This paper aims to analyze previous literature that has disclosed attack cases in SDN, scrutinizing their vulnerabilities, penetration routes, and root causes. Additionally, we provide an in-depth and comprehensive discussion of the underlying problems associated with these attacks and present defenses proposed by researchers to mitigate them, analyzing how the root causes are remedied. Through this study, we aim to illuminate existing security issues within the current SDN architecture, prompting a reevaluation of various security problems and providing a future research guideline for SDN security.

computer science, information systems,telecommunications,engineering, electrical & electronic, hardware & architecture

Ekzhin Ear,Jose L. C. Remy,Antonia Feffer,Shouhuai Xu

DOI: https://doi.org/10.48550/arXiv.2309.04878

2023-09-10

Abstract:Cybersecurity of space systems is an emerging topic, but there is no single dataset that documents cyber attacks against space systems that have occurred in the past. These incidents are often scattered in media reports while missing many details, which we dub the missing-data problem. Nevertheless, even "low-quality" datasets containing such reports would be extremely valuable because of the dearth of space cybersecurity data and the sensitivity of space systems which are often restricted from disclosure by governments. This prompts a research question: How can we characterize real-world cyber attacks against space systems? In this paper, we address the problem by proposing a framework, including metrics, while also addressing the missing-data problem, by "extrapolating" the missing data in a principled fashion. To show the usefulness of the framework, we extract data for 72 cyber attacks against space systems and show how to extrapolate this "low-quality" dataset to derive 4,076 attack technique kill chains. Our findings include: cyber attacks against space systems are getting increasingly sophisticated; and, successful protection against on-path and social engineering attacks could have prevented 80% of the attacks.

Cryptography and Security

Jieun Lee,JaeHoon Yoo,Jiho Lee,Yura Choi,Seong Ki Yoo,JaeSeung Song

DOI: https://doi.org/10.1109/mnet.2024.3382969

IF: 10.294

2024-01-01

IEEE Network

Abstract:Since 2008, the Korean government has instituted network separation technology, which physically isolates external internet networks from internal networks, aiming to thwart cyber-attacks. Consequently, the domestic financial sector was largely unaffected during global crises (2017 WannaCry ransomware outbreak and the 2021 Log4j vulnerability incident). However, there exist certain vulnerabilities owing to the presumption of their relative safety against cyber intrusions and the integration of cloud and Internet of Things (IoT) technologies in the current smart revolution. The existing network separation measures only mitigate one facet of potential cyber threats, rendering a comprehensive defense elusive. The rise of “air-gap” attacks, which exploit the isolated space between closed and external networks to illicitly transfer data and the existing research primarily substantiating the potential for data breaches from closed networks to their external counterparts are problems yet to be addressed. Thus, our study proposed a tangible optical air-gap attack methodology, harnessing readily available optical mediums within closed networks. Intricate measurement metrics that consider vital factors of the transmission environment were proposed. Moreover, acknowledging the proliferating integration of IoT devices, such as smart bulbs, to facilitate automation within closed networks, this study demonstrated the viability of optical air-gap attacks using these devices.

computer science, information systems,telecommunications,engineering, electrical & electronic, hardware & architecture

Ömer Aslan,Semih Serkant Aktuğ,Merve Ozkan-Okay,Abdullah Asim Yilmaz,Erdal Akin

DOI: https://doi.org/10.3390/electronics12061333

IF: 2.9

2023-03-12

Electronics

Abstract:Internet usage has grown exponentially, with individuals and companies performing multiple daily transactions in cyberspace rather than in the real world. The coronavirus (COVID-19) pandemic has accelerated this process. As a result of the widespread usage of the digital environment, traditional crimes have also shifted to the digital space. Emerging technologies such as cloud computing, the Internet of Things (IoT), social media, wireless communication, and cryptocurrencies are raising security concerns in cyberspace. Recently, cyber criminals have started to use cyber attacks as a service to automate attacks and leverage their impact. Attackers exploit vulnerabilities that exist in hardware, software, and communication layers. Various types of cyber attacks include distributed denial of service (DDoS), phishing, man-in-the-middle, password, remote, privilege escalation, and malware. Due to new-generation attacks and evasion techniques, traditional protection systems such as firewalls, intrusion detection systems, antivirus software, access control lists, etc., are no longer effective in detecting these sophisticated attacks. Therefore, there is an urgent need to find innovative and more feasible solutions to prevent cyber attacks. The paper first extensively explains the main reasons for cyber attacks. Then, it reviews the most recent attacks, attack patterns, and detection techniques. Thirdly, the article discusses contemporary technical and nontechnical solutions for recognizing attacks in advance. Using trending technologies such as machine learning, deep learning, cloud platforms, big data, and blockchain can be a promising solution for current and future cyber attacks. These technological solutions may assist in detecting malware, intrusion detection, spam identification, DNS attack classification, fraud detection, recognizing hidden channels, and distinguishing advanced persistent threats. However, some promising solutions, especially machine learning and deep learning, are not resistant to evasion techniques, which must be considered when proposing solutions against intelligent cyber attacks.

engineering, electrical & electronic,computer science, information systems,physics, applied

Saman Iftikhar

DOI: https://doi.org/10.7717/peerj-cs.1772

2024-01-16

PeerJ Computer Science

Abstract:An act of cyberterrorism involves using the internet and other forms of information and communication technology to threaten or cause bodily harm to gain political or ideological power through threat or intimidation. Data theft, data manipulation, and disruption of essential services are all forms of cyberattacks. As digital infrastructure becomes more critical and entry barriers for malicious actors decrease, cyberterrorism has become a growing concern. Detecting, responding, and preventing this crime presents unique challenges for law enforcement and governments, which require a multifaceted approach. Cyberterrorism can have devastating effects on a wide range of people and organizations. A country's reputation and stability can be damaged, financial losses can occur, and in some cases, even lives can be lost. As a result of cyberattacks, critical infrastructure, such as power grids, hospitals, and transportation systems, can also be disrupted, leading to widespread disruptions and distress. The past ten years have seen several cyber-attacks around the globe including WannaCry attack (2017), Yahoo data breaches (2013–2014), OPM data breach (2015), SolarWinds supply chain attack (2020) etc. This study covers some of the cyberterrorism events that have happened in the past ten years, their target countries, their devastating effects, their impacts on nation's economy, political instability, and measures adopted to counter them over the passage of time. Our survey-based research on cyberterrorism will complement existing literature by providing valuable empirical data, understanding of perceptions and awareness, and insights into targeted populations. It can contribute to the development of better measurement tools, strategies, and policies for countering cyberterrorism.

computer science, information systems, artificial intelligence, theory & methods