Search results

Various organizational landscapes have evolved to improve their business processes, increase production speed and reduce the cost of distribution and have integrated their Internet with small and medium scale enterprises (SMEs) and third-party vendors to improve business growth and increase global market share, including changing organizational requirements and business process collaborations. Benefits include a reduction in the cost of production, online services, online payments, product distribution channels and delivery in a supply chain environment. However, the integration has led to an exponential increase in cybercrimes, with adversaries using various attack methods to penetrate and exploit the organizational network. Thus, identifying the attack vectors in the event of cyberattacks is very important in mitigating cybercrimes effectively and has become inevitable. However, the invincibility nature of cybercrimes makes it challenging to detect and predict the threat probabilities and the cascading impact in an evolving organization landscape leading to malware, ransomware, data theft and denial of service attacks, among others. The paper explores the cybercrime threat landscape, considers the impact of the attacks and identifies mitigating circumstances to improve security controls in an evolving organizational landscape.

The approach follows two main cybercrime framework design principles that focus on existing attack detection phases and proposes a cybercrime mitigation framework (CCMF) that uses detect, assess, analyze, evaluate and respond phases and subphases to reduce the attack surface. The methods and implementation processes were derived by identifying an organizational goal, attack vectors, threat landscape, identification of attacks and models and validation of framework standards to improve security. The novelty contribution of this paper is threefold: first, the authors explore the existing threat landscapes, various cybercrimes, models and the methods that adversaries are deploying on organizations. Second, the authors propose a threat model required for mitigating the risk factors. Finally, the authors recommend control mechanisms in line with security standards to improve security.

The results show that cybercrimes can be mitigated using a CCMF to detect, assess, analyze, evaluate and respond to cybercrimes to improve security in an evolving organizational threat landscape.

The paper does not consider the organizational size between large organizations and SMEs. The challenges facing the evolving organizational threat landscape include vulnerabilities brought about by the integrations of various network nodes. Factor influencing these vulnerabilities includes inadequate threat intelligence gathering, a lack of third-party auditing and inadequate control mechanisms leading to various manipulations, exploitations, exfiltration and obfuscations.

Attack methods are applied to a case study for the implementation to evaluate the model based on the design principles. Inadequate cyber threat intelligence (CTI) gathering, inadequate attack modeling and security misconfigurations are some of the key factors leading to practical implications in mitigating cybercrimes.

There are no social implications; however, cybercrimes have severe consequences for organizations and third-party vendors that integrate their network systems, leading to legal and reputational damage.

The paper’s originality considers mitigating cybercrimes in an evolving organization landscape that requires strategic, tactical and operational management imperative using the proposed framework phases, including detect, assess, analyze, evaluate and respond phases and subphases to reduce the attack surface, which is currently inadequate.

This study assesses the factors influencing customers’ intention to adopt e-banking in the context of the technology acceptance model and the moderation role of cybercrime.

The variables in the study are measured using a five-point Likert scale with measures adopted from existing literature. The independent variables are perceived ease of use, perceived usefulness and security and privacy. These are postulated to be moderated by the perceived risk of cybercrime and to influence e-banking adoption intentions. A quantitative approach is used. Primary data are collected from a sample of 209 randomly selected bank customers. The study uses a two-step (measurement model and structural model) approach to data analysis.

The key findings in this study are that perceived risk of cybercrime strengthens the positive relationship between perceived ease of use and e-banking adoption intentions but dampens or weakens the positive relationship between perceived usefulness and customers’ e-banking adoption intentions. The study makes several recommendations to inform scholarship, policy and practice.

Unlike existing literature, the study makes a unique contribution by including perceived risk of cybercrime as a moderating variable of theoretical significance in the relationship between adoption of e-banking and its determinants.

Violence against women and girls is globally prevalent. Overcoming it is a prerequisite for attaining gender equality and achieving sustainable development. The United Nation's 2030 Agenda for Sustainable Development considers technology as a means to combat violence against women and girls, and there is ample evidence on the positive impact of technology in combating violence. At the same time, however, technology can promote and perpetrate new forms of violence. Research shows that more than 70% of women and girls online are exposed to forms of cyber violence. Most of these cases remain unreported.

This chapter argues that technology contributes to increasing cyber violence against women and girls which in turn leads to severe social and economic implications affecting them. It also argues that legislative and policy reforms can limit this type of violence while enabling women and girls to leverage technology for empowerment. It highlights cases of cyber violence in the Arab region and provides an overview of applicable legislative frameworks. The chapter concludes with recommended policy reforms and measures to strengthen and harmonize efforts to combat cyber violence against women and girls in the Arab region.

This paper aims to shed light into money laundering using bitcoin. Digital payment methods are increasingly used by criminals to launder money obtained through cybercrime. As many forms of cybercrime are motivated by profit, a solid cash-out strategy is required to ensure that crime proceeds end up with the criminals themselves without an incriminating money trail. The authors examine how cybercrime proceeds can be laundered using services that are offered on the Dark Web.

Focusing on service-percentages and reputation-mechanisms in underground bitcoin laundering services, this paper presents the results of a cash-out experiment in which five mixing and five exchange services are included.

Some of the examined services provide an excellent, professional and well-reviewed service at competitive cost. Whereas others turned out to be scams, accepting bitcoin but returning nothing in return.

The authors discuss what these findings mean to law enforcement, and how bitcoin laundering chains could be disrupted.

These cash-out strategies are increasingly facilitated by cryptocurrencies, mainly bitcoin. Bitcoins are already relatively anonymous, but with the rise of specialised bitcoin money laundering services on the Dark Web, laundering money in the form of bitcoins becomes available to a wider audience.

The purpose of this study is to assess the impact of cyberfraud in the South African banks with the aim to provide recommendations to effectively mitigate it.

The study uses a qualitative approach involving the use of structured questionnaires. The questionnaires were made available to the staff of 17 licensed banks in South Africa who deal with management, operation, administration and banking services. Two hypotheses were formulated and non-parametric statistical analyses involving the use of Chi-square test, Fischer’s Exact test and Spearman’s correlation were carried out. The two hypotheses formulated were tested to draw a conclusion.

The results obtained indicate that the impact of cyberfraud in the South African banking industry is highly significant and has affected the reputation of some of the banks. This calls for the need to review the diverse ways of curbing cyberfraud to lessen their impact and that of associated fraud risks on the banking operation.

This study provides an analysis on the relationship cyberfraud occurrences and the reputation of South African banks. The implementation of the recommendations may reinforce the existing security measures in the fight against cyberfraud.

The novelty of this study lies in the fact that the assessment of the impact of cyberfraud on the banking industry in South Africa has not been sufficiently highlighted by the existing literature.

This paper aims to examine the legal challenges to electronic banking and initiatives taken to address them in Tanzania. It is based on the results of a comparative analysis of policies and laws of other countries from which Tanzania can pick a leaf on how to deal with challenges brought by information and communication technology-induced innovations in the banking sector.

The study upon which this paper is based employed comparative analysis methods by analysing different policies and laws of Tanzania in line with attendant laws of other jurisdictions such as the USA, Malaysia, South Africa, Rwanda and Kenya and international instruments in a bid to establish the best practice pertaining to controlling and containing legal challenges brought by developments in electronic banking.

This paper confirms that, the prevailing laws guiding electronic banking in Tanzania do not adequately address the challenges the banks and customers face during electronic banking transactions. Thus, there is a need to amend the Tanzanian laws guiding this sector to put in place legislation capable of facilitating the development of electronic banking whilst addressing the associated challenges the users encounter.

This paper underscores the value of amending existing or enacting new laws in line with the development of technology/innovation to protect consumers in nascent electronic banking of the country. Moreover, it advocates for the development of innovation in banking sector should not be left to grow without amending/enacting laws that will promote its development and at the same time protect the users to avoid far-reaching and often unpleasant implications.

The purpose of the study is to identify cybersecurity threats that hinder the adoption of digital banking and provide sustainable strategies to combat cybersecurity risks in the banking industry.

Systematic literature review guidelines were used to conduct a quantitative synthesis of empirical evidence regarding the impact of cybersecurity threats and risks on the adoption of digital banking.

A total of 84 studies were initially examined, and after applying the selection and eligibility criteria for this systematic review, 58 studies were included. These selected articles consistently identified identity theft, malware attacks, phishing and vishing as significant cybersecurity threats that hinder the adoption of digital banking.

With the country’s banking sector being new in this area, this study contributes to the scant literature on cyber security, which is mostly in need due to the myriad breaches that the industry has already suffered thus far.

This paper aims to identify impediments, discuss impediments and make recommendations for the impediments during the execution of a search and seizure warrant for digital evidence in South African criminal cases.

The discussion of this article, the second article of two, focuses on a literature review of international and local impediments identified in case law and published research literature and how it is approached in various jurisdictions.

This study found that impediments identified and addressed internationally during the execution of a search and seizure warrant for digital evidence are relevant to South African criminal cases and still need to be addressed during the execution of a search and seizure warrant for digital evidence in South African criminal cases.

Although searches and seizures for digital evidence are relevant to civil, regulatory and criminal investigations, this study focuses on the search and seizure for digital evidence in criminal matters with an emphasis on the provisions of the Criminal Procedure Act 51 of 1977 and the Cybercrimes Act 19 of 2020.

The originality of this paper lies in the procedures followed during the physical search and seizure of digital information during the execution of search and seizure warrants for digital information in South Africa. If the South African Police Service follows the recommended procedures, it will contribute to the success of the South African Police Service, which would result in the improved quality of investigations and successful prosecution of crime in South Africa.