Search results

1 – 4 of 4
Article
Publication date: 4 July 2023

Benjamin Scott

This paper aims to examine the history of data leaks and investigative journalism, the techniques and technology that enable them and their influence in Australia and abroad. It…

Abstract

Purpose

This paper aims to examine the history of data leaks and investigative journalism, the techniques and technology that enable them and their influence in Australia and abroad. It explores the ethical and professional considerations of investigative journalists, how they approach privacy and information-sharing and how this differs from intelligence practice in government and industry. The paper assesses the strengths and limitations of Collaborative Investigative Reporting based on Information Leaks (CIRIL) as a kind of public-facing intelligence practice.

Design/methodology/approach

This study draws on academic literature, source material from investigations by the International Consortium of Investigative Journalists and the Organised Crime and Corruption Reporting Project, and a survey of financial crime compliance professionals conducted in 2022.

Findings

The paper identifies three key causal factors that have enabled the rise of CIRIL even as traditional journalism has declined: the digital storage of information; increasing public interest in offshore finance and tax evasion; and “virtual newsrooms” enabled by internet communications. It concludes that the primary strength of CIRIL is its creation of complex global narratives to inform the public about corruption and tax evasion, while its key weakness is that the scale and breadth of the data released makes it difficult to focus on likely criminal activity. Results of a survey of industry and government professionals indicate that CIRIL is generally more effective as public information than as an investigative resource, owing to the volume, age and quality of information released. However, the trends enabling CIRIL are likely to continue, and this means that governments and financial institutions need to become more effective at using leaked information.

Originality/value

Over the past decade, large-scale, data-driven investigative journalism projects such as the Pandora Papers and the Russian Laundromat have had a significant public impact by exposing money laundering, financial crime and corruption. These projects share certain hallmarks: the use of human intelligence, often sourced from anonymous leaks; inventive fusion of this intelligence with data from open sources; and collaboration among a global collective of investigative journalists to build a narrative. These projects prioritise informing the public. They are also an important information source for government and private sector organisations working to investigate and disrupt financial crime.

Details

Journal of Financial Crime, vol. ahead-of-print no. ahead-of-print
Type: Research Article
ISSN: 1359-0790

Keywords

Content available
Book part
Publication date: 25 October 2023

Abstract

Details

Technology and Talent Strategies for Sustainable Smart Cities
Type: Book
ISBN: 978-1-83753-023-6

Book part
Publication date: 25 October 2023

Ali Katouzian Bolourforoush and Hamid Jahankhani

Banking traces back to 2000 BC in Assyria, India and Sumeria. Merchants used to give grain loans to farmers and traders to carry goods between cities. In ancient Greece and Roman…

Abstract

Banking traces back to 2000 BC in Assyria, India and Sumeria. Merchants used to give grain loans to farmers and traders to carry goods between cities. In ancient Greece and Roman Empire, lenders in temples, provided loans, and accepted deposits while performed change of money. The archaeological evidence uncovered in India and China corroborates this. The major development in banking came predominantly in the mediaeval, Renaissance Italy, with the major cities Florence, Venice and Genoa being the financial centres. Technology has become an inherent and integral part of our lives. We are generating a huge amount of data in transfer, storage and usage, with greater demands of ubiquitous accessibility, inducing an enormous impact on industry and society. With the emergence of smarter cities and societies, the security challenges pertinent to data become greater, impending impact on the consumer protection and security. The aim of this chapter is to highlight if SSI and passwordless authentication using FIDO-2 protocol assuage security concerns such as authentication and authorisation while preserving the individual's privacy.

Details

Technology and Talent Strategies for Sustainable Smart Cities
Type: Book
ISBN: 978-1-83753-023-6

Keywords

Content available
Article
Publication date: 21 March 2023

Abel Yeboah-Ofori and Francisca Afua Opoku-Boateng

Various organizational landscapes have evolved to improve their business processes, increase production speed and reduce the cost of distribution and have integrated their…

Abstract

Purpose

Various organizational landscapes have evolved to improve their business processes, increase production speed and reduce the cost of distribution and have integrated their Internet with small and medium scale enterprises (SMEs) and third-party vendors to improve business growth and increase global market share, including changing organizational requirements and business process collaborations. Benefits include a reduction in the cost of production, online services, online payments, product distribution channels and delivery in a supply chain environment. However, the integration has led to an exponential increase in cybercrimes, with adversaries using various attack methods to penetrate and exploit the organizational network. Thus, identifying the attack vectors in the event of cyberattacks is very important in mitigating cybercrimes effectively and has become inevitable. However, the invincibility nature of cybercrimes makes it challenging to detect and predict the threat probabilities and the cascading impact in an evolving organization landscape leading to malware, ransomware, data theft and denial of service attacks, among others. The paper explores the cybercrime threat landscape, considers the impact of the attacks and identifies mitigating circumstances to improve security controls in an evolving organizational landscape.

Design/methodology/approach

The approach follows two main cybercrime framework design principles that focus on existing attack detection phases and proposes a cybercrime mitigation framework (CCMF) that uses detect, assess, analyze, evaluate and respond phases and subphases to reduce the attack surface. The methods and implementation processes were derived by identifying an organizational goal, attack vectors, threat landscape, identification of attacks and models and validation of framework standards to improve security. The novelty contribution of this paper is threefold: first, the authors explore the existing threat landscapes, various cybercrimes, models and the methods that adversaries are deploying on organizations. Second, the authors propose a threat model required for mitigating the risk factors. Finally, the authors recommend control mechanisms in line with security standards to improve security.

Findings

The results show that cybercrimes can be mitigated using a CCMF to detect, assess, analyze, evaluate and respond to cybercrimes to improve security in an evolving organizational threat landscape.

Research limitations/implications

The paper does not consider the organizational size between large organizations and SMEs. The challenges facing the evolving organizational threat landscape include vulnerabilities brought about by the integrations of various network nodes. Factor influencing these vulnerabilities includes inadequate threat intelligence gathering, a lack of third-party auditing and inadequate control mechanisms leading to various manipulations, exploitations, exfiltration and obfuscations.

Practical implications

Attack methods are applied to a case study for the implementation to evaluate the model based on the design principles. Inadequate cyber threat intelligence (CTI) gathering, inadequate attack modeling and security misconfigurations are some of the key factors leading to practical implications in mitigating cybercrimes.

Social implications

There are no social implications; however, cybercrimes have severe consequences for organizations and third-party vendors that integrate their network systems, leading to legal and reputational damage.

Originality/value

The paper’s originality considers mitigating cybercrimes in an evolving organization landscape that requires strategic, tactical and operational management imperative using the proposed framework phases, including detect, assess, analyze, evaluate and respond phases and subphases to reduce the attack surface, which is currently inadequate.

Details

Continuity & Resilience Review, vol. 5 no. 1
Type: Research Article
ISSN: 2516-7502

Keywords

1 – 4 of 4