Search results
1 – 10 of 71
INT: LockBit disruption to unsettle ransomware market
Details
DOI: 10.1108/OXAN-ES285353
ISSN: 2633-304X
Keywords
Geographic
Topical
These trends include the rise in ‘double extortion’ ransomware attacks and supply chain attacks to obtain sensitive data and infiltrate computer networks through widely used…
Details
DOI: 10.1108/OXAN-DB286990
ISSN: 2633-304X
Keywords
Geographic
Topical
Shreya Sangal, Gaurav Duggal and Achint Nigam
The purpose of this research paper is to review and synthesize the role of blockchain technology (BCT) in various types of illegal activities, including but not limited to fraud…
Abstract
Purpose
The purpose of this research paper is to review and synthesize the role of blockchain technology (BCT) in various types of illegal activities, including but not limited to fraud, money laundering, ransomware attacks, firearms, drug tracking, cyberattacks, identity theft and scams.
Design/methodology/approach
The authors conducted a review of studies related to illegal activities using blockchain from 2015 to 2023. Next, a thematic review of the literature was performed to see how these illegal activities were conducted using BCT.
Findings
Through this study, the authors identify the relevant themes that highlight the major illegal activities performed using BCT, its possible steps for prevention and the opportunities for future developments. Finally, the authors provide suggestions for future research using the theory, context and method framework.
Originality/value
No other research has synthesized the illegal activities using BCT through a thematic approach to the best of the authors’ knowledge. Hence, this study will act as a starting point for future research for academic and technical practitioners in this area.
Details
Keywords
Fabian Maximilian Johannes Teichmann and Chiara Wittmann
The threat of cybercrime is pervasive. Corporations cannot be convinced, out of sheer luck or naïve conviction, that they will remain unaffected. When targeted, the stark reality…
Abstract
Purpose
The threat of cybercrime is pervasive. Corporations cannot be convinced, out of sheer luck or naïve conviction, that they will remain unaffected. When targeted, the stark reality is that a company also incurs a liability risk. This paper aims to explore the boundaries of liability resulting from a data breach and privacy concerns according to the emerging regulations on cybersecurity.
Design/methodology/approach
The nature of cybercrime and its constant evolution is analysed as a threat of liability. Its distinctly modern developments require consideration. In response to the threat of hackers, the protection that a corporation can invoke is also considered as a mitigating factor in ascribing liability.
Findings
Preventative steps to protect a corporation from cyberthreats must remain a consistent priority in the running of a company. The influence of human behaviour has become a foreseeable element in cybersecurity and as such the management of unreliable user behaviour is a key determining factor in ascribing liability in hindsight.
Originality/value
Foresight is everything in the prevention of cyberattacks. Cyberattacks can no longer be dismissed as an unlikely eventuality. Legislation on data security and data privacy is demanding higher standards of preventative action, under the duty of care to stakeholders. There is a substantial literature deficit on data security and data liability regulations in light of the liability risk incurred by cyberattacks.
Details
Keywords
The study provides a comprehensive understanding of the issues and illegal activities related to cryptocurrencies and their negative repercussions. This study aims to identify and…
Abstract
Purpose
The study provides a comprehensive understanding of the issues and illegal activities related to cryptocurrencies and their negative repercussions. This study aims to identify and classify cryptocurrency downsides using grounded theory and in-depth interviews. The study also analysed investors’ reluctance to invest in cryptocurrency. This pioneering qualitative study illuminates a deep and multifaceted criminal aspect of cryptocurrency.
Design/methodology/approach
The study conducted in-depth interviews with respondents who have experience and knowledge of cryptocurrency investments. The interviews were recorded and transcribed. The analysis was performed using the NVivo 14 software in the study.
Findings
The study specified two major types of cryptocurrency’s negative aspects: barriers and illegal usage. Barriers to cryptocurrency investment include technological, security, trust, market-related and regulatory reasons. Terrorist funding, money laundering, fraud and ransom payments are all examples of illegal usage. The results of the word cloud analysis are consistent with the overall findings of the survey, which highlighted illegal usage as a prominent negative element of cryptocurrencies. It is a key reason why cryptocurrency is not included in investing portfolios by investors.
Originality/value
The study’s findings provide useful insights for policymakers to develop better methods for successfully mitigating risks and ensuring responsible and sustainable usage of cryptocurrencies. In addition, the study could serve as a stepping stone for more cryptocurrency-related studies, contributing to the development of a more complete and nuanced comprehension of this emergent technology and its societal effects.
Details
Keywords
The attack exposed significant vulnerabilities in the global market for US Treasuries. It also signals that Chinese organisations, especially those that do business in the United…
Details
DOI: 10.1108/OXAN-DB283591
ISSN: 2633-304X
Keywords
Geographic
Topical
Derek L. Nazareth, Jae Choi and Thomas Ngo-Ye
This paper aims to examine the conditions under which small and medium enterprises (SMEs) invest in security services when they migrate their e-commerce applications to the cloud…
Abstract
Purpose
This paper aims to examine the conditions under which small and medium enterprises (SMEs) invest in security services when they migrate their e-commerce applications to the cloud environment. Using a risk management perspective, the paper assesses the impact of security service pricing, security incident prevalence and virulence to estimate SME security spending at the market level and draw out implications for SMEs and security service providers.
Design/methodology/approach
Security risks are inherently characterized by uncertainty. This study uses a Monte Carlo approach to understand the role of uncertainty in the decision to adopt security services. A model relating key security constructs is assembled based on key constructs from the domain. By manipulating security service costs and security incident types, the model estimates the market-level adoption of services, security incidents and damages incurred, along with measures of their relative dispersion.
Findings
Three key findings emerge from this study. First, adoption of services and protection is higher when tiered security services are provided, indicating that SMEs prefer to choose their security services rather than accept uniformly priced products. Second, SMEs are considered price-sensitive, resulting in a maximum level of spending in the market. Third, results indicate that security incidents and damages can be much higher than the mean in some cases, and this should serve as a cautionary note to SMEs.
Originality/value
Security spending has been modeled at the firm level. Adopting a market-level perspective represents a novel contribution. Additionally, the Monte Carlo approach provides managers with tangible measures of uncertainty, affording additional information and insight when making security service adoption decisions.
Details
Keywords
INT: Cybersecurity risks and costs of hospitals rise
Details
DOI: 10.1108/OXAN-ES285541
ISSN: 2633-304X
Keywords
Geographic
Topical
Jialiang Xie, Shanli Zhang, Honghui Wang and Mingzhi Chen
With the rapid development of Internet technology, cybersecurity threats such as security loopholes, data leaks, network fraud, and ransomware have become increasingly prominent…
Abstract
Purpose
With the rapid development of Internet technology, cybersecurity threats such as security loopholes, data leaks, network fraud, and ransomware have become increasingly prominent, and organized and purposeful cyberattacks have increased, posing more challenges to cybersecurity protection. Therefore, reliable network risk assessment methods and effective network security protection schemes are urgently needed.
Design/methodology/approach
Based on the dynamic behavior patterns of attackers and defenders, a Bayesian network attack graph is constructed, and a multitarget risk dynamic assessment model is proposed based on network availability, network utilization impact and vulnerability attack possibility. Then, the self-organizing multiobjective evolutionary algorithm based on grey wolf optimization is proposed. And the authors use this algorithm to solve the multiobjective risk assessment model, and a variety of different attack strategies are obtained.
Findings
The experimental results demonstrate that the method yields 29 distinct attack strategies, and then attacker's preferences can be obtained according to these attack strategies. Furthermore, the method efficiently addresses the security assessment problem involving multiple decision variables, thereby providing constructive guidance for the construction of security network, security reinforcement and active defense.
Originality/value
A method for network risk assessment methods is given. And this study proposed a multiobjective risk dynamic assessment model based on network availability, network utilization impact and the possibility of vulnerability attacks. The example demonstrates the effectiveness of the method in addressing network security risks.
Details
Keywords
UK: Cybersecurity of UK infrastructure may tighten