scholarly journals Ransomware Attack: Rescue-checklist Cyber Security Awareness Program

2021 ◽  
Vol 3 (1) ◽  
Author(s):  
Mohammed Daffalla Elradi ◽  
Mohamed Hashim Mohamed ◽  
Mohammed Elradi Ali
Keyword(s):  
Cyber Security ◽  
Real Life ◽  
End Users ◽  
Sensitive Information ◽  
Security Awareness ◽  
Investment Company ◽  
Low Level ◽  
Awareness Program

Ransomware attacks have been spreading broadly in the last few years, where attackers deny users’ access to their systems and encrypt their files until they pay a ransom, usually in Bitcoin. Of course, that is the worst thing that can happen; especially for organizations having sensitive information. In this paper we proposed a cyber security awareness program intended to provide end-users with a rescue checklist in case of being attacked with a ransomware as well as preventing the attack and ways to recover from it. The program aimed at providing cyber security knowledge to 15 employees in a Sudanese trading and investment company. According to their cyber behaviour before the program, the participants showed a low level cyber security awareness that with 72% they are likely of being attacked by a ransomware from a phishing email, which is well known for spreading ransomware attacks. The results revealed that the cyber security awareness program greatly diminished the probability of being attacked by a ransomware with an average of 28%. This study can be used as a real-life ransomware attack rescue plan.

scholarly journals Cyber Security Awareness Among University Students: A Case Study

2020 ◽  
Vol 2 (1) ◽  
pp. 82-86
Author(s):  
Adamu Garba ◽  
Maheyzah Binti Sirat ◽  
Siti Hajar ◽  
Ibrahim Bukar Dauda
Keyword(s):  
University Students ◽  
Developing Country ◽  
Cyber Security ◽  
Cyber Attacks ◽  
Security Awareness ◽  
Quantitative Survey ◽  
Preliminary Results ◽  
Awareness Program ◽  
The University

This Case Study reports the preliminary results of a quantitative survey aimed to identify students' awareness and enthusiasm to learn cybersecurity in Nigerian Universities. The objective of the survey was to see how students in this developing country are aware of cyber-attacks and how they can mitigate the attacks and to find out if cybersecurity awareness program is part of the University program. The preliminary results indicated that the students claimed to have basic cybersecurity knowledge, but are not aware of how to protect their data. It also appears that most Universities do not have an active cybersecurity awareness program to improve students' knowledge on how to protect themselves from any threats. The surveyed students also show interest in learning more about cybersecurity.

scholarly journals Ciphertext-Policy Attribute-based Encryption with Hidden Sensitive Policy for Recruitment in Smart City

2020 ◽  
Author(s):  
Fei Meng ◽  
Leixiao Cheng ◽  
Mingqiang Wang
Keyword(s):  
Smart City ◽  
End Users ◽  
The Other ◽  
Sensitive Information ◽  
Security Model ◽  
Access Policy ◽  
Computational Overhead ◽  
Attribute Based Encryption ◽  
Ciphertext Policy ◽  
Access Policies

Abstract Smart city, as a promising technical tendency, greatly facilitates citizens and generates innumerable data, some of which is very private and sensitive. To protect data from unauthorized users, ciphertext-policy attribute-based encryption (CP-ABE) enables data owner to specify an access policy on encrypted data. However, There are two drawbacks in traditional CP-ABE schemes. On the one hand, the access policy is revealed in the ciphertext so that sensitive information contained in the policy is exposed to anyone who obtains the ciphertext. For example, both the plaintext and access policy of an encrypted recruitment may reveal the company's future development plan. On the other hand, the decryption time scales linearly with the complexity of the access, which makes it unsuitable for resource-limited end users. In this paper, we propose a CP-ABE scheme with hidden sensitive policy for recruitment in smart city. Specifically, we introduce a new security model chosen sensitive policy security: two access policies embedded in the ciphertext, one is public and the other is sensitive and fully hidden, only if user's attributes satisfy the public policy, it's possible for him/her to learn about the hidden policy, otherwise he/she cannot get any information (attribute name and its values) of it. When the user satisfies both access policies, he/she can obtain and decrypt the ciphertext. Compared with other CP-ABE schemes, our scheme supports a more expressive access policy, since the access policy of their schemes only work on the ``AND-gate'' structure. In addition, intelligent devices spread all over the smart city, so partial computational overhead of encryption of our scheme can be outsourced to these devices as fog nodes, while most part overhead in the decryption process is outsourced to the cloud. Therefore, our scheme is more applicable to end users with resource-constrained mobile devices. We prove our scheme to be selective secure under the decisional bilinear Diffie-Hellman (DBDH) assumption.

scholarly journals A conceptual framework for cyber security awareness and education in SA

2014 ◽  
Vol 52 ◽  
Author(s):  
Noluxolo Kortjan ◽  
Rossouw Von Solms
Keyword(s):  
South Africa ◽  
Cyber Security ◽  
Developed Countries ◽  
The Internet ◽  
Security Awareness ◽  
Key Factors ◽  
Primary Research ◽  
Daily Lives ◽  
Internet Users ◽  
Positive Effect

The Internet is becoming increasingly interwoven in the daily lives of many individuals, organisations and nations. It has, to a large extent, had a positive effect on the way people communicate. It has also introduced new avenues for business; and it has offered nations an opportunity to govern online. Nevertheless, although cyberspace offers an endless list of services and opportunities, it is also accompanied by many risks, of which many Internet users are not aware. As such, various countries have developed and implemented cyber-security awareness and education measures to counter the perceived ignorance of the Internet users. However, there is currently a definite lack in South Africa (SA) in this regard; as there are currently, little government-led and sponsored cyber-security awareness and education initiatives. The primary research objective of this paper, therefore, is to propose a cyber-security awareness and education framework for SA that would assist in creating a cyber-secure culture in SA among all of the users of the Internet. This framework will be developed on the basis of key factors extrapolated from a comparative analysis of relevant developed countries.

Security Awareness in the Internet of Everything

2019 ◽  
pp. 272-301 ◽  
Author(s):  
Viacheslav Izosimov ◽  
Martin Törngren
Keyword(s):  
Cyber Security ◽  
Physical System ◽  
System Of Systems ◽  
The Internet ◽  
Security Awareness ◽  
Security Risks ◽  
Interconnected System ◽  
Security Education ◽  
Practical Evaluation ◽  
Explicit Consideration

Our societal infrastructure is transforming into a connected cyber-physical system of systems, providing numerous opportunities and new capabilities, yet also posing new and reinforced risks that require explicit consideration. This chapter addresses risks specifically related to cyber-security. One contributing factor, often neglected, is the level of security education of the users. Another factor, often overlooked, concerns security-awareness of the engineers developing cyber-physical systems. Authors present results of interviews with developers and surveys showing that increase in security-awareness and understanding of security risks, evaluated as low, are the first steps to mitigate the risks. Authors also conducted practical evaluation investigating system connectivity and vulnerabilities in complex multi-step attack scenarios. This chapter advocates that security awareness of users and developers is the foundation to deployment of interconnected system of systems, and provides recommendations for steps forward highlighting the roles of people, organizations and authorities.

Efficient Cyber Security Framework for Smart Cities

2019 ◽  
pp. 130-157 ◽  
Author(s):  
Amtul Waheed ◽  
Jana Shafi
Keyword(s):  
Cyber Security ◽  
Smart City ◽  
Smart Cities ◽  
Cost Effective ◽  
Cyber Attacks ◽  
Security And Privacy ◽  
Sensitive Information ◽  
Security Framework ◽  
Smart Transportation ◽  
Security Issues

Smart cities are established on some smart components such as smart governances, smart economy, science and technology, smart politics, smart transportation, and smart life. Each and every smart object is interconnected through the internet, challenging the security and privacy of citizen's sensitive information. A secure framework for smart cities is the only solution for better and smart living. This can be achieved through IoT infrastructure and cloud computing. The combination of IoT and Cloud also increases the storage capacity and computational power and make services pervasive, cost-effective, and accessed from anywhere and any device. This chapter will discuss security issues and challenges of smart city along with cyber security framework and architecture of smart cities for smart infrastructures and smart applications. It also presents a general study about security mechanism for smart city applications and security protection methodology using IOT service to stand against cyber-attacks.

Sign in / Sign up

Export Citation Format

Share Document