scholarly journals Helping the Hacker? Library Information, Security, and Social Engineering

2006 ◽  
Vol 25 (4) ◽  
pp. 222 ◽  
Author(s):  
Samuel T. C. Thompson
Keyword(s):  
Information Security ◽  
Personal Information ◽  
Computer Systems ◽  
Social Engineering ◽  
Computer Industry ◽  
Access To Information ◽  
Security Threat ◽  
Unauthorized Access ◽  
Library Staff

Social engineering is the use of nontechnical means to gain unauthorized access to information or computer systems. While this method is recognized as a major security threat in the computer industry, little has been done to address it in the library field. This is of particular concern because libraries increasingly have access to databases of both proprietary and personal information. This tutorial is designed to increase the awareness of library staff in regard to the issue of social engineering.

Social engineering as a threat to personal financial security

2021 ◽  
Vol 17 (1) ◽  
pp. 150-166
Author(s):  
Andrei L. LOMAKIN ◽  
Evgenii Yu. KHRUSTALEV ◽  
Gleb A. KOSTYURIN
Keyword(s):  
Information Security ◽  
Personal Information ◽  
Public Awareness ◽  
Social Engineering ◽  
Training System ◽  
Security Threats ◽  
Security Threat ◽  
Public And Private ◽  
Security Issues ◽  
The Government

Subject. As the socio-economic relationships are getting digitalized so quickly, the society faces more and more instances of cybercrime. To effectively prevent arising threats to personal information security, it is necessary to know key social engineering methods and security activities to mitigate consequences of emerging threats. Objectives. We herein analyze and detect arising information security threats associated with social engineering. We set forth basic guidelines for preventing threats and improving the personal security from social engineering approaches. Methods. The study relies upon methods of systems analysis, synthesis, analogy and generalization. Results. We determined the most frequent instances associated with social engineering, which cause personal information security threats and possible implications. The article outlines guidelines for improving the persona; security from social engineering approaches as an information security threat. Conclusions and Relevance. To make information security threats associated with social engineering less probable, there should be a comprehensive approach implying two strategies. First, the information security protection should be technologically improved, fitted with various data protection, antivirus, anti-fishing software. Second, people should be more aware of information security issues. Raising the public awareness, the government, heads of various departments, top executives of public and private organizations should set an integrated training system for people, civil servants, employees to proliferate the knowledge of information security basics.

scholarly journals INFLUENCE OF THE COUNTRY ECONOMIC DEVELOPMENT ON THE DEPENDENCE OF THE USE OF PERSONAL INFORMATION SECURITY AND THE CONSEQUENCES OF CYBERCRIME

2020 ◽  
pp. 188-198
Author(s):  
H. Yarovenko
Keyword(s):  
Cluster Analysis ◽  
Economic Development ◽  
Information Security ◽  
Personal Information ◽  
Practical Importance ◽  
Social Engineering ◽  
The State ◽  
Security Measures ◽  
Personal Security ◽  
The Impact

Over the past decade, there has been an increase in the volume of cybercrime in various spheres of life at the level of the state, economic agents, and individuals. Therefore, the issues of studying the processes of forming information security and identifying the impact on its effectiveness are becoming topical. The aim of this study is to prove the hypothesis that the behaviour of the population associated with the use of personal security measures and the formation of the corresponding consequences of incidents occurs under the influence of the level of economic development of the country. This was done using k-means cluster analysis via the Deductor Academic analytical platform and based on data from a survey conducted among respondents from EU countries. Analysis of the responses showed that there is a growing trend in the use of online banking and e-commerce services; there is an increase in the number of respondents who have become victims of cybercrimes, especially social engineering; the trend towards the use of reliable personal security equipment is declining. The results of the cluster analysis, for which data on the number of respondents who are victims of cybercrimes and the number of respondents using various personal security tools were used, made it possible to form 7 clusters of countries. Analysis of GDP per capita for the obtained clusters and visualization of the map of countries allowed us to confirm the hypothesis, but it was also determined that the dependence of the use of personal security measures and the consequences of cybercrimes is also influenced by the mental characteristics of countries formed due to the close territorial location of neighboring countries. The results obtained will be of practical importance for the development of the concept of information security and economic development of the state. They can be used to determine which sets of protection are appropriate for the income level of the population. Priority areas for further research are to determine the influence of other factors on the formation of the country's information security and the formation of a barycentric model of their measurements to ensure sustainable economic development of the state.

scholarly journals SOCIAL ENGINEERING AS AN EVOLUTIONARY THREAT TO INFORMATION SECURITY IN HEALTHCARE ORGANIZATIONS

2020 ◽  
Vol 8 (1) ◽  
pp. 56
Author(s):  
Naiya Patel
Keyword(s):  
Information Security ◽  
Health Information ◽  
Personal Information ◽  
Social Engineering ◽  
Identity Theft ◽  
Professional Life ◽  
Prevention Measures ◽  
Hospital Data ◽  
Healthcare Organizations ◽  
Healthcare Settings

Information security in healthcare settings is overlooked even though it is the most vulnerable for social engineering attacks. The theft of hospital information data is critical to be monitored as they contain patients’ confidential health information. If leaked, the data can impact patients’ social as well as professional life. The hospital data system includes administrative data, as well as employees’ personal information hacked, which can cause identity theft. The current paper discusses types and sources of social engineering attacks in healthcare organizations. Social engineering attacks occur more frequently than other malware attacks, and hence it is crucial to understand what social engineering is and its vulnerabilities to understand the prevention measures. The paper describes types of threats, potential vulnerabilities, and possible solutions to prevent social engineering attacks in healthcare organizations. Keywords: social engineering, hospitals, healthcare organizations, information security.

scholarly journals PROBLEMS AND SOLUTIONS FOR ENSURING INFORMATION SECURITY OF ELECTRONIC LIBRARIES

2019 ◽  
pp. 47-50
Author(s):  
S. B. Normatov
Keyword(s):  
Information Exchange ◽  
Value Of Information ◽  
Information Technologies ◽  
Personal Information ◽  
Data Retrieval ◽  
Access To Information ◽  
Unauthorized Access ◽  
Problems And Solutions ◽  
Library Resources ◽  
Scientific Technical

Information technologies development has led to intensification of distant information exchange, sharp increase in the speed of data retrieval, storage and processing of large amounts of information. At the same time, just these opportunities gave rise to such problems as unauthorized access to information resources, threat to the library resources security, need to ensure the users’ personal information protection. Extension in the volume and value of information scientific- technical and educational resources leads to an increase in the threats of unauthorized access to them. This requires the creation of reliable means of protecting information sources.

scholarly journals Assessment of current practices in creating and using passwords as a control mechanism for information access

2007 ◽  
Vol 9 (2) ◽  
Author(s):  
P. L. Wessels ◽  
L. P. Steenkamp
Keyword(s):  
Control Mechanism ◽  
Personal Information ◽  
Information Access ◽  
Sensitive Information ◽  
Access To Information ◽  
Network Servers ◽  
Critical Issues ◽  
Data Files ◽  
Gain Access ◽  
Current Practices

One of the critical issues in managing information within an organization is to ensure that proper controls exist and are applied in allowing people access to information. Passwords are used extensively as the main control mechanism to identify users wanting access to systems, applications, data files, network servers or personal information. In this article, the issues involved in selecting and using passwords are discussed and the current practices employed by users in creating and storing passwords to gain access to sensitive information are assessed. The results of this survey conclude that information managers cannot rely only on users to employ proper password control in order to protect sensitive information. 

scholarly journals Model of Social Influence in Analysis of Socio-engineering Attacks

2021 ◽  
pp. 97-107
Author(s):  
T. V. Tulupieva ◽  
M. V. Abramov ◽  
A. L. Tulupiev
Keyword(s):  
Information Security ◽  
Social Influence ◽  
Integrated Circuit ◽  
Social Engineering ◽  
Accurate Assessment ◽  
Factors Influencing ◽  
Aggregation Of Information ◽  
New Interpretation

The purpose of this study is to study the modernization of the model of an attacker’s social engineering attack on a user, taking into account a wider range of factors influencing the success of a social engineering attack associated with the principles of social influence. Methods. To achieve this goal, the approaches to social influence and the components of social influence were analyzed. An integrated circuit of social influence is built, grounding in the context of socio-engineering attacks. Results. A model of social influence is proposed, built in the context of an attacker’s social engineering attack on a user. A new interpretation of the term user vulnerability in the context of information security has been proposed. Conclusion. The result obtained forms the potential of filling the user and attacker models with specific vulnerabilities and competencies, which will lead to a more accurate assessment of the success of the attacker’s social engineering attack on the user, due to the aggregation of information from incidents that have occurred.

Sign in / Sign up

Export Citation Format

Share Document