Implementation of Meltdown Attack Simulation for Cybersecurity Awareness Material

One of the rising risk in cybersecurity is an attack on cyber physical system. Today’s computer systems has evolve through the development of processor technology, namely by the use of optimization techniques such as out-of-order execution. Using this technique, processors can improve computing system performance without sacrificing manufacture processes. However, the use of these optimization techniques has vulnerabilities, especially on Intel processors. The vulnerability is in the form of data exfiltration in the cache memory that can be exploit by an attack. Meltdown is an exploit attack that takes advantage of such vulnerabilities in modern Intel processors. This vulnerability can be used to extract data that is processed on that specific computer device using said processors, such as passwords, messages, or other credentials. In this paper, we use qualitative research which aims to describe a simulation approach with experience meltdown attack in a safe environment with applied a known meltdown attack scheme and source code to simulate the attack on an Intel Core i7 platform running Linux OS. Then we modified the source code to prove the concept that the Meltdown attack can extract data on devices using Intel processors without consent from the authorized user.

Medical Gases Cylinder Risk Evaluation To Prevent Risk

Medical gases for medical treatment, are used to give gas therapy to the patient. They are widely used in hospitals, clinics, dental clinics, homes, and other healthcare facilities. They are essential and request zero faults. Because of the impact of medical gases fault, may could someone injury or even death. The incidents of using medical gases are still founding in several countries, including Indonesia. This research paper was conducted to give a perspective of risk evaluation, so medical gases cylinder management could get attention. Normally the incidents in using medical gases are caused by human error and fraud. Human error in using medical gases could make somebody death, and fraud could make financially lost which could affect operational cost. The explanation will be shown on the risk heat map and also the risk scorecard. This is facilitating to make it easier to take a decision for the priority of risk that should be mitigated or manage.

Identification of Positive Clandestine Intelligence Threats In Cyber Terrorism For National Security

This study is motivated by the vigilance towards the development of cyberspace technology that is so fast that it causes dependence on it in almost all fields. This condition poses a potential threat to our national resilience in various fields, especially in the national security sector. Researchers try to identify the threat of Positive Clandestin Intelligence (PCI) in the form of cyber terrorism on national security, so that it can bring stakeholders to a better level of knowledge. Theories and concepts used are related to threats, national security, positive clandestine intelligence, terrorism and cyber terrorism (CT). This study is a qualitative method and the type of research is descriptive qualitative. Interview and literature review are used in primary and secondary data collection. Data is evaluated and analyzed with an interactive analysis model. Researchers also validate by measuring the degree of accuracy between the data that occurs in the object of research with data that can be reported by researchers. This study succeeded in identifying the types of PCI CT targets, forms of PCI CT attacks, psychological motivations of PCI CT perpetrators and the position of PCI CT threats in the taxonomy of Rogers M.K.'s cybercrime behavior.

The Impact of Knowledge Management on Service Quality of News Researcher in XYZ Television

The main objective of this research is to find out whether there is an impact of the implementation of knowledge management (KM) on the service quality of the news researcher (NR) work unit in the news divisions at XYZ Television. The positive influence of KM is expected to improve the service quality provided to news producers as users. So that it also has a positive or increasing impact on the quality of the news produced. This type of research is applied research, with experimental research methods. According to the level of exploration, this study uses a comparative method by comparing the results before and after the implementation of KM. According to the type of data, this study uses qualitative data. For this reason, a survey was conducted using a questionnaire before and after the implementation of KM to 28 news producers as respondents. These respondents were the total population of users who are received NR services. The rating scale used is a Likert scale. The statistical test used for this study used paired sample t-test using IBM SPSS 25, which tests the hypothesis whether there is a significant impact of KM implementation. This study has proven that the application of KM can improve the service quality of NR. This increase is indicated by the significance value of the service before and after the implementation of KM. So that this research is expected to contribute to the improvement of service quality in each work unit of news researchers in television media in Indonesia, especially in the news division.

Analysis correlation of the Implementation Framework COBIT 5, ITIL V3 and ISO 27001 for ISO 10002 Customer satisfaction

This study aims to determine and provide information about the corellation of COBIT 5, ITILV3 ,and ISO 27001 for customer satisfaction. This study uses a causal associative method with a quantitative approach. The population of this research is all customers of company Quota Broadband Internet. The sampling technique in this research is probability sampling technique through simple random sampling. The research sample was 135 customers. The results showed that there was an corellation of COBIT 5 (6.Customer-oriented service culture ), ITIL V3 (Service Operation 4.2 Incident management), and ISO 27001 (A.16 Information security incident management) for 10002 (3.4 customer satisfaction). The biggest influence is COBIT 5 on ISO 27001 with a T statistic of 6,960 and a P value of 0,000.

Risk Management In Protecting Banking Sensitive Information at XYZ Bank Using COBIT5 Framework

POJK No.18 / POJK.03 / 2016 concerning the Implementation of Risk Management for Commercial Banks is addressed to the management and board of directors of Banks to improve provisions regarding compromised customer information disclosure to the public, and breaches of customer information have led to the need for risk management practices in the use of Information Technology (IT). Risk Control Assessment (RCA) is based on the COBIT 5 framework to assess risks associated with the use of Information Technology Asset in XYZ Bank. By mapping the RCA and the provisions of POJK No.18 / POJK.03 / 2016, it can help management obtain information on the level of compliance of the Bank with provisions relating to Banking sensitive information.

Free Open-Source High – Availability Solution for Java Web Application Using Tomcat And MySQL

With the growth of the internet, the number of web applications is also growing. Many web applications are becoming more important to the stakeholders that they cannot afford downtime which can cause loss of revenue, loss of productivity, etc. In the past, only big organizations with deep pocket could afford implement high-availability for their web application, but nowadays there are free open-source software programs that support high-availability feature available to everyone. This research studied the feasibility of implementing high-availability for Java web application system without using commercial software. This research compared the capability of proprietary and free open-source high-availability solution for Java web application based on a simple high-availability design, where a test Java web application was deployed into the environment based on proprietary and free open-source solutions, and tested how well each solution perform when problem occurs. The result showed that the free open-source high-availability solution worked, but not as well as proprietary one. However, the proprietary high-availability solution for database did not perform well, and neither did the open-source one. This research concludes that the free open-source high-availability solution works and thus made high-availability become much more affordable, especially for individual or small organizations with budget constraints.

Determining Critical Factors Project Delay and Effecting Cost Overruns in Telecommunication Mobile Network Projects

Telecommunication Industry has created numerous employment opportunities and playing a role model in economic growth of Indonesia. This industry is facing serious and critical problem of cost overruns in Telecommunication Mobile Network Projects, especially in implementation 4G-LTE Project in Jakarta, Depok, Bogor, Tangerang, Bekasi (Jadebotabek) area. The purpose of this research is to identify and classify critical factors project delay and expound the effect of that critical factors to cost overruns. A structured questionnaire based on 38 factors project delay related to cost overruns (Ullah et al., 2017) was developed and distributed to 100 respondents from 35 selected Contractor Company in Jadebotabek area. The collected data was statistically analyzed with Factor Analysis and Multiple Linear Regression that processed using SPSS. As a result, 4 new Critical Factor Project Delay effect to Cost Overruns in sequence are Lack of cost plan and monitoring, Equipment failure, Extension of time, and Inadequate project preparations were identified.

Revealing and Sharing Malware Profile Using Malware Threat Intelligence Platform

Cyber Security is an interchange between attackers and defenders, a non-static balancing force. The increasing trend of novel security threats and security incidents, which does not seem to be stopping, prompts the need to add another line of security defences. This is because the risk management and risk detection has become virtually impossible due to the limited access towards user data and the variations of modern threat taxonomies. The traditional strategy of self-discovery and signature detection which has a static nature is now obsolete in facing threats of the new generation with a dynamic nature; threats which are resilient, complex, and evasive. Therefore, this thesis discusses the use of MISP and The Triad Investigation approach to share the Indicator of Compromise on Cyber Intelligence Sharing Platform to be able to address the newt threats.

Measurement of IT Risk Management Maturity Level in CEC Using IT Domain Risk Governance Framework

IT Risk Management has long been adopted and implemented in CEC. This is inseparable from the high need for reliable and trusted information technology services at CEC as a government institution that has primary task for eradicating corruption. With a good IT risk management is expected to reduce the impact if the IT risk occurs and impacted to overall business process in CEC. However, up to 15 years after the implementation of IT risk management has never been measured how the level of IT maturity risk management. In this research, Author will use the IT Risk Framework with the risk governance domain approach as a standard IT risk management framework to evaluate the implementation of IT risk management in CEC. The process of evaluating the level of IT maturity is based on the maturity model that has been defined in the IT risk framework.