Knowledgebase

Number of results: 26

5G - Next Generation Mobile Network

Document type: 
Technology Trend card
Authors / Institution: 
Publisher / Publication: 
Fraunhofer for the SOURCE project
Abstract: 

1 page sheet on the technology trends of 5G - Next Generation Mobile Network. 5G “5th generation mobile communications” is the term for a family of technologies that, as a whole form the

next standard for mobile networks (as an evolution of 3G (UMTS) and 4G (LTE)). This technology “package” consists of new technologies combined with existing technologies mainly from fixed IP networks.

Advanced social engineering attacks

Document type: 
Scientific publication
Publisher / Publication: 
Journal of Information Security and Applications, Vol. 22: 113-122
Abstract: 

Social engineering has emerged as a serious threat in virtual communities and is an effective means to attack information systems.

The services used by today's knowledge workers prepare the ground for sophisticated social engineering attacks. The growing trend towards BYOD (bring your own device) policies and the use of online communication and collaboration tools in private and business environments aggravate the problem. In globally acting companies, teams are no longer geographically co-located, but staffed just-in-time. The decrease in personal interaction combined with a plethora of tools used for communication (e-mail, IM, Skype, Dropbox, LinkedIn, Lync, etc.) create new attack vectors for social engineering attacks. Recent attacks on companies such as the New York Times and RSA have shown that targeted spear-phishing attacks are an effective, evolutionary step of social engineering attacks. Combined with zero-day-exploits, they become a dangerous weapon that is often used by advanced persistent threats. This paper provides a taxonomy of well-known social engineering attacks as well as a comprehensive overview of advanced social engineering attacks on the knowledge worker.

 

EU Cybersecurity and the Paradox of Progress

Document type: 
Report
Authors / Institution: 
Publisher / Publication: 
CEPS Policy Insights, No. 2018/06
Abstract: 

Technological revolutions bring opportunities, but sometimes even greater threats.

This ‘paradox of progress’ affects cyberspace and threatens the very principle and foundation of the open internet. The global debate on cyber-governance is currently in a stalemate on the norms for global stability of cyberspace and the fight against cybercrime, although the EU is making considerable efforts to strengthen cyberspace resilience and the critical information infrastructure. The author argues that the newly proposed Cybersecurity Act should be supported by additional measures to increase awareness, devise smarter policy and enable effective governance. Too many users and businesses are still failing to take cybersecurity and computer hygiene seriously. And there is a need to strengthen the pan-European coordination of deterrence, detection, and defence. This paper looks at the possibilities for the EU in this domain and argues that at a time of American diplomatic and political retrenchment from Europe and the world, it has an opportunity to play a leading role in global cybersecurity policy and governance.

Predictive Policing of Cybercrime

Document type: 
Interview/sound/video
Video: 
Authors / Institution: 
Publisher / Publication: 
SOURCE Network
Abstract: 

On the 15th of June 2015, in Brussels, experts in cyber security and predictive policing from around Europe, representing all stakeholder groups (police, industry, policy making, civil society, tec

hnology and academia), expressed their concerns about the new societal challenges brought forward by the use of modern technologies and cyber-crime. The outcome of the debate is summarised in this short video.

Security Union - A Europe that protects

Document type: 
Policy document
Authors / Institution: 
Publisher / Publication: 
European Commission
Abstract: 

In this Factsheet, the European Commission outlines the state of play regarding legislative initiatives aimed at the completion of the Security Union

Hacking the Human - Social Engineering Techniques and Security Countermeasures

Document type: 
Book
Authors / Institution: 
Publisher / Publication: 
Routledge
Abstract: 

Information security is about people, yet in most organizations protection remains focused on technical countermeasures.

The human element is crucial in the majority of successful attacks on systems and attackers are rarely required to find technical vulnerabilities, hacking the human is usually sufficient. Ian Mann turns the black art of social engineering into an information security risk that can be understood, measured and managed effectively. The text highlights the main sources of risk from social engineering and draws on psychological models to explain the basis for human vulnerabilities. Chapters on vulnerability mapping, developing a range of protection systems and awareness training provide a practical and authoritative guide to the risks and countermeasures that are available. There is a singular lack of useful information for security and IT professionals regarding the human vulnerabilities that social engineering attacks tend to exploit. Ian Mann provides a rich mix of examples, applied research and practical solutions that will enable you to assess the level of risk in your organization; measure the strength of your current security and enhance your training and systemic countermeasures accordingly. If you are responsible for physical or information security or the protection of your business and employees from significant risk, then Hacking the Human is a must-read.

European Union Internet Organised Crime Threat Assessment (IOCTA) 2017

Document type: 
Report
Authors / Institution: 
Publisher / Publication: 
EUROPOL
Abstract: 

Each year, Europol’s European Cybercrime Centre (EC3) publishes the Internet Organised Crime Threat Assessment (IOCTA), its flagship strategic report on key findings and emerging threats

and developments in cybercrime — threats that impact governments, businesses and citizens in the EU. The IOCTA provides key recommendations to law enforcement, policy makers and regulators to allow them to respond to cybercrime in an effective and concerted manner. The report focuses on the crime areas that fall under EC3’s mandate. These cybercrime priorities, which are determined by the EU Policy Cycle, are currently: Cyber-dependent crime, Online child sexual exploitation and Payment fraud. The most recent IOCTA also looks at an additional crime area, online criminal markets, both on the surface web and Darknet. It also addresses the convergence of cyber and terrorism. Another typical focus of the IOCTA are cross-cutting crime enablers, factors that straddle more than one crime area but are not necessarily inherently criminal themselves. These enablers include phishing/smishing/vishing, business email compromise, bulletproof hosting, anonymisation tools, criminal abuse of cryptocurrencies and money muling.

Tackling cyber-terrorism: Balancing surveillance with counter-communication

Document type: 
Scientific publication
Publisher / Publication: 
Security Journal, 30 (2): 556–568
Abstract: 

Cyberspace has expanded the arena within which extremists and terrorists operate, posing a range of new challenges, many of which are still to be addressed.

From propaganda through recruitment to financing and attack planning, the use of the Internet has been growing in size, subtlety and sophistication, often blurring the legal with the illegal. Its interconnectivity, anonymity and affordability have served Muslim extremists, white supremacists and neo-Nazis alike. The present article analyses the online challenges posed by such groups, pointing out how they might be potentially hampered by combining the currently dominant online surveillance with marginalized cyber (counter-) communication. It also highlights the mechanisms of decision making based on matters of principle and honour, the factors that typically drive terrorist actions, showing the inadequacy of the traditional economic models, on which the surveillance largely depends and risks scaring extremists off the radar.

 

EU and NATO cybersecurity strategies and national cyber security strategies: a comparative analysis

Document type: 
Scientific publication
Publisher / Publication: 
Security Journal, 30 (4): 1151–1168
Abstract: 

Given the global nature of cyber threats, assurance of a cyber security policy is very important not only at organization level but also at national level.

Currently, cyber security as such is not independently regulated internationally; therefore the role of the EU and NATO in ensuring cyber security has become particularly significant. This article presents a study which compares the cyber security policies of the EU and NATO organizations. An analysis of how national cyber security strategies correspond with the cyber security policies and the strategic directions of these organizations has been carried out. We have also carried out a comparative study of the provision of national cyber security strategies of the EU and NATO. The study reveals that regardless of similar goals, namely assurance of cyber resilience, the selected harmonization and coordination approaches, as well as norms of national cybersecurity strategies, differ.

Reconceptualising Cyber Security: Safeguarding Human Rights in the Era of Cyber Surveillance

Document type: 
Scientific publication
Authors / Institution: 
Publisher / Publication: 
International Journal of Cyber Warfare and Terrorism, 6 (2): 32-40
Abstract: 

The cyber security discourse is dominated by states and corporations that focus on the protection of critical information infrastructure and databases.

The priority is the security of information systems and networks, rather than the protection of connected users. The dominance of war metaphors in the cyber security debates has produced a security dilemma, which is not sufficiently addressing the needs of people. This article underlines this shortcoming and views cyber security through a human-centric perspective. Freedom of expression and the right to privacy are under attack in the era of cyber surveillance. From a human-centric perspective such rights should be understood as a critical part of cyber security. Human rights protections need to be effectively addressed in the digital sphere and gain their place in the cyber security agendas.

Pages

Go to top