Knowledgebase

Number of results: 33

Advanced social engineering attacks

Document type: 
Scientific publication
Publisher / Publication: 
Journal of Information Security and Applications, Vol. 22: 113-122
Abstract: 

Social engineering has emerged as a serious threat in virtual communities and is an effective means to attack information systems.

The services used by today's knowledge workers prepare the ground for sophisticated social engineering attacks. The growing trend towards BYOD (bring your own device) policies and the use of online communication and collaboration tools in private and business environments aggravate the problem. In globally acting companies, teams are no longer geographically co-located, but staffed just-in-time. The decrease in personal interaction combined with a plethora of tools used for communication (e-mail, IM, Skype, Dropbox, LinkedIn, Lync, etc.) create new attack vectors for social engineering attacks. Recent attacks on companies such as the New York Times and RSA have shown that targeted spear-phishing attacks are an effective, evolutionary step of social engineering attacks. Combined with zero-day-exploits, they become a dangerous weapon that is often used by advanced persistent threats. This paper provides a taxonomy of well-known social engineering attacks as well as a comprehensive overview of advanced social engineering attacks on the knowledge worker.

 

Video Interviews on “Security and Societal Issues: how to strike the good balance”

Document type: 
Interview/sound/video
Video: 
Authors / Institution: 
Publisher / Publication: 
SOURCE Network
Abstract: 

During the organization of the Roundtable on “Security and Societal Issues: how to strike the good balance” that took place in Brussels on the 8th February 2016, three video interviews with the mai

n speakers were conducted.

Predictive Policing of Cybercrime

Document type: 
Interview/sound/video
Video: 
Authors / Institution: 
Publisher / Publication: 
SOURCE Network
Abstract: 

On the 15th of June 2015, in Brussels, experts in cyber security and predictive policing from around Europe, representing all stakeholder groups (police, industry, policy making, civil society, tec

hnology and academia), expressed their concerns about the new societal challenges brought forward by the use of modern technologies and cyber-crime. The outcome of the debate is summarised in this short video.

Exercising emergencies: Resilience, affect and acting out security

Document type: 
Scientific publication
Authors / Institution: 
Publisher / Publication: 
Security Dialogue, 47 (2): 99–116
Abstract: 

The idea of the complex emergency has given rise to the notion of resilience as a form of acting out security.

While security policies largely embrace the concept of resilience, critical scholarship points to the ‘responsibilization’ of the threatened subject, who is ‘programmed’ to act out security in a fashion that internalizes neoliberal values. This behaviour is trained through disciplinary practices, such as exercises, that seek to conduct the conduct of disaster populations. However, is the resilient subject only ever an instance of programmes and disciplinary power? This article takes a look at how self-organization comes about and how this process can be conceptualized through affect. It uses the setting of a cyber-security exercise to describe the dynamic interplay between affect and re/action. Building on Spinoza’s understanding of affect as the onset for action, the article discusses what affect theory contributes to resilience theory. It concludes that, as a form of acting out security, resilience incorporates both ‘programmed’ and ‘self-determined’ actions. Both forms of acting, however, imply that the resilient subject has no choice but to act out security. Given this fundamental restraint, powerlessness as the incapacity to act appears as one of the few instances that escape the governmental logic of resilience.

Crowdsourced surveillance and networked data

Document type: 
Scientific publication
Authors / Institution: 
Publisher / Publication: 
Security Dialogue, 48 (1): 63–77
Abstract: 

Possibilities for crowdsourced surveillance have expanded in recent years as data uploaded to social networks can be mined, distributed, assembled, mapped, and analyzed by anyone with an uncensored

internet connection. These data points are necessarily fragmented and partial, open to interpretation, and rely on algorithms for retrieval and sorting. Yet despite these limitations, they have been used to produce complex representations of space, subjects, and power relations as internet users attempt to reconstruct and investigate events while they are developing. In this article, I consider one case of crowdsourced surveillance that emerged following the detonation of two bombs at the 2013 Boston Marathon. I focus on the actions of a particular forum on reddit.com, which would exert a significant influence on the events as they unfolded. The study describes how algorithmic affordances, internet cultures, surveillance imaginaries, and visual epistemologies contributed to the structuring of thought, action, and subjectivity in the moment of the event. I use this case study as a way to examine moments of entangled political complicity and resistance, highlighting the ways in which particular surveillance practices are deployed and feed back into the event amid its unfolding.

Predicting criminal incidents on the basis of non-verbal behaviour: The role of experience

Document type: 
Scientific publication
Authors / Institution: 
Publisher / Publication: 
Security Journal, 30 (3): 703–716
Abstract: 

Do experienced police officers have a superior ability to detect impending criminal acts?

In order to test this Hypothesis 10 Closed Circuit Television (CCTV) clips were collected from real criminal events that occurred in and around Nottingham City Centre in the UK. Ten control clips were filmed specifically or chosen from existing footage to match the criminal clips, but did not contain any criminal activity. All clips ended abruptly, immediately before a real criminal act unfolding, or a non-criminal act in the control clips, and either the screen turned black, masking the video scene, or remained frozen on the final frame of the edited clip. Thirty police officers and 30 control participants watched the clips. At the end of each clip, participants were asked to predict what would happen next. Signal detection analysis indicated marginal evidence that police show greater accuracy in predicting clips that cut to a black screen compared with the general public. A stronger effect was noted in the analysis of the criterion, with police officers much more likely to predict a crime regardless of whether there was one. These findings provide promising evidence of experiential differences between police officers and the general public when identifying criminal and antisocial behaviour in CCTV footage, though the greater criterion bias effect suggests that experience may oversensitise individuals to non-verbal cues.

The Ethical Subject of Security - Geopolitical Reason and the Threat Against Europe

Document type: 
Book
Authors / Institution: 
Publisher / Publication: 
Routledge
Abstract: 

While critical security studies largely concentrates on objects of security, this book focuses on the subject position from which ‘securitization’ and other security practices t

ake place. First, it argues that the modern subject itself emerges and is sustained as a function of security and insecurity. It suggests, consequently, that no analytic frame can produce or reproduce the subject in some original or primordial form that does not already reproduce a fundamental or structural insecurity. It critically returns, through a variety of studies, to traditionally held conceptions of security and insecurity as simple predicates or properties that can be associated or not to some more essential, more primeval, more true or real subject. It thus opens and explores the question of the security of the subject itself, locating, through a reconstruction of the foundations of the concept of security, in the modern conception of the subject, an irreducible insecurity. Second, it argues that practices of security can only be carried out as a certain kind of negotiation about values. The analyses in this book find security expressed again and again as a function of value cast in terms of an explicit or implicit philosophy of life, of culture, of individual and collective anxieties and aspirations, of expectations about what may be sacrificed and what is worth preserving. By way of a critical examination of the value function of security, this book discovers the foundation of values as dependent on a certain management of their own vulnerability, continuously under threat, and thus fundamentally and necessarily insecure.

Internal and External Aspects of Security

Document type: 
Scientific publication
Authors / Institution: 
Publisher / Publication: 
European Security, 15 (4): 385-404
Abstract: 

This contribution analyses the merging of internal and external aspects of security.

Whereas according to the ‘doxa’ emerging after 11 September 2001, such convergence is the logical and necessary answer to global terrorism, this article argues instead that the de-differentiation between internal and external security does not result from the transformation of political violence, but mainly from institutional games and practices of securitisation that define the importance of security as superior to sovereignty and freedom. A web of security institutions has developed beyond national borders, and policing at a distance has disentangled security from state sovereignty. The question of who is in charge of security is now tackled at the transnational level, generating competition among professionals of politics and (in)security over the existence of threats and legitimate answers to them. Moreover, the role of technology, especially concerning information exchange, has reinforced the importance of security professionals. The impact of Europeanisation has been central as it has formalised transnational ties between security professionals, and the emergence of European institutions in charge of fundamental rights and data protection may provide a space to discuss collectively who is entitled to define what constitutes a threat.

Theorizing Surveillance: The Panopticon and Beyond

Document type: 
Book
Authors / Institution: 
Publisher / Publication: 
Routledge
Abstract: 

This book is about explaining surveillance processes and practices in contemporary society.

Surveillance studies is a relatively new multi-disciplinary enterprise that aims to understand who watches who, how the watched participate in and sometimes question their surveillance, why surveillance occurs, and with what effects. This book brings together some of the world's leading surveillance scholars to discuss the "why" question. The field has been dominated, since the groundbreaking work of Michel Foucault, by the idea of the panopticon and this book explores why this metaphor has been central to discussions of surveillance, what is fruitful in the panoptic approach, and what other possible approaches can throw better light on the phenomena in question.Since the advent of networked computer databases, and especially since 9/11, questions of surveillance have come increasingly to the forefront of democratic, political and policy debates in the global north (and to an extent in the global south). Civil liberties, democratic participation and privacy are some of the issues that are raised by these developments. But little progress can be made in responding to these issues without an adequate understanding of how, how well and whether or not surveillance works. This book explores the theoretical questions in a way that is grounded in and attuned to empirical realities.

Security and Immigration: Toward a Critique of the Governmentality of Unease

Document type: 
Scientific publication
Authors / Institution: 
Publisher / Publication: 
Alternatives: Global, Local, Political, 27 (1): 63-92
Abstract: 

Some “critical” discourses generated by NGOs and academics assume that if people, politicians, governments, bureaucracies and journalists were more aware, they would change their minds about migrat

ion and begin to resist securitizing it. The primary problem, therefore, is ideological or discursive in that the securitization of migrants derives from the language itself and from the different capacities of various actors to engage in speech acts. In this context, the term “speech act” is used not in its technical Austinian sense, but metaphorically, to justify both the normative position of a speaker and the value of their critical discourse against the discourses of the security professionals. This understanding of critique reinforces the vision of a contest between ideas and norms, a contest in which academics can play a leading role. This essay seeks to avoid presenting the struggle as an ideological one between conserv- ative and liberal positions, or even as an “intertextual competition” between agencies in which academics have a key role. It examines why the discourses of securitization continue to be so powerful even when alternatives discourses are well known, and why the production of academic and alternative discourses has so little effect in either the political arena or in daily life. It emphasizes the work of politicization, of the mobilization of groups and technologies enabling some agents, especially political actors, the media, the security professionals and some sectors of the general population, to create a “truth” about the link between crime, unemployment, and migration, even when academics, churches, NGOs and some social policy oriented institutions have made powerful claims to the contrary for many years. 

Pages

Go to top