Trends in the occurrence of ICT incidents in terms of cybersecurity

• Autorzy: Parczewski Rafał , Guzanek Patrycja , Szczur Robert , Ilczuk Łukasz , Jabłoński Przemysław , Jankiewicz Ewa

Identyfikatory

ISBN

10.37055/slw/203443

Warianty tytułu

PL

Tendencje w występowaniu incydentów ICT w aspekcie cyberbezpieczeństwa

• Języki publikacji: EN

Abstrakty

EN

Quick and unhindered access to information is a feature of social and economic development, and the functioning of the entire state depends on the efficiency and stability of ICT systems. A breakdown in digital security brings with it the risk of citizens’ safety being compromised, the interception of sensitive data, including personal data, invasion of privacy, loss of money and often health. Effective countermeasures require the continuous establishment and development of a cybersecurity system. The purpose of this article is to analyze and assess the scale and type of emerging incidents. It was assumed (research hypothesis) in ICT systems, including those related to the critical infrastructure of the state, there is an increasing number of incidents involving malicious software and events involving illegal collection of information. The study was based on data on incidents coordinated by the GOV CSIRT (Governmental Computer Security Incident Response Team). The information was obtained from the reports of the CSIRT GOV team for the years 2010-2022. The number of reports and actual incidents was analysed on a quarterly and annual basis, as well as their classification in various categories, using primarily the method of scientific observation, document examination, mathematical analysis and inference. Groups of threats were identified that are characterised by a clear increase in the number of incidents in recent years and against which an intensification of preventive measures is required. The results of the study are in line with the trend observed worldwide. The study clearly shows that malware incidents or information-gathering incidents are becoming more frequent in the virtual world.

PL

Szybki i nieskrępowany dostęp do informacji jest atrybutem rozwoju społecznego i gospodarczego, a od sprawności i stabilności systemów teleinformatycznych zależy funkcjonowanie całego państwa. Zachwianie bezpieczeństwa cyfrowego wiąże się z ryzykiem naruszenia bezpieczeństwa obywateli, przejęciem wrażliwych danych, w tym osobowych, naruszenia prywatności, utraty pieniędzy, a nierzadko też zdrowia. Skuteczne przeciwdziałanie wymaga permanentnej budowy i roz- woju systemu cyberbezpieczeństwa. Celem artykułu jest analiza i ocena skali oraz rodzaju pojawiających się incydentów. Założono, (hipoteza badawcza) że w systemach teleinformatycznych, w tym związanych z infrastrukturą krytyczną państwa, coraz częściej dochodzi do incydentów z udziałem złośliwego oprogramowania oraz zdarzeń polegających na nielegalnym pozyskiwaniu informacji. Podstawą badania były dane dotyczące incydentów koordynowanych przez zespół CSIRT GOV (Governmental Computer Security Incident Response Team). Informacje zostały pozyskane z raportów zespołu CSIRT GOV z lat 2010-2022. Analizowano liczbę zgłoszeń i faktycznych incydentów w ujęciu kwartalnym i rocznym oraz ich klasyfikację w różnych kategoriach, wykorzystując przede wszystkim metodę obserwacji naukowej, badania dokumentów, analizy matematycznej oraz wnioskowania. Zidentyfikowano grupy zagrożeń, które cechuje wyraźny wzrost liczby incydentów w ostatnich latach i wobec których wymagana jest intensyfikacja prowadzenia działań zapobiegawczych. Wyniki badania wpisują się w trend obserwowany na całym świecie. Przeprowadzone rozważania wyraźnie pokazują, że w wirtualnym świecie coraz częściej pojawiają się incydenty z grupy złośliwego oprogramowania czy zdarzenia związane z gromadzeniem informacji.

Słowa kluczowe

EN

ICT; Information and Communication Technologies; risk assessment; incidents; National Cybersecurity System

PL

Bezpieczeństwo teleinformatyczne; ocena ryzyka; incydent; Krajowy System Cyberbezpieczeństwa

• Wydawca: Wojskowa Akademia Techniczna im. Jarosława Dąbrowskiego
• Czasopismo: Systemy Logistyczne Wojsk
• Rocznik: 2024
• Tom: Vol. 61, no. 2
• Strony: 193--210
• Opis fizyczny: Bibliogr. 40 poz., tab., wykr.

Twórcy

autor

Parczewski Rafał

• Faculty of Security, Logistics and Management, Military University of Technology, Poland

• https://orcid.org/0000-0002-2603-0596

autor

Guzanek Patrycja

• Faculty of Security, Logistics and Management, Military University of Technology, Poland

• https://orcid.org/0000-0001-6650-7187

autor

Szczur Robert

• Military University of Technology, Poland

• https://orcid.org/0009-0000-7210-814X

autor

Ilczuk Łukasz

• Military University of Technology, Poland

• https://orcid.org/0009-0003-5636-6992

autor

Jabłoński Przemysław

• 41st Training Aviation Base, Poland

• https://orcid.org/0009-0003-7376-9486

autor

Jankiewicz Ewa

• Military University of Technology, Poland

• https://orcid.org/000-0003-1689-0733

Bibliografia

• [1] 52013JC0001, Joint communication to the European Parliament, the Council, the European economic and social committee and the committee of the regions Cybersecurity Strategy for the European Union: An Open, Safe and Secure Cyberspace /* JOIN/2013/01 final */
• [2] Act of 15 July 2018 on the national cybersecurity system (Journal Laws of 2018, item 1560).
• [3] Act of 17 February 2005 on the computerisation of the activities of entities performing public tasks (Journal of Laws of 2005, No. 64, item 565, as amended).
• [4] Act of 21 June 2002 on the state of emergency (Journal of Laws 2002, No. 117, item 985, with later as amended).
• [5] Act of February 4, 1994 on copyright and related rights (Journal of Laws 1994 No. 24 item 83).
• [6] Annegret, B., Bossong, R. and Schulze, M., 2017. The EU’s revised cybersecurity strategy: half-hearted progress on far-reaching challenges., 7.
• [7] Borucka, A. 2018. Risk analysis of accidents in Poland based on ARIMA model. Transport Means.
• [8] Borucka, A. and Grzelak, M., 2019. Application of Logistic Regression for Production Machinery Efficiency Evaluation. Applied Sciences 9, 22, 4770.
• [9] Buggy, S., 2022. Cybersecurity of countries in the 21st century on the example of the Republic of Poland. Homeland Security Review 14.27.
• [10] Cavelty, M. D. and Wenger, A., 2019. Cyber security meets security policy: Complex technology, fragmented policy, and networked science. Contemporary Security Policy 41.1.
• [11] Chałubińska-Jentkiewicz, K., 2022. Cyberspace as an Area of Legal Regulation. Cybersecurity in Poland, 23.
• [12] Chumachenko, D., Chumachenko, K. and Yakovlev, S., 2019. Intelligent simulation of network worm propagation using the code red as an example. Telecommunications and Radio Engineering 78.5.
• [13] Coronado, A. J. and Timothy, L. W., 2014. Healthcare cybersecurity risk management: keys to an effective plan. Biomedical instrumentation & technology 48.s1.
• [14] Council of Europe Convention on Cybercrime drawn up in Budapest on 23 November 2001 (item 728)
• [15] CSIRT GOV, [online], Available at: https://www.csirt.gov.pl/cer [Accessed: 6 February 2023].
• [16] Ferrara, E., 2019. The history of digital spam. Communications of the ACM 62.8, 82-91.
• [17] Fuster, F., González, G. and Jasmontaite, L., 2020. Cybersecurity regulation in the European Union: the digital, the critical and fundamental rights. The ethics of cybersecurity, 97-115.
• [18] Góral, P., Pawłowski, P., Nowacki, W., Wróbel, J., 2023. Electronic anti-theft protection for vehicles of people with special needs. Military Logistics Systems, 59(2). https://doi.org/10.37055/slw/186380
• [19] Grzelak, M., Borucka, A., and Buczyński, Z. 2019. Forecasting the demand for transport services on the example of a selected logistic operator. Archives of Transport, 52.
• [20] Jagatic, T. N., Johnson, N.A., Jakobson, M. and Menczer F., 2007. ‘Social phishing.’ Communications of the ACM 50.10, 94-100.
• [21] Jang-Jaccard, J. and Surya, N., 2014. A survey of emerging threats in cybersecurity. Journal of Computer and System Sciences 80.5, 973-993.
• [22] Jaroń, A., Borucka, A. and Parczewski, R., 2022. Analysis of the Impact of the COVID-19 Pandemic on the Value of CO2 Emissions from Electricity Generation. Energies, 15(13):4514.
• [23] Karpiuk, M., 2021. The Local Government’s Position in the Polish Cybersecurity System. Lex Localis 19.3, 609-620.
• [24] Krupnik, D., Stryjewski, T., 2023. Security of the development of the construction industry in conditions of macroeconomic market uncertainty. Military Logistics Systems, 59(2), 189-208. https://doi.org/10.37055/slw/186383
• [25] Lehmann, D., Johannes K. and Pradel M., 2020. Everything old is new again: Binary security of webassembly. Prokedings of the 29th USENIX Conference on Security Symposium.
• [26] Messier, R., 2021. Scanning Networks.
• [27] Milkovski, N. and Bogdanoski, M., 2015. Information as a strategic resource critical to military operations and defense of the nation, Contemporary Macedonian 28 XV.
• [28] National Security Strategy of the Republic of Poland 2020, Warsaw, Poland.
• [29] Özdemir, N., Sümeyra, U., Beyza, B. and İskender, E., 2020. Dynamical analysis of fractional order model for computer virus propagation with kill signals. International Journal of Nonlinear Sciences and Numerical Simulation 21.3-4.
• [30] Pawlisiak, M., Maslii, O., 2024. Internet of things as a tool for ensuring material security of Military Units and Institutions. Military Logistics Systems, 60(1), https://doi.org/10.37055/slw/193856
• [31] Pierazzi, F. and et al., 2020. A data-driven characterization of modern Android spyware. ACM Transactions on Management Information Systems (TMIS) 11.1.
• [32] Sanetra-Półgrabis, S. and Sapiński A., 2020. The issue of social security within the functioning of Euroregions.
• [33] Sommer, P. and Brown, I., 2011. Reducing systemic cybersecurity risk. Organisation for Economic Cooperation and Development. Working Paper No. IFP/WKP/FGS, 3.
• [34] Świderski, A., Borucka, A., and Skoczyński, P. 2018. Characteristics and assessment of the road safety level in Poland with multiple regression model. In Transport Means-Proceedings of the International Conference.
• [35] Taylor, R., 2015. The need for a paradigm shift towards cybersecurity in journalism. National Cybersecurity Institute Journal 1.3.
• [36] The Act of 15 July 2018 on the national cybersecurity system (Journal of Laws Dz.U. of 2018, item 1560).
• [37] Wade, P., 2020. Cybersecurity - sectoral regulatory aspects. Antitrust and Regulatory Quarterly (iKAR) 9.2.
• [38] You, D., Liu, S., Li, F., Liu, H., Zhang, Y., 2025. Reliability Assessment Method Based on Small Sample Accelerated Life Test Data. Eksploatacja i Niezawodność – Maintenance and Reliability, 27(1). https://doi.org/10.17531/ein/19217.
• [39] Zdzikot, T., 2022. Cyberspace and cybersecurity. Cybersecurity in Poland: Legal Aspects, 9-21.
• [40] Zhang, H., Wang, Q. (2025). Risk identification model of aviation system based on text mining and risk propagation. Eksploatacja i Niezawodność – Maintenance and Reliability, 27(1). https://doi.org/10.17531/ein/192767.