Wyniki wyszukiwania - BazTech

1

Lawfare – hostile actions against the legal system of the state through activities in cyberspace

Milik Piotr

Cybersecurity and Law

|

2024

|

Vol. 11 (1)

105--119

EN

The article analyses important and current issues concerning the use of modern information technologies in hostile actions against the state in the international environment. First, the concept of lawfare was defined as a method of conducting information warfare. Then, the focus was on the potential manifestations of lawfare in cyberspace, indicating possible gaps in the state’s information security system and sensitive areas susceptible to methods of hostile shaping of the state’s legal system.

PL

Autor analizuje ważne i aktualne zagadnienia dotyczące wykorzystania nowoczesnych technologii informacyjnych we wrogich działaniach przeciwko państwu w środowisku międzynarodowym. W pierwszej kolejności zdefiniował pojęcie „lawfare” jako metodę prowadzenia wojny informacyjnej. Następnie skoncentrował się na jej potencjalnych przejawach w cyberprzestrzeni, wskazał możliwe luki w systemie bezpieczeństwa infor-macyjnego państwa i wrażliwe obszary, podatne na metody wrogiego kształtowania sys-temu prawnego państwa.

2

The analysis of social engineering methods in attacks on authentication systems

Borowiec Łukasz, Demidowski Krzysztof, Pecka Milena, Jonarska Amelia

Advances in Web Development Journal

|

2023

|

Vol. 1

83--106

EN

This comprehensive exploration of social engineering attacks provides insights into various methods, including phishing, vishing, baiting, tailgating, and ransomware. The "elder scam" and its variations, as well as phishing examples, illustrate the evolving tactics used by attackers. Prevention strategies encompass education, training, and technological tools, emphasizing the need for a balanced approach. The conclusion underscores that public awareness, continuous training, and specialized detection tools are vital in mitigating the risks associated with social engineering attacks on authentication systems.

3

Oszustwa „na legendę” istotnym zagrożeniem dla seniorów

Kłoda Bartosz

Security Review

|

2021

|

nr 3 (20)

12--22

EN

Legend scams pose a serious threat to seniors. Criminals are committed in order to manipulate the trust of seniors who often use social engineering. Despite high penalties for these acts, it is still one of the most dangerous scams. Criminals use various methods, often resorting to many tricks and using various disguises. At the same time, the high degree of conspiracy and the extensive construction of criminal groups committing frauds with legends is a big problem for law enforcement agencies. Therefore social programs are run to educate seniors and warn them against such scams. They are organized by various organizations and security services. Frauds with legends is constantly evolving to adapt to the current realities, which means that there is a constant need to increase the awareness of seniors and fight with this type of crime.

4

Analysis and classification of chosen social engineering methods in cybersecurity

Olchowik Monika

Przegląd Teleinformatyczny

|

2021

|

T. 9, Nr 1-4 (27)

17--29

EN

Cyberthreat landscape is everchanging and dynamically evolving. Tools, techniques and software are getting more and more intricate. In contrast social engineering methods have been used in various attacks long before computers have been created, yet they are as useful as before, even in cyberspace. Social engineering attacks are quite often successfully used by conmen and hackers, and as such are a constant part of cyberthreat landscape. In order to detect and prevent the usage of aforementioned techniques greater understanding and systematisation of the process is need. In this paper a classification of chosen social engineering methods has been proposed. The classification is based on Kevin Mitnick’s Social Engineering Cycle. This classification allows for creation of attack patterns and could be used as a basis for a social engineering attack matrix. Moreover, the paper presents a collection of different methods used in each of the stages of the cycle, describes them and provides examples of their usage.

PL

Cyberbezpieczeństwo jest dziedziną dynamicznie się zmieniającą. Narzędzia, techniki, oprogramowanie są ciągle rozwijane i stają się coraz bardziej złożone. W przeciwieństwie do nich metody socjotechniczne używane były od wielu lat i nadal nie straciły na swojej aktualności, nawet gdy wykorzystywane są w cyberprzestrzeni. Ataki socjotechniczne są często przeprowadzane z suckcesem przez oszustów oraz hackerów. Niezmiennie pozostają one zagrożeniem. W celu wykrycia i przeciwdziałania takim technikom konieczne jest zrozumienie i usystematyzowanie procesu ich wykorzystania. Niniejszy artykuł proponuje klasyfikację wybranych metod socjotechnicznych opartą o Cykl Socjologiczny Kevina Mitnicka. Klasyfikacja pozwala na tworzenie wzorców ataku oraz może zostać użyta w celu stworzenia matrycy ataków socjotechnicznych. Niniejszy artykuł przedstawia również zbiór różnych metod socjotechnicznych używanych w każdym z etapów cyklu, opisuje je oraz przykłady ich zastosowania.

5

Effective information system and organisational efficiency

Rahiman Habeeb Ur, Nawaz Nishad, Kodikal Rashmi, Hariharasudan A.

Polish Journal of Management Studies

|

2021

|

Vol. 24, No. 2

398--413

EN

The present study aims to identify the effectiveness of information systems on organizational efficiency in technical and operational perspectives in the various public and private sectors. The novelty of the research focuses on data security practices, perceived severity, response efficacy, perceived usefulness and perceived behavioral control on organisational effectiveness. The survey data is gathered from 200 professionals representing public and private sectors in India and MENA countries who broadly support these outcomes. The analysis of data was generated by applying an equation model and various descriptive statistical tools using AMOS and SPSS. The study results reveal that an effective information system with comprehensive information management avoids potential cyber-attacks and enhances the organisation’s performance. The study identified that repeated cyberattacks threaten the reputation of the business and its organizational operations. Therefore, creating effective awareness about risks and challenges on business operation among the workforce enhances the performance and efficiency of the organization. This empirical research has contributed significantly for organizations to emphasize suitable measures to incorporate effective information and risk mitigation plan to protect data and efficiency. The research outcome emphasized that training and awareness are mediating variables to enhance performance.

PL

Niniejsze badanie ma na celu określenie skuteczności systemów informatycznych w zakresie sprawności organizacyjnej w perspektywach technicznych i operacyjnych w różnych sektorach publicznym i prywatnym. Nowość badania koncentruje się na praktykach w zakresie bezpieczeństwa danych, postrzeganej dotkliwości, skuteczności reakcji, postrzeganej użyteczności i postrzeganej kontroli behawioralnej nad efektywnością organizacji. Dane ankietowe zostały zebrane od 200 specjalistów reprezentujących sektor publiczny i prywatny w Indiach i krajach MENA, którzy szeroko popierają te wyniki. Analiza danych została wygenerowana przez zastosowanie modelu równania i różnych opisowych narzędzi statystycznych przy użyciu AMOS i SPSS. Wyniki badania pokazują, że skuteczny system informacyjny z kompleksowym zarządzaniem informacją pozwala uniknąć potencjalnych cyberataków i poprawia wydajność organizacji. Badanie wykazało, że powtarzające się cyberataki zagrażają reputacji firmy i jej działaniom organizacyjnym. Dlatego budowanie wśród pracowników skutecznej świadomości na temat zagrożeń i wyzwań związanych z działalnością biznesową zwiększa wydajność i efektywność organizacji. To badanie empiryczne w znacznym stopniu przyczyniło się do podkreślenia przez organizacje odpowiednich środków w celu włączenia skutecznych informacji i planu łagodzenia ryzyka w celu ochrony danych i wydajności. Wyniki badań podkreślają, że szkolenie i świadomość są zmiennymi pośredniczącymi w zwiększaniu wydajności.

6

The impact of the COVID-19 pandemic on cybercrime

Gryszczyńska Agnieszka

Bulletin of the Polish Academy of Sciences. Technical Sciences

|

2021

|

Vol. 69, nr 4

art. no. e137933

EN

The COVID-19 pandemic is accompanied by a cyber pandemic, involving changes in the modi operandi of perpetrators of various crimes, and an infodemic, associated with the spread of disinformation. The article analyses the impact of the COVID-19 pandemic on cybercrime and presents the latest research on the number of cybercrime cases in Poland and their growth dynamics. It determines the factors that contribute to the commission of a crime and prevent easy identification of criminals. It also suggests the legal and organisational changes that could reduce the number and effects of the most frequently recorded cyberattacks at a time of COVID-19. Particular attention is paid to legal problems of the growing phenomenon of identity theft, and the need to ensure better protection of users from phishing, including through education and proactive security measures consisting in blocking Internet domains used for fraudulent attempts to obtain data and financial resources.

7

The Russian social engineering attack on the President of the Republic of Poland as a manifestation of modern soft power

Bil Jacek

Przegląd Nauk o Obronności

|

2020

|

R. 5, Nr 9

53--63

EN

The tools of exerting soft power constitute an effective instrument of information warfare conducted by intelligence services of many countries. The Russian disinformation machine, as well as other methods it uses in information warfare, seem to be effective in destabilising other countries' security and defence systems. Purpose: The purpose of this article is to bring to the attention the social engineering attack on the President of the Republic of Poland that took place either immediately after or at the final stage of the election in Poland. Method: The article was designed using the problem-based method with elements of comparative analysis. The research part was carried out using the method of critical analysis of academic literature on the topic of using soft power for achieving political goals. Results: The article presents an analysis of a recent attack by Russian pranksters on the President of Poland. It has been shown that this incident should be viewed as a dangerous manifestation of the information game played by Russia. Information about the attack was provided by the Polish Ministry of Foreign Affairs. The analysis of the content of the President's conversation with the pranksters posted on Russian portals prove the existence of a real information warfare against the security of the Polish state, aimed at destabilisation of the defence system of our country. The call made by the Russian pranksters fits into the Russian strategy of exerting soft power. Conclusions: The action taken by the Russian pranksters can certainly be regarded as an example of information warfare aimed at weakening the state security system and its defence capabilities. The provocative conversation between the Russian pranksters and the President of Poland, Andrzej Duda, was criticised by mass media, which accused the Ministry of Foreign Affairs and the President's Chancellery of neglect in terms of ensuring the safety of the Polish head of state. Such accusations against those responsible for the president's safety seem to be justified.

8

Social and communicative engineering as the newest type of engineering

Кunanets N., Pasichnyk V., Fedonyuk A.

ECONTECHMOD : An International Quarterly Journal on Economics of Technology and Modelling Processes

|

2016

|

Vol. 5, No 2

17--26

EN

The authors describe a scientific substantiation of the concept “social and communicative engineering", outline the object and the purpose of study of a new type of engineering, which is being actively formed and is objectively demanded in today's information society. Social and communicative engineering forms rules of the correct construction of social groups, of the setting of internal relations in them and regulations of the building of relationships with the outside world. The methods of social and communicative engineering are specific techniques used for the designing and the construction of social and communicative technologies and systems, and also scientific, where the leading one is the system analysis. Social and communicative engineering, in the authors’ interpretation, is a set of methods, tools and means which, when is used systematically, allows to design and create the qualitative and effective social and communicative technologies and systems. In other words, social and communicative engineering is the science that investigates the processes of construction, projecting and creation of social and communicative technologies and systems. Social and communicative engineering, as the science that studies the processes of designing and creating of social and communicative systems, is in demand, particularly during the formation of the system of relations between members of different parties and political platforms, ideological beliefs of various communities through the establishing of communications, particularly with the engagement of possibilities of the information spreading through social networks.

9

Social engineering as a modern method of information systems penetration

Zimnicki M.

Zeszyty Naukowe. Studia Informatica / Uniwersytet Szczeciński

|

2007

|

Nr 20

10

Techniki manipulacji i wpływu społecznego

Szczepański M.

Zeszyty Naukowe Politechniki Białostockiej. Ekonomia i Zarządzanie

|

2004

|

Z. 9

233-252

PL

W ostatnim półwieczu nastąpiło gwałtowne zainteresowanie naukowców możliwością wpływania na cudze decyzje, poglądy, zachowania. Okazało się, że można modulować psychikę dorosłych ludzi, którą przyjmowało się za ukształtowaną. Stwierdzenie u jeńców amerykańskich, wziętych do niewoli podczas wojny koreańskiej, przypadków całkowitej zmiany poglądów poprzez tak zwane "pranie mózgu" zapoczątkowało zainteresowanie psychiatrów i psychologów możliwościami psychomanipulacji. Przeprowadzone w Polsce i na Zachodzie badania pozwoliły na opisanie poszczególnych technik wpływu społecznego. W artykule przedstawiono przegląd niektórych z nich. Z konieczności jest on bardzo skrótowy i dotyczy technik najpowszechniejszych i najbardziej popularnych.

EN

The last half-century has brought about a dramatic interest of scientists in the possibility of influencing other people's decisions, opinions and behaviour. It turned out that it is possible to modify adult psyche, which had been assumed to be already moulded. The discovery of total changes of views through the so-called "brainwashing" in American prisoners of war who were taken captive during the Korean war triggered off the interest of psychiatrists and psychologists in the possibilities of psychological manipulation. The research carried out in Poland and in the West enabled to specify and name particular techniques of social influence. The article presents the review of some of those techniques. By necessity it is unfortunately very short. I concentrate on the most common and the most popular techniques.