ANALYSIS AND DISCUSSION OF ‘WHOLESOME GROWING’ SOCIALLY ENGINEERED HACKING SCENARIO

 Executive Summary

In this report, the human mind has been descriptively analyzed against the threats of hacking present in the social allocation of the characters in the study. The parameters included in the study’s analytics have been provided with an effective solution that will cater to the threats that have been visible in the case analytics of the study. The company of “Wholesome Growing” has been catered to as an instance in this study scenario. The approach that has been taken in the dictation of the study is very close to the human mind and is a humanistic interpretation of the hacking scenario.

1.0 Introduction

In this report, the hacking scenario of an instance has been descriptively looked into. The analytics of the breach in the security of the “Wholesome Growing” company has also been descriptively catered to in the formulation of this study’s dictates. The approach has been catered with the human minds that have been mitigated in the scenario is a humanistic approach in the context of the human mind (Al-Murjan, 2016). The proper allocation of the modules used in the threats proposed to hacking has also been effectively attenuated in the study’s descriptives.

2.0 Analysis

2.1 Analysis of the breach

Background

In this case study about “Wholesome growing” and its hacking scenario, about this online website, there are some issues that can be found in some hacking issues in their online website shop. Rose is the owner of this unique business idea, and her hard work helps to make this business successful in a very short span of timing (Alozie, 2016). This unique business idea helps to make people self-independent by helping them grow their fruits and vegetables independently. And in this fact rose and all her employees who joined her business after the pandemic situation, and also worked hard to help all those subscribers and “gardening club” fans members provide suggestions and also deliver all those pants as per their choices al their destination. In this way, people love to accept this unique business idea in a pandemic situation, when all people have enough time to spend like this. But in this rush business season, Rose appoints some people to help her in different segments like Rowan, who joined the “wholesome growing” as the IT manager and looks after their business websites and the cybersecurity issues (Cerrudo et al. 2017). The same way Basil joined as the CFO of that business organization, he must find all possible ways to improve the business better than before. Pansy also joined unlike other members, who work as the personal assistant of Rose and fulfil all the requirements as the secretary of this company. Laurel has joined “Wholesome Growing” as the receptionist and admin, who has to deal with all the new describes and joiners of this online business organization. She needs to look after all types of questions asked by the members and provides answers concerning those questions.  Zinnia, also included with this company as she works as the service admin of this company, holds the business along with Rose for the last two years, looks after all the marketing issues, and tries to implement all new strategies to increase their sales rate. Poppy is always present beside her to help to find different marketing strategies (Futter, 2018). Daisy, Ash, and Violet also work as the admin of this online website selling platforms and try their best to improve all their social media working, “Gardening club handling” and many other jobs. But engaging all these employees in their office, Rose understands some hacking issues found in the office’s promenade theory Using the USB cable, having a poor security system, and fake email uses. But in the present time, it is a duty to find out all the hacking facts regarding their owners.

“Wholesome Growing Redundancy Plan” USB

Attack vectors:

The attack vectors may be of different types, this incident about plugging the USB cable and showing “Wholesome Growing Redundancy Plan”. It is quite weird to create the redundancy plan at the time of the flourishing of this company. In this case, the attack vector includes unwanted web pages and email attachments (Gaia et al. 2020). As after connecting the USB to the system, it first shows “Redundancy finer”. All the scene of the PC is going to be blank. It also shows some unusual codes are streaming in the whole screen with some pop-up messages asking for “Bitcoin ransom”. These facts are considered the attack vector in this specific hacking case in “Wholesome growing”.

Used channels:

In this specific case, the USB works as the hacking channel in the cybersecurity issues in the “Wholesome Growing” in the time when Violet found the USB dropped in the flow with a logo of this business organization within it. While connecting the USB into the PC, it started showing the “Redundancy file” (Hartley et al. 2017). It is quite hard to accept a “Redundancy filter” in the flourishing time of this company. The suspicious drive is considered as the channel of hacking, and the customization of the functions of that USB clearly shows the Bitcoin ransom. Its main focus is access to the Data already present in the company PC.

The operator of those attacks:

The operator of this hacking session, can not be explained clearly, but Violet firstly finds the USB in the floor’s ground. And secondly, Daisy first notices the” Redundancy file” while connecting the USB to the PC. Daisy said to plug out the USB until Ask came to th4 office. And after occurring Ash, and after connecting the USB to the PC, it started showing all the faults shown in the PC screen (Hsieh et al. 2018). So there are several characters at a president who directly and indirectly connected with this hacking plan.

Approaches:

While Violet finds the USB, she approaches everyone about the USB, but Daisy notices  “Wholesome Growing Redundancy Plan” and asks Daisy to stop. At the same time, Ash comes to the office as there is different viruses that can cause harm directly to the whole system. The USB manipulation is quite easy to spy on all the users and the presence of difficult IT experts who can positively help any organization and surely can harm through these facts (Kim et al. 2017). And it is quite hard for Rose to look after all these facts where she already appointed different employees to look after different segments individually.

 

Attribute targeting:

The cyber attributions of this case help identify, track, and become to all the targets related directly or indirectly to the hacking procedures. Engage some serious security systems; it will make the hacking parodies lower than the previous time. And implementing some serious and Artificial intelligence security systems like fingerprint matching and something like this to the PCs of this company can easily and effectively get rid of these hacking incidents. Daisy, Ash, Violet, and Poppy shield have their password and security handling procedures to make safe from the further hacking procedure. Lastly, Rose has to more strictly handle all the work to keep her business safe from any kind of troubles.

Poor Security Measures

Attack vectors:

This hacking incident is done through the poor security system. When people were busy in their stuff, anyone can step in without fulfilling all the procedures and are cured to get into the “Wholesome’s Growing” office premises. At this time, the attack vector can be hidden behind the total security system with the office. As if the security system was strong enough, it wouldn’t be possible to hack all the officer PCs through the USB  driver. Similarly, through the negligence of the security system, any people can get into the office.

Used channels:

Several channel art present to provide the scopes for the people to get in within the office avoiding all the CCTV cameras, and all the security procedures. There must be some scopes present which can be easily accessed by any outsiders (Kshetri et al. 2017). These strange people are well known to all the security facts happening in the office and all the security, and PC security software are presently known within this. And the most strange fact is that the people enter the office premises when all the staff is busy in their workings, the man chooses that time to get in. And while Daisy is busy with Rose to look after all the working in the farms, Daisy’s desk is blank. And that man had enough space to hack all the data of this company from Daisy’s desk.

 

The operator of those attacks:

In this attack, some employees can be considered to have direct and indirect contact with the stranger present on the office premises. The stranger choose Monday to visit, as that is the first day of the week and every people engaged with their working and do not pay attention to any other. The same day Rowan is busy with rose, and Zinnia is also late4 to come to the office, and Laurel is also very busy with communicating with clients. And while Zinnia asked his name, he introduced himself as Basil, but that was not his original name. Basil has enough sources to gather knowledge about the security facts within the office premises and avoid all the security persons of that office.

 

Approaches:

Several cybersecurity threats are present within this case study, but in this specific phase, ransomware, data leakage, and hacking are considered the most relevant approaches to this case study. In Laurel’s absence as the receptionist, the entry point is clear for Basil to get entered into the office premises (Lee, 2018). And he said that no swipe up admin identity cards are requested from him while entering, so it can be clear through bothered USB driver incidents this person already gets notified about all the security issues president within “Wholesome Growing”. The security’s weaknesses are also known to him, and Basil used all these weak factors to get entered within the office premises.

 

Attribute targeting:

In this incident, the hacker targets to handle all the segments within the “Wholesome growing” and its privacy issues to know all the positive facts within this company. To examine all the security issues the hacker first hack all the company’s information through the USB, and then grab all the essential data from PC’s the hacker gets notified by all the positive issues, all its strategies, and the economic condition of this company (Lillie et al. 2020). And to get more information, Basil enters into the office premise to hack the rest data while handling all the security issues. Through the hacking procedure, the hacker can get all the transactions by the club members and subscription money to get rich, or maybe various other facts can be present as the reason for hacking.

 Fake Email

Attack vectors:

Another case is present in the “Wholesome Growing” where this organization’s software is completely hacked can be noticed. A case came in front of the employees which states about the occurrence of a strange mail to the customers, which stated about £100 reward for downloading a different software present on the official websites of “Wholesome Growing” (Pukanasytė et al. 2019). This mail was firstly noticed by Rowan, where this mail occurs by the name of Rowan. Rowan felt strange after this incident; then he told everybody about the mail to every employee’s PC with their subscribers and other people. After this situation, it is completely clear to every employee along with Rose, that their official website and all the softwares used by them are hacked.

 

Used channels:

In this section, all the channels of this case study will be successful here. As the previous timing, the usages of the USB cable into the office PC show about the “redundancy file” with asking to access all the data used to the company. And this may be the situation through which hackers hacked all the organisation’s data (McAlaney et al. 2020). Thorough that first hacking, the hacker got all the data and came to the office premises without asking permission. This incident states about poor security in the office premise. This incident opens the way to the last incident where the fake mail occurs under Rowan’s name. Several people can be present with all its employees within this cybersecurity of “Wholesome Growing”.

The operator of those attacks:

The people have all the knowledge about cybersecurity and usages of all the security measures into the business organization they can be the suspect for all these incidents. In this organization, Rowan works as the IT manager and handles all the cybersecurity issues and usher essential facts within the company.

Approaches:

Hacking the mail is one of the sensitive issues of an organization, and the appearance of fake mail can break the trust issues of all the stakeholders and customers. The Fake mail’s appearance shows all the personal information of this company is completely hacked by someone (Roschier et al. 2018). All have enough cybersecurity information; it can not be sure about who the hacker is, by tracking the IP address the hacker can be easily identified.

Attribute targeting:

In Zinnia, Poppy, Daisy, Ash, and Violet all are works as the admin in the organization and known to all softwares issues and cybersecurity factors in the “Wholesome Growing” office premises. And it is not hard for them to leak that information. But implementing different models and other theories to help make the security system strong into “Wholesome Growing” [Referred to Appendix 1].

2.2 Proposed intervention

In this section, the solutions to the threats mentioned above have been descriptively catered to. The hacking scenario that has been analyzed above issues a prerogative threat to the growth of an industry, due to the pandemic of COVID-19 people worldwide have been on lockdown, and the businesses have seemed to grow online. The online and social presence of a human user has been a boon for businesses’ growth in these dire times. The privacy of such users is also an important factor that a user needs to leverage. The practical approach of using an online or social approach to get into a private system has been dictated as a threat in the case study. The solutions for these threats have been proposed accordingly as follows,

1.      “Wholesome Growing Redundancy Plan” USB

The primary incident identified in the “Wholesome Growing” company has been descriptively catered to in the formulation of this section of the study. The attribution of a suspicious USB defined the threat. In the office of “Wholesome Growing”, a suspicious USB was identified by Violet, the new social media admin. She found the USB just laying on the floor, curiously enough she tried to plug it in her PC. After getting access to the suspicious USB contents, she identified a folder named “Wholesome Growing Redundancy Plan”. She was excited to find a redundancy plan for the company; she called the other executives and tried to open the folder. Seconds before Daisy, the old website admin asked Violet to stop as she perceived it might threaten the company’s data. After Rowan came in and was aware of the situation, he plugged the USB into an old disconnected PC (Rugge, 2018). The USB contents after being opened crashed the PC and Daisy’s suspicions were confirmed. The handling of such a similar threat has been descriptively provided with a solution in this section of the study. The security risks of information handling are very common these days; the perception of these threats to the security models of a company is very challenging for the company to deal with. U3 USB drives have been dictated in the formulation of mobile hacking from a remote connection. These devices are effectively used by hackers to log into or steal data from any online portal of the host company. Viruses can be issued through these USB drives that can attenuate to the security threat proposed to the company. Sensitive data of the company can be allocated in these USB drives, which will be used as a tool to collect ransom from the company by the hacker. Sometimes fund transfers are also catered to by the application of these threats are incorporated Universal Serial Buses. The company’s fund can be easily transferred via cryptocurrency software portals. A series of threats thus can be issued by the installation of these drives in a device that has sensitive information. The threats involved in this procedure have been exclusively provided with a solution in this section of the study. The theft of data via these suspicious USB drives are done by the installation of certain malware that silently downloads the files that have been declared as private to the company. In 2007 the U3 hack tools were popular amongst hackers. These USB devices were incorporated with remote connection tools that allowed hackers to easily connect to the USB simultaneously. The solutions that have been approached against the context of the threats that have been proposed in the USB hack drives have been delegated as follows, control of data access, control of USB port access, and Policies of security. The primary solution to the threat measure has been descriptively catered to in this section. The control of data access has been the most prevalent approach to cater to the hacking capabilities in a host industry (Sawyer et al. 2018). The USB data access allows the maintenance of definitive security models. This method attacks the autorun function and disables it, thus ensuring no interruption while the hacking software is implemented. The other parts that the USB hacking drive attacks are the limitation of user privileges, encryption of stored data on both ends of the communication modules, restriction of access attributes to connected servers that are vital to the company. The other attributes that have been used in the developmental context of the security breaches made by the security are monitoring of server access modules and limiting the data size of transferable in the system. To allocate the mitigation of these breaches, an Acceptable Use Policy is dictated that is a dedicated management solution for cybersecurity threats. The AUP provides the user with a dedicated cybersecurity training attribute. This also checks the user’s transfer protocols and monitors hacking attributes in the system. The dictation of this protocol has been descriptively attenuated in this section of the study. These are usually cost-effective management solutions that are beneficial for the industries to avail protection against cyber-security threats. These are always implemented as a mandatory step in any corporate environment. Additional licensing is required for availing of these solutions in any device that is connected to a corporate network. The use of various antiviruses is also used to avail protection from these cyber-security threats. The antivirus software has helpful programs that scan all the drives present in the device. After scanning all the drives, the antivirus tool quarantines the suspicious files that are present in any of the drives. A warning message is also issued to the user of the device, and the choice of deletion of that software is provided. This softwares also require licensing, but it is an appropriate mandate for the corporate companies to issue. These even provide network security that issues messages when a threat is recognized in the network of the system. Thus the proper allocation of the mitigation techniques that have been issued in the incorporation of the threat that has been identified by a USB drive has been descriptively catered to in the formulation of this section of the study (rapid7.com, 2020).

2.      Poor Security Measures

In this section, the poor security measures of the company of “Wholesome Growing” have been descriptively catered to. This is the second incident that the company has allocated as a security threat. The occurrence of this threat has been descriptively provided in the formulation of the analytics of the study. The primary threat was a cybersecurity threat, but this threat is descriptively catered to a potential security threat. On a working day Zinnia, the senior admin of marketing noticed a man in a smart suit standing in the office lobby. Zinnia figured out that the man in the suit was confused about where he was and thus approached to find out if he needed any help. Zinnia identified that the man was the new CFO Basil. He was surprised by the poor implementation of the security as he did not need a swipe card for entering the office premises. He was able to make his way in through the walking crowd (Sigwadi et al. 2017). He also identified that there was sensitive client information lying around the office desks at a vulnerable position. This made it very displeasing for Basil to see. Thus the poor execution of these security modules has been identified as a potential security threat for the company of “Wholesome Growing”. These threats have been descriptively attributed to the formulation of properly allocated solutions that have been catered to in the analytics of the study. The security threats that have been identified have been further described in this section of the study. The vulnerabilities that have been shown by the “Wholesome Growing” company can be categorized into a variety of categories. The categories have been further attributed in this section with an approach on how to curb them. The primary external vulnerability that has been proposed by the aforementioned security threat has been the failure of covering the cybersecurity basics of the company. Basil saw a lot of sensitive files that were visible to all. In this context, if the employees of the company are not covered with the basics of fire protection, thus the files were not protected from the field of view. The learning of the basics of security by the employees is a mandatory step that the company needs to approach. A very few selected softwares are used to hack into these systems nowadays if the employees are kept updated on that fact they will be informed on how to predicate a similar situation beforehand. The secondary attribute that has been catered to as a security threat in the context of “Wholesome Growing” company has been descriptively catered to in this section (Wolf et al. 2017). The understanding of the generation of corporate cybersecurity risks also needs to be allocated to the employee’s knowledge; this will attribute them to get an understanding of the upcoming threats in the future. The vulnerability of the attacks must be descriptively catered to the functional executive roles of the company to promote the prevention of data loss via hacking. Another attribute that has been approached in the dictation of the threat in the company has been defined as the lack of cybersecurity policies. These policies allow users to prevent third-party hacking; the licensing of these software models is a mandatory step that the corporate companies need to avail for. According to effective surveys, the companies spend more than 3.5 million USD annually to cater to the hacking issues. This must be a mandatory step as all the sensitive files that are present on the employment portals are secured. The defined policy for cybersecurity attenuates the threats and issues as follows, identification of risks prone to cybersecurity, the establishment of governance in cybersecurity, development of policies for oversight processes, protection of company networks as well as corporate information, detection of unauthorized activity. The fourth attribute that has been dictated in the formulation of security threats is the confusion of compliance that arises with cybersecurity issues. These issues arise when the proper conduction of information is not conveyed to the employees of the corporate company. The proper methods that have been used as recuperation from these security risks have been attributed in this section of the developmental procedure (Xu et al. 2018). The main application is the placement of security executives in the office premises. These executives will check the allocation of identity cards and the reason for entering the office premises. The check-in cards of the employees should also be updated and checked thoroughly by the security machines installed at the entry point of the office premises. Another important attribute has been definitively not used by the “Wholesome Growing” company. This attribute was the application of  CCTV cameras in the office premises. The cameras will catch any unauthorized activities issued in the formulation of the threats in the office premises. The sensitive information that was kept naked to the eyes of the passersby can also be analyzed by the application of the camera technologies in the office premises. These physical threats may not be so dramatic in context, but some security threats can also be posed by the employees of the company itself. These employees, thus, can gain the potential to sabotage the integrity of the company. The corporate methods that can be applied against these frauds have been descriptively attenuated in further sections of this study (Zimmermann et al. 2019). The brief understanding of handling these issues has been described as follows, explanation of foundational issues, the establishment of a clear workplace violation policy, the suggestiveness of helping employees for reporting of various issues they have come across in the workplace. The other attributes that have been helpful in curbing a similar situation in the workplace are the education of the team in the context of problematic behaviours and the definition of the process of incident management. The proper allocation of these attributes in the corporate workflow of the company can affect the growth of the security modules of the company. Thus, the policies for curbing of similar security issues have been descriptively attenuated in this section of the study [Referred to Appendix 2].

3.      Fake Email

The third incident of the breach has been dictated in the security framework of the “Wholesome Growing” company has been descriptively catered to in this section of the study. The analytics of the security breach has also been definitively attributed to the further sections of the study. The approach that has been catered to in the dictation of the study has been kept as a third party approach towards the analytics of the situation in the context of a “Wholesome Growing” company. The issues that have been analyzed have also been provided with mitigative approaches that attenuate to the culmination of cybersecurity that is relevant to the study. The issue was raised when a fake email from Rowan reached the executive employees of the company. The email read that it was a festive price, and thus everyone was greedy enough to click on the link. Thus, a virus was introduced to the internal network of the “Wholesome Growing” company. These attributes can be mitigated by the application of antivirus software and dictate firewalls in the network of the system. Thus, the analytics of the risk has been descriptively mitigated in this section of the study (arxiv.org, 2018).

2.3 Ethical and Moral issues

In this section, the ethical and moral issues that have been dictated in the formulation of the mitigation techniques in the context of cybersecurity threats have been descriptively catered to. The cybersecurity modules that have been dedicated have also been provided with an ethical and moral compass in the context of a humanistic approach. The ethics and the morals that have been catered to have been provided as follows,

  1. Harms to Privacy – In this section, the harms that have been made to the privacy models have been descriptively attenuated with proper mitigation measures. The most common threat in the context of cybersecurity is that of identity theft. In these cases, the personal identification of a person can be stolen; this has the most chances of occurring on the social portal of the host. The same scenario can be implemented to the security allocation of the “Wholesome Growing” company. The authorization of credit cards can also be blocked by this sort of theft hacking attribution (cyber-peace.org, 2017).
  2. Harms to Property – In this section, the harms that have been made to the property models have been descriptively attenuated with proper mitigation measures. Various sections of data privacy models have been descriptively looked into in this section of this study. These include typically significant ethical harms; these directly harm an organization or target a singular profile. Malware can be attributed to the behaviour of this system. Thus the harms to the property have been descriptively approached in an ethical sense [Referred to Appendix 3].
  3. Transparency and Disclosure – In this section, the harms that have been made to the transparency and disclosure of models have been descriptively attenuated with proper mitigation measures. The modes of transparency of data have been approached in an ethical sense in this section of the study. Limited obligations in corporate practice are termed as transparency in the context of cybersecurity (illinoislawreview.org, 2020).
  4. Roles of Cybersecurity – In this section, the harms that have been made to the cybersecurity roles and models have been descriptively attenuated with proper mitigation measures. The predefined set of roles that have been culminated in the cybersecurity modules have been descriptively catered to in this section of the study. The Data that is driven in the cybersecurity network is procured in an honest way and implements top priority in the context of privacy (iopscience.iop.org, 2020).

3.0 Conclusion

Hence it can be concluded that the issues that were faced by the “Wholesome Growing” company have been descriptively catered to in the analytics of the project. The threats that were faced have also been allocated with a proper solution. The study includes a complete portion dictated to the analytics of the threat and subsections that cater to the proposed solutions as well as the ethics involved in the decision parameters of the human mind that have been involved in the hacking procedure. The proper risk mitigation techniques have also been incorporated into the development of the study. Thus the proposed issues have been descriptively catered to in the analytics of the study.

References list

Journals

Al-Murjan, A. and Xynos, K., 2016. Network Forensic Investigation of Internal Misuse/Crime in Saudi Arabia: A Hacking Case.

Alozie, A.N., 2016. INFORMATION AND COMMUNICATION TECHNOLOGY (ICT) AND CHALLENGES OF ORGANISATIONAL SECURITY. Journal of Qualitative Education12(2).

Cerrudo, C. and Apa, L., 2017. Hacking robots before skynet. IOActive Website, pp.1-17.

da Veiga, A., Astakhova, L.V., Botha, A. and Herselman, M., 2020. Defining organisational information security culture—Perspectives from academia and industry. Computers & Security92, p.101713.

Futter, A., 2018. Hacking the bomb: cyber threats and nuclear weapons. Georgetown University Press.

Gaia, J., Ramamurthy, B., Sanders, G., Sanders, S., Upadhyaya, S., Wang, X. and Yoo, C., 2020, January. Psychological Profiling of Hacking Potential. In Proceedings of the 53rd Hawaii International Conference on System Sciences.

Hartley, R., Medlin, D. and Houlik, Z., 2017. Ethical Hacking: Educating Future Cybersecurity Professionals. In Proceedings of the EDSIG Conference ISSN (Vol. 2473, p. 3857).

Hsieh, M.L. and Wang, S.Y.K., 2018. Routine activities in a virtual space: A Taiwanese case of an ATM hacking spree.

Kim, S.G. and Park, D.W., 2017. The Research for Cyber Security Experts. Journal of the Korea Institute of Information and Communication Engineering21(6), pp.1137-1142.

Kshetri, N. and Voas, J., 2017. Hacking power grids: A current problem. Computer50(12), pp.91-95.

Lee, J.A., 2018. Hacking into China’s Cybersecurity Law. Wake Forest L. Rev.53, p.57.

Lillie, J., 2020. Cybersecurity-Hacking. World Libraries24(1).

Marcinauskaitė, R., Pukanasytė, I. and Šukytė, J., 2019. Cyber security issues: problematic aspects of hacking.

McAlaney, J., Hambidge, S., Kimpton, E. and Thackray, H., 2020, September. Knowledge is power: An analysis of discussions on hacking forums. In 2020 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW) (pp. 477-483). IEEE.

Roschier, T., 2018. How can large Finnish companies implement and execute growth hacking.

Rugge, F., 2018. Mind hacking”: information warfare in the cyber age. ISPI20(319), pp.1-8.

Sawyer, B.D. and Hancock, P.A., 2018. Hacking the human: the prevalence paradox in cybersecurity. Human factors60(5), pp.597-609.

SIGWADI, W., THE ADOPTION AND USE OF ETHICAL HACKING TO SECURE INFORMATION IN SMALL COMPANIES.

Wilson, B., 2017. Teaching security defense through web-based hacking at the undergraduate level.

Wolf, M. and Lambert, R., 2017. Hacking trucks-cybersecurity risks and effective cybersecurity protection for heavy duty vehicles. Automotive-Safety & Security 2017-Sicherheit und Zuverlässigkeit für automobile Informationstechnik.

Xu, M., Schweitzer, K.M., Bateman, R.M. and Xu, S., 2018. Modeling and predicting cyber hacking breaches. IEEE Transactions on Information Forensics and Security13(11), pp.2856-2871.

Zimmermann, V. and Renaud, K., 2019. Moving from a ‘human-as-problem” to a ‘human-as-solution” cybersecurity mindset. International Journal of Human-Computer Studies131, pp.169-187.

Online article

arxiv.org, 2018. ROBOTICS CTF (RCTF), A PLAYGROUND FOR ROBOT HACKING. Available at:   https://arxiv.org/pdf/1810.02690.pdf [Accessed on 13.12.2020]

arxiv.org, 2019. Gathering Insights from Teenagers’ Hacking Experience with Authentic Cybersecurity Tools. Available at:  https://arxiv.org/pdf/1903.04174.pdf [Accessed on 13.12.2020]

cyber-peace.org, 2017. WikiLeaks Releases Trove of Alleged C.I.A. Hacking Documents. Available at:  https://cyber-peace.org/wp-content/uploads/2017/03/WikiLeaks-Releases-Trove-of-Alleged-C.I.A.pdf [Accessed on 13.12.2020]

illinoislawreview.org, 2020. HACKING CYBERSECURITY LAW. Available at:  https://illinoislawreview.org/wp-content/uploads/2020/06/Kosseff.pdf [Accessed on 13.12.2020]

iopscience.iop.org, 2020. A Human Dimension of Hacking: Social Engineering through Social Media. Available at:   https://iopscience.iop.org/article/10.1088/1757-899X/790/1/012040/pdf [Accessed on 13.12.2020]

Websites

economictimes.indiatimes.com, 2020. 7 cyber security guidelines for organizations after the lockdown. Available at: https://cio.economictimes.indiatimes.com/news/digital-security/7-cyber-security-guidelines-for-organizations-after-the-lockdown/76320506 [Accessed on 13.12.2020]

niti.gov.in, 2020. Cyber Security. Available at: http://niti.gov.in/sites/default/files/2019-07/CyberSecurityConclaveAtVigyanBhavanDelhi_1.pdf [Accessed on 13.12.2020]

rapid7.com, 2020. Common Types of Cybersecurity Attacks. Available at:  https://www.rapid7.com/fundamentals/types-of-attacks/ [Accessed on 13.12.2020]

smallbusiness.chron.com, 2020. The Effects of Computer Hacking on an Organization. Available at:  https://smallbusiness.chron.com/effects-computer-hacking-organization-17975.html [Accessed on 13.12.2020]

Appendices

Appendix 1: Analysis of Cyber Security Services

(Source: data:image/jpeg;base64,/9j/gCAID/9k= )

 

 

Appendix 2: Cyber security Investments in the beginning of the pandemic

(Source: data:image/png;base64, ==)

 

 

Appendix 3: Soar in Data breach

(Source: data:image/png;base64,)

Leave a Comment