In recent years, the perpetual “cat and mouse” game between attackers and defenders in the cyberspace has escalated significantly, driving both parties to seek ways of gaining an advantage. Attackers develop creative and sophisticated ways of bypassing existing defenses, particularly aimed at the base of the cybersecurity pyramid, the user, while defenders strive to strengthen the understanding of various attacks and enhance user awareness for potential threats. Yet, how can you protect yourself from something legitimate looking, such as completing a simple CAPTCHA test to access your favorite website? This paper will examine a range of social engineering attacks, spanning from how users are being infected by simple malware created by Artificial Intelligence bots, to how Advanced Persistent Threat groups are using psychology to manipulate and infect users. The aim of this article is to analyze recent developments in cyber threats and define metrics, from a monetary standpoint, quantifying how this impacts enterprise organizations who fall victim to such attacks. The proposed model for defining such costs builds from previous work on this topic, incorporating newly available data to better reflect contemporary attack strategies. This enhanced model can help businesses more accurately evaluate what an attack may produce in terms of monetary loss, consequently helping them make more informed decisions regarding investments into cybersecurity.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

The Economic Impact Brought on by Recent Malware Developments

  • Alexandru-Cristian Bardaș,
  • Cătălin-Emilian Boja

摘要

In recent years, the perpetual “cat and mouse” game between attackers and defenders in the cyberspace has escalated significantly, driving both parties to seek ways of gaining an advantage. Attackers develop creative and sophisticated ways of bypassing existing defenses, particularly aimed at the base of the cybersecurity pyramid, the user, while defenders strive to strengthen the understanding of various attacks and enhance user awareness for potential threats. Yet, how can you protect yourself from something legitimate looking, such as completing a simple CAPTCHA test to access your favorite website? This paper will examine a range of social engineering attacks, spanning from how users are being infected by simple malware created by Artificial Intelligence bots, to how Advanced Persistent Threat groups are using psychology to manipulate and infect users. The aim of this article is to analyze recent developments in cyber threats and define metrics, from a monetary standpoint, quantifying how this impacts enterprise organizations who fall victim to such attacks. The proposed model for defining such costs builds from previous work on this topic, incorporating newly available data to better reflect contemporary attack strategies. This enhanced model can help businesses more accurately evaluate what an attack may produce in terms of monetary loss, consequently helping them make more informed decisions regarding investments into cybersecurity.