The Shifting Landscape of Cybersecurity: The Impact of Remote Work and COVID-19 on Data Breach Trends
Authors:
Murat Ozer,
Yasin Kose,
Mehmet Bastug,
Goksel Kucukkaya,
Eva Ruhsar Varlioglu
Abstract:
This study examines the impact of the COVID-19 pandemic on cybersecurity and data breaches, with a specific focus on the shift toward remote work. The study identifies trends and offers insights into cybersecurity incidents by analyzing data breaches two years before and two years after the start of remote work. Data was collected from the Montana Department of Justice Data Breach database and con…
▽ More
This study examines the impact of the COVID-19 pandemic on cybersecurity and data breaches, with a specific focus on the shift toward remote work. The study identifies trends and offers insights into cybersecurity incidents by analyzing data breaches two years before and two years after the start of remote work. Data was collected from the Montana Department of Justice Data Breach database and consisted of data breaches that occurred between April 2018 and April 2022. The findings inform best practices for cybersecurity preparedness in remote work environments, aiding organizations to enhance their defenses. Although the study's data is limited to Montana, it offers valuable insights for cybersecurity professionals worldwide. As remote work continues to evolve, organizations must remain adaptable and vigilant in their cybersecurity strategies.
△ Less
Submitted 6 April, 2024; v1 submitted 4 February, 2024;
originally announced February 2024.
The Pulse of Fileless Cryptojacking Attacks: Malicious PowerShell Scripts
Authors:
Said Varlioglu,
Nelly Elsayed,
Eva Ruhsar Varlioglu,
Murat Ozer,
Zag ElSayed
Abstract:
Fileless malware predominantly relies on PowerShell scripts, leveraging the native capabilities of Windows systems to execute stealthy attacks that leave no traces on the victim's system. The effectiveness of the fileless method lies in its ability to remain operational on victim endpoints through memory execution, even if the attacks are detected, and the original malicious scripts are removed. T…
▽ More
Fileless malware predominantly relies on PowerShell scripts, leveraging the native capabilities of Windows systems to execute stealthy attacks that leave no traces on the victim's system. The effectiveness of the fileless method lies in its ability to remain operational on victim endpoints through memory execution, even if the attacks are detected, and the original malicious scripts are removed. Threat actors have increasingly utilized this technique, particularly since 2017, to conduct cryptojacking attacks. With the emergence of new Remote Code Execution (RCE) vulnerabilities in ubiquitous libraries, widespread cryptocurrency mining attacks have become prevalent, often employing fileless techniques. This paper provides a comprehensive analysis of PowerShell scripts of fileless cryptojacking, dissecting the common malicious patterns based on the MITRE ATT&CK framework.
△ Less
Submitted 21 February, 2024; v1 submitted 15 January, 2024;
originally announced January 2024.