Dimensions of 'socio' vulnerabilities of advanced persistent threats

Author First name, Last name, Institution

Mathew Nicho, Zayed University
Christopher D. McDermott, Robert Gordon University

Document Type

Conference Proceeding

Source of Publication

2019 27th International Conference on Software, Telecommunications and Computer Networks, SoftCOM 2019

Publication Date

9-1-2019

Abstract

© 2019 University of Split, FESB. Advanced Persistent Threats (APT) are highly targeted and sophisticated multi-stage attacks, utilizing zero day or near zero-day malware. Directed at internetworked computer users in the workplace, their growth and prevalence can be attributed to both socio (human) and technical (system weaknesses and inadequate cyber defenses) vulnerabilities. While many APT attacks incorporate a blend of socio-technical vulnerabilities, academic research and reported incidents largely depict the user as the prominent contributing factor that can weaken the layers of technical security in an organization. In this paper, our objective is to explore multiple dimensions of socio factors (non-technical vulnerabilities) that contribute to the success of APT attacks in organizations. Expert interviews were conducted with senior managers, working in government and private organizations in the United Arab Emirates (UAE) over a period of four years (2014 to 2017). Contrary to common belief that socio factors derive predominately from user behavior, our study revealed two new dimensions of socio vulnerabilities, namely the role of organizational management, and environmental factors which also contribute to the success of APT attacks. We show that the three dimensions postulated in this study can assist Managers and IT personnel in organizations to implement an appropriate mix of socio-technical countermeasures for APT threats.

DOI Link

10.23919/softcom.2019.8903788

ISBN

9789532900880

Publisher

Institute of Electrical and Electronics Engineers Inc.

Last Page

5

Disciplines

Computer Sciences

Keywords

Advanced persistent threats (APT), Spear-phishing, User vulnerabilities

Scopus ID

85075852114

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License

Recommended Citation

Nicho, Mathew and McDermott, Christopher D., "Dimensions of 'socio' vulnerabilities of advanced persistent threats" (2019). All Works. 1277.
https://zuscholars.zu.ac.ae/works/1277

Indexed in Scopus

yes

Open Access

yes

Open Access Type

Green: A manuscript of this publication is openly available in a repository