Open Access. Powered by Scholars. Published by Universities.®
Management Information Systems Commons™
Open Access. Powered by Scholars. Published by Universities.®
- Discipline
- Institution
- Publication
- Publication Type
Articles 1 - 3 of 3
Full-Text Articles in Management Information Systems
Voice Hacking: Using Smartphones To Spread Ransomware To Traditional Pcs, Bryson R. Payne, Leonardo I. Mazuran, Tamirat Abegaz
Voice Hacking: Using Smartphones To Spread Ransomware To Traditional Pcs, Bryson R. Payne, Leonardo I. Mazuran, Tamirat Abegaz
Journal of Cybersecurity Education, Research and Practice
This paper presents a voice hacking proof of concept that demonstrates the ability to deploy a sequence of hacks, triggered by speaking a smartphone command, to launch ransomware and other destructive attacks against vulnerable Windows computers on any wireless network the phone connects to after the voice command is issued. Specifically, a spoken, broadcast, or pre-recorded voice command directs vulnerable Android smartphones or tablets to a malicious download page that compromises the Android device and uses it as a proxy to run software designed to scan the Android device’s local area network for Windows computers vulnerable to the EternalBlue exploit, …
The Impact Of Information Security Threat Awareness On Privacy-Protective Behaviors, Stanislav Mamonov, Raquel Benbunan-Fich
The Impact Of Information Security Threat Awareness On Privacy-Protective Behaviors, Stanislav Mamonov, Raquel Benbunan-Fich
Department of Information Management and Business Analytics Faculty Scholarship and Creative Works
In this study, we examine how to motivate computer users to protect themselves from potential security and privacy threats. We draw on the Information Processing framework which posits that threat mitigation commonly occurs before full cognitive threat assessment and we conduct an empirical study to evaluate the effects of an exposure to general information security threats on the strength of passwords and the disclosure of personal information. Through an online experiment, we compare immediate computer user reactions to potential non-individually specific security and privacy threats in an extra-organizational context. We find evidence consistent with automatic security and privacy protective actions …
Social Engineering Knowledge Measured As A Security Countermeasure, Christopher Artejus Sanders
Social Engineering Knowledge Measured As A Security Countermeasure, Christopher Artejus Sanders
Theses and Dissertations
Social Engineering has become a significant threat to the security of business, government, and academic institutions. As vulnerabilities to social engineering attacks increase, organizations must incorporate risk mitigation strategies to their portfolios of Information Systems Security Countermeasures (ISSC). The goal is to implement mitigation strategies that balance the cost of implementation, the privacy of employees, and the resulting expected costs of social engineering attacks. In this paper we develop an analytical model that calculates the total cost of protection, including the trade-off between the cost of implementing protection strategies and the resulting expected cost of social engineering attacks. We use …