METHODOLOGY FOR INVESTIGATING INFORMATION SECURITY INCIDENTS

Authors

DOI:

https://doi.org/10.28925/2663-4023.2024.26.675

Keywords:

cybersecurity, security incident, information protection, quality assurance, bug bounty, security forensics, troubleshooting, fraud

Abstract

The development and implementation of a comprehensive information security strategy during times of war are critical tasks for ensuring national security and protecting vital resources and information. The article analyzes various types of incidents in the field of information security, their mitigation, and recovery methods. It demonstrates the mechanics of investigating information security incidents at stages such as monitoring, indexing, data collection, mitigation, recovery, and closure. The publication presents a formalized description of an incident-handling plan in the form of a state machine, enabling the systematization and automation of the incident response process. Using examples of attacks targeting critical infrastructure, it illustrates the application of this mechanism and identifies measures aimed at enhancing the information security system, which can be employed to protect both governmental and commercial institutions and organizations. As a result, the recommended strategies for effectively countering cyberattacks and ensuring information security for organizations or nations include the implementation of monitoring tools and coordination with governmental and international response teams. It is also crucial to regularly train employees and develop mechanisms for collaboration with partners to achieve efficient protection against cyber threats. These measures contribute to strengthening cybersecurity and reducing potential damages. Future research may encompass the development of new threat detection algorithms, evaluating the effectiveness of information security measures for governmental and commercial institutions, implementing automated incident response systems, as well as studying the impact of war on critical infrastructure and international cooperation in this field, exploring opportunities for international cooperation and information exchange in the realm of information security during conflicts for the collective defense of national interests.

Downloads

Download data is not yet available.

References

Dohtieva, I., & Shyian, A. (2023). Analysis of the Effectiveness of the Security Incident Response Team Under Intensity Cyber-Attack Increasing. In Mathematical Modeling and Simulation of Systems, Lecture Notes in Networks and Systems, 667, 183–197. https://doi.org/10.1007/978-3-031-30251-0_15

Embroker. (2023). 2023 Must-Know Cyber Attack Statistics and Trends. https://www.embroker.com/blog/cyber-attack-statistics/

Globe Newswire. (2022). Cybercrime to Cost the World $10.5 Trillion Annually by 2025. https://www.globenewswire.com/news-release

Tsyrkaniuk, D., et al. (2021). Method of marketplace legitimate user and attacker profiling. Cybersecurity: Education, Science, Technique, 2(14), 50–67. https://doi.org/10.28925/2663-4023.2021.14.5067

Sokolov, V., & Kurbanmuradov, D. (2018). The Method of Combating Social Engineering at the Objects of Information Activity. Cybersecurity: Education, Science, Technique, 1, 6–16. https://doi.org/10.28925/2663-4023.2018.1.616

CrowdStrike. (2023). 10 most common types of cyber attacks. https://www.crowdstrike.com/cybersecurity-101/cyberattacks/most-common-types-of-cyberattacks/

DNSstuff. (2023). Types of Cyber Security Attacks. https://www.dnsstuff.com/types-of-cyber-security-attacks

TechTarget. (2023). 10 types of security incidents and how to handle them. https://www.techtarget.com/searchsecurity/feature/10-types-of-security-incidents-and-how-to-handle-them

Hulak, H., et al. (2020). Cryptovirology: Security Threats to Guaranteed Information Systems and Measures to Combat Encryption Viruses. Cybersecurity: Education, Science, Technique, 2(10), 6–28. https://doi.org/10.28925/2663-4023.2020.10.628

Zhao, Y. (2021). Application of Machine Learning in Network Security Situational Awareness. In Proceedings of the 2021 World Conference on Computing and Communication Technologies (WCCCT). https://doi.org/10.1109/WCCCT52091.2021.00015

Sriram, G. S. (2022). Security Challenges of Big Data Computing. International Research Journal of Modernization in Engineering Technology and Science, 4(1), 1164–1171. https://doi.org/10.0202/DATA.2022708702

Xu, W., et al. (2022). Research on Network Security Situational Awareness based on Crawler Algorithm. Security and Communication Networks II, 3188(2), 1–9. https://doi.org/10.1155/2022/3639174

Roy, Y. V., Mazur, N. P., & Skladannyi, P. M. (2018). Audit of Information Security is the Basis of Effective Protection of the Enterprise. Cybersecurity: Education, Science, Technique, 1(1), 86–93. https://doi.org/10.28925/2663-4023.2018.1.8693

Kyrychok, R., et al. (2021). Rules for the Implementation of Exploits during an Active Analysis of the Corporate Networks’ Security based on a Fuzzy Assessment of the Quality of the Vulnerability Validation Mechanism. Cybersecurity: Education, Science, Technique, 2(14), 148–157. https://doi.org/10.28925/2663-4023.2021.14.148157

Politico. (2023). Russia’s cyberattacks aim to ‘terrorize’ Ukrainians. https://www.politico.com/news/2023/01/11/russias-cyberattacks-aim-to-terrorize-ukrainians-00077561

Information technology — Security techniques — Information security risk management. (2022). (ISO/IEC 27005:2022)

State Special Communications and Information Protection Service of Ukraine. (2023). War in Ukraine pulse of cyber defense.

State Service for Special Communications and Information Protection of Ukraine. (2023) The number of information security events in the “Malicious software code”. https://cip.gov.ua/ua/news/kilkist-podii-informaciinoyi-bezpeki-u-kategoryi-shkidlivii-programnii-kod-zrosla-u-95-8-raza-zvit-operativnogo-centru-reaguvannya-na-kiberincidenti-dckz

Security Investigation. (2023). Incident Response for Common Attack Types. https://www.socinvestigation.com/incident-response-for-common-attack-types

Buriachok, V., Sokolov, P., & Skladannyi P. (2019). Security Rating Metrics for Distributed Wireless Systems. In: 8th International Conference on “Mathematics. Information Technologies. Education” (MoMLeT&DS), vol. 2386, 222–233.

Kipchuk, F., et al. (2021). Assessing Approaches of IT Infrastructure Audit. In: 2021 IEEE 8th International Conference on Problems of Infocommunications, Science and Technology (PICST), 213–217. https://doi.org/10.1109/picst54195.2021.9772181

State Special Communications and Information Protection Service of Ukraine. (2022). Cyber Attack on Ukrtelecom on March 28. https://cip.gov.ua/ua/news/kiberataka-na-ukrtelekom-28-bereznya-detali

Hulak, H. M., Zhiltsov, O. B., Kyrychok, R. V., Korshun, N. V., & Skladannyi, P. M. (2024). Information and cyber security of the enterprise. Textbook. Lviv: Publisher Marchenko T. V.

Downloads


Abstract views: 3

Published

2024-12-19

How to Cite

Tsyrkaniuk, D., & Sokolov, V. (2024). METHODOLOGY FOR INVESTIGATING INFORMATION SECURITY INCIDENTS. Electronic Professional Scientific Journal «Cybersecurity: Education, Science, Technique», 2(26), 140–154. https://doi.org/10.28925/2663-4023.2024.26.675

Issue

Vol. 2 No. 26 (2024): Cybersecurity: Education, Science, Technique

Section

Articles

License

Copyright (c) 2024 Діана Цирканюк, Володимир Соколов

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.

Most read articles by the same author(s)

1 2 > >>