RESEARCH OF PROBLEMS OF ENSURING THE SECURITY OF PERSONAL DATA AND CONFIDENTIAL INFORMATION IN THE CONTEXT OF COUNTER-OSINT
DOI:
https://doi.org/10.28925/2663-4023.2024.26.682Keywords:
personal data, confidential information, doxing, OSINT, cybersecurityAbstract
In today’s world, the issue of personal data protection is becoming particularly relevant as technological advancements and the widespread use of open information sources create new security challenges. This article examines the legislative aspects of data regulation in various jurisdictions, particularly in Ukraine and the EU, as well as practical threats such as social engineering, phishing, and doxing. Based on an analysis of the General Data Protection Regulation (GDPR) and the Ukrainian Law “On the Protection of Personal Data”, the authors highlight significant discrepancies in the legislation regulating data confidentiality. Special attention is given to current threats to personal data in the context of information security, such as attacks carried out through social engineering. The article investigates the activities of hacker groups that use personal data to create fake profiles in messaging platforms to obtain sensitive data or gain access to accounts. Examples of OSINT technologies used by attackers to gather data from open sources are discussed, along with their application in doxing, where personal data is published without individual consent, posing potential security risks. The article also addresses the growing risks of phishing attacks targeting email and browser users, including new tactics like multi-stage phishing, which complicates the detection and blocking of such attacks. Additionally, it emphasizes the importance of media literacy and cyber hygiene in reducing privacy risks and increasing awareness of safe practices for working with information technologies. The article concludes by underscoring the need for a systematic approach to data privacy protection, including legal regulation, the adoption of modern information protection technologies, and an increase in media literacy among the population. Proposed measures include the implementation of European data protection standards, which could provide a reliable foundation for strengthening personal data protection in Ukraine.
Downloads
References
Russian cyber operations: new targets, tools and groups. Analytics of hacker attacks against Ukraine for the 1st half of 2024. (2024). State Service for Special Communications and Information Protection of Ukraine. https://cip.gov.ua/ua/news/cyber-operations-rf-h1-2024-report
On Information, Law of Ukraine No. 2657-XII (2024) (Ukraine). https://zakon.rada.gov.ua/laws/show/2657-12#Text
On the Protection of Personal Data, Law of Ukraine No. 2297-VI (2024) (Ukraine). https://zakon.rada.gov.ua/laws/show/2297-17#Text
General Data Protection Regulation (GDPR). (2016). https://gdpr-text.com/uk/
Douglas, D. M. (2016). Doxing: a conceptual analysis. Ethics and Information Technology, 18(3), 199–210.
Recruiting teenagers by the enemy to commit sabotage: cyber police warn of dangers on the Internet. (2024). https://cyberpolice.gov.ua/article/verbuvannya-pidlitkiv-vorogom-dlya-skoyennya-dyversij-kiberpolicziya-poperdzhaye-pro-nebezpeku-v-interneti-2116/
Savchenko, O. (2023). Cybersecurity in Ukraine: challenges and opportunities. Bulletin of the National Academy of Legal Sciences of Ukraine, 28(1), 78–92.
Melnyk, I. (2022). Critical perception of information in the media landscape of Ukraine. Journal of media and communications, 4 (2), 45–59.
Kovalenko, T. (2021). Analysis of the level of media literacy among the population of Ukraine. Sociological studies, 29, 102–113.
Grigorenko, P. (2023). Cybercrime in Ukraine: a statistical review. Review of criminological research, 12(1), 56–70.
Children’s safety on the Internet: what parents should know and how to build a safe educational space with Cisco in Lviv region. (2024). https://loda.gov.ua/news/103088
H1 2024 Cybersecurity Trends & Insights. (2024). https://perception-point.io/resources/report/2024-h1-report/
Cybersecurity in the European Union: Current Challenges and Future Perspectives. (2020). European Union Agency for Cybersecurity (ENISA). https://www.enisa.europa.eu/publications/cybersecurity-in-the-eu
Smith, J. (2022). The Impact of Phishing Attacks on Businesses: A Global Perspective. International Journal of Cyber Security, 18, 78–88.
Hulak, H. M., Zhiltsov, O. B., Kyrychok, R. V., Korshun, N. V., & Skladannyi, P. M. (2024). Information and cyber security of the enterprise. Textbook. Lviv: Publisher Marchenko T. V.
Published
How to Cite
Issue
Section
License
Copyright (c) 2024 Валерія Івкова, Іван Опірський
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
