Search results for "Kyberturvallisuus"
showing 10 items of 117 documents
Smart Terminal System of Systems’ Cyber Threat Impact Evaluation
2023
Systems of system-level thinking is required when the purpose is to develop a coherent understanding of the ecosystem where every user and system requirements are divided into specific parts. The smarter project, as a part of the Sea4value program of DIMECC, aims to develop harbor operations, including passenger and cargo transportation, in a way that port processes will improve, emissions will decrease, and overall security will enhance in smart ports. This paper describes cyber-attack impacts against the Smart terminal system of systems in the cyber realm by utilizing the MITRE ATTACK® framework to map the objectives of threat actors. The Smart Terminal system environment includes ICT, IC…
Tilannekuvatieto kriittisen infrastruktuurin yrityksen tietojärjestelmien tietoturvallisuudesta
2018
Undersea optical cable network and cyber threats
2019
Almost all services and most of the traditional services are totally dependent on the digital environment. Few users are aware of the revolutionary nature of modern technology. We use day-to-day real-time access to existing digital services in our home country or we use social media (Some) to communicate with friends locally or elsewhere in the world. We can communicate with them in real time with text messages or even through real-time video feed. People have the choice of millions of movies to watch anytime, anywhere. Modern communications connect data centers and data networks of different continents together, enabling real-time communications throughout the world. We can order different…
Cyber security challenges in aviation and maritime
2021
The Cumulative Cyber Deterrence
2022
The cumulative cyber deterrence can be seen as a concept in which increasing the weight of different means and their use increases the deterrent effect on a common level or on selected adversaries. Cumulative cyber deterrence may include all traditional options of deterrence, and can be active or passive. Active deterrence can be characterized as targeting specific threats and actors, as a deterrent consisting of several different methods, while passive deterrence is a form of deterrence commonly targeted at all the potential adversaries. The cumulative cyber deterrence can be an independent type of deterrence or part of a state’s overall deterrence. This paper approaches the concept of cum…
Cyber deterrence and Russia’s active cyber defense
2020
Kybertoiminnallisuuden havainnointi Suomen Erillisverkot Oy:ssä
2018
Valokuituverkko siirtyi Puolustusvoimilta Suomen Erillisverkot Oy konsernin hallintaan ja omistukseen liikkeenluovutuksen yhteydessä 1.3.2015. Tämä Pro Gradu tutkielma syntyi liikkeenluovutuksen tuoman turvallisuusnäkökulma-ajattelun vuoksi. Tutkielmassa käsitellään kyberturvallisuuden käsitteiden ja toimijoiden lisäksi Suomen Erillisverkot Oy konsernin työntekijöiden kyberturvallisuuden tietämystasoa Suomen Erillisverkot Oy konsernissa sekä CSIRT-toiminnallisuutta yleisesti. Tutkimuksessa selvitettiin yhtiön henkilöstön toimia ja termien tuntemusta kyberturvallisuuteen liittyen verkkokyselyn avulla. Kyselyn tuloksista voidaan havaita ajankohtaisten haittaohjelmien toimintamallien koulutuks…
Tietoturvan ihmiselementti : sosiaalinen manipulointi
2017
Tämän tutkielman aiheena on sosiaalinen manipulointi, tietoturvan ihmiselementti ja sen huomioon ottaminen ja hyökkäysten ehkäiseminen yrityksen tai organisaation tietoturvassa. Sosiaalisella manipuloinnilla tarkoitetaan tutkielman kontekstissa tietojärjestelmän käyttäjiin kohdistuvaa manipulointia, jonka tavoitteena on informaation keruu tai tietojärjestelmään murtautuminen. Aihetta on tärkeää tutkia, sillä useat tietoturva-asiantuntijat ovat yhtä mieltä siitä, että merkittävin tietojärjestelmän tietoturvauhka on sen käyttäjät ja heidän tietoturvallisuuden näkökulmasta tekemät inhimilliset erehdykset. Sosiaalinen manipulointi kohdistuu juuri tähän tietoturvan heikkouteen. Tutkielman tuloks…
The importance of strategic leadership in cyber security : Case of Finland
2019
Cyber security has become one of the biggest priorities for businesses and governments. Streamlining and strengthening strategic leadership are key aspects in making sure the cyber security vision is achieved. The strategic leadership of cyber security implies identifying and setting goals based on the protection of the digital operating environment. Furthermore, it implies coordinating actions and preparedness as well as managing extensive disruptions. The aim of this paper is to define what is strategic leadership of cyber security and how it is implemented as part of the comprehensive security model in Finland. The paper also asks (and answers) how the strategic leadership of cyber secur…
On Apache Log4j2 Exploitation in Aeronautical, Maritime, and Aerospace Communication
2022
Apache Log4j2 is a prevalent logging library for Java-based applications. In December 2021, several critical and high-impact software vulnerabilities, including CVE-2021-44228, were publicly disclosed, enabling remote code execution (RCE) and denial of service (DoS) attacks. To date, these vulnerabilities are considered critical and the consequences of their disclosure far-reaching. The vulnerabilities potentially affect a wide range of internet of things (IoT) devices, embedded devices, critical infrastructure (CI), and cyber-physical systems (CPSs). In this paper, we study the effects and feasibility of exploiting these vulnerabilities in mission-critical aviation and maritime environment…