Identifying and Modelling Victim, Business, Regulatory and Malware Behaviours in a Changing Cyberthreat Landscape
Lead Research Organisation:
CARDIFF UNIVERSITY
Department Name: Computer Science
Abstract
HM Cabinet Office and Detica reported in 2011 that the annual cost to the UK economy from cybercrime was £27 billion. Regardless of the accuracy of this estimate the British Crime Survey and Eurostat ICT survey evidence that cybercrime is now the typical volume property crime in the UK, impacting more of the public than traditional acquisitive crimes such as burglary and car theft. Because of its global nature similar estimates of the prevalence and losses of cybercrime are found in most other countries. However, whilst most politicians, police, and business leaders agree that cybercrimes are one of the greatest crime challenges of modern times, few seem to fully understand what causes them and how to best predict their occurrence and limit their impact upon the UK economy and society.
This project aims to address these uncertainties using methods and concepts from a range of disciplines including criminology, psychology, economics, mathematics and computer science. The key objectives of the project are to identify, understand and predict:
1. The behaviour of malware and human cyber perpetrators within and outside of Cloud environments;
2. Business risk assessment practices, threat awareness levels, and adaptive behaviours as related to cybercrime;
3. The response of criminal justice agencies to cybercrime and business trust in the regulatory system;
4. Business and criminal justice cyber security practices (e.g. information sharing) in relation to issues of privacy, accountability and civil liberties.
The project will develop a computational tool that will assist in the prediction of business related cyber attacks. For the first time both technical (e.g. malware behaviour, network vulnerabilities etc.) and human/organisational (level of cooperation, perception of risk, threat assessment, costs, criminal justice response etc.) measures will be combined in this predictive process. It is envisaged that this tool will assist both policy makers and practitioners in the field of cyber security and crime. It will identify which businesses (by sector, size, level of cooperation etc.) are most vulnerable to attack allowing policy, codes of practice and advice to be tailored and targeted. The tool also has the potential to provide digital and human/organisational forms of evidence and other information relevant to investigation and prosecution proceedings. In order to disseminate the tool and results from the research we will incorporate an action research element where we will develop a forum (two workshops in years 2&3) where initial or draft (but verified) findings are released in stages, through briefing papers to businesses of varying sectors and sizes (particularly SMEs). We will also disseminate results via peer-reviewed journal articles and conferences. Throughout the project via the advisory group we will link into other key commercial initiatives (e.g. Saturn project at BT Labs) and statutory and third sector organisations such as ENISA, the Honeynet Project, Home Office; Cabinet Office Identity Assurance Programme; Office for National Statistics; National Fraud Authority; Serious Fraud Office; Trading Standards; Serious Organised Crime Agency/National Crime Agency; Association of Chief Police Officers; Met Police Central eCrime Unit; NPIA/Police College; EADS; Get Safe Online, Liberty and Wise Kids.
This project aims to address these uncertainties using methods and concepts from a range of disciplines including criminology, psychology, economics, mathematics and computer science. The key objectives of the project are to identify, understand and predict:
1. The behaviour of malware and human cyber perpetrators within and outside of Cloud environments;
2. Business risk assessment practices, threat awareness levels, and adaptive behaviours as related to cybercrime;
3. The response of criminal justice agencies to cybercrime and business trust in the regulatory system;
4. Business and criminal justice cyber security practices (e.g. information sharing) in relation to issues of privacy, accountability and civil liberties.
The project will develop a computational tool that will assist in the prediction of business related cyber attacks. For the first time both technical (e.g. malware behaviour, network vulnerabilities etc.) and human/organisational (level of cooperation, perception of risk, threat assessment, costs, criminal justice response etc.) measures will be combined in this predictive process. It is envisaged that this tool will assist both policy makers and practitioners in the field of cyber security and crime. It will identify which businesses (by sector, size, level of cooperation etc.) are most vulnerable to attack allowing policy, codes of practice and advice to be tailored and targeted. The tool also has the potential to provide digital and human/organisational forms of evidence and other information relevant to investigation and prosecution proceedings. In order to disseminate the tool and results from the research we will incorporate an action research element where we will develop a forum (two workshops in years 2&3) where initial or draft (but verified) findings are released in stages, through briefing papers to businesses of varying sectors and sizes (particularly SMEs). We will also disseminate results via peer-reviewed journal articles and conferences. Throughout the project via the advisory group we will link into other key commercial initiatives (e.g. Saturn project at BT Labs) and statutory and third sector organisations such as ENISA, the Honeynet Project, Home Office; Cabinet Office Identity Assurance Programme; Office for National Statistics; National Fraud Authority; Serious Fraud Office; Trading Standards; Serious Organised Crime Agency/National Crime Agency; Association of Chief Police Officers; Met Police Central eCrime Unit; NPIA/Police College; EADS; Get Safe Online, Liberty and Wise Kids.
Planned Impact
Governments, critical national infrastructure, and enterprise organisations all suffer from various security breaches and information leakage. A key challenge has always been to determine who is doing it. Detica/Cabinet Office estimated that cybercrime cost £27 billion to UK society and economy, and though this has been strongly critiqued (University of Cambridge, 2012), all parties agree that there is consequently a significant benefit to being able to link such activities to perpetrators. This project will help organisations in identifying threats such as insider abuse of systems, malicious software activity, industrial espionage and fraud. The following stakeholder groups will benefit from the findings of this research:: (i) academics through advancements in knowledge that directly results from the research; (ii) practitioners (police, private security agencies but also lawyers and court officials) through advancements in practitioner knowledge that result from the research; (iii) Criminal Justice Policy makers, through advancements in academic and practical knowledge that result from the research; (iv) public (including organisations), through carefully explained advancements in knowledge that result from the research. The findings will be of interest to those specifically interested in how the cybercrime problem is constructed by the UK Information Assurance (UKIA) community and beyond, and in those interested in robust measures of cybercrime costs and relative importance of key cyber security factors. Most obviously such users would include police, government departments, private sector regulators, and regulatory groups. Voluntary sector organisations involved in educating the public and business will also benefit from these findings.
The key deliverable of the consortium is a computational tool that will assist in the prediction of business related cyber attacks. For the first time both technical (e.g. malware behaviour, network vulnerabilities etc.) and human/organisational (level of cooperation, perception of risk, threat assessment, costs, criminal justice response etc.) measures will be combined in this predictive process. It is envisaged that this tool will assist both policy makers and practitioners in the field of cyber security and crime. It will identify which businesses (by sector, size, level of cooperation etc.) are most vulnerable to attack allowing policy, codes of practice and advice to be tailored and targeted. The tool also has the potential to provide digital and human/organisational forms of evidence and other information relevant to investigation and prosecution proceedings.
Some of the data sets acquired during this project will also be made available to selected user communities. These will contain pre-processed (or where necessary, anonymized) data describing attack vectors, attack patterns on distributed systems, as well as attack demographics. As a main point, the data sources will present real-time visualisation feeds of the current attack vectors tailored to the targeted users' systems in the light of attacks on related/similar systems. With access to the data sources we offer, targeted users will be better prepared to deal with security threats and complement signature-based detection of malicious software in their systems.
These deliverables and research outcomes will contribute to knowledge of how the cybercrime problem is constructed, how the associated risks are assessed and what cybercrime costs. This knowledge will be of use to policy makers, regulators, educators and the business community. Improved knowledge is crucial for understanding the regulation of cybercrimes, especially how the law is being applied. This knowledge will help to bridge the gap between public demands for security and what government, and especially, the police can provide.
The key deliverable of the consortium is a computational tool that will assist in the prediction of business related cyber attacks. For the first time both technical (e.g. malware behaviour, network vulnerabilities etc.) and human/organisational (level of cooperation, perception of risk, threat assessment, costs, criminal justice response etc.) measures will be combined in this predictive process. It is envisaged that this tool will assist both policy makers and practitioners in the field of cyber security and crime. It will identify which businesses (by sector, size, level of cooperation etc.) are most vulnerable to attack allowing policy, codes of practice and advice to be tailored and targeted. The tool also has the potential to provide digital and human/organisational forms of evidence and other information relevant to investigation and prosecution proceedings.
Some of the data sets acquired during this project will also be made available to selected user communities. These will contain pre-processed (or where necessary, anonymized) data describing attack vectors, attack patterns on distributed systems, as well as attack demographics. As a main point, the data sources will present real-time visualisation feeds of the current attack vectors tailored to the targeted users' systems in the light of attacks on related/similar systems. With access to the data sources we offer, targeted users will be better prepared to deal with security threats and complement signature-based detection of malicious software in their systems.
These deliverables and research outcomes will contribute to knowledge of how the cybercrime problem is constructed, how the associated risks are assessed and what cybercrime costs. This knowledge will be of use to policy makers, regulators, educators and the business community. Improved knowledge is crucial for understanding the regulation of cybercrimes, especially how the law is being applied. This knowledge will help to bridge the gap between public demands for security and what government, and especially, the police can provide.
Organisations
Publications
Al Fahdi M
(2016)
A suspect-oriented intelligent and automated computer forensic analysis
in Digital Investigation
Al Said T
(2015)
Implementing Migration-Aware Virtual Machines
Alohali M
(2018)
Identifying and predicting the factors affecting end-users' risk-taking behavior
in Information & Computer Security
Alotibi G
(2015)
Behavioral-Based Feature Abstraction from Network Traffic
Alruban A
(2016)
Leveraging Biometrics for Insider Misuse Identification
in International Journal on Cyber Situational Awareness
Al Abdulwahid A
(2015)
Continuous and transparent multimodal authentication: reviewing the state of the art
in Cluster Computing
Description | This project has demonstrated how monitoring tools can be used to detect cyberattacks within a University and industry context. We utilised data from cyberattacks that were detected at Cardiff University using data from the Palo Alto IDS system. This data was then used to investigate how severity of cyberattacks could be gauged based on unseen attacks. Some of the key findings from this work include: (i) understanding the most vulnerable assets within an organisation, e.g. a University-wide IT network, and the potential likelihood of attacks based on data; (ii) understanding the "shared responsibility" model for managing cybersecurity -- i.e. determining how responsibility should be shared between users and providers of computational infrastructure -- especially cloud computing environments; (iii) regulatory compliance issues associated with enforcing penalties for cyberattacks -- especially the very limited number of individuals who had been charged with cybersecurity offences, and how difficult it was (in practice) to enforce cybersecurity law. The interface between technology-social interactions-legal compliance were the key outcomes of this work. |
Exploitation Route | The outcome of this work could be used to understand: i. Data driven analysis of the most vulnerable applications hosted within a University environment -- especially where "bring your own X" (where X was usually a wireless device, but increasingly can also be an externally hosted cloud platform). As users integrate third party cloud systems, e.g. DropBox, into their University supported Cloud environments (e.g. MS-Office 365), understanding vulnerabilities in these types of environments can be investigated using the risk model developed in this work. ii. Creating fingerprinting/signatures from student interactions within a higher education environment -- this may be particularly relevant in Covid19 where students work on-line. This part of the work was carried out by the Plymouth University team. iii. Investigating the establishment of cloud-based Honeypot systems -- and subsequent analysis that can be carried out for Y-as-a-Service models from such systems. |
Sectors | Digital/Communication/Information Technologies (including Software) Financial Services and Management Consultancy Security and Diplomacy |
Description | Currently, the outcome of this work is being made use of in our Information Services division (at Cardiff University), to identify network risk. Additional work on this is on-going and will continue until the end of the project. The outcome of this work (since 2017) is also being used at Airbus Group -- and led to the development of a system that supports risk analysis based on data acquired through system logs. This builds on work that was carried out in WP1 in the project. The outcome of this work led to additional funding under the TIPS2 called -- with the project referred to as "PACE: Privacy Aware Cloud Ecosystems". In PACE, we specifically focus on understanding GDPR (General Data Protection Regulation) compliance within an ecosystem of connected cloud providers. The risk models being developed are also being used in a PhD project with iPoint Technologies -- an SME specialising in cybersecurity for the automotive sector. Specifically, we are investigating how data acquired from a vehicle can be analysed using a cloud platform (using DSRC-based roadside units), especially for autonomous and electric vehicles. |
First Year Of Impact | 2018 |
Sector | Digital/Communication/Information Technologies (including Software),Transport |
Impact Types | Economic Policy & public services |
Title | Risk Score data for Cyberattacks |
Description | Our (measurement-based) study is based on malicious network traffic observed by the Palo Alto Networks' Wildfire system. The log files containing malicious traffic instances of 144 consecutive hours were preprocessed to extract information about threats, their categories, severity levels, occurrence time and the targeted software applications, which were then grouped on an hourly basis in terms of threat occurrence time. The collected malicious traffic data has more than 400,000 instances with 278 unique threats targeting 90 different software applications with 5 distinct severity levels (informational, low, medium, high and critical). We considered the two most frequently occurring threats during the considered time period, which formed 95.67% of the total observed threats. These threats were: i) MS-RDP Brute-Force Attempt (RDP) - which targets Microsoft's Remote Desktop Protocol to remotely access windows servers and desktops by trying several commonly used username and passwords, thus, following a brute-force method to gain unauthorized access to remote systems. MS-RDP is widely used in many Cloud-based deployments to provide remote desktop access to users, based on servers hosted within a data centre; ii) Android Package File (Android) - distributed using a drive-by download mechanism and targeting Android-based devices, performing the malware-based actions on the device and leaving them more vulnerable to further sophisticated attacks; Having identified the two most frequently occurring threats we have associated a time unit t with the Risk Score to calculate risk score at a given time instance. The time granularity for this study has been considered as an hour. We calculate Risk Score, associated with a particular threat, ? at time t represented as Risk?(t) using the following equation: Risk?(t)=?n=1i(Pra(n)|?(t)*sev)*Wsev The resultant dataset contains three columns, the date, hour and risk score for the threat. |
Type Of Material | Database/Collection of data |
Year Produced | 2020 |
Provided To Others? | Yes |
URL | https://research.cardiff.ac.uk/converis/portal/detail/Dataset/102115178?auxfun=&lang=en_GB |
Description | Boiten, E. and Wall, D.S. (2017) 'WannaCry report shows NHS chiefs knew of security danger, but management took no action', The Conversation, 30 October, |
Form Of Engagement Activity | A magazine, newsletter or online publication |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Public/other audiences |
Results and Impact | A discussion of the April 2017 Wannacry attack on the NHS and how it was not a cybersecurity failure practicality, but a failure of cybersecurity management at the top level. Has received 6000 reads in The Conversation. Was also reproduced by Scientific American and about 15 other magazines. |
Year(s) Of Engagement Activity | 2017 |
URL | https://theconversation.com/wannacry-report-shows-nhs-chiefs-knew-of-security-danger-but-management-... |
Description | Cloud Security Engineering |
Form Of Engagement Activity | A talk or presentation |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Industry/Business |
Results and Impact | Presentation on Cloud Security Engineering -- discussing outcomes of this research to Saudi ARAMCO |
Year(s) Of Engagement Activity | 2017 |
Description | Conference |
Form Of Engagement Activity | A talk or presentation |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Industry/Business |
Results and Impact | Burnap, P. and Williams, M. L. 2015. Plenary: Computational & social security analytics using Big Data. Presented at: International Conference on Computational Social Science, Helsinki, Finland, 8-11 June 2015. |
Year(s) Of Engagement Activity | 2015 |
Description | Hill, G. And Wall, D. (2015) 'How online vigilantes make paedophile policing more difficult', The Conversation, 3 June |
Form Of Engagement Activity | A magazine, newsletter or online publication |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Public/other audiences |
Results and Impact | An article discussing the rise of anti-paedophile vigilantism which has been driven by a belief that the participants are filling a gap left by police ineffectiveness which allows predatory paedophiles to run free in society. Has received 4000 reads |
Year(s) Of Engagement Activity | 2015 |
URL | https://theconversation.com/how-online-vigilantes-make-paedophile-policing-more-difficult-42562 |
Description | Interview by BBC Online about Police Blunders. Quoted in "Police blunders that made the headlines" 12 February, 2017, |
Form Of Engagement Activity | A press release, press conference or response to a media enquiry/interview |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Public/other audiences |
Results and Impact | Interview about police blunders and how social media are exacerbating them |
Year(s) Of Engagement Activity | 2017 |
URL | http://www.bbc.co.uk/news/uk-england-38861475 |
Description | Interview with BBC Breakfast News (National) on Ransomware. Shown 28th November 2016 on Breakfast TV and also shown on BBC Lunchtime news and other new programmes throughout the day. Plus, a variation for Look North. |
Form Of Engagement Activity | A press release, press conference or response to a media enquiry/interview |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Public/other audiences |
Results and Impact | The TV interview discussed Ransomware and how to obtain it. It was broadcast nationally and regionally at various points during the day. |
Year(s) Of Engagement Activity | 2016 |
Description | Interview with Bethan Bell BBC News about counterfeits. See Bell, B. (2016) 'What's wrong with buying fake luxury goods?', BBC News Online, 15 July, |
Form Of Engagement Activity | A press release, press conference or response to a media enquiry/interview |
Part Of Official Scheme? | No |
Geographic Reach | National |
Primary Audience | Public/other audiences |
Results and Impact | This interview was about the online sale of fake goods |
Year(s) Of Engagement Activity | 2016 |
URL | http://www.bbc.co.uk/news/uk-england-36782724 |
Description | Interview with PACCS Research Team: Malware Behaviours in a Changing Cyberthreat Landscape |
Form Of Engagement Activity | A magazine, newsletter or online publication |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Media (as a channel to the public) |
Results and Impact | Wider dissemination of the impact of findings from the project. The interview and article was intended for general dissemination. |
Year(s) Of Engagement Activity | 2021 |
URL | https://www.paccsresearch.org.uk/blog/cybersecurity-in-the-cloud/ |
Description | Interview with Radio Sputnik and Sputnik News about the National Cyber Security Centre's Internet Fraud Successes - |
Form Of Engagement Activity | A press release, press conference or response to a media enquiry/interview |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Public/other audiences |
Results and Impact | Interview with Radio Sputnik and Sputnik News about the National Cyber Security Centre's Internet Fraud Successes - |
Year(s) Of Engagement Activity | 2019 |
URL | https://sputniknews.com/analysis/201910231077130713-public-has-to-be-more-aware-of-various-fraudulen... |
Description | Interviewed by Highsnobriety (fashion magazine) about counterfeit cars in China and the lack of international copyright laws enforceable. 'China's Counterfeit Car Culture Is All Kinds of Sus', Highsnobriety, 17 May, 2017 - |
Form Of Engagement Activity | A press release, press conference or response to a media enquiry/interview |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Public/other audiences |
Results and Impact | The interview touched on IP law and also internet use, but marginally. It touched on some issues found in the CERES project. |
Year(s) Of Engagement Activity | 2017 |
URL | http://www.highsnobiety.com/2017/05/17/chinese-counterfeit-cars/ |
Description | Interviewed by The Sun about cyber-sleuths cited in 1st June 2020 article - CYBER SLEUTHS We're 'armchair detectives' investigating grim cold cases from home - from serial killer victims to mystery 'tent girl', |
Form Of Engagement Activity | A press release, press conference or response to a media enquiry/interview |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Media (as a channel to the public) |
Results and Impact | We discussed the use of CYBER SLEUTHS / armchair detectives to assist the police to investigate cold cases from their own homes |
Year(s) Of Engagement Activity | 2020 |
URL | https://www.thesun.co.uk/news/11593868/amateur-detectives-dleuths-solve-crimes-cold-cases-home/ |
Description | Interviewed by Yorkshire Post on 'Policing the internet: cyber-security and the dark web, and the developing experience we have here at the University and across Yorkshire' 19th September 2017 |
Form Of Engagement Activity | A press release, press conference or response to a media enquiry/interview |
Part Of Official Scheme? | No |
Geographic Reach | National |
Primary Audience | Public/other audiences |
Results and Impact | Interviewed by Yorkshire Post on 'Policing the internet: cyber-security and the dark web, and the developing experience we have here at the University and across Yorkshire' 19th September 2017 |
Year(s) Of Engagement Activity | 2017 |
Description | Interviewed by the Metro News Magazine about research in relation to event |
Form Of Engagement Activity | A press release, press conference or response to a media enquiry/interview |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Media (as a channel to the public) |
Results and Impact | I was interviewed and quoted by the Metro about a surveilance application that found stolen phones 6,000 miles away in China. 2 February, 2023 |
Year(s) Of Engagement Activity | 2022 |
URL | https://metro.co.uk/2023/02/02/find-my-iphone-app-discovers-stolen-phones-6000-miles-away-in-china-1... |
Description | Invited Presentation on Usable Authentication |
Form Of Engagement Activity | A formal working group, expert panel or dialogue |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Professional Practitioners |
Results and Impact | Invited to talk about the application of transparent biometrics to an EU project meeting involved in the same area. |
Year(s) Of Engagement Activity | 2017 |
Description | Invited panel presentation in Insider Threats |
Form Of Engagement Activity | A formal working group, expert panel or dialogue |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Professional Practitioners |
Results and Impact | The invited panel took place at the 16th Annual Security Conference, Las Vegas. The audience is mix of industry and academic practitioners. |
Year(s) Of Engagement Activity | 2017 |
URL | http://www.security-conference.org/w/wp-content/uploads/2015/01/ConfSchedule.pdf |
Description | Invited presentation - Digital Forensic Challenges and Research |
Form Of Engagement Activity | A talk or presentation |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Undergraduate students |
Results and Impact | An invited lecture to undergraduate students in ESIEA in France. |
Year(s) Of Engagement Activity | 2015 |
Description | Invited presentation on Transparent and Continuous Authentication |
Form Of Engagement Activity | A talk or presentation |
Part Of Official Scheme? | No |
Geographic Reach | National |
Primary Audience | Postgraduate students |
Results and Impact | An invited lecture to post-graudate students on the subject of transparent biometrics and their use within authentication and misuse detection. |
Year(s) Of Engagement Activity | 2015 |
URL | http://www.dmu.ac.uk/research/research-seminar-series/11-march-2015.aspx |
Description | Invited presentation on active authentication |
Form Of Engagement Activity | Participation in an activity, workshop or similar |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Professional Practitioners |
Results and Impact | Presented a talk on active authentication and its role with authentication and misuse detection at Biometrics 2014 - a leading UK professional event brining together a large number of vendors, customers and policy makers. |
Year(s) Of Engagement Activity | 2014 |
Description | Invited talk: Cloud Security Engineering |
Form Of Engagement Activity | A talk or presentation |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Professional Practitioners |
Results and Impact | This was an international conference "Frontiers of Information Technology", Islamabad, Pakistan (December 2015). The presentation led to visits to a number of local Universities -- primarily NUST (National University of Science & Technology), COMSATS, LUMS (Lahore University of Management Sciences) and ITU (Information Technology University). |
Year(s) Of Engagement Activity | 2015 |
URL | http://fit.edu.pk/ |
Description | Keynote speech at ANZSOC - Australia and New Zealand Society of Criminology Annual Conference, Darwin, Australia, 26-30 November, 2023 |
Form Of Engagement Activity | A talk or presentation |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Other audiences |
Results and Impact | Gave the keynote speech on The Transformation of Cybercrime (and Criminology) in the 2020s:Ransomware evolutions' to the ANZSOC - Australia and New Zealand Society of Criminology Annual Conference, Darwin, Australia, 26-30 November, 2023 |
Year(s) Of Engagement Activity | 2022 |
URL | https://anzsocconference.com.au/ |
Description | Komsky, J. (2017) 'All Hands on Deck for Cybercrime Regulation', The Regulatory Review, 22 November, |
Form Of Engagement Activity | A press release, press conference or response to a media enquiry/interview |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Public/other audiences |
Results and Impact | An article about my own work on cybercrime |
Year(s) Of Engagement Activity | 2017 |
URL | https://www.theregreview.org/2017/11/22/komsky-cybercrime-regulation/ |
Description | Radio interview 'On the Aire' programme on Made in LeedsTV, 6pm Thursday 19th January 2017 about the latest Cybercrime statistics https://www.madeinleeds.tv/ |
Form Of Engagement Activity | A press release, press conference or response to a media enquiry/interview |
Part Of Official Scheme? | No |
Geographic Reach | National |
Primary Audience | Public/other audiences |
Results and Impact | Radio interview to discuss the latest Cybercrime statistics |
Year(s) Of Engagement Activity | 2017 |
Description | Radio interview with BBC Radio Leeds on the Talk Talk case, 5.30pm, 23rd October 2015 |
Form Of Engagement Activity | A press release, press conference or response to a media enquiry/interview |
Part Of Official Scheme? | No |
Geographic Reach | National |
Primary Audience | Public/other audiences |
Results and Impact | Discussed developments in Cybersecurity after the TalkTalk case |
Year(s) Of Engagement Activity | 2015 |
Description | Television Interview with ITV Calendar News (Yorkshire) about the Cyberattack on Lincoln Hospital. 1st November, 2016. |
Form Of Engagement Activity | A press release, press conference or response to a media enquiry/interview |
Part Of Official Scheme? | No |
Geographic Reach | National |
Primary Audience | Public/other audiences |
Results and Impact | Discussing the implications of the cyberattack on Lincoln Hospital |
Year(s) Of Engagement Activity | 2016 |
Description | Television Interview with Sarah Jane Mee on the Sky Sunrise programme about Policing, Terrorism and radicalisation, 24th May 2017, 08:35 AM |
Form Of Engagement Activity | A press release, press conference or response to a media enquiry/interview |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Public/other audiences |
Results and Impact | Television Interview with Sarah Jane Mee on the Sky Sunrise programme about Policing, Terrorism and Radicalisation via internet, 24th May 2017, 08:35 AM. The URL link to it no longer works. |
Year(s) Of Engagement Activity | 2017 |
Description | University Information Services |
Form Of Engagement Activity | A formal working group, expert panel or dialogue |
Part Of Official Scheme? | Yes |
Geographic Reach | National |
Primary Audience | Professional Practitioners |
Results and Impact | This activity has resulted in the Information Services sharing their data with us. We are very pleased with this outcome -- as most projects in the security domain have difficulty sourcing real world data. This has resulted in us engaging with other intrusion detection system vendors -- e.g. AlertLogic. |
Year(s) Of Engagement Activity | 2014 |
Description | Videos - Wall. D.S. (2019) Copyright, trolling and speculative invoicing in the shadow of law, FACULTI, April, 2019, |
Form Of Engagement Activity | A broadcast e.g. TV/radio/film/podcast (other than news/press) |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Postgraduate students |
Results and Impact | Copyright, trolling and speculative invoicing in the shadow of law - touches on impact of IT on legal practices |
Year(s) Of Engagement Activity | 2019 |
URL | https://faculti.net/copyright-trolling-speculative-invoicing-shadow-law/ |
Description | Wall, D.S. (2013) Locking up Cybercriminals can do more harm than good, The Conversation, 10 July, |
Form Of Engagement Activity | A magazine, newsletter or online publication |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Public/other audiences |
Results and Impact | A short article about locking up hackers following the agreement in the European Parliament on the 4th July, 2013 that EU countries are to strengthen their domestic laws against the more serious forms of cyber-crime. |
Year(s) Of Engagement Activity | 2013 |
URL | http://theconversation.com/locking-up-hackers-could-do-more-harm-than-good-15889 |
Description | Wall, D.S. (2014) 'High risk' cyber-crime is really a mixed bag of threats, The Conversation, 17 November |
Form Of Engagement Activity | A magazine, newsletter or online publication |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Professional Practitioners |
Results and Impact | An article about how the problems of not defining cyberrime clearly - has receivd about 3500 reads |
Year(s) Of Engagement Activity | 2014 |
URL | https://theconversation.com/high-risk-cyber-crime-is-really-a-mixed-bag-of-threats-34091 |
Description | Wall, D.S. (2014) Could crowd-sourced policing turn us into vigilantes - or bedroom super sleuths?, The Conversation, 17 October, |
Form Of Engagement Activity | A magazine, newsletter or online publication |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Public/other audiences |
Results and Impact | A short article discussing the general idea of people-sourced policing in online environments - has had 3000 reads. |
Year(s) Of Engagement Activity | 2014 |
URL | https://theconversation.com/could-crowd-sourced-policing-turn-us-into-vigilantes-or-bedroom-super-sl... |
Description | Wall, D.S. (2015) 'IWF's efforts to remove child porn from the web won't tackle paedophile networks - but it's still important', The Conversation, 19 August, |
Form Of Engagement Activity | A magazine, newsletter or online publication |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Public/other audiences |
Results and Impact | A discussion of the Internet Watch Foundation sharing its database of digital signatures of images, known as the hash list, with internet giants Facebook, Google, Microsoft, Twitter and Yahoo, in the fight against the spread of child sexual abuse images on the web. Has received 2700 reads |
Year(s) Of Engagement Activity | 2015 |
URL | https://theconversation.com/iwfs-efforts-to-remove-child-porn-from-the-web-wont-tackle-paedophile-ne... |
Description | Wall, D.S. (2015) 'It's about time cybercrimes appeared in crime figures if we are to take the problem seriously, The Conversation, 20 October, |
Form Of Engagement Activity | A magazine, newsletter or online publication |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Public/other audiences |
Results and Impact | This article discusses the dramatic 40% increase in the recently published crime statistics for England and Wales which appear to end to the year-on-year decline in crime rates over the past 20 years or so. In fact the leap is explained by the inclusion for the first time of estimates of online fraud and cybercrime in the official statistics. Has had 3000 reads |
Year(s) Of Engagement Activity | 2015 |
URL | http://theconversation.com/its-about-time-cybercrimes-appeared-in-crime-figures-if-we-are-to-take-th... |
Description | Wall, D.S. (2015) 'The TalkTalk hack story shows UK cybersecurity in disarray', The Conversation, 28 October, |
Form Of Engagement Activity | A magazine, newsletter or online publication |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Public/other audiences |
Results and Impact | Discusses the aftermath of the TalkTalk hack and speculation over the possible involvement of terrorists, vast financial loss and an impending cybercrime tsunami from stolen personal data. Fear of cybercrime went through the roof, then a 15-year-old teenager from Northern Ireland was arrested and subsequently bailed in connection with the hack. - has received about 1700 reads |
Year(s) Of Engagement Activity | 2015 |
URL | https://theconversation.com/the-talktalk-hack-story-shows-uk-cybersecurity-in-disarray-49909 |
Description | Wall, D.S. (2016) 'The Bremain-Brexit debate and Policing Cybercrime in the EU: Shall I Stay of Shall I go Now?' |
Form Of Engagement Activity | A magazine, newsletter or online publication |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Policymakers/politicians |
Results and Impact | A discussion of the implications for the UK of Brexit upon Policing Cybercrime. |
Year(s) Of Engagement Activity | 2016 |
URL | https://www.britsoccrim.org/wp-content/uploads/2016/04/Wall_bscn78.pdf |
Description | Wall, D.S. (2019) Cybercrime Kingpins: The Changing Division of Criminal Labour in the Cybercrime Ecosystem, University Lecture Series, University College Cork 10th, October |
Form Of Engagement Activity | A talk or presentation |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Other audiences |
Results and Impact | This was an invited University Lecture at University College Cork with a large varied audience. |
Year(s) Of Engagement Activity | 2019 |
Description | Wall, D.S. (2019) Pathways in to and out of Cybercrime: Seductions versus Choices or Carrots and Sticks?, Keynote Speech to the International Conference on Youth and Cybercrime and Expert Round-table Meeting (The Hong Kong Federation of Youth Groups), 14th and 15th June, Hong Kong. |
Form Of Engagement Activity | A talk or presentation |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Policymakers/politicians |
Results and Impact | This was an invited keynote speech to an international conference in Hong Kong. |
Year(s) Of Engagement Activity | 2019 |