Taxonomie des contre-mesures relatives aux crypto-rançongiciels

Les attaques de crypto-rançongiciels ont augmenté ces dernières années. Cette forme de maliciel brouille des données précieuses avec un cryptage pratiquement inébranlable et ne les libère qu’une fois la rançon payée. Il s’agit d’un changement important par rapport aux premières variantes des rançongiciels et cela a accru leur impact et la gravité globale de la …

The Low-Tech Communications of High-Tech Financial Fraudsters

Much case has been made of the use of sophisticated anonymity tools by financial fraudsters that hack financial institutions and steal personal and financial information. Our past research has shown that these technologies were used to protect the fraudsters’ privacy and to facilitate their attacks against financial institutions. Our latest interactions and analysis of the …

Le rôle de la conformité aux opinions des autres utilisateurs concernant la désinformation dans les médias sociaux

Les chercheurs, les journalistes et les politiciens s’inquiètent des effets de la désinformation en ligne. Les fausses nouvelles et la désinformation en ligne ont été particulièrement médiatisées lors des élections américaines de 2016. Certains commentateurs ont même suggéré que la désinformation en ligne a joué un rôle décisif dans cette élection. Une enquête auprès des …

The role of conformity to other users’ views regarding disinformation in social media

Researchers, journalists and politicians are concerned about the effects of online disinformation. Fake news and online disinformation were especially higlihted during the American 2016 election. Some commentators have even sug-gested that online disinformation played a deciding role in that election. A survey of Candian social media users reported that 41% of respondents have found links …

Improving Cybersecurity Through Private Insurance?

While dealing with interconnected and global risks, the cyber-insurance market is intensely growing. This market is a creature of privacy and data security regulations, and mandatory breach notifications have shaped its business model. Market stakeholders suggest that cyber-insurance provides incentives and resources to insured organizations for improving cybersecurity. This presentation seeks to empirically test this …

Booting the booter

DoS (Denial of service) is an attack in which the perpetrator generates a large amount of traffic to overwhelm end-users or web service and prevent some or all legitimate requests from being fulfilled. Booter’ or ‘stresser’ services provide DoS attacks as-a-service. Booter operators can advertise their service and individuals can set up accounts and order …

Rotten Supplies – Supply Chain Attack Case Studies

We have seen an increase in supply chain attacks in the past few years. Some of these attacks have something in common: they involve a compromised Linux server to distribute malware or act as C&C server. This presentation will use real world case studies: the Transmission BitTorrent client distributing OSX/Keydnap; the M.E. Doc compromise responsible …

Digital Campaign Threats in Canada: Party Responses in an Age of Disinformation

This presentation reported on results from the examination of interference using disinformation through digital platforms. Its methods relied on media monitoring (both traditional media and social media) and interviews with party strategists. The aim was to detail the main instances of disinformation and other digital threats, and to analyze how each of the major parties …