Utilising Journey Mapping and Crime Scripting to Combat Cybercrime and Cyber Warfare Attacks
Abstract:
This paper discusses ways in which utilising methods from typically non-cyber disciplines, business and criminology, can successfully be applied to the cyber domain to aid the fight against and the prevention of cyber-attacks, including those used in cyber warfare. Through the provision of a visual representation, this paper clarifies how journey mapping and crime scripting can help build an understanding of the steps criminals or adversaries in general undertake during the execution of a cybercrime or cyber-warfare attack.
AUTHORS
Tallinn University of Technology
Tallinn, Estonia
Tiia Sõmer is an early stage researcher at Tallinn University of Technology, Tallinn, Estonia. Her research focuses on cybercrime and cyber forensics, leading TUT work on the EU E-CRIME project, a three-year European Union project, researching the economic aspects of cybercrime. In addition, she has taught cyber security at the strategic level and prepared students for cyber- defence international policy-level competitions at the TUT. Before starting an academic career, she served for more than 20 years in the Estonian defence forces—including teaching at the staff college; working in diplomatic positions at national, NATO and EU levels; and, most recently, working at EDF HQ cyber security branch. Her master’s thesis, titled “Educational Computer Game for Cyber Security: A Game Concept”, focused on using games in the teaching of cyber security. She is currently completing Ph.D.-level studies, focusing on journey mapping and its application in understanding and solving cyber incidents.
University of Warwick Coventry
United Kingdom
Bil Hallaq is a cyber security researcher with more than 15 years of academic, commercial and industrial experience. He previously spent several years handling and mitigating against various security threats and vulnerabilities within commercial environments. He is delivering on various projects including: the identification and application of novel techniques for OSINT, EU E-CRIME Project - comprised of several European partners including Interpol where he is working with partners on understanding criminal structures and mapping cybercriminal activities to produce and recommend effective countermeasures. His other applied research areas include identifying methods and techniques for cross border cyber attack attribution, mitigation at scale of complex multi-jurisdictional cyber events, and, maritime and rail cyber security. He holds several professional qualifications including: penetration testing, incident response, malware investigation, digital forensics investigation amongst others.
University of Warwick
Coventry, United Kingdom
Professor Tim Watson is the Director of the Cyber Security Centre at WMG within the University of Warwick, Coventry, UK. He has more than 25 years’ experience in the computing industry and in academia and has been involved with a wide range of computer systems on several high-profile projects. In addition, he has served as a consultant for some of the largest telecoms, power, and oil companies. He is an adviser to various parts of the UK government and to several professional and standards bodies. His current research includes EU-funded projects on combating cyber-crime; UK MoD research into automated defence, insider threat, and secure remote working; and, EPSRC-funded research, focusing on the protection of critical national infrastructure against cyber-attack. He is a regular media commentator on digital forensics and cyber security.
Published In
Journal of Information Warfare
The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.
Quick Links
Archive
