Cybersecurity Threats & Defences

Cyber security threats reflect the risk of experiencing a cyber-attack and are growing in frequency, diversity and complexity. Cyberattacks can involve malware, social engineering, machine learning and artificial intelligence, and place the data and assets of corporations, governments and individuals at constant risk. With the 2020 COVID-19 outbreak and the shift of many professional, educational, entertainment and other human activities online, the exposure to cyber risks has escalated. 

Ransomware attacks, for instance, cost billions of euros every year, as hackers deploy technologies that enable them to “kidnap” an organization’s databases and ask for a ransom to unlock it. In the ecosystems of such malware apps, cryptographically strong ransomware deploy encryption for the job. If a cryptographically strong ransomware manages to encrypt a file, and if encryption is implemented properly, it is impossible to retrieve the file without a piece of information that ransomware hold in escrow: the decryption key. 

Even social engineering attacks are becoming increasingly sophisticated. Phishing attacks, for example, employ carefully targeted digital messages to trick people into clicking on a link that can install malware or expose sensitive data. Raising awareness on the risk of phishing and other attacks targeting humans is not sufficient: only by building a strong cyberresilience culture in organizations these threats can be successfully addressed.

In various organizational contexts, our research activities cover: 

• Create applications that stop cryptographically strong ransomware before they start encrypting files.
• Devise anti-phishing campaigns and evaluate their efficacy