Toolbox

Phishing techniques under the Massachusetts Institute of Technology Research and Engineering (MITRE) ATT&CK Framework, along with their offshoots Smishing, Spearphishing, and Whaling, remain prevalent despite widespread security awareness, facilitating ransomware attacks that encrypt data for impact. Ransomware threats expand from single to triple extortion, combining data encryption with threats of auctioning stolen data and launching Distributed Denial of Service (DDoS) attacks. Europol’s Internet Organised Crime Threat Assessment (IOCTA) 2024 underscores the persistent risk of ransomware, a danger often underestimated by organizations.

This work investigates the integration of User Generated Content in a Serious Game for cybersecurity education and training in the industry. This Serious Game deals with security code reviews as part of an industrial software lifecycle, and players are invited to review vulnerable snippets to gain awareness of secure coding. We design and implement a way to include User Generated Content contributions into the Serious Game and we evaluate how this approach in cybersecurity education opens a path for a community-driven initiative to gather and share security knowledge.

Eine Ransomware meldet sich auf einem persönlichen Gerät wie einem Smartphone oder einem Tablet-PC. Ein Referenzprozess zur erfolgreichen Wiederherstellung der Arbeitsfähigkeit und aller Funktionalität resultiert in der Forschung von CONTAIN. Dieser Referenzprozess verwendet das CONTAIN Response Canvas (CRC). Das Canvas ist eine Notation zur Strukturierung des Vorgehens in der Reaktion auf einen Ransomwarevorfall. Diese Notation stellt den Anwender, der als Nutzer des Geräts betroffen ist, ins Zentrum und berücksichtig Schlüsselressourcen, Stakeholder und Kommunikationskanäle ebenso wie das gewünschte Ziel in allen Situationen der Behebung des Vorfalls.

A Question of Security is a serious game that aims to enhance cybersecurity awareness and incident response preparedness. Its current tabletop format presents several limitations that may restrict its scalability and adaptability. In this article, we present the integration path for the Miro© digital whiteboard platform. Using a Design Science Research approach, we outline the transformation from a physical tabletop format to a digital game.

Die wachsende Digitalisierung und Globalisierung von Logistikprozessen lässt auch die Anfälligkeit dieser für Cyberbedrohungen stark ansteigen. Angriffe wie Ransomware, Datenlecks und Advanced Persistent Threats (APTs) gefährden nicht nur die Integrität von Lieferketten, sondern auch die finanzielle Stabilität und Kundenzufriedenheit. Diese Bedrohungen stellen eine erhebliche Herausforderung dar, da traditionelle Cybersicherheitsmaßnahmen oft nicht ausreichen, um die dynamische und komplexe Natur solcher Angriffe zu bewältigen.

Cybersecurity ist für Logistikunternehmen von zentraler Bedeutung, da vernetzte Transport und Lagerprozesse zahlreiche Angriffsflächen für Cyberkriminelle bieten. Ein erfolgreicher Angriff kann nicht nur empfindliche Kundendaten gefährden, sondern auch Lieferkemen unterbrechen und immense finanzielle Schäden verursachen. Um in einer solchen Krisensituation schnell und effektiv reagieren zu können, empfiehlt sich die Pflege eines sogenannten Defense Books – eines strukturierten Nachschlagewerks, das alle relevanten Sicherheitsrichtlinien, Notfallprozesse und Eskalationswege dokumentiert. Dieses Handbuch stellt sicher, dass im Ernstfall jeder Mitarbeiter genau weiß, welche Schrime zu ergreifen sind und welche Ansprechpartner zu informieren sind. Nur mit einem gut vorbereiteten Defense Book lassen sich Schäden minimieren und die betriebliche Kontinuität langfristig gewährleisten.

Angesichts der wachsenden Bedrohung durch Cyberangriffe haben sich mittelständische Logistikunternehmen zu einem innovativen Netzwerk zusammengeschlossen, das auf Partnerschaft, Prävention und kollektive Resilienz setzt. Im Rahmen dieses Konsortiums, bestehend aus konkurrierenden kleinen und mittleren Unternehmen (KMU), entsteht ein „Cyber-Defence-Bündnis“ mit einer NATO-ähnlichen Beistandspflicht – ein Modell, das nicht nur auf technische Hilfe, sondern auch auf operativen Support und strategische Zusammenarbeit abzielt. Das Ziel: Die Stabilisierung des „Ökosystems Supplychain“ durch schnelle Krisenreaktion, gemeinsame Lösungserarbeitung und nachhaltige Investitionen in Cybersicherheitsstandards. Die Skalierung von Sicherheitsmaßnahmen über ein Netzwerk hinweg reduziert individuelle Aufwände und fördert die Resilienz des gesamten Marktes.

Die Transition vom Bargeld zu digitalen, tokenisierte Zahlungsmethoden stellt uns vor neue, aber auch einige bekannte Herausforderungen. Der Zahlungsverkehr ist die Lebensader der Wirtschaft; dadurch muss dieser besonders geschützt werden, um Angriffen standzuhalten. Auf der anderen Seite steht ein hohes Bedürfnis an Privatsphäre, da neue technische Möglichkeiten auch Begehrlichkeiten zur Datenanalyse wecken.

Das Brettspiel „Hack dich nicht!“ wurde im Rahmen eines Projekts als Serious Game konzipiert, um spielerisch für die zunehmenden Cybersicherheitsrisiken im Logistiksektor zu sensibilisieren. Angesichts der wachsenden Bedrohungslage durch digitale Angriffe auf Lieferketten und Transportdienstleister bietet das Spiel einen praxisnahen Zugang zur Thematik. Es verbindet unternehmerisches Denken mit realitätsnahen Krisenszenarien und vermittelt auf verständliche Weise, wie Cyberangriffe Unternehmen nicht nur technisch, sondern auch finanziell herausfordern können. Ziel des Spiels ist es, den Spielern ein grundlegendes Verständnis für typische Bedrohungsszenarien, angemessene Reaktionsstrategien und deren Auswirkungen auf die Liquidität eines Unternehmens zu vermitteln.

Cyber incidents are among the most common risks for organizations nowadays. Organizations that are part of the critical infrastructure are at risk of falling victim to a cyberattack. As drug shortage can severely affect patient’s health and wellbeing, our examination focuses on the pharmaceutical industry under cyberattack conditions. We analyze aspects of logistics processes and warehousing typical for
pharmaceutical wholesalers. Through conducting a thorough desk research as well as expert interviews, and developing a hybrid simulation model, we aim to identify significant limitations regarding resource capacities and other bottlenecks that may moderately to severely restrict or adversely a@ect mitigation measures taken during the response phase.

Cyberattacks pose a persistent threat to organizations worldwide. These attacks often target employees as entry points to organizational systems through tactics like phishing and credential theft. Recognizing employees as an organization’s “last line of defense”, motivating employees toward security-compliant behavior becomes paramount. While existing literature investigates theoretical frameworks for enhancing
individuals’ motivation, studies regarding their practical implementation within organizational contexts remain scarce.

Central Bank Digital Currency (CBDC) is an emerging trend in digital payments, with the vast majority of central banks around the world researching, piloting, or even operating a digital version of cash. While design choices diDer broadly, such as accounts vs. tokens, the wallets are generally protected through cryptographic algorithms that safeguard against double spending and ensure non-repudiation. With the advent of quantum computing, these algorithms are threatened by new attack vectors. To better
understand those threats, we conducted a study of typical assets in a CBDC system, describe which ones are most amenable to post-quantum cryptography, and propose an upgrade strategy.

The Isabelle proof assistant includes a small functional language, which allows users to write and reason about programs. So far, these programs could be extracted into a number of functional languages: Standard ML, OCaml, Scala, and Haskell. This work adds support for Go as a fifth target language for the Code Generator. Unlike the previous targets, Go is not a functional language and encourages code in an imperative style, thus many of the features of Isabelle’s language (particularly data types, pattern matching, and type classes) have to be emulated using imperative language constructs in Go. The
developed Code Generation is provided as an add-on library that can be simply imported into existing theories.

There is a growing consensus that there is no ‘one size fits all’ central bank digital currency (CBDC). Both retail CBDC and wholesale CBDC have their own unique value propositions and may even be deployed using diFerent technologies. Additionally, some countries are developing multilateral cross-border CBDC solutions, as well as integrations into other digital asset ecosystems, including but not limited to stablecoins, tokenised government bonds and real estate.

This entry contains a standalone code generation target for the Go programming language. Unlike the previous targets, Go is not a functional language and encourages code in an imperative style, thus many of the features of Isabelle’s language (particularly data types, pattern matching, and type classes) have to be emulated using imperative language constructs in Go. To generate Go code, users can simply import this entry, which makes the Go target available.

The important missions of modern software engineering education are to prepare software engineers to work in a hybrid mode and to address the need to enablethem to write secure code and deliver secure products and services to the customer. Providing training akin to an authentic experience poses several challenges, such as hybrid infrastructures, lack of engagement, and interactions. Cybersecurity and
cybersecurity awareness have also gained importance due to the shift towards work-from-home (WFH) or work-from-anywhere (WFA): The work environment is forced to be distributed across large heterogeneous networks with diIerent security levels.

Cloud deployment has become increasingly common due to its flexibility and business value. However, cloud assets face cybersecurity challenges and need to be configured securely. Industry practitioners must be trained to understand key con-cepts in cloud security, including ‘defense & attack’ and ‘roles & responsibilities.’

Every stage of the industrial software development process is crucial for ensuring high-quality results in a time of increasing digitalization and complexity. Code review is a method to enhance software quality and also promote knowledge exchange among teams. It is generally accepted that the earlier that software bugs and vulnerabilities are caught during product development, the more costs can be saved. As such, code review can play an important role in industrial software development.

The use of third-party components (TPCs) and open-source software (OSS) has become increasingly popular in software development, and this trend has also increased the chance of detecting security vulnerabilities. Understanding practical recurring vulnerabilities that occur in real-world applications (TPCs and OSS) is a very important step to educate not only aspiring software developers, but also seasoned ones.

In pursuing a secure software development lifecycle, industrial developers employ a combination of automated and manual techniques to mitigate vulnerabilities in source code. Among manual techniques, code review is a promising approach, with growing interest within the industry around it. However, the effectiveness of code reviews for security purposes relies on developers’ empowerment and awareness, particularly in the domain-specific knowledge required for identifying security issues.

Software developers must not only be capable of producing secure code, but must also possess the ability to identify security vulnerabilities when evaluating their peers’ work. The necessary awareness of this is crucial in indus- trial environments that handle critical infrastructure. The present work explores a method to empower software developers on the topic of secure coding, through the practice of code review. We propose a serious game, called the “DuckDebugger”, specifically designed for use in industrial settings and to address the needs of software developers, and implement it across 13 events together with over 200 industrial developers.

In recent years, the market of cloud services has been growing rapidly. Consequently, cloud security has become a heavily discussed topic in the industry. If cloud assets are misconfigured, it can lead to severe security issues and be exposured to cybersecurity attacks. It is of great importance that industry practitioners understand the security challenges and their responsibilities to protect cloud assets.

As products and services become increasingly digital and software increasingly complex, all aspects of an industrial software development lifecycle must contribute to quality. Code review serves as a means to address software quality and fosters knowledge exchange across teams. Nonetheless, code review practices require resources and often require more resources than planned, while the benefit of a code review to code quality is less tangible.

With the increasing digitization and interconnectivity of organizations, the frequency of cyberattacks is rising. These attacks have serious consequences for data security and critical infrastructure. However, the persistent lack of cybersecurity specialists represents a major challenge for organizations. One approach to address this issue is to use serious games for career orientation in schools to steer people interested in security or digital forensics (DF) at an early age.

As cyberattacks increase yearly, the ongoing scarcity of cybersecurity professionals and lack of knowledge about digital forensics (DF) are substantial challenges for organizations. One potential solution to mitigate the severe implications of cyberattacks is to increase DF. This work introduces a serious game called Digital Detectives, designed to educate students about DF activities and raise awareness for non-specialist employees.

Envisioning a major ransomware incident with its potential consequences might be unpleasant, and preparing for such an incident takes quite an effort. Operation Raven is a serious game designed to facilitate discussion about processes and decisions to detect, contain, and eradicate ransomware. This paper presents the game idea and game material of Operation Raven and the results after two game events. The article reflects on the next steps.

Serious games have found their application in many cases for improving cybersecurity; one of those cases is for building a successful strategy for defending against potential attacks. Our research tries to simulate supply chain attacks involving cloud data by adapting serious game frameworks. In this paper, we present the usage of a serious game called COPYCAT to help the participants raise awareness of supply chain attack threats and build a valid defense strategy against them.

Die Geburtstagsfeier soll bald beginnen. Ein Blick auf das Smartphone zeigt eine Nachricht von „Ransomware und Lösegeld“, und das Smartphone lässt sich nicht mehr nutzen. Was wäre, wenn nicht das Smartphone, sondern ein Fileserver, ein Cloud-Dienst oder der Controller einer Drohne betroffen wäre – ein Informationssystem, in dem neue Visualisierungstechniken für Gebäude und Bäume entwickelt werden, und all die Daten, Analysen und KI-Modelle von der Ransomware betroffen wären? Dieser Artikel diskutiert Risiken, Risikomitigierung von Sicherheitstechniken und Serious Games als eine Methode der Vorbereitung auf einen Ransomware Incident.

Nach der Veröffentlichung des Logistik-Szenar-Beitrags in der englischen Version auf der I4CS im Juni 2024 (Greiner et al., 2024) wird das Logistik-Szenar vorgestellt, das für die Entwicklung eines Serious Games zur Erforschung eines Frameworks für Incident-Response-Prozesse verwendet werden soll. Interviews, „Short Cases“ und Fallstudien dienen dazu, den aktuellen Stand der Bereitschaft hinsichtlich eines aufkommenden Vorfalls zu beschreiben und die Fähigkeiten sowie Bedürfnisse von Organisationen in Deutschland und Österreich zu analysieren (Yin, 2018).