Increase in remote work : effects on phishing

Increase in remote work effects on phishing

Etätyön määrä on kasvanut tasaisesti viimeisten vuosikymmenien aikana, mutta COVID-19:n ansiosta kasvu on suorastaan räjähtänyt. Samanaikaisesti tietojenkalasteluhyökkäysten määrä on kasvanut merkittävästi. Aiempi tutkimus esittää, että hyökkääjät ovat hyödyntäneet sekä etätyön lisääntymistä että CO...

Full description

Bibliographic Details
Main Author: Koski, Topias
Other Authors: Informaatioteknologian tiedekunta, Faculty of Information Technology, Informaatioteknologia, Information Technology, Jyväskylän yliopisto, University of Jyväskylä
Format: Master's thesis
Language:eng
Published: 2021
Subjects:
social engineering
telecommuting
Tietojärjestelmätiede
Information Systems Science
601
verkkourkinta
etätyö
phishing
remote work
Online Access: https://jyx.jyu.fi/handle/123456789/76341
_version_ 1828193061208850432
author Koski, Topias
author2 Informaatioteknologian tiedekunta Faculty of Information Technology Informaatioteknologia Information Technology Jyväskylän yliopisto University of Jyväskylä
author_facet Koski, Topias Informaatioteknologian tiedekunta Faculty of Information Technology Informaatioteknologia Information Technology Jyväskylän yliopisto University of Jyväskylä Koski, Topias Informaatioteknologian tiedekunta Faculty of Information Technology Informaatioteknologia Information Technology Jyväskylän yliopisto University of Jyväskylä
author_sort Koski, Topias
datasource_str_mv jyx
description Etätyön määrä on kasvanut tasaisesti viimeisten vuosikymmenien aikana, mutta COVID-19:n ansiosta kasvu on suorastaan räjähtänyt. Samanaikaisesti tietojenkalasteluhyökkäysten määrä on kasvanut merkittävästi. Aiempi tutkimus esittää, että hyökkääjät ovat hyödyntäneet sekä etätyön lisääntymistä että COVID-19:ää. Etätyön lisääntyminen on innostanut ja aktivoinut hyökkääjiä. He ovat löytäneet uusia menetelmiä hyökkäysten toteuttamiselle. Tässä tutkimuksessa tarkastellaan etätyön lisääntymisen vaikutuksia tietojenkalasteluun. Tutkimuskysymys on seuraava: ”miten etätyön lisääntyminen on vaikuttanut tietojenkalasteluun?”. Kirjallisuuskatsaus paljastaa, että etätyössä tietojenkalastelijat ovat hyödyntäneet uusia teknologioita, yleistä hämmennystä, puutteita laitteiden turvallisuudessa ja puutteita IT-tuessa. Kohdistettujen tietojenkalasteluhyökkäysten määrä on kasvanut huomattavasti. Lisäksi haluttomuus hyödyntää uusia teknologioita altistaa työntekijöitä hyökkäyksille. Muutokset organisaatioiden sisäisissä toiminnoissa ja näistä johtuvat haavoittuvuudet ovat motivoineet hyökkääjiä uudistamaan käytettäviä menetelmiä. Osana tutkimusta järjestettiin kuusi puolistrukturoitua haastattelua. Tärkein löydös ja kontribuutio aiemmalle tutkimukselle on vastaajien kokema tiedonkulun heikkeneminen. Jokainen vastaaja mainitsi tämän potentiaalisena uhkana. Merkitystä korostaa, että tiedonkulku vaikuttaa olevan vahvasti yhteydessä muihin uhkiin. Uusien teknologioiden aiheuttama hämmennys ja haluttomuus niiden hyödyntämiseen ovat tekijöitä, jotka edesauttavat tiedonkulun heikkenemistä. Lisäksi kollegoiden välinen tuki voi heikentyä ja ensimmäiset toimet ja päätökset hyökkäyksen sattuessa voivat olla huonoja, koska tieto ei kulje kuten aiemmin. Tiedonkulun heikkeneminen altistaa tietämättömät työntekijät tietojenkalastelun vaaroille. Siksi niin organisaatioiden kuin yksilöiden tulisi miettiä uusia keinoja tiedonkulun parantamiseksi etätyöympäristössä. On suhteellisen aikaista määrittää, kuinka vallankumouksellinen etätyön aikakausi on tietojenkalastelun suhteen ja ovatko esille tuodut ongelmat pysyviä. Tämä tutkimus tuo kuitenkin esiin joitain uudistettuja turvallisuuteen liittyviä lähestymistapoja, jotka ovat huomionarvoisia tämänhetkisessä työskentely-ympäristössä. The amount of remote work has grown steadily during recent decades, but due to COVID-19 the growth has exploded. Simultaneously, the number of phishing attacks has significantly increased. Research suggests that attackers have utilized both the increase in remote work and the COVID-19 itself. The increase in remote work has inspired and activated attackers. They have found new methods for attacks. This research examines the effects on phishing caused by the increase in remote work. The research question is as follows: “how has the increase in remote work affected phishing?”. Regarding remote work, literature reveals that phishers have utilized new technologies, general confusion, lack of security installation and lack of support. The number of spear phishing attacks has increased especially. In addition, the reluctance to take advantage of new technologies exposes employees to attacks. Changes in organizations’ internal operations and consequent vulnerabilities have motivated attackers to reform their methods. As a part of the research, six semi-structured interviews were organized. The major finding and contribution to research is the decline in the flow of information experienced by respondents. This was mentioned by each respondent as a potential threat. The importance is emphasized by the fact that the flow of information appears to be strongly linked to other threats. The confusion caused by new technologies and the reluctance to take advantage of those technologies are factors that contribute to the decline in the flow of information. Furthermore, the support between colleagues might decrease and the first actions and decisions in case of an attack might be poor as the information does not flow as before. The decline in the flow of information exposes unaware employees to phishing threats. Therefore, organizations as well as individuals should consider new means to improve the flow of information in the remote work environment. It is relatively early to determine how revolutionary the era of remote work is regarding phishing and whether the raised issues are sustainable. However, this research highlights some reformed security-related approaches that deserve attention in the current work environment.
first_indexed 2021-06-08T20:04:04Z
format Pro gradu
free_online_boolean 1
fullrecord [{"key": "dc.contributor.advisor", "value": "Siponen, Mikko", "language": "", "element": "contributor", "qualifier": "advisor", "schema": "dc"}, {"key": "dc.contributor.author", "value": "Koski, Topias", "language": "", "element": "contributor", "qualifier": "author", "schema": "dc"}, {"key": "dc.date.accessioned", "value": "2021-06-08T10:04:06Z", "language": null, "element": "date", "qualifier": "accessioned", "schema": "dc"}, {"key": "dc.date.available", "value": "2021-06-08T10:04:06Z", "language": null, "element": "date", "qualifier": "available", "schema": "dc"}, {"key": "dc.date.issued", "value": "2021", "language": "", "element": "date", "qualifier": "issued", "schema": "dc"}, {"key": "dc.identifier.uri", "value": "https://jyx.jyu.fi/handle/123456789/76341", "language": null, "element": "identifier", "qualifier": "uri", "schema": "dc"}, {"key": "dc.description.abstract", "value": "Et\u00e4ty\u00f6n m\u00e4\u00e4r\u00e4 on kasvanut tasaisesti viimeisten vuosikymmenien aikana, mutta COVID-19:n ansiosta kasvu on suorastaan r\u00e4j\u00e4ht\u00e4nyt. Samanaikaisesti tietojenkalasteluhy\u00f6kk\u00e4ysten m\u00e4\u00e4r\u00e4 on kasvanut merkitt\u00e4v\u00e4sti. Aiempi tutkimus esitt\u00e4\u00e4, ett\u00e4 hy\u00f6kk\u00e4\u00e4j\u00e4t ovat hy\u00f6dynt\u00e4neet sek\u00e4 et\u00e4ty\u00f6n lis\u00e4\u00e4ntymist\u00e4 ett\u00e4 COVID-19:\u00e4\u00e4. Et\u00e4ty\u00f6n lis\u00e4\u00e4ntyminen on innostanut ja aktivoinut hy\u00f6kk\u00e4\u00e4ji\u00e4. He ovat l\u00f6yt\u00e4neet uusia menetelmi\u00e4 hy\u00f6kk\u00e4ysten toteuttamiselle. T\u00e4ss\u00e4 tutkimuksessa tarkastellaan et\u00e4ty\u00f6n lis\u00e4\u00e4ntymisen vaikutuksia tietojenkalasteluun. Tutkimuskysymys on seuraava: \u201dmiten et\u00e4ty\u00f6n lis\u00e4\u00e4ntyminen on vaikuttanut tietojenkalasteluun?\u201d. Kirjallisuuskatsaus paljastaa, ett\u00e4 et\u00e4ty\u00f6ss\u00e4 tietojenkalastelijat ovat hy\u00f6dynt\u00e4neet uusia teknologioita, yleist\u00e4 h\u00e4mmennyst\u00e4, puutteita laitteiden turvallisuudessa ja puutteita IT-tuessa. Kohdistettujen tietojenkalasteluhy\u00f6kk\u00e4ysten m\u00e4\u00e4r\u00e4 on kasvanut huomattavasti. Lis\u00e4ksi haluttomuus hy\u00f6dynt\u00e4\u00e4 uusia teknologioita altistaa ty\u00f6ntekij\u00f6it\u00e4 hy\u00f6kk\u00e4yksille. Muutokset organisaatioiden sis\u00e4isiss\u00e4 toiminnoissa ja n\u00e4ist\u00e4 johtuvat haavoittuvuudet ovat motivoineet hy\u00f6kk\u00e4\u00e4ji\u00e4 uudistamaan k\u00e4ytett\u00e4vi\u00e4 menetelmi\u00e4. Osana tutkimusta j\u00e4rjestettiin kuusi puolistrukturoitua haastattelua. T\u00e4rkein l\u00f6yd\u00f6s ja kontribuutio aiemmalle tutkimukselle on vastaajien kokema tiedonkulun heikkeneminen. Jokainen vastaaja mainitsi t\u00e4m\u00e4n potentiaalisena uhkana. Merkityst\u00e4 korostaa, ett\u00e4 tiedonkulku vaikuttaa olevan vahvasti yhteydess\u00e4 muihin uhkiin. Uusien teknologioiden aiheuttama h\u00e4mmennys ja haluttomuus niiden hy\u00f6dynt\u00e4miseen ovat tekij\u00f6it\u00e4, jotka edesauttavat tiedonkulun heikkenemist\u00e4. Lis\u00e4ksi kollegoiden v\u00e4linen tuki voi heikenty\u00e4 ja ensimm\u00e4iset toimet ja p\u00e4\u00e4t\u00f6kset hy\u00f6kk\u00e4yksen sattuessa voivat olla huonoja, koska tieto ei kulje kuten aiemmin. Tiedonkulun heikkeneminen altistaa tiet\u00e4m\u00e4tt\u00f6m\u00e4t ty\u00f6ntekij\u00e4t tietojenkalastelun vaaroille. Siksi niin organisaatioiden kuin yksil\u00f6iden tulisi mietti\u00e4 uusia keinoja tiedonkulun parantamiseksi et\u00e4ty\u00f6ymp\u00e4rist\u00f6ss\u00e4. On suhteellisen aikaista m\u00e4\u00e4ritt\u00e4\u00e4, kuinka vallankumouksellinen et\u00e4ty\u00f6n aikakausi on tietojenkalastelun suhteen ja ovatko esille tuodut ongelmat pysyvi\u00e4. T\u00e4m\u00e4 tutkimus tuo kuitenkin esiin joitain uudistettuja turvallisuuteen liittyvi\u00e4 l\u00e4hestymistapoja, jotka ovat huomionarvoisia t\u00e4m\u00e4nhetkisess\u00e4 ty\u00f6skentely-ymp\u00e4rist\u00f6ss\u00e4.", "language": "fi", "element": "description", "qualifier": "abstract", "schema": "dc"}, {"key": "dc.description.abstract", "value": "The amount of remote work has grown steadily during recent decades, but due to COVID-19 the growth has exploded. Simultaneously, the number of phishing attacks has significantly increased. Research suggests that attackers have utilized both the increase in remote work and the COVID-19 itself. The increase in remote work has inspired and activated attackers. They have found new methods for attacks. This research examines the effects on phishing caused by the increase in remote work. The research question is as follows: \u201chow has the increase in remote work affected phishing?\u201d. Regarding remote work, literature reveals that phishers have utilized new technologies, general confusion, lack of security installation and lack of support. The number of spear phishing attacks has increased especially. In addition, the reluctance to take advantage of new technologies exposes employees to attacks. Changes in organizations\u2019 internal operations and consequent vulnerabilities have motivated attackers to reform their methods. As a part of the research, six semi-structured interviews were organized. The major finding and contribution to research is the decline in the flow of information experienced by respondents. This was mentioned by each respondent as a potential threat. The importance is emphasized by the fact that the flow of information appears to be strongly linked to other threats. The confusion caused by new technologies and the reluctance to take advantage of those technologies are factors that contribute to the decline in the flow of information. Furthermore, the support between colleagues might decrease and the first actions and decisions in case of an attack might be poor as the information does not flow as before. The decline in the flow of information exposes unaware employees to phishing threats. Therefore, organizations as well as individuals should consider new means to improve the flow of information in the remote work environment. It is relatively early to determine how revolutionary the era of remote work is regarding phishing and whether the raised issues are sustainable. However, this research highlights some reformed security-related approaches that deserve attention in the current work environment.", "language": "en", "element": "description", "qualifier": "abstract", "schema": "dc"}, {"key": "dc.description.provenance", "value": "Submitted by Paivi Vuorio (paelvuor@jyu.fi) on 2021-06-08T10:04:06Z\nNo. of bitstreams: 0", "language": "en", "element": "description", "qualifier": "provenance", "schema": "dc"}, {"key": "dc.description.provenance", "value": "Made available in DSpace on 2021-06-08T10:04:06Z (GMT). No. of bitstreams: 0\n Previous issue date: 2021", "language": "en", "element": "description", "qualifier": "provenance", "schema": "dc"}, {"key": "dc.format.extent", "value": "53", "language": "", "element": "format", "qualifier": "extent", "schema": "dc"}, {"key": "dc.format.mimetype", "value": "application/pdf", "language": null, "element": "format", "qualifier": "mimetype", "schema": "dc"}, {"key": "dc.language.iso", "value": "eng", "language": null, "element": "language", "qualifier": "iso", "schema": "dc"}, {"key": "dc.rights", "value": "In Copyright", "language": "en", "element": "rights", "qualifier": null, "schema": "dc"}, {"key": "dc.subject.other", "value": "social engineering", "language": "", "element": "subject", "qualifier": "other", "schema": "dc"}, {"key": "dc.subject.other", "value": "telecommuting", "language": "", "element": "subject", "qualifier": "other", "schema": "dc"}, {"key": "dc.title", "value": "Increase in remote work : effects on phishing", "language": "", "element": "title", "qualifier": null, "schema": "dc"}, {"key": "dc.type", "value": "master thesis", "language": null, "element": "type", "qualifier": null, "schema": "dc"}, {"key": "dc.identifier.urn", "value": "URN:NBN:fi:jyu-202106083555", "language": "", "element": "identifier", "qualifier": "urn", "schema": "dc"}, {"key": "dc.type.ontasot", "value": "Pro gradu -tutkielma", "language": "fi", "element": "type", "qualifier": "ontasot", "schema": "dc"}, {"key": "dc.type.ontasot", "value": "Master\u2019s thesis", "language": "en", "element": "type", "qualifier": "ontasot", "schema": "dc"}, {"key": "dc.contributor.faculty", "value": "Informaatioteknologian tiedekunta", "language": "fi", "element": "contributor", "qualifier": "faculty", "schema": "dc"}, {"key": "dc.contributor.faculty", "value": "Faculty of Information Technology", "language": "en", "element": "contributor", "qualifier": "faculty", "schema": "dc"}, {"key": "dc.contributor.department", "value": "Informaatioteknologia", "language": "fi", "element": "contributor", "qualifier": "department", "schema": "dc"}, {"key": "dc.contributor.department", "value": "Information Technology", "language": "en", "element": "contributor", "qualifier": "department", "schema": "dc"}, {"key": "dc.contributor.organization", "value": "Jyv\u00e4skyl\u00e4n yliopisto", "language": "fi", "element": "contributor", "qualifier": "organization", "schema": "dc"}, {"key": "dc.contributor.organization", "value": "University of Jyv\u00e4skyl\u00e4", "language": "en", "element": "contributor", "qualifier": "organization", "schema": "dc"}, {"key": "dc.subject.discipline", "value": "Tietoj\u00e4rjestelm\u00e4tiede", "language": "fi", "element": "subject", "qualifier": "discipline", "schema": "dc"}, {"key": "dc.subject.discipline", "value": "Information Systems Science", "language": "en", "element": "subject", "qualifier": "discipline", "schema": "dc"}, {"key": "yvv.contractresearch.funding", "value": "0", "language": "", "element": "contractresearch", "qualifier": "funding", "schema": "yvv"}, {"key": "dc.type.coar", "value": "http://purl.org/coar/resource_type/c_bdcc", "language": null, "element": "type", "qualifier": "coar", "schema": "dc"}, {"key": "dc.rights.accesslevel", "value": "openAccess", "language": null, "element": "rights", "qualifier": "accesslevel", "schema": "dc"}, {"key": "dc.type.publication", "value": "masterThesis", "language": null, "element": "type", "qualifier": "publication", "schema": "dc"}, {"key": "dc.subject.oppiainekoodi", "value": "601", "language": "", "element": "subject", "qualifier": "oppiainekoodi", "schema": "dc"}, {"key": "dc.subject.yso", "value": "verkkourkinta", "language": null, "element": "subject", "qualifier": "yso", "schema": "dc"}, {"key": "dc.subject.yso", "value": "et\u00e4ty\u00f6", "language": null, "element": "subject", "qualifier": "yso", "schema": "dc"}, {"key": "dc.subject.yso", "value": "phishing", "language": null, "element": "subject", "qualifier": "yso", "schema": "dc"}, {"key": "dc.subject.yso", "value": "remote work", "language": null, "element": "subject", "qualifier": "yso", "schema": "dc"}, {"key": "dc.format.content", "value": "fulltext", "language": null, "element": "format", "qualifier": "content", "schema": "dc"}, {"key": "dc.rights.url", "value": "https://rightsstatements.org/page/InC/1.0/", "language": null, "element": "rights", "qualifier": "url", "schema": "dc"}, {"key": "dc.type.okm", "value": "G2", "language": null, "element": "type", "qualifier": "okm", "schema": "dc"}]
id jyx.123456789_76341
language eng
last_indexed 2025-03-31T20:01:29Z
main_date 2021-01-01T00:00:00Z
main_date_str 2021
online_boolean 1
online_urls_str_mv {"url":"https:\/\/jyx.jyu.fi\/bitstreams\/6fa8a0e9-9455-4ba3-8142-0d299527e4a2\/download","text":"URN:NBN:fi:jyu-202106083555.pdf","source":"jyx","mediaType":"application\/pdf"}
publishDate 2021
record_format qdc
source_str_mv jyx
spellingShingle Koski, Topias Increase in remote work : effects on phishing social engineering telecommuting Tietojärjestelmätiede Information Systems Science 601 verkkourkinta etätyö phishing remote work
title Increase in remote work : effects on phishing
title_full Increase in remote work : effects on phishing
title_fullStr Increase in remote work : effects on phishing Increase in remote work : effects on phishing
title_full_unstemmed Increase in remote work : effects on phishing Increase in remote work : effects on phishing
title_short Increase in remote work
title_sort increase in remote work effects on phishing
title_sub effects on phishing
title_txtP Increase in remote work : effects on phishing
topic social engineering telecommuting Tietojärjestelmätiede Information Systems Science 601 verkkourkinta etätyö phishing remote work
topic_facet 601 Information Systems Science Tietojärjestelmätiede etätyö phishing remote work social engineering telecommuting verkkourkinta
url https://jyx.jyu.fi/handle/123456789/76341 http://www.urn.fi/URN:NBN:fi:jyu-202106083555
work_keys_str_mv AT koskitopias increaseinremoteworkeffectsonphishing

Similar Items