CYBER RISKS IN THE MUNICIPAL ECONOMY DURING THE PANDEMIC: DAMAGES AND THE STRUGGLE FOR CYBER SECURITY

Array

Authors

  • М. Vasilenko National University "Odessa Law Academy"
  • О. Kozin National University "Odessa Law Academy"
  • М. Kozina National University "Odessa Law Academy"
  • V. Rachuk National University "Odessa Law Academy"

Keywords:

cyber-security, cyber-risk, municipal economy, “phishing”, pandemic, Covid-19

Abstract

As a result of remote control and automation, the urban infrastructure becomes extremely vulnerable to intrusions, attacks, human errors, accidents that are growing. Due to the concentration of local and global computer networks, systems and software, the “cyber risk” of the municipal economy is multiplicative, which makes it systemic and international. Its essence is manifested both at the national and global levels through the impact on business, municipal and state authorities. Today, the existing pandemic contributes to an increase in the number of cyberattacks, which indicates an even greater cyber vulnerability of municipal administrations and public authorities. Coronavirus COVID-19 has become a tool for hacker attacks on users and enterprises. The purpose of the article is to determine, based on a systematic analysis of the new cyber risks of the municipal economy that arose during the pandemic, to formulate our own views on the classification and methods of counteracting municipal organizations and enterprises. According to experts, since the beginning of this year, thousands of domains associated with coronavirus have been registered in the world. This number also includes sites of various hacker groups that offer information about coronavirus, masks, or quick treatment methods. In fact, these phishing sites are used by hackers to extort money or steal confidential, as well as commercial information. The main types of attacks that increase the threat and actually create a "cyber infection" are noted. Based on the material of this article and the experience of the authors, measures are proposed that ensure the safety of municipal enterprises, which should be carried out in the first place. Strict measures in IT management during a crisis are also recognized as undeniable and necessary. Such as help from cyber experts and help for cyber experts; preservation of evidence of intrusion, staff training, accumulation of experience to accelerate progress in work. Remote work during a pandemic can make it difficult for IT staff to monitor cyber risks, since many of these risks go beyond the financial or technical capabilities of municipalities. Therefore, based on these proposals for the safety of municipal enterprises, an integrated approach to cyber risks is proposed, including an emergency response plan. Based on international experience, the possibility of insuring municipal enterprises and organizations against potential losses associated with cyber attacks by hackers, as well as to eliminate the consequences of these attacks, is also noted.

Author Biographies

М. Vasilenko, National University "Odessa Law Academy"

Doctor of Physical and Mathematical Sciences, Doctor of Law, Professor, Head Department of Cybersecurity

О. Kozin, National University "Odessa Law Academy"

Candidate of Physical and Mathematical Sciences, Assistant Professor, Assistant Professor of Department

М. Kozina, National University "Odessa Law Academy"

Candidate of Technical Sciences, Assistant Professor, Senior Lecturer of Department

V. Rachuk, National University "Odessa Law Academy"

assistant od Department

References

1. Karlova, O. A., & Kalashnikova, Kh. I. (2017) Konspekt lektsii z dystsypliny «Menedzhment orhanizatsii i pidpryiemstv miskoho hospodarstva» (dlia studentiv usikh form navchannia spetsialnosti 073 – Menedzhment) [Lecture notes on the subject "Management of organizations and enterprises of municipal economy" (for students of all forms of education specialty 073 - Management]. Kharkiv. nats. un-t misk. hosp-va im. O. M. Beketova. – Kharkiv : KhNUMH im. O. M. Beketova, 2017. – 79 . [in Ukrainian].
2. Іndeeva, V.V. (2009) K voprosu ob opredelenyy poniatyia “rysk” [On the question of defining the concept of "risk"]. Materials of correspondence electronic conferences. Russian Academy of Natural Sciences. Retrieved from:
https://www.rae.ru/arj/2007/02/Indeeva/pdf [In Russian].
3. Vasilenko, M.D., & Kozin, O.B. (2019) Law in risk theory: genesis of risks from legal to information components (institutional approach). Legal Bulletin. "Helvetica". 4, 43-51 [in Ukrainian].
4. Shinkaruk, V. I. (Eds.). (2008) Filosofskyi entsyklopedychnyi slovnyk [Philosophical encyclopedic dictionary]. Kyiv : Instytut filosofii imeni Hryhoriia Skovorody NAN Ukrainy [in Ukrainian].
5. Karlova, O.A. (2008) Menedzhment miskogo gospodarstva. [Municipal management]. Navch. posIbnik. – H.: HNAMG [in Ukrainian].
6. Sherifov, A.M. (2015) Risk-menedzhment v sfere ZhKH: regionalnyiy aspekt na primere respubliki Dagestan. [Risk management in the field of housing and communal services: a regional aspect on the example of the Republic of Dagestan]. Vestnik Dagestanskogo gosudarstvennogo tehnicheskogo universiteta. Tehnicheskie nauki [Bulletin of Dagestan State Technical University. Technical sciences]. 1 (36). 136-142 [In Russian].
7. Velikanova, M.M. (2017) Upravlinnya rizikom ta yogo stadiyi: ekonomIko-pravoviy analiz [Risk management and its stages: economic and legal analysis]. Pidprie mnitstvo, gospodarstvo i pravo [Entrepreneurship, economy and law]. 12, 20-24 [in Ukrainian].
8. Mokhor, V.V., Gonchar, S.F., & Dybach, O.M. (2019) Metodi otsinki sumarnogo riziku kiberbezpeki ob’ektiv kritichnoyi infrastrukturi [Methods for assessing the total risk of cybersecurity of critical infrastructure] Yaderna ta radiatsiyna bezpeka [Nuclear and radiation safety]. 2(82), 4-8 [in Ukrainian].
9. “IT Pro” Company (2020) Cybersecurity Ventures: Cybersecurity Ventures: kiberataki proishodyat kazhdyie 14 sekund [cyberattacks occur every 14 seconds]. Retrieved from:
https://itpro.ua/post/cybersecurity_ventures_kiberataki_proiskhodyat_kazhdye_14_sekund
10. Global Cybercrime Damages Predicted To Reach $6 Trillion Annually By 2021. (n.d.) Retrieved from https://cybersecurityventures.com/cybercrime-damages-6-trillion-by-2021
11. 2019 Internet Crime Report Federal Bureau of Investigation. Internet Crime Complaint Center (IC3). (n.d.) Retrieved from
https://pdf.ic3.gov/2019_IC3Report.pdf
12. Panda Security (2020) Island hopping: pravilo «horoshego tona» sredi kiber-prestupnikov [Island hopping: the rule of "good manners" among cybercriminals]. Retrieved from:
https://www.cloudav.ru/mediacenter/news/island-hopping-texas-ransomware. [In Russian].
13. Hacked Texas government agencies face $2.5 million ransom. (n.d.) Retrieved from
https://www.itpro.co.uk/security/34231/hacked-texas-government-agencies-face-25-million-ransom
14. Bezmaly, V.(2019) Hakeryi vzyali v zalozhniki Baltimor: 10 tyisyach administrativnyih kompyuterov do sih por blokirovanyi. [Hackers took Baltimore hostage: 10 thousand administrative computers are still blocked]. Retrieved from:
https://bezmaly.wordpress.com/2019/06/07/robbinhood. [In Russian].
15. Skripin, V. (2019) Hakeryi vyiveli iz stroya kompyuternyie sistemyi gosuchrezhdeniy Baltimora s pomoschyu razrabotki ANB, ispolzovavsheysya v atakah WannaCry i NotPetya v 2017 godu [Hackers disabled the computer systems of Baltimore government agencies through the development of the NSA, used in the attacks of WannaCry and NotPetya in 2017]. Retrieved from: https://itc.ua/news/hakery-vyveli -iz-stroya-kompyuternye-sistemy-gosuchrezhdenij-baltimora-s-pomoshhyu-razrabotki-anb-ispolzovavshejsya-v-atakah-wannacry-i-notpetya-v-2017-godu / [In Russian].
16. Hackers Are Holding Baltimore Hostage: How They Struck and What’s Next. (n.d.) Retrieved from https://www.nytimes.com/2019/05/22/us/baltimore-ransomware.html
17. Makina, S. (2019) American city authorities paid hackers $ 500,000 in bitcoins. Retrieved from:
https://www.computerra.ru/238941/vlasti-amerikanskogo-goroda-zaplatili-hakeram-500-000-v-bitkoinah/ [In Russian].
18. Baltimore estimates cost of ransomware attack at $18.2 million as government begins to restore email accounts. (n.d.) Retrieved from
https://www.baltimoresun.com/maryland/baltimore-city/bs-md-ci-ransomware-email-20190529-story.html
19. Nefyodova, M. (2020) Check Point: zaregistrirovano bolee 4000 domenov, svyazannyih s COVID-19 [Check Point: registered more than 4000 domains related to COVID-19]. Retrieved from:
https://xakep.ru/2020/03/10/covid-19/ [In Russian].
20. Update: Coronavirus-themed domains 50% more likely to be malicious than other domains. (n.d.) Retrieved from https://blog.checkpoint.com/2020/03/05/update-coronavirus-themed-domains-50-more-likely-to-be-malicious-than-other-domains/
21. "Ernst & Young Global Limited" (2020) COVID-19 : cinq mesures pour se défendre contre les cyberattaques. Retrieved from:
https://www.ey.com/fr/fr/services/advisory/covid-19-les-mesures-a-prendre-pour-renforcer-votre-cybersecurite
22. Barnet Sherman (2020) Municipal Cybersecurity: Governance Metrics For ESG Investors. Retrieved from: https://www.forbes.com/sites/investor/2020/02/04/municipal-cybersecurity--governance-metrics-for-esg-investors/#514b4de15a60

Published

2020-07-01

How to Cite

Vasilenko М., Kozin О., Kozina М., & Rachuk, V. . (2020). CYBER RISKS IN THE MUNICIPAL ECONOMY DURING THE PANDEMIC: DAMAGES AND THE STRUGGLE FOR CYBER SECURITY: Array. Municipal Economy of Cities, 3(156), 80–87. Retrieved from https://khg.kname.edu.ua/index.php/khg/article/view/5602