Assessing Organisations' Cyber Attack Exposure through Cyber Threat Intelligence

DSpace/Manakin Repository

Show simple item record

dc.contributor.advisor Focardi, Riccardo it_IT
dc.contributor.author Salvagnin, Alessandro <1997> it_IT
dc.date.accessioned 2023-10-02 it_IT
dc.date.accessioned 2024-02-21T12:17:16Z
dc.date.issued 2023-10-16 it_IT
dc.identifier.uri http://hdl.handle.net/10579/25368
dc.description.abstract This work presents, analyses and discusses, through a qualitative and quantitative analysis, the results of external cyber threat intelligence that was conducted and provided as a service for 13 different commercial organisations based in northern Italy and finalised to the assessment of their attack exposure. Several categories of threats were identified. Data leakage was the most common and was observed for all the investigated organisations. All the organisations had vulnerable systems within their network: several high, medium and low-score vulnerabilities were observed across the various organisations. Most of the observed vulnerabilities had a medium CVSS score. Botnets, unmaintained hosts, exposed development and internal hosts, mentions over the clear, deep or dark Web and malicious files communicating with the organisation were other common threats. Other observed threats were exposed database and RDP services, spoofing domains, missing or expired SSL certificates and DNS zone transfers. The work highlights a trend towards the prevalence of potentially dangerous threats that, if not properly mitigated, could lead to compromise of data integrity, availability and confidentiality, followed by huge impact on the business and financial losses. A deeper analysis of the leaked datasets of compromised credentials revealed a critical trend of employees using their business e-mail address to register on third-party online services. it_IT
dc.language.iso en it_IT
dc.publisher Università Ca' Foscari Venezia it_IT
dc.rights © Alessandro Salvagnin, 2023 it_IT
dc.title Assessing Organisations' Cyber Attack Exposure through Cyber Threat Intelligence it_IT
dc.title.alternative Assessing Organisations’ Cyber Attack Exposure through Cyber Threat Intelligence it_IT
dc.type Master's Degree Thesis it_IT
dc.degree.name Informatica - computer science it_IT
dc.degree.level Laurea magistrale it_IT
dc.degree.grantor Dipartimento di Scienze Ambientali, Informatica e Statistica it_IT
dc.description.academicyear LM_2022/2023_sessione-autunnale it_IT
dc.rights.accessrights closedAccess it_IT
dc.thesis.matricno 864333 it_IT
dc.subject.miur INF/01 INFORMATICA it_IT
dc.description.note it_IT
dc.degree.discipline it_IT
dc.contributor.co-advisor it_IT
dc.date.embargoend 10000-01-01
dc.provenance.upload Alessandro Salvagnin (864333@stud.unive.it), 2023-10-02 it_IT
dc.provenance.plagiarycheck Riccardo Focardi (focardi@unive.it), 2023-10-16 it_IT


Files in this item

This item appears in the following Collection(s)

Show simple item record