{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,3]],"date-time":"2026-04-03T05:03:16Z","timestamp":1775192596551,"version":"3.50.1"},"reference-count":62,"publisher":"MDPI AG","issue":"4","license":[{"start":{"date-parts":[[2021,11,11]],"date-time":"2021-11-11T00:00:00Z","timestamp":1636588800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["JCP"],"abstract":"<jats:p>This paper focuses on understanding the characteristics of multiple types of cyber-attacks through a comprehensive evaluation of case studies of real-world cyber-attacks. For each type of attack, we identify and link the attack type to the characteristics of that attack and the factors leading up to the attack, as observed from the review of case studies for that type of attack. We explored both the quantitative and qualitative characteristics for the types of attacks, including the type of industry, the financial intensity of the attack, non-financial intensity impacts, the number of impacted customers, and the impact on users\u2019 trust and loyalty. In addition, we investigated the key factors leading up to an attack, including the human behavioral aspects; the organizational\u2013cultural factors at play; the security policies adapted; the technology adoption and investment by the business; the training and awareness of all stakeholders, including users, customers and employees; and the investments in cybersecurity. In our study, we also analyzed how these factors are related to each other by evaluating the co-occurrence and linkage of factors to form graphs of connected frequent rules seen across the case studies. This study aims to help organizations take a proactive approach to the study of relevant cyber threats and aims to educate organizations to become more knowledgeable through lessons learned from other organizations experiencing cyber-attacks. Our findings indicate that the human behavioral aspects leading up to attacks are the weakest link in the successful prevention of cyber threats. We focus on human factors and discuss mitigation strategies.<\/jats:p>","DOI":"10.3390\/jcp1040032","type":"journal-article","created":{"date-parts":[[2021,11,11]],"date-time":"2021-11-11T23:02:41Z","timestamp":1636671761000},"page":"638-659","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":26,"title":["Insights into Organizational Security Readiness: Lessons Learned from Cyber-Attack Case Studies"],"prefix":"10.3390","volume":"1","author":[{"given":"Faisal","family":"Quader","sequence":"first","affiliation":[{"name":"Department of Information Systems, College of Engineering and Information Technology, University of Maryland, Baltimore, MD 21250, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-0130-6135","authenticated-orcid":false,"given":"Vandana P.","family":"Janeja","sequence":"additional","affiliation":[{"name":"Department of Information Systems, College of Engineering and Information Technology, University of Maryland, Baltimore, MD 21250, USA"}]}],"member":"1968","published-online":{"date-parts":[[2021,11,11]]},"reference":[{"key":"ref_1","unstructured":"Paganinip, P. (2021, October 23). FireEye Why Humans Could Be the Weakest Link in Cyber Security Chain, Security Affairs, Available online: http:\/\/securityaffairs.co\/wordpress\/9076\/social-networks\/why-humans-could-be-the-weakest-link-in-cyber-security-chain.html."},{"key":"ref_2","doi-asserted-by":"crossref","first-page":"183","DOI":"10.1016\/j.techsoc.2010.07.001","article-title":"An overview of social engineering malware: Trends, tactics, and implications","volume":"32","author":"Abraham","year":"2010","journal-title":"Technol. Soc."},{"key":"ref_3","unstructured":"Wheatley, M. (2021, March 02). Hidden Costs of Sony\u2019s Data Breach Will Add up for Years, Experts Say, Silicon Angle, Available online: http:\/\/siliconangle.com\/blog\/2015\/02\/20\/hidden-costs-of-sonys-data-breach-will-add-up-for-years-experts-say\/."},{"key":"ref_4","unstructured":"Smith, G. (2019, May 23). Home Depot Admits 56 million Payment Cards at Risk after Cyber Attack, The Huffington Post, Available online: http:\/\/www.huffingtonpost.com\/2014\/09\/18\/home-depot-hack_n_5845378.html."},{"key":"ref_5","unstructured":"Stevenage, S. (2010). Human Aspects of Cybersecurity, University of Southampton. Super Identity Project."},{"key":"ref_6","unstructured":"Haggard, S., and Lindsay, R.J. (2015). North Korea and the Sony Hack: Exporting Instability Through Cyberspace, East-West Center. Asia Pacific Issues, No. 117."},{"key":"ref_7","unstructured":"Love, D. (2020, January 09). Why Microsoft And Sony Couldn\u2019t Stop Lizard Squad Attack Despite Warnings, International Business Times, Available online: http:\/\/www.ibtimes.com\/why-microsoft-sony-couldnt-stop-lizard-squad-attack-despite-warnings-1769174."},{"key":"ref_8","first-page":"24","article-title":"North Korean Cyber Attack on Sony Poses Tough Security Questions","volume":"99","author":"Sicard","year":"2015","journal-title":"Natl. Def."},{"key":"ref_9","unstructured":"Al-Mahmood, Z.S. (2019, January 16). Hackers Lurked in Bangladesh Central Bank\u2019s Servers for Weeks. 22 March 2016. The Wall Streel Journal. Economy. Available online: http:\/\/www.wsj.com\/articles\/hackers-in-bangladesh-bank-account-heist-part-of-larger-breach-1458582678."},{"key":"ref_10","doi-asserted-by":"crossref","unstructured":"Cheney, S.J. (2010). Heartland Payment Systems: Lessons Learned from a Data Breach, Federal Reserve Bank of Philadelphia. Discussion Paper\u2014Payment Cards Center.","DOI":"10.2139\/ssrn.1540143"},{"key":"ref_11","doi-asserted-by":"crossref","first-page":"386","DOI":"10.1177\/154193120605000337","article-title":"A Sociotechnical Systems Analysis of the Bse Epidemic in the Uk Through Case Study","volume":"50","author":"Vicente","year":"2006","journal-title":"Proc. Hum. Fact. Ergon. Soc. Annu. Meet."},{"key":"ref_12","unstructured":"Zetter, K. (2018, April 21). A Cyberattack Has Caused Confirmed Physical Damage for the Second Time Ever, Security, Available online: https:\/\/www.wired.com\/2015\/01\/german-steel-mill-hack-destruction\/."},{"key":"ref_13","unstructured":"Cyber Security Crimes (2017, February 20). Types of Cyber Attacks. Available online: www.cybersecuritycrimes.com\/types-of-cyber-attacks\/."},{"key":"ref_14","unstructured":"Joubert, V. (2012). Five Years after Estonia\u2019s Cyber Attacks: Lessons Learned for NATO?, Research Division, NATO Defense College. Research Paper."},{"key":"ref_15","doi-asserted-by":"crossref","unstructured":"Nyblom, P., Wangen, G., Kianpour, M., and \u00d8stby, G. (2020, January 25\u201327). The Root Causes of Compromised Accounts at the University. Proceedings of the 6th International Conference on Information Systems Security and Privacy, Valletta, Malta.","DOI":"10.5220\/0008972305400551"},{"key":"ref_16","doi-asserted-by":"crossref","unstructured":"Abubakar, A., Zadeh, P.B., Janicke, H., and Howley, R. (2016, January 13\u201314). Root cause analysis (rca) as a preliminary tool into the investigation of identity theft. Proceedings of the Cyber Security and Protection Of Digital Services (Cyber Security), 2016 International Conference, London, UK.","DOI":"10.1109\/CyberSecPODS.2016.7502349"},{"key":"ref_17","doi-asserted-by":"crossref","first-page":"239","DOI":"10.1197\/jamia.M2195","article-title":"Breaching the security of the Kaiser permanente internet patient portal: The organizational foundations of information security","volume":"14","author":"Collmann","year":"2007","journal-title":"J. Am. Med. Inf. Assoc."},{"key":"ref_18","doi-asserted-by":"crossref","unstructured":"Wen, S.F., and Kowalski, S. (2017, January 9\u201314). A Case Study: Heartbleed Vulnerability Management and Swedish Municipalities. Human Aspects of Information Security, Privacy and Trust. Proceedings of the International Conference on Human Aspects of Information Security, Privacy, and Trust, Vancouver, BC, Canada.","DOI":"10.1007\/978-3-319-58460-7_29"},{"key":"ref_19","unstructured":"Teradata (2013). Big Data Analytics in Cyber Defense, Ponemon Institute LLC. Ponemon Institute Research Report."},{"key":"ref_20","unstructured":"Allen, M. (2006). Social Engineering: A Means to Violate a Computer System, The SANS Institute."},{"key":"ref_21","unstructured":"Al-Shurman, M., Yoo, S.M., and Park, S. (2014, January 2\u20133). Black Hole Attack in Mobile Ad Hoc Networks. Proceedings of the ACMSE\u201904, Huntsville, AL, USA."},{"key":"ref_22","doi-asserted-by":"crossref","unstructured":"Derbyshire, R., Green, B., Prince, D., Mauthe, A., and Hutchison, D. (2018, January 23\u201327). An Analysis of Cyber Security Attack Taxonomies. Proceedings of the 2018 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), London, UK.","DOI":"10.1109\/EuroSPW.2018.00028"},{"key":"ref_23","unstructured":"Kee, J., and Deterding, B. (2008). Social Engineering: Manipulating the Source, The SANS Institute. SANS Institute InfoSec Reading Room."},{"key":"ref_24","unstructured":"Honan, B. (2021, February 19). Ubiquity Networks Victim of $39 Million Social Engineering Attack. August 2015. CSO from IDG. Available online: http:\/\/www.csoonline.com\/article\/2961066\/supply-chain-security\/ubiquiti-networks-victim-of-39-million-social-engineering-attack.html."},{"key":"ref_25","unstructured":"Brower, J. (2010). Which Disney Princess are YOU? 2010: (Web 2.0) Social Engineering in Social Networks, The SANS Institute."},{"key":"ref_26","unstructured":"Manjak, M. (2006). Social Engineering Your Employees to Information Security, SANS Institute InfoSec Reading Room, The SANS Institute."},{"key":"ref_27","unstructured":"King, R. (2021, October 23). Cyberattackers Target 19,000 French Websites in Wake of Charlie Hebdo, The Wall Street Journal, Available online: http:\/\/blogs.wsj.com\/cio\/2015\/01\/15\/cyberattackers-target-19000-french-websites-in-wake-of-charlie-hebdo\/."},{"key":"ref_28","unstructured":"Jakobsson, M. (2007). The Human Factor in Phishing, School of Informatics, Indiana University at Bloomington. Available online: https:\/\/www.usenix.org\/legacy\/event\/sec07\/tech\/jakobsson.pdf."},{"key":"ref_29","unstructured":"McMillan, R. (2021, October 23). Was this the email that took down RSA? A Spear Phishing Email That Has Surfaced in a Security Database Looks Like It may Have Been the One to Hit RSA, IDG News Service, Available online: http:\/\/www.networkworld.com\/article\/2180520\/malware-cybercrime\/was-this-the-email-that-took-down-rsa-.html."},{"key":"ref_30","unstructured":"Anderson, M. (2018, July 29). How Not to Be Sony Pictures, IEEE Spectrum, Available online: http:\/\/spectrum.ieee.org\/riskfactor\/telecom\/security\/how-not-to-be-sony-pictures."},{"key":"ref_31","unstructured":"Calia, M.P.F. (2021, October 23). Chang\u2019s Says Data Breach Affected 33 Locations, The Wall Street Journal, Available online: http:\/\/www.wsj.com\/articles\/p-f-changs-says-data-breach-affected-33-locations-1407159131."},{"key":"ref_32","unstructured":"Schwartz, J.M. (2019, March 20). Epsilon Fell to Spear-Phishing Attack. Information Week. Available online: http:\/\/www.darkreading.com\/attacks-and-breaches\/epsilon-fell-to-spear-phishing-attack\/d\/d-id\/1097119?."},{"key":"ref_33","unstructured":"Clayton, M. (2021, October 23). Exclusive: New Thesis on How Stuxnet Infiltrated Iran Nuclear Facility. 25 February 2014. The Christian Science Monitor. Available online: http:\/\/www.csmonitor.com\/World\/Security-Watch\/2014\/0225\/Exclusive-New-thesis-on-how-Stuxnet-infiltrated-Iran-nuclear-facility."},{"key":"ref_34","unstructured":"Villeneuve, N., and Bennett, J. (2012). Detecting APT Activity with Network Traffic Analysis, Trend Micro. Trend Micro Incorporated. Research Paper."},{"key":"ref_35","unstructured":"Beckerman, J. (2019, June 12). International Dairy Queen Confirms Data Breach, The Wall Street Journal, Available online: http:\/\/www.wsj.com\/articles\/international-dairy-queen-confirms-data-breach-1412891919."},{"key":"ref_36","unstructured":"Reuters (Technology News, 2014). Cyber attack could cost Sony studio as much as $100 million, Technology News."},{"key":"ref_37","doi-asserted-by":"crossref","unstructured":"Pfleeger, L.S., and Caputo, D.D. (2012). Leveraging Behavioral Science to Mitigate Cyber Security Risk. Comput. Secur., 31.","DOI":"10.1016\/j.cose.2011.12.010"},{"key":"ref_38","unstructured":"Robinson, W.S. (2007). Corporate Espionage 201, SANS Institute InfoSec Reading Room, The SANS Institute. Version 1.0."},{"key":"ref_39","unstructured":"Mclean, R. (2021, October 23). Hospital Pays Bitcoin Ransom after Malware Attack. 2016. CNN Money, New York. Available online: http:\/\/money.cnn.com\/2016\/02\/17\/technology\/hospital-bitcoin-ransom\/."},{"key":"ref_40","first-page":"35","article-title":"A Case Study of Eurograbber: How 36 million Euros was Stolen via Malware","volume":"35","author":"Kalige","year":"2012","journal-title":"Versafe"},{"key":"ref_41","unstructured":"Filkins, B. (2013). The SANS 2013 Help Desk Security and Privacy Survey, The SANS Institute."},{"key":"ref_42","unstructured":"Hartmann, K., and Steup, C. (2013, January 4\u20137). The Vulnerability of UAVs to Cyber Attacks\u2014An Approach to the Risk Assessment. Proceedings of the 2013 5th International Conference on Cyber Conflict, Tallinn, Estonia."},{"key":"ref_43","unstructured":"Welch, C. (2020, February 01). Over 150 Million Breached Records from Adobe Hack Have Surfaced Online, The Verge, Available online: http:\/\/www.theverge.com\/2013\/11\/7\/5078560\/over-150-million-breached-records-from-adobe-hack-surface-online."},{"key":"ref_44","unstructured":"\u00d8stby, G., Berg, L., Kianpour, M., Katt, B., and Kowalski, S.J. (2019). A Socio-Technical Framework to Improve cyber security training: A Work in Progress. CEUR Workshop Proceed., 1\u20133."},{"key":"ref_45","unstructured":"Kowalski, S.J. (1993, January 12\u201317). The SBC Model as a Conceptual Framework for Reporting IT Crimes. Proceedings of the IFIP TC9\/WG9. 6 Working Conference on Security and Control of Information Technology in Society on Board M\/S Illich and Ashore, St. Petersburg, Russia."},{"key":"ref_46","unstructured":"Williams, R. (2020, November 17). Jennifer Lawrence hack: ICloud security explained, The Telegraph, Available online: http:\/\/www.telegraph.co.uk\/technology\/internet-security\/11067563\/Jennifer-Lawrence-hack-iCloud-security-explained.html."},{"key":"ref_47","unstructured":"Geraci, R. (Bloomberg Business Week, 2015). CEOs and Cyber Defense: The New Reality, Bloomberg Business Week."},{"key":"ref_48","unstructured":"Brumfield, B. (2021, October 23). Study: Hack Attack Aimed at ISIS\u2019 Opposition. 19 December 2014. CNN. Innovations. Available online: http:\/\/www.cnn.com\/2014\/12\/19\/world\/meast\/isis-opponents-malware-attack\/."},{"key":"ref_49","first-page":"1","article-title":"Human factors in information security: The insider threat\u2014Who can you trust these days?","volume":"14","author":"Colwill","year":"2010","journal-title":"Inf. Secur. Tech. Rep."},{"key":"ref_50","unstructured":"Kessler, C.G. (2000). Defenses Against Distributed Denial of Service Attacks. Computer Security Handbook, Wiley & Sons. [4th ed.]. Available online: http:\/\/www.garykessler.net\/library\/ddos.html."},{"key":"ref_51","unstructured":"Zetter, K. (2020, August 25). Logic Bomb Set Off South Korea Cyberattack, Cybersecurity Hacks and Cracks, Available online: https:\/\/www.wired.com\/2013\/03\/logic-bomb-south-korea-attack\/."},{"key":"ref_52","unstructured":"Marsan, D.C. (2021, October 23). 5 things Estonia did right in battling hacktivism: Being open, asking for help keys to snuffing out cyberattacks, Network World, Available online: http:\/\/www.networkworld.com\/article\/2294176\/lan-wan\/5-things-estonia-did-right-in-battling-hacktivism.html."},{"key":"ref_53","unstructured":"Kowalski, S. (1993, January 12\u201314). Do Computer Security Models Model Computer Crime: A Study of Swedish Computer Crime Cases. Proceedings of the 5th Canadian Computer Security Symposium, Ottawa, ON, Canada."},{"key":"ref_54","unstructured":"(2020, March 16). Avecto Article. One Big Thing You Can Do to Mitigate Cyber Attacks. Available online: https:\/\/cdn2.hubspot.net\/hub\/333464\/file-603003268-pdf\/Avecto\/Avecto-Article-Cyber-Security.pdf."},{"key":"ref_55","unstructured":"Bhattacharyya, A., Banerjee, A., and Bose, D. (2011). Different Types of Attacks in Mobile ADHOC Network: Prevention and Mitigation Techniques, Saltlake Publisher. Department of Computer Science & Engineering, Institute of Engineering & Management."},{"key":"ref_56","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1016\/j.cose.2009.04.006","article-title":"Human and organizational factors in computer and information security: Pathways to vulnerabilities","volume":"28","author":"Kraemer","year":"2009","journal-title":"Comput. Secur."},{"key":"ref_57","unstructured":"Chen, W.D. (2021, October 23). Man Charged with Sabotage of Computers, The NY Times, Available online: http:\/\/www.nytimes.com\/1998\/02\/18\/nyregion\/man-charged-with-sabotage-of-computers.html."},{"key":"ref_58","first-page":"8","article-title":"Penetration testing and social engineering: Hacking the weakest link","volume":"4","author":"Barrett","year":"2003","journal-title":"Inf. Secur. Tech. Rep."},{"key":"ref_59","unstructured":"Orosz, M. (2010). Addressing Human Behavior in Cyber Security, USC Information Sciences Institute."},{"key":"ref_60","unstructured":"Waxer, C. (2020, March 16). The Top 5 Internal Security Threats. 2007. IT Security. Available online: http:\/\/www.itsecurity.com\/features\/the-top-5-internal-security-threats-041207\/."},{"key":"ref_61","unstructured":"SecureWorks Dell (2012). Advanced Threat Protection with Dell SecureWorks Security Services, Dell SecureWorks."},{"key":"ref_62","doi-asserted-by":"crossref","unstructured":"Krombholz, K., Hobel, H., Huber, M., and Weippl, E. (2013, January 26\u201328). Social Engineering Attacks on the Knowledge Worker. Proceedings of the 6th International Conference on Security of Information and Networks, Aksaray, Turkey.","DOI":"10.1145\/2523514.2523596"}],"container-title":["Journal of Cybersecurity and Privacy"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/2624-800X\/1\/4\/32\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,11]],"date-time":"2025-10-11T07:28:51Z","timestamp":1760167731000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/2624-800X\/1\/4\/32"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,11,11]]},"references-count":62,"journal-issue":{"issue":"4","published-online":{"date-parts":[[2021,12]]}},"alternative-id":["jcp1040032"],"URL":"https:\/\/doi.org\/10.3390\/jcp1040032","relation":{},"ISSN":["2624-800X"],"issn-type":[{"value":"2624-800X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2021,11,11]]}}}