Are Ecuadorian universities prepared for cyberattacks?

Article Sidebar

PDF (Español (España))
Published: Nov 10, 2024
DOI: https://doi.org/10.33386/593dp.2024.6.2864
Keywords:
cyberattacks, cybersecurity, collaboration, education, SOC (security operations center) ciberataques, ciberseguridad, colaboración, educación, SOC (centro de operaciones de seguridad)

Main Article Content

Feddor Gabriel Derenzin-Martinez
Tecnológico Universitario Euroamericano - Ecuador

Abstract

In the last year, educational institutions have become one of the most attacked sectors worldwide, according to the Check Point Security Report ​(2024a)​. This puts data security and the continuity of academic operations at risk. In Ecuador, data from ESET ​(2023)​ reveals that the country ranks first in phishing attacks in Latin America, which shows its vulnerability to multiple threats, including malware, ransomware, and social engineering attacks. Despite growing concern, the lack of specific data on the impact on Ecuadorian universities limits a full understanding of the magnitude of the problem.
Open source tools have emerged as a viable solution to improve cybersecurity, provided that trained personnel are available for their implementation. However, unsupervised automation can generate additional risks, highlighting the importance of combining technology with human intervention. International collaboration is essential to strengthen cybersecurity in universities, allowing the exchange of knowledge and resources. The creation of Security Operations Centers (SOC) based on open technologies has proven to be an effective strategy for monitoring and responding to incidents in real time, while also offering practical training opportunities. In Ecuador, collaboration with the Computer Emergency Response Team (EcuCERT) could further strengthen security in the university environment.

Downloads

Download data is not yet available.

Article Details

How to Cite
Derenzin-Martinez , F. . (2024). Are Ecuadorian universities prepared for cyberattacks? . 593 Digital Publisher CEIT, 9(6), 1220-1232. https://doi.org/10.33386/593dp.2024.6.2864
Issue
Vol. 9 No. 6 (2024): Multidisciplinary
Section
Investigaciones /estudios empíricos
Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.

1. Derechos de autor
Las obras que se publican en 593 Digital Publisher CEIT están sujetas a los siguientes términos:
1.1. 593 Digital Publisher CEIT, conserva los derechos patrimoniales (copyright) de las obras publicadas, favorece y permite la reutilización de las mismas bajo la licencia Licencia Creative Commons 4.0 de Reconocimiento-NoComercial-CompartirIgual 4.0, por lo cual se pueden copiar, usar, difundir, transmitir y exponer públicamente, siempre que:
1.1.a. Se cite la autoría y fuente original de su publicación (revista, editorial, URL).
1.1.b. No se usen para fines comerciales u onerosos.
1.1.c. Se mencione la existencia y especificaciones de esta licencia de uso.

Author Biography

Feddor Gabriel Derenzin-Martinez , Tecnológico Universitario Euroamericano - Ecuador

http://orcid.org/0009-0002-0357-7764

I am a professional with more than 20 years of experience in cybersecurity and telecommunications. I served as a Telecommunications Expert at the Judicial Council and worked as a Cybersecurity Architect. I have a degree in Networking and Telecommunications Engineering, and I am currently pursuing a Master's degree in Cybersecurity. I have led SOC implementation projects with open technologies, hardening, and advanced security strategies in Linux. 

References

HECK POINT. (2024a). CYBER SECURIT Y REPORT 2024. https://pages.checkpoint.com/2024-cyber-security-repo

CHECK POINT. (2024b). Cyber Security Report 2024. https://pages.checkpoint.com/2024-cyber-security-report

ECUCERT. (2021). Estadísticas de Seguridad de Redes de Telecomunicaciones. https://www.ecucert.gob.ec/estadisticas/

ESET. (2023). Eset Security Report Latinoamerica 2023. https://web-assets.esetstatic.com/wls/es/articulos/reportes/eset-security-report-latam2023.pdf

ESET. (2024). Eset Security Report Latinoamerica 2024. 31. https://web-assets.esetstatic.com/wls/es/articulos/reportes/eset-security-report-2024-es.pdf

Garzón Ibarra, C. S., Navas Tapia, C. A., Illicachi Tene, A. M., Espinoza Toapanta, R. J., & Estrella Ormaza, G. S. (2024). Análisis de los Ataques de Ingeniería Social en Ecuador. Ciencia Latina Revista Científica Multidisciplinar, 8(1), 4354–4367. https://doi.org/10.37811/cl_rcm.v8i1.9777

Ghiasi, M., Niknam, T., Wang, Z., Mehrandezh, M., Dehghani, M., & Ghadimi, N. (2023). A comprehensive review of cyber-attacks and defense mechanisms for improving security in smart grid energy systems: Past, present and future. Electric Power Systems Research, 215, 108975. https://doi.org/10.1016/j.epsr.2022.108975

Herrera Lara, L. A. (2022). IMPLEMENTACIÓN DE UN CENTRO DE OPERACIONES DE SEGURIDAD Y REDES (NSOC) USANDO HERRAMIENTAS OPEN SOURCE PARA LA INFRAESTRUCTURA INDUSTRIAL DE LA EMPRESA ELÉCTRICA QUITO. https://bibdigital.epn.edu.ec/handle/15000/22864

Juca-Maldonado, F., & Medina-Peña, R. (2023). Ciberdelitos en Ecuador y su impacto social; panorama actual y futuras perspectivas. Portal de La Ciencia, 4(3), 325–337. https://doi.org/10.51247/pdlc.v4i3.394

Knerler, K., Parker, I., & Zimmerman, C. (2022). 11 Strategies of a World-Class Cybersecurity Operations Center. https://www.mitre.org/sites/default/files/2022-04/11-strategies-of-a-world-class-cybersecurity-operations-center.pdf

Leonardo Rafael, C. V. (2020). Implementación de un equipo de respuesta a incidentes de seguridad informática (CSIRT) en la Fiscalía General del Estado. https://repositorio.uisek.edu.ec/bitstream/123456789/3959/3/Leonardo%20Rafael%20Chuquiguanca%20Vicente.pdf#page=49&zoom=100,92,537

López-Anchala, K. A., & Ordóñez-Parra, Y. L. (2024). Auditoría y ciberseguridad en el sector comercial: evaluación de resiliencia ante amenazas digitales. Revista Multidisciplinaria Perspectivas Investigativas, 4(especial), 14–27. https://doi.org/10.62574/rmpi.v4iespecial.154

Mario Jesus, F. C. (2023). Implementación de una plataforma server utilizando la arquitectura Suricata Open Source para la detección y prevención de intrusos en la red. https://orcid.org/0000-0001-6377-8328

Marquardson, J. (2022). SOC It to ’Em: Bringing a Security Operations Center onto a University Campus. Journal of Information Systems Education, 33(3), 300–305.

Pineda, M. V., Mauricio, A., & Quiceno, Á. (2023). Análisis de herramientas de ciberseguridad de código abierto para la prevención de ciberataques a pequeñas y medianas empresas en Colombia. http://revista.escolme.edu.co/index.php/cies/article/viewFile/479/520

Polytseris, Z. (2024). Migrating the Linked Data into Elasticsearch. https://pergamos.lib.uoa.gr/uoa/dl/object/3397216/file.pdf

Ponce Tubay, M. A. (2024). Delitos informáticos: Caso Ecuador. Revista San Gregorio, 1(58), 119–123. https://doi.org/10.36097/rsan.v1i58.2667

Shaikh, F. A., & Siponen, M. (2024). Organizational Learning from Cybersecurity Performance: Effects on Cybersecurity Investment Decisions. Information Systems Frontiers, 26(3), 1109–1120. https://doi.org/10.1007/S10796-023-10404-7/TABLES/2

Tilbury, J., & Flowerday, S. (2024). Automation Bias and Complacency in Security Operation Centers. Computers, 13(7), 165. https://doi.org/10.3390/computers13070165

Vielberth, M., Bohm, F., Fichtinger, I., & Pernul, G. (2020). Security Operations Center: A Systematic Study and Open Challenges. IEEE Access, 8, 227756–227779. https://doi.org/10.1109/ACCESS.2020.3045514