Cybersecurity in the digital social services system

Cover Page

Cite item

Full Text

Abstract

the relevance of the study is due to the digitalization of social services, accompanied by an increase in cyber threats aimed at theft of personal data, fraud and disruption of critical social services. In the context of the massive digital transition of public services, ensuring their security is becoming a key factor in protecting citizens' rights and the sustainability of social infrastructure. The purpose of the study is to identify specific cybersecurity threats in digital social service systems, evaluate the effectiveness of modern protection methods and develop recommendations to increase their resistance to cyber-attacks. The main tasks included: analyzing the structure and dynamics of cyber threats in the social sphere; assessing the vulnerabilities of typical architectures of digital social services; studying the effectiveness of various protection mechanisms; developing a risk assessment model taking into account the specifics of social services. The scientific novelty of the work lies in the systematization of threats specific to the social sphere, including targeted attacks on personal data systems and social fraud. The practical significance lies in the recommendations developed to modernize the protection systems of digital social services, which can be used by government agencies, developers of IT solutions and regulators in the field of information security.

About the authors

P. A Gorokhova

St. Petersburg State Institute of Technology (Technical University)

References

  1. Израилов К.Е., Буйневич М.В., Котенко И.В., Десницкий В.А. Оценивание и прогнозирование состояния сложных объектов: применение для информационной безопасности // Вопросы кибербезопасности. 2022. № 6 (52). С. 2 – 21.
  2. Шаповаленко О.Д., Бедрий Д.И. Обзор современного состояния кибербезопасности // Международный журнал информационных и коммуникационных технологий. 2021. № 3. С. 18 – 26.
  3. ISO/IEC 27001:2022 Information technology – Security techniques – Information security management systems – Requirements. Geneva: ISO, 2022.
  4. ГОСТ Р 57580.1-2017 Безопасность финансовых организаций. Методы оценки соответствия. Введ. 2018.07.01. М.: Стандартинформ, 2017. 24 с.
  5. Smith J., Johnson K. Blockchain for Social Services Security // Journal of Cybersecurity. 2023. Vol. 5. No. 2. P. 112 – 125.
  6. ENISA Threat Landscape 2023 / European Union Agency for Cybersecurity. URL: https://www.enisa.europa.eu/publications/enisa-threat-landscape-2023 (дата обращения: 22.03.2025)
  7. Kaspersky ICS CERT Report 2023 / Kaspersky Lab. URL: https://ics-cert.kaspersky.com/reports/2023/ (дата обращения: 22.03.2025)
  8. NIST SP 800-53 Rev. 5 Security and Privacy Controls for Information Systems and Organizations. Gaithersburg: NIST, 2020.
  9. OWASP Top-10 2021 Application Security Risks. URL: https://owasp.org/Top10/ (дата обращения: 22.03.2025)
  10. Microsoft Authentication Guide 2023 / Microsoft Security. URL: https://learn.microsoft.com/en-us/security/ (дата обращения: 22.03.2025)
  11. IBM X-Force Threat Intelligence Index 2024 / IBM Security. URL: https://www.ibm.com/reports/threat-intelligence (дата обращения: 22.03.2025)
  12. Chen L., Wang M. AI-based Threat Detection in Government Systems // International Journal of Information Security. 2024. Vol. 23. No. 1. P. 45 – 58.

Supplementary files

Supplementary Files
Action
1. JATS XML
Download


Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 International License.

Согласие на обработку персональных данных

 

Используя сайт https://journals.rcsi.science, я (далее – «Пользователь» или «Субъект персональных данных») даю согласие на обработку персональных данных на этом сайте (текст Согласия) и на обработку персональных данных с помощью сервиса «Яндекс.Метрика» (текст Согласия).