An exploration of students' cyber threats perception in the digital age

Authors

  • Donald Mothisi School of Computing, University of South Africa
  • Mathias Mujinga School of Computing, University of South Africa

DOI:

https://doi.org/10.24002/ijis.v7i2.10424

Abstract

This study aims to investigate cyber threat awareness among students from a rural-based university and propose a model to enhance their awareness. Students rely on information and communication technologies (ICTs) for educational and personal activities. Students in rural areas may have less cybersecurity education and awareness than their urban counterparts. This can affect their awareness of malware, social engineering, and other cyber threats. It also heightens the challenges students face in mitigating security breaches. Data was collected using a survey to assess students' awareness of cyber threats. This assisted in determining students' knowledge, attitude, and behaviour (KAB) when engaged in online activities. The results indicated that less than 20 per cent of the students are aware of threats like Trojan horses, phishing, and keyloggers. The limited awareness of these threats could negatively impact students' ability to protect their information resources. It is recommended that rural-based students are continuously made aware of cyber threats. This study proposes the student online threat awareness model (SOTAM) to enhance cyber threat awareness among students.

References

[1] T. Moletsane and P. Tsibolane, “Mobile Information Security Awareness among Students in Higher Education : An Exploratory Study,” 2020 Conf. Inf. Commun. Technol. Soc. ICTAS 2020 - Proc., pp. 1–6, 2020, doi: 10.1109/ICTAS47918.2020.233978.

[2] H. S. Berry, “Survey of the Challenges and Solutions in Cybersecurity Awareness Among College Students,” 2023 11th Int. Symp. Digit. Forensics Secur., pp. 1–6, 2023, doi: 10.1109/ISDFS58141.2023.10131851.

[3] P. M. W. Musuva, K. W. Getao, and C. K. Chepken, “A new approach to modelling the effects of cognitive processing and threat detection on phishing susceptibility,” Comput. Human Behav., vol. 94, no. August 2018, pp. 154–175, 2019, doi: 10.1016/j.chb.2018.12.036.

[4] Z. Mador, “Keep the dark web close and your cyber security tighter,” Comput. Fraud Secur., vol. 2021, no. 1, pp. 6–8, Jan. 2021, doi: 10.1016/S1361-3723(21)00006-3.

[5] D. Goel and A. K. Jain, “Mobile phishing attacks and defence mechanisms: State of the art and open research challenges,” Comput. Secur., vol. 73, pp. 519–544, 2018, doi: 10.1016/j.cose.2017.12.006.

[6] A. Georgiadou, S. Mouzakitis, K. Bounas, and D. Askounis, “A Cyber-Security Culture Framework for Assessing Organization Readiness,” J. Comput. Inf. Syst., vol. 62, no. 3, pp. 452–462, 2022, doi: 10.1080/08874417.2020.1845583.

[7] K. Parsons, A. McCormac, M. Butavicius, M. Pattinson, and C. Jerram, “Determining employee awareness using the Human Aspects of Information Security Questionnaire (HAIS-Q),” Comput. Secur., vol. 42, pp. 165–176, 2014, doi: 10.1016/j.cose.2013.12.003.

[8] S. Aurigemma and T. Mattson, “Exploring the effect of uncertainty avoidance on taking voluntary protective security actions,” Comput. Secur., vol. 73, pp. 219–234, Mar. 2018, doi: 10.1016/J.COSE.2017.11.001.

[9] F. Erdoğdu, S. Gökoğlu, and M. Kara, “‘What about users?’: Development and validation of the mobile information security awareness scale (MISAS),” Online Inf. Rev., vol. 45, no. 2, pp. 406–421, 2021, doi: 10.1108/OIR-04-2020-0129.

[10] S. Althubaiti and H. Petrie, “Instructions for creating passwords: How do they help in password creation,” in HCI 2017: Digital Make Believe - Proceedings of the 31st International BCS Human Computer Interaction Conference, HCI 2017, 2017, vol. 2017-July. doi: 10.14236/ewic/HCI2017.55.

[11] A. Kovačević and S. D. Radenković, “SAWIT-security awareness improvement tool in the workplace,” Appl. Sci., vol. 10, no. 9, 2020, doi: 10.3390/app10093065.

[12] M. M. Al-Daeef, N. Basir, and M. M. Saudi, “Security awareness training: A review,” in Lecture Notes in Engineering and Computer Science, 2017, vol. 2229, pp. 446–451.

[13] J. M. Blythe and L. Coventry, “Costly but effective: Comparing the factors that influence employee anti-malware behaviours,” Comput. Human Behav., vol. 87, no. August 2017, pp. 87–97, 2018, doi: 10.1016/j.chb.2018.05.023.

[14] J. E. Thomas, “Individual Cyber Security: Empowering Employees to Resist Spear Phishing to Prevent Identity Theft and Ransomware Attacks,” Int. J. Bus. Manag., vol. 13, no. 6, p. 1, 2018, doi: 10.5539/ijbm.v13n6p1.

[15] B. B. Gupta, N. A. G. Arachchilage, and K. E. Psannis, “Defending against phishing attacks: taxonomy of methods, current issues and future directions,” Telecommun. Syst., vol. 67, no. 2, pp. 247–267, 2018, doi: 10.1007/s11235-017-0334-z.

[16] M. Nieles, K. Dempsey, and V. Y. Pillitteri, “NIST Special Publication 800-12 Revision 1 - An introduction to information security,” NIST Spec. Publ., 2017, doi: 10.6028/NIST.SP.800-12r1.

[17] S. Chakraborty, “A Comparison Study of Computer Virus and Detection Techniques,” Int. J. Sci. Res. Comput. Sci. Eng. Inf. Technol. © 2017 IJSRCSEIT, vol. 1, no. 2, pp. 236–240, 2017, Accessed: May 16, 2021. [Online]. Available: www.ijsrcseit.com

[18] A. Kovacevic, N. Putnik, and O. Toskovic, “Factors Related to Cyber Security Behavior,” IEEE Access, vol. 8, pp. 125140–125148, 2020, doi: 10.1109/ACCESS.2020.3007867.

[19] A. Da Veiga, “A model for information security culture with creativity and innovation as enablers – refined with an expert panel,” Inf. Comput. Secur., vol. 658, 2023, doi: 10.1108/ICS-11-2022-0178.

[20] J. D. Wall, P. Palvia, and J. D’Arcy, “Theorizing the Behavioral Effects of Control Complementarity in Security Control Portfolios,” Inf. Syst. Front., 2021, doi: 10.1007/s10796-021-10113-z.

[21] M. Bogale, L. Lessa, and S. Negash, “Building an information security awareness program for a bank: Case from Ethiopia,” 2019.

[22] D. Jeske and P. van Schaik, “Familiarity with Internet threats: Beyond awareness,” Comput. Secur., vol. 66, pp. 129–141, 2017, doi: 10.1016/j.cose.2017.01.010.

[23] M. Sas, G. Reniers, K. Ponnet, and W. Hardyns, “The impact of training sessions on physical security awareness: Measuring employees’ knowledge, attitude and self-reported behaviour,” Saf. Sci., vol. 144, no. August, p. 105447, 2021, doi: 10.1016/j.ssci.2021.105447.

[24] S. Chakraborty, “Module Functioning of Computer Worm, PC Virus and Anti Virus Programs,” Int. J. Sci. Res. Comput. Sci. Eng. Inf. Technol. © 2017 IJSRCSEIT, vol. 1, no. 2, pp. 2456–3307, 2017.

[25] A. J. Burns, M. E. Johnson, and D. D. Caputo, “Spear phishing in a barrel: Insights from a targeted phishing campaign,” J. Organ. Comput. Electron. Commer., vol. 29, no. 1, pp. 24–39, 2019, doi: 10.1080/10919392.2019.1552745.

[26] S. R. Saha and A. K. Guha, “Impact of Social Media Use of University Students,” Int. J. Stat. Appl., vol. 2019, no. 1, pp. 36–43, 2019, doi: 10.5923/j.statistics.20190901.05.

[27] P. Nyblom, G. Wangen, and V. Gkioulos, “Risk perceptions on social media use in Norway,” Futur. Internet, vol. 12, no. 12, pp. 1–40, 2020, doi: 10.3390/fi12120211.

[28] K. Parsons, A. McCormac, M. Butavicius, M. Pattinson, and C. Jerram, “Determining employee awareness using the Human Aspects of Information Security Questionnaire (HAIS-Q),” Comput. Secur., vol. 42, pp. 165–176, 2014, doi: 10.1016/j.cose.2013.12.003.

[29] G. Alotibi, “A Cybersecurity Awareness Model for the Protection of Saudi Students from Social Media Attacks,” Eng. Technol. Appl. Sci. Res., vol. 14, no. 2, pp. 13787–13795, 2024, doi: 10.48084/etasr.7123.

[30] G. S. Prakasha, J. J. Leiva-Olivencia, A. Simpson, T. Grundmeyer, and A. Kenneth, “Lived Experiences, Challenges, and Coping Mechanisms of Undergraduate Students on Cybersecurity in Digital Environments,” Comput. Sch., vol. 41, no. 3, pp. 328–350, 2024, doi: 10.1080/07380569.2024.2363341.

[31] C. Melchior and U. Soler, “Security of Personal Data in Cyberspace in the Opinion of Students of the University of Udine,” Cybersecurity Law, vol. 11, no. 1, pp. 227–247, 2024, doi: 10.35467/cal/188451.

[32] M. Yildirim and M. E. Erendor, “A Comparative Analysis of Cyber Security Behaviours of University Students,” Edpacs, vol. 69, no. 6, pp. 28–45, 2024, doi: 10.1080/07366981.2024.2356298.

Downloads

Published

2025-02-28

How to Cite

Donald Mothisi, & Mujinga, M. (2025). An exploration of students’ cyber threats perception in the digital age. Indonesian Journal of Information Systems, 7(2), 123–135. https://doi.org/10.24002/ijis.v7i2.10424

Issue

Vol. 7 No. 2 (2025): February 2025

Section

Articles

License

Creative Commons License

This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

Indonesian Journal of Information Systems as journal publisher holds copyright of papers published in this journal. Authors transfer the copyright of their journal by filling Copyright Transfer Form and send it to Indonesian Journal of Information Systems.

 
Creative Commons License
Indonesian Journal of Information Systems is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.