News on Sunday

Cybersecurity : I have been hacked! What’s next?

Cybersecurity

The world is becoming increasingly interconnected but at the same time, the Internet is becoming dangerously insecure. Today, technology is inextricably linked to our lives. Technology has undoubtedly become an integral part of everyone. We are connected to technology 24 hours a day. The advent of new technologies has completely revolutionised the way we speak, communicate, live, and perform our daily activities.

Publicité

Without realising, we carry the world in our pocket as smartphones offer endless opportunities to communicate, conduct transactions and business. This leaves us with practically no other choice than to follow this ever-changing technological trend to subsist. On the other hand, there is a completely new paradigm shift in the way companies are conducting business. Social media has taken the world by storm and we are living in an era where machine intelligence is slowly but surely outperforming human intelligence. Artificial Intelligence (AI), which is the branch of computer science which is creating machines to simulate human beings, is already defining the next era of digitalisation.

AI is the new talk of the town, as it offers colossal opportunities for businesses as well as human beings. Numerous predictions show that AI will push many jobs to extinction. The application of AI will make cars driverless, which means that certain jobs like taxi drivers will become obsolete in the decades to come. A recent example is Domino’s pizza, which is a leading American pizza chain, they have started testing self-driving pizza delivery in certain parts of the United States and those experiments have proved to be surprisingly successful.

There is a myriad of industries that will be profoundly transformed with these new technological advancements. It has even been predicted that bank tellers will be replaced by robots in the future– believe it or not, in the decades to come, a robot will be communicating with you when you need a bank loan. Another example is in the customer service field where chatbots (chat robots) are slowly replacing traditional chat agents. Starbucks, Disney and some leading companies have already implemented chatbots to assist their customer service and the scary thing is that those AI driven bots have started to delight customers worldwide, further putting human jobs at stake.

However, all these technological revolutions imply extraordinary security risks. We feel a sense of déjà vu when we catch the Cybersecurity news headlines everyday – cyber-attacks, service disruption, data breaches, and theft of intellectual property. In 2017, the world has witnessed unprecedented Cyber-attacks. Ransomwares have caused unparalleled service disruptions for businesses worldwide, especially to companies that have massively underestimated the impact of Cyberattacks.

Wannacry and Petya ransomwares, which were headlines in the news some time back, have caused significant losses to companies worldwide. Ransomware is a type of malicious software that encrypts your data on your computer system or server and asks for a ransom from you to get the decryption key. Without the decryption key, your information on your computer will be completely nonsensical, as it will be in a format that makes the information unreadable.

Essentially, after a ransomware attack, you believe that all your information, on your laptop, is corrupted and irretrievable. The average ransom asked by cybercriminals on a case to case basis has significantly increased and in some cases has exceeded $ 1,000 USD. The mode of payment requested is via virtual currency - for example Bitcoins. Virtual currency has proliferated cybercrime in many ways as there is no banking or financial institution regulating the transaction between source and destination, which makes tracking a payment to cybercriminals very difficult – if not impossible.

The payment is normally effected via a Wallet ID, which consists of a string of characters that identifies the cybercriminal’s virtual currency account. Ransomwares have held many organisations hostage and some of them have suffered irreversible reputation loss. We need to take note that ransomware is only one form of malware (malicious software) among a multitude of threats, that can infect your personal computer or your organisation.

More than ever, we need to protect ourselves online – both as individuals and companies. In 2016 alone, there were more than 400,000 ransomwares created and it has already represented a $1 Billion USD business for the Cybercrime industry. The number of infected computers and devices (referred to as bots) is going to exceed 100 Million and cybercriminals are renting those infected bots to companies to bring down their competitors by launching a type of attack referred to as Distributed Denial of Service (DDOS) attack. Attacks are no longer solely targeted towards servers or websites but they have evolved into attacks on power distribution units and nuclear stations. Many reports predict that the Third World War could be triggered by a digital attack. In a recent interview, Putin stated his concern about an eventual world war, if someone wins the monopolist position in developing Artificial Intelligence.

As individuals, we need to ensure the preservation of our privacy in this increasingly vulnerable environment. We often lack vigilance when consenting to the End User License Agreements of software that we install on our phones– we agree and consent to those endless terms and conditions without realising the implications. We are constantly being tracked by those applications in each and every way possible. These phone apps constantly track our location, access our phone contact information and some of the apps even monitor our communication and messages. We are living in a world of cyber-espionage.

It only takes a couple of minutes for a cybercriminal to impersonate you by copying your Facebook profile picture and creating an account under your name - adding your friends as new contacts while communicating to YOUR friends that your previous account (genuine account) has been hacked. At this point in time - YOUR account is impersonated. Companies like Google are constantly tracking the searches you do and at a later point in time, will use your own data to sell products or services.

Email has become the preferred delivery vehicle of cybercriminals. Regardless of the number of security measures, cybercriminals can easily craft phishing email which appears to be legitimate and lures you into clicking on malicious links that can steal your credentials. Cybercriminals are using spear phishing email where they send personalised emails directly to you. Cybercriminals perform some type of reconnaissance and/or information gathering about you before launching the attack. In the spear phishing scenario, the email you receive, due to its personalisation, will appear to be from someone you know but it comes from a cybercriminal that is ready to launch an attack. Today, the primary motive behind almost every cybercrime targeted at individuals is monetary.

The big question that we must ask ourselves is – Are there any “antidotes” to remain safe online? The truth is that there is no panacea for online safety – no single remedy can protect you against all cyber threats. It requires a combination of many processes both technical and non-technical as well as security measures to protect ourselves as individuals and organisations. In this era of digitalisation, we need to ensure that we are holding all the aces to protect ourselves online. A security chain is as strong as its weakest link – very often, it takes only a single blunder to compromise an entire security platform. Some examples that constantly makes us vulnerable – using outdated software, having a good antivirus with an outdated virus definition, performing transactions via insecure networks such as public WIFI or failing to use encrypted protocols.

About the author

Rajiv Seeras is currently serving as Director of Information Technology at Apollo Blake. He holds a Master Degree in Information Security and Forensics and an Executive MBA from Paris Sorbonne. In 2017, Apollo Blake has launched a high-impact course in Cyber Security awareness for both individuals and professionals. The course is highly practical with real-life demonstrations of cyber-attacks. The course received much positive feedback from the Industry. For more information, please visit www.trainingmauritius.com or email us at training@apolloblake.com

 

Notre service WhatsApp. Vous êtes témoins d`un événement d`actualité ou d`une scène insolite? Envoyez-nous vos photos ou vidéos sur le 5 259 82 00 !