Challenges in Cybersecurity

challenges in cybersecurity The new kinds of online fraud will become more elaborate and harder to detect

The military conflict caused by Russia in neighboring Ukraine takes place in cyberspace too. Some researchers are saying that we are talking about the biggest war of the cybernetic era, and the most significant escalation on both sides. 


Early in the conflict, Moscow launched an impressive number of destructive attacks against dozens of Ukrainian networks, managing to damage the Viasat satellite network, and cause grief for Ukraine's defenses. A few weeks in, the pace of such attacks went down, and right now, almost a year into the war, the main cybernetic activity that Russia carries out in relation to Ukraine is intelligence gathering. In addition to challenges caused by the war, China's technological advance, and the pandemic, which moved a lot of activities online, are as many reasons for cyberscurity to be more and more of a reason for worry. 


In this geopolitical context, with so many uncertainties, things are sure to stay the same, with organizations at all levels being more and more exposed to the threat of cybercrime. The global costs of cybercrime are expected to go up by 15% per year until 2025, and amount to more than 10 trillion dollars a year, as seen in a report by Cybersecurity Ventures, much higher than the cumulative profits of drug trafficking worldwide. The new kinds of online fraud will become more elaborate and harder to detect, as computer crime perpetrators are moving towards using artificial intelligence tools, according to the National Cybersecurity Directorate in Bucharest. The security of institutions is under careful care by experts and authorities, but regular users are much more exposed, and need assistance to fend off the many kinds of attacks they are vulnerable to. 


Among the most widely used fraud attacks for stealing personal data are phishing attacks by e-mail, which ask for identifying data through spurious offers, the National Cybersecurity Directorate in Bucharest warns. At the same time, many misleading messages are also disseminated on social media and search engines, as explained for Radio Romania by Mihai Rotariu, the head of communication for the directorate, who provided a few examples:


Mihai Rotariu: "As we begin this year, we see an increase in attempts at online fraud. As usual, the attackers are using the context we are in, and are trying to take advantage of commercial discounts associated with winter. More to the point, they are launching phishing campaigns using the visual identity of popular brands, which are usually more active during this period. We are talking about commercial banks, retailers, some online services, and delivery services. We have even witnessed fraud attempts using the image of some public institutions, such as the police, the fiscal authority, or even Europol. Most phishing attacks occur by e-mail, but they can be propagated through social media or text messaging, SMS, and the goal of attackers is to harvest personal data, be they financial or authentication data, mainly by redirecting the potential victim to cloned websites. These are sites that look like the real ones, but have a slightly different address, and are in another domain. Which is vital to pay careful attention to the name and security status of a websites where we use personal data."


It is no secret that attackers are relying more and more on artificial intelligence, enhancing and automating their activities, adapting to the context better, and having a better rate of success. However, we should not panic, says Mihai Rotariu:


Mihai Rotariu: "If we have cybersecurity routine, and good online hygiene, we should not panic, because we can sidestep about 90% of attacks. When I am talking about routine, I am referring to forming reflexes when acting online, formed just like the ones in real life. For instance, when we cross the street, we look right and left and check the traffic light. This is the case with links we access too. We don't click on a link from an unknown source before running a check on the source, using a security solution. At the same time, we have to know clearly that most companies that offer online services, especially banks, would never send e-mails with links for updating or verifying authentication data. You should never go to websites for, let's say, online banking through a link sent by SMS or e-mail, or through sponsored ads, you should only use the smartphone app. We also recommend you enter the website address manually in your Internet browser, taking care not to end up carelessly on such cloned sites. You should pay close attention to the exact name of the domain, because attackers substitute digits for letters, and if we rush through the process we could be fooled into thinking we are on the original site, but in fact we are on the cloned site. Last but not least, pay close attention to offers online that look too good to be true."


Mihai Rotariu added that we should always check with the company purporting to make the online promotional offers before acting on the purchase. (C.C.)



www.rri.ro
Publicat: 2023-02-10 14:09:00
Vizualizari: 999
TiparesteTipareste