Viewpoint
04 May 21 | Lisboa
TOL NEWS 7, CYBERCRIME
CYBERCRIME

THE EVOLUTION OF NEW TECHNOLOGIES
RELEVANT INFORMATION TO YOUR PROTECTION

The new technologies enable an exponential advance at the level of information, knowledge, efficiency, labour production, communication, development in various areas and sectors that surround our daily lives!

On the other hand, cybercrime is also increasing exponentially. And it is not surprising because the anonymity, offered by the use of technology, to commit crimes makes it very profitable to take a very low risk!

 In fact, there are several risks associated with the use of technology that can stem from various causes:

1.         Negligence or mistakes;

2.         Lack of awareness about the importance of Cybersecurity;

3.         Malicious attacks, external or internal;

4.         Natural causes such as fires, floods, etc.

 With the Internet and the globalisation of rapid information, the developments in Big Data, Machine Learning, (IoT), the physical and digital world has become hyper-connected and every user is an active element, so the need to protect against cyber-threats becomes more and more essential.

To enable its protection, it is relevant to bear in mind the definition of IT Security (technological infrastructure, i.e. computer and communications equipment) and Information Security (the assets, the data, the information that travels on the Internet)

It is therefore essential to be aware of current threats, which have been evolving at the speed of technological developments.

 MAIN TYPES OF THREATS

MALWARE - is the acronym, in English, of the words "mal icious "and" soft ware" . Malware is the main term used to characterise all computer threats. Within this category, we already have different more specific classifications

VIRUS - Computer viruses need a host in which to stay.

WORM - is a computer program created to produce some damage in the user's system and which has two characteristics: it acts in a transparent way for the user and it has the capacity to reproduce itself.

TROJAN - attempts to go undetected while accessing our devices with the intention of performing hidden actions such as opening a "back door" for other malicious programs to access.

ADWARE - Adware (an acronym for "ad vertisement" and "soft ware") is a malicious program, which is installed on the system without the user actually knowing its main objective, which is to download and/or display advertisements on the victim's screen

SPYWARE - is an application whose purpose is to collect information from the user, without their consent.

ROGUE - is a malicious code that pretends to be a security program in order to make the user pay for a harmful or non-existent application.

RANSOMWARE - is one of the computer threats most similar to an attack without technological means: hijacking/kidnapping

 Some of the hijacking techniques are as follows: 

             - Encryption of files on the hard drive. 

             - Blocking access to certain files (usually administrative documents). 

             - Total blocking of access to the system (before login or screen lock when the user accesses the system).

 But there are also other threats...

Spam - unsolicited e-mail sent from a third party. 

Hoax - email distributed in a chain format, aimed at making readers believe that something false is real

Scam - name used for fraud through technological means. It is a consistent crime focused on causing property damage to someone through fraud, for profit and using technology as a means

Phishing - consists in stealing the user's personal and/or financial information by forging communications from a trusted entity. In this way, the user believes he is inserting his data in a site he knows when, in reality, these data are sent directly to the attacker. In its classic form, the attack starts by sending an email simulating the identity of a trusted organisation, such as a bank or a well-known company. 

 The characteristics of a phishing email are as follows:

            - Use of names of organisations with a public presence. 

            - The sender's email simulates being from the company in question.

            - The body of the mail features the logo of the company that signs the message. 

            - The message urges the user to re-enter some kind of information that, in reality, the supposed sender already possesses. 

            - The message includes a link.

 So to avoid attacks it is essential to take certain precautions, namely to protect hardware from illegitimate physical access, natural disasters, environmental changes, among others.

 There should be, especially in the corporate context, a procedure implemented for making security copies. 

Use of a secure password system, use of biometric systems, among others.

HOW DO WE AVOID BEING INFECTED?

To avoid being infected by Ransomware, we should follow these commonsense guidelines: 

            - Keep our operating system and applications up to date, thus preventing the attacker from taking advantage of already identified vulnerabilities. 

            - Have at least one antivirus always up to date.

            - Do not open e-mails or files from unknown senders.

            - Avoid surfing on insecure pages or pages with unverified content. 

            - Have a backup system and a defined recovery procedure that will allow us to recover the system in the least possible time without losing information. 

 In the core of crimes related to Cybercrime and Technological Crime we find those foreseen in the Cybercrime Law; in the RGPD; in the Copyright and Related Rights Code; crimes against sexual freedom and self-determination committed by means or through a computer system; crimes of computer and communications fraud, espionage, cyber-terrorism, among many others.

 NATIONAL CYBER SECURITY REFERENCE FRAMEWORK

 The National Cybersecurity Centre ("CNC") was implemented as the National Cybersecurity Authority by Law No. 46/2018, of 13 August, which establishes the legal regime for cyberspace security, transposing the Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures to ensure a high common level of network and information security across the European Union.

 Regulation (EU) 2019/881 of the European Parliament and of the Council of 17 April, 2019 on the European Union Agency for Cybersecurity (ENISA) and cybersecurity certification of information and communication technologies was also adopted.

 Cybercrime Law, approved by Law 109/2009, of 15th September, in which some crimes are foreseen, namely the crime of computer forgery (Art. 3); crime of computer damage (Art. 4); crime of computer sabotage (Art. 5); crime of illegitimate access (Art. 6); crime of illegitimate interaction (Art. 7); crime of reproduction of protected software (Art. 8).

 Protection in this area becomes increasingly important, in fact, Portugal's Recovery and Resilience Plan (RRP) to access post-crisis EU funds foresees the mobilisation of 130 million euros for cybersecurity!

 ONCE INFECTED HOW TO SOLVE IT?

 There is no direct and magic formula and the solution to the problem is not simple, however, the best formula to solve it will be to contact a Lawyer and appeal to the National Unit for Combating Cybercrime and Technological Crime of the Judiciary Policy (UNC3T)

Viewpoint

Social Engineering - When the problem lies between the keyboard and the chair.

 The technical methods of Cyber Crime have become increasingly sophisticated, making it virtually impossible for most computer system users to fully understand them.

 However, an aspect that is not at all related with technology but rather with human behavior has been raising the threat level of hacker attacks.

 Indeed, the so-called "Social Engineering" is at the origin of a significant percentage of cases of attacks and the statistics speak for themselves:

  • 98% of cyber-attacks rely on social engineering.
  • 43% of IT professionals said they had been targeted by social engineering scams in the last year.
  • New employees are the most susceptible to social engineering attacks, with 60% of IT professionals citing recent hires as high risk.
  • 21% of current or former employees use social engineering to gain a financial advantage, for revenge, curiosity or for fun.
  • Social engineering attempts increased by more than 500% from Q1 to Q2 2018.

 (Source: “PurpleSec - 2021 Cyber Security Statistics - The Ultimate List Of Stats, Data & Trends”)

Social engineering is the psychological manipulation of people to perform actions or disclose confidential information. Potential victims of a social engineering attack can range from a corporate executive to an elementary school student. Even the most experienced IT professional can fall victim to an attempted attack of this type.

One of the best-known attacks using Social Engineering is the so-called "CEO Fraud".

CEO fraud is a sophisticated email scam that cybercriminals use to trick victims into transferring money or providing them with confidential company information.

 Cybercriminals send clever emails posing as the CEO or other company executives and ask employees, usually in HR or accounting, to help them by sending a wire transfer. This cybercrime uses spoofed or compromised email accounts to trick email recipients into acting maliciously towards the company.

CEO Fraud is a social engineering technique that relies on gaining the trust of the email recipient. The cybercriminals behind the CEO scam know that most people don't look too closely at email addresses or notice small differences in spelling.

 These emails use familiar but urgent language and make it clear that the recipient is doing the sender a big favor by helping them. Cybercriminals exploit the human instinct to trust each other and the desire to want to help others.

How to avoid being a victim of a Social Engineering attack: 

When an E-Mail although apparently coming from a reliable person, be aware of unusual forms of writing or treatment (e.g., informal instead of formal wording), or when what is requested in the E-Mail is clearly outside the usual procedures. A simple verification phone call to the (real) person whose address appears in the E-Mail solves it immediately. In particular if the e-mail allegedly comes from a person in a high hierarchical position, from whom we do not normally receive e-mails directly, there are grounds for strong suspicion.

In case of suspicious phone calls:

  • Maintain a suspicious attitude by default
  • Take note of the person's name and company, and call that company to confirm that the person really exists
  • Idem for alleged "Colleagues from the IT department". Confirm that such a person actually exists.
  • Obviously never provide passwords or any kind of sensitive information to anyone who do not know
  • Tell the caller that you will pass the call on to the person in your company responsible for IT Security.

 In all suspicious cases, report the situation to your line manager and to your IT and information security department.

Companies should include these aspects in their awareness-raising training for employees, with the aim of creating greater awareness regarding this topic.

Opinion of Eng. Rui de Almeida

IT Security and Business Continuity Expert

Viridium Gruppe GmbH

Please note, your browser is out of date.
For a good browsing experience we recommend using the latest version of Chrome, Firefox, Safari, Opera or Internet Explorer.