Cybersecurity: Age of Digital Awareness

 

Photo by Derek Thomson

Picture yourself amid the vast, undulating dunes, your every step etching a path upon the shifting sands. Each footprint tells the story of your passage, a narrative of movement and direction. But in this vast expanse, danger lurks, unseen and stealthy. Imagine a skilled bandit, adept at tracking even the faintest trails. Unbeknownst to you, you've unwittingly become his prey, with each step drawing him nearer. Abruptly, he appears behind you, a foreboding figure demanding a ransom for your release. Under his command, you surrender your backpack, its contents now his reward.

Though it may seem exaggerated at first glance, this analogy aptly illustrates the subtle yet pervasive threat of cybercrime. In our modern, interconnected society, every digital interaction presents a potential vulnerability for exploitation and extortion. In this landscape, even the most innocuous online actions can have profound and often unforeseen repercussions. With each click and scroll, individuals unknowingly leave behind a traceable digital trail, providing skilled cybercriminals with the means to meticulously track movements and predict future actions with alarming accuracy.

From sophisticated phishing schemes to stealthy malware and trojan attacks, cybercriminals employ a diverse arsenal of tactics to infiltrate networks, steal sensitive data, and wreak havoc on unsuspecting victims. Just as the bandit emerges suddenly from the dunes, cyber threats can appear seemingly out of nowhere, catching individuals and organizations off guard and causing irreparable damage.

Image by George Becker

In this digital era, understanding and addressing these threats is paramount to safeguarding our personal information, financial assets, and critical infrastructure. As dependence on technology continues to deepen, so too does the importance of implementing robust cybersecurity measures and fostering a culture of vigilant and resilient individuals. By staying informed about emerging threats, practicing good cyber protocols, and investing in security solutions, we can mitigate the risks posed by cybercriminals and navigate the online landscape with greater confidence and security. In this article, SEAMEO STEM-ED will lead you on a journey through crucial information, measures, and mindsets to detect threats before they infiltrate our lives.

What is cybersecurity?

Accurate definitions from the Cybersecurity & Infrastructure Security Agency (CISA) state that it is "The art of protecting networks, devices, and data from unauthorized access or criminal use and the practice of ensuring confidentiality, integrity, and availability of information." Additionally, IBM defines cybersecurity as "the practice of protecting systems, networks, and programs from digital attacks. These cyberattacks are usually aimed at accessing, changing, or destroying sensitive information; extorting money from users via ransomware; or interrupting normal business processes."

Image by Cottonbro Studio

Photo by Yuriy Bogdanov on Unsplash

Think of it as a guard dog, a reliable companion that, when unfamiliar noise occurs, stands alert, ready to bark at potential intruders and protect our houses (in this case: digital domains). Just as a well-trained guard dog detects and deters threats to our physical security, cybersecurity encompasses a range of technologies, practices, and processes designed to safeguard our digital assets from malicious actors seeking to exploit vulnerabilities and breach our defenses. Whether it's defending against phishing attempts, malware infections, or unauthorized access attempts, cybersecurity serves as our ever-watchful sentinel in an increasingly interconnected and vulnerable online world.

Cyberattacks

Photo by Markus Spiske on Unsplash

So why do we need digital literacy, awareness, and a guard? Because the importance of understanding the risks and responsibilities associated with our online activities cannot be overstated, as cyber threats take different forms—each presenting unique dangers. Every day, or every hour, somewhere in this world, some individuals are being targeted and exploited through cybercrime. The threat of this looms large in the digital realm, affecting individuals, businesses, and governments alike. Consequently, the following examples represent some of the most common cyberattacks:

  1. Malware attack: A malware attack or malicious software is a type of cyberattack where it infiltrates a computer system or network with the intent to exploit data, damage devices, or disrupt operations and communication. Malware can disguise itself in many forms, including viruses (spread through infected files), worms (self-replication), Trojans (deceptive software), ransomware (encrypts data), and spyware (steals information), each designed to carry out specific malicious activities.

Screenshot of the infamous WannaCry Ransomware 

Case: WannaCry Attack

In May 2017, a ransomware named "WannaCry" spread globally, encrypting data and demanding ransom payments in Bitcoin. This malware targeted computers running Windows and threatened to release data if the ransom was not paid. It affected over 200,000 computers across 150 countries, including individuals, government agencies, and companies. One example of this is the case of the National Health Service (NHS) in England, which encountered significant disruptions.

The ambulance service, for instance, experienced disruptions to their operations, including the disabling of ambulance handover processes and screens, as well as the unavailability of the Patient Transport Service booking portal. Tertiary centers also faced challenges, such as the inability to transfer CT/MR scans and access Chemo Care, resulting in the inability to transfer chemotherapy orders to providers. Similarly, primary care IT providers closed network access, leading to the failure of automated blood results transfer and restricted access for certain general practitioners to their caseloads. These incidents underscore the critical importance of robust cybersecurity measures in healthcare systems to mitigate the impact of cyber threats on patient care and operational efficiency.

A curtain to this malware was discovered by British cybersecurity expert Marcus Hutchins where a "kill switch" was found within the ransomware code. This mechanism relied on a specific domain name; if registered and accessible, it would halt the malware's encryption routine, effectively stopping its spread. Hutchins registered the domain upon noticing this behavior, leading to an immediate slowdown in the ransomware's propagation. By activating this kill switch, Hutchins unintentionally mitigated the impact of the WannaCry ransomware attack, preventing further infections globally.

  1. Phishing: denotes a form of cyberattack wherein malicious actors employ deceptive emails or messages to lure recipients into interacting with fraudulent websites. These websites are typically laden with malware, including ransomware, capable of compromising organizational systems. Alternatively, they may be crafted to deceive users into divulging confidential credentials or executing unauthorized financial transactions.

 

Case: 2018 FIFA World Cup Phishing

The Fédération Internationale de Football Association (FIFA) hosts the world's largest football competition every four years, captivating the attention of individuals worldwide, not just football enthusiasts. Deciding who stands atop the world, conquering the grass field arguably captures the attention of all individuals. With this attention, the event also presented opportunities for some to exploit.

Example screenshots of phishing emails during the 2018 World Cup

During the 2018 FIFA World Cup, cybercriminals took advantage of the global excitement surrounding the event by orchestrating a phishing scam. Targeting football fans and individuals seeking accommodation in Russia, the scam involved deceptive messages claiming recipients had won tickets to the World Cup through a lottery or offering rental properties at unusually low prices. These messages prompted recipients to enter personal information or credit card details to claim their prize or secure accommodation. However, there was no legitimate lottery or rental offer; instead, the cybercriminals aimed to steal sensitive information for fraudulent purposes.

Purchasing ticket page

From this incident, it's important to note that in many cases of cybercrime, especially phishing scams, victims may not receive direct reimbursement for their losses. Victims of phishing scams often suffer financial losses due to unauthorized charges, identity theft, or other fraudulent activities resulting from the disclosure of their personal information. In some cases, individuals may be able to recoup their losses through insurance policies or by working with their financial institutions to dispute unauthorized charges. Additionally, law enforcement agencies may investigate such scams and prosecute perpetrators, although the chances of recovering lost funds may vary depending on the circumstances of the case and the jurisdiction involved.

To combat such scams, organizations like FIFA and law enforcement agencies issued warnings and educational materials to raise awareness among the public about the risks of phishing. While some individuals may have fallen victim to these scams, increased awareness and vigilance helped mitigate the impact, emphasizing the importance of cybersecurity hygiene in safeguarding against such threats.

  1. Password Attack: A frequently utilized cyberattack, often directed at the general public and ordinary individuals. These malicious tactics encompass a range of methods, including brute force (repeatedly trying different password combinations), keylogging (capturing keystrokes to obtain passwords), dictionary attacks (using commonly used passwords or words), and credential stuffing (employing stolen username/password combinations). These techniques are employed to exploit weak or compromised passwords, granting unauthorized access to systems or accounts.

 

Case: Yahoo Data Breaches

In late 2014, a seismic breach shook the foundations of cybersecurity, thrusting a digital behemoth, Yahoo, into the epicenter of a global crisis. Initially undisclosed until 2016, this breach saw over 500 million user accounts compromised, unleashing a deluge of sensitive information into the hands of cybercriminals. The attackers, through sophisticated manipulation of web cookies, infiltrated Yahoo's fortified defenses, gaining access to a treasure trove of personal data including account names, email addresses, phone numbers, birth dates, and even hashed passwords.

It was security experts who uncovered a stark reality: while the majority of Yahoo's passwords were safeguarded by the robust bcrypt (secure password hashing algorithm) hashing algorithm, a subset remained vulnerable, shackled to the outdated MD5 algorithm. This critical vulnerability underscored the urgent need for fortified encryption protocols, as cyber threats evolved at an unprecedented pace.

From this global crisis, Yahoo data breaches served as a poignant wake-up call, prompting a global reckoning with the vulnerabilities inherent in the digital landscape and the imperative for proactive cybersecurity measures to safeguard against future breaches.

Yahoo’s page about recognizing a hack

Image from Yahoo!

Ways to Protect Ourselves Against Cyber Threats

Image from Onlyyouqj on Freepik

Enhancing defenses against cyber threats begins with elevating awareness and sharpening our ability to detect anomalies. Stay vigilant and proactive in identifying suspicious activities or unexpected changes in your digital environment. By remaining alert and responsive, we empower ourselves to take swift and effective action against potential threats, safeguarding our digital assets and preserving the integrity of our online presence. Educating users about security risks, including the dangers of using weak passwords and oversharing on social media, is essential for mitigating cyber threats. Combining security awareness training with robust data security policies enables individuals and organizations to better safeguard sensitive information, helping employees protect personal and organizational data and identify and evade phishing and malware attempts.

Diversifying data and information is another vital strategy for reducing risks and mitigating potential damages. By spreading data across multiple locations or platforms, organizations can lessen the impact of a single breach or cyberattack, enhancing resilience and ensuring that critical information remains accessible even in the event of a security incident.

Meanwhile, regular updates to firmware, hardware, software, and passwords are essential practices in maintaining robust cybersecurity defenses. These updates often contain patches and fixes for known vulnerabilities, closing potential entry points for cyber threats. By staying current with updates, individuals and organizations can fortify their systems against emerging threats and ensure the continued security and integrity of their digital infrastructure.

Regular backups of critical data are also crucial for cybersecurity resilience. By regularly backing up data to secure off-site locations or cloud storage, organizations can mitigate the impact of data loss resulting from cyberattacks, hardware failures, or other unforeseen events. In the event of a security incident, having up-to-date backups ensures that essential data can be quickly restored, minimizing downtime and preserving business continuity. Protecting against malware, viruses, and worms requires robust antivirus and anti-malware software. Choose reputable security solutions from trusted sources and ensure they are regularly updated to detect and remove the latest threats. Additionally, exercise caution when downloading software or clicking on links, verifying the legitimacy of sources before proceeding to mitigate the risk of inadvertently installing malicious programs.

Employing robust firewall protection is essential for safeguarding against unauthorized access to your network, effectively filtering incoming and outgoing traffic to block potential threats. Regularly clearing cookies and cache aids in minimizing the tracking of online activities and mitigates the risk of data exposure. Furthermore, adopting secure browsing practices such as utilizing incognito mode or employing tools like The Onion Router (TOR), an open-source platform for browsing websites with anonymity, enhances privacy by masking your IP address and encrypting internet traffic, bolstering anonymity and fortifying defenses against surveillance.

Common myths about cybersecurity

At last, a harsh, bitter truth must be acknowledged: no one is immune to cyberattacks. Despite varying levels of understanding and skills in mitigating online threats, misconceptions abound. One such fallacy is the belief that strong passwords alone provide sufficient protection against cyber threats. While robust passwords can indeed enhance security, they are not infallible. Cybercriminals employ various methods to steal passwords, underscoring the need for additional security measures beyond passwords alone.

Another prevalent myth is the assumption that major cybersecurity risks are well-contained and understood. In reality, the risk landscape is constantly expanding, with thousands of new vulnerabilities reported in both legacy and emerging applications and devices each year. Moreover, human error remains a significant contributor, with negligent employees or contractors unintentionally facilitating data breaches, thereby creating opportunities for cyberattacks.

Furthermore, there is a misguided belief that all cyberattack vectors are under control. However, cybercriminals are perpetually innovating and discovering new attack vectors, targeting systems such as Linux, operational technology (OT), Internet of Things (IoT) devices, and cloud environments. This underscores the critical need to remain vigilant and proactive in addressing evolving cyber threats to stay ahead of cybercriminal activities.

Photo by NASA on Unsplash

Undoubtedly, the digital landscape presents a mesmerizing panorama, showcasing the unbounded journey of information across vast borders. It serves as an essential pathway, enriching our lives with unprecedented capabilities, smoothing the path of our daily endeavors, and making work more accessible than ever. Yet, amidst its marvels, the stark reality of cybercrimes and their deleterious ramifications serves as a sobering wake-up call. These incidents underscore the nefarious intent of those who exploit vulnerabilities, tarnishing reputations, financial stability, and beyond. With succinct knowledge and measures in cybersecurity, we can equip ourselves with the tools to anticipate and thwart potential threats. Just as one uses binoculars to spot bandits on the horizon, we can cover our tracks more effectively and cultivate a steadfast ally in our digital defense—ultimately allowing us to navigate the digital realm with greater confidence and security.

---

References:

https://www.ftc.gov/business-guidance/small-businesses/cybersecurity/nist-framework

https://www.cisco.com/c/en/us/products/security/what-is-cybersecurity.html

https://www.techtarget.com/searchsecurity/tip/6-common-types-of-cyber-attacks-and-how-to-prevent-them

https://www.england.nhs.uk/long-read/case-study-wannacry-attack/

https://www.ncsc.gov.uk/guidance/phishing

https://www.hempsteadny.gov/635/Famous-Phishing-Incidents-from-History

https://www.ibm.com/topics/cybersecurity