There are several profiles for an attack based on target:
- Industrial Espionage is orchestrated by other states or companies to steel “Company secrets” like Sputnik Vaccin
- State Espionage is “done” by other governments for stealing Industrial Secrets (CIA in China) or Personal Data related to public figures for future blackmails.
- Fun where the attacker we’ll see later what we’ll do with info captured. “Security is not a joke “ — hacker from Oradea.
What data have to be protected in a company and at home?
- Company: Money, Business Model , Personal Data, Credit Card, Company Image…
- Home: Credit cards, Bank accounts, Investments, Personal Data like photographs or movies and “User and password”
How Criminals make money ?
- Phishing attack: criminals will also steal data to see if they can sell it or find a way to make money from it. But criminals are often criminal gangs, not individual actors, and are not the only threat to company data.
- Ransomware attack: first, the software allows attackers to control your computer, and then they can use it as they wish. They log in remotely as you and can start attacking other systems of the company. The second thing is the software we call ransomware, which encrypts all your data, takes it hostage, and then asks for a ransom.
- Send money: They will also try to trick companies into sending money directly into criminals’ bank accounts.
Phishing attack
Phishing is a mainly used to steal user data, like credentials and/or credit card numbers.
Test your Phishing awareness using this Quiz . How did you score? More tips for better performance are below.
There are few checkboxes for spotting a phishing email:
- Email “time “— Unexpected, Unusual
- By Who? — Not known by you
- Grammar checks — Mistakes
- Urgency of the message — !!!! NOW!!!! Lost your opportunity !!!!
What we have to do / not to do?
- Click on links— NOT really, but hover over to inspect the link
- Open the attach — NOT at all :)
- Report to the Security Department — YES
- Delete it — YES
Ransomware attack
It’s a form of malware that encrypts the victim files and after this the attacker request money for decrypting the data. This is what happens in companies, and it also happens to people who use home computers at home. However, for every 100 attacks, maybe two of them will attack you, so you really need to know how to recognise these attacks and what to do. This is the same as a phishing email.
There are a lot of example in the last years and the most recent one is from November 2021:
History of Ransomware — answers are in end of the article
- Ransomware is using symmetric or asymmetric cryptography for better “performance”?
- First ransomware was in 1989, 2005, 2008 ?
- In 2017 Win 10 was announced to be immune . It was cracked in 3 hours, 3 days , 3 weeks ?
Send money to Cyber criminals
One of the most common way to steal money is to pretend to be one important employee from your company.
The german Group Leoni with share services in Romania / Cluj was victim of this fraud attack. A fake email from CEO asked financial department from Romania to make a transfer of 40 millions EUR in another account than the usual one. After this the criminals transfer the money in 6 accounts in Asia and from there in other accounts. Money were lost!
How to protect our selfs ? — Things to remember
I hope you have a better understanding of what information security is and the behavior of cyber attackers. Here are the five most important things to remind you.
First, treat all emails with caution. 80% of cyber attacks start like this and pay attention to these four indicators that attackers are trying to fool you. Does the email make you curious about clicking on something? Was the email accidental? Are there time-sensitive elements? What will happen? Or, if you don’t reply immediately, will you miss something? Does email trigger an emotional response?
Second, ignoring the attacker’s email is the first cool thing. It’s important to tell the information security or IT team about it. Usually, you can press a button in your email client to report an email as phishing, or you have to forward the email to a certain email address, or you may need to call someone. Make sure you know how to report information security matters. See what, say something.
Third, there is a reason your company restricts the software you can install on your computer. This is because installing software is one thing that attackers like to let people do so that they can break into their computers. If you need a software or additional feature, please contact your IT department instead of trying to find it on the Internet. Update SW version for all your devices constantly: TV, Router, Laptop OS, Phone…
Fourth, before the world is truly sure that getting rid of the password is the only way to prove to the computer that it is indeed your login, there are three things you can do to make your password more secure. Use a unique password for each site and use a long password. Use a unique password for each site and use a long password. By using a password manager, these two things together become easier. The third thing, if any service or website you use provides you with two-factor authentication, 2FA or multi-factor authentication, MFA, please use it. Remember, this is where you need a phone verification code or you must approve in-app notifications and use a password. Once set up, if your password is lost or stolen, the attacker will still be unable to log in as you. Attackers are looking for ways to attack 2FA and MFA. They do this by calling people and asking them to read the number.
Fitfth, don’t forget: a cyber attacker could be anyone and anytime.
Ransomware answers:
- asymmetric cryptography ;
- 1989;
- 3 hours.