Tag Archive for: Editorial

Security awareness training among govt workers needed • BusinessMirror Editorial

/in


Hacking incidents have affected many big companies and government agencies in recent years, including a 2018 Facebook data breach that enabled attackers to access millions of user data. That year, it was discovered that political consulting firm Cambridge Analytica had obtained access to the personal information of millions of Facebook users without their consent. This was made possible by access control vulnerability in the social media’s application programming interface (API) that allowed third-party developers to access user data.

The scandal brought to light the issue of data privacy and the need for stricter access control measures. Facebook faced widespread criticism for mishandling users’ personal information and was fined $5 billion by the US Federal Trade Commission for violating users’ privacy.

No one knows the number of hackers around the world since many of those with malicious intentions are unidentified. However, some hackers join the ethical hacking community. Based on the 2018 Hacker Report, there are more than 166,000 registered ethical hackers worldwide.

India and the United States were the top countries where hackers were located, with 43 percent combined representatives. Russia, Pakistan, and the United Kingdom follow, with 14 percent combined representatives, according to the HackerOne hacker community.

CrowdStrike, the company that discovered that the Russians had hacked the Democratic National Committee, said that Russian hackers are known to be the fastest hackers. They can access a computer network in just 18 minutes, while Korean hackers gain access in two and a half hours, and Chinese hackers need four hours.

In the Philippines, a recent hacking incident stole personally identifiable information (PII) of Philippine Health Insurance Corp. members and its employees. PhilHealth was hacked by the Medusa group, and the hackers were demanding a $300-million ransom in exchange for the deletion of the stolen PhilHealth files posted on the dark web. PhilHealth President and CEO Emmanuel Ledesma Jr. said the insurer will not pay the ransom, but it had to spend P172 million to buttress its cyber defense.

This is the “unfortunate…

Source…

‘Empire of hacking’ exposed: China Daily editorial

/in


Although the Central Intelligence Agency had acquired exceptional experience in overthrowing governments by triggering “peaceful evolution” or instigating “color revolutions” in other countries before the emergence of the internet, it is the advancement of information and communication technology, in which the US enjoys huge advantages, that has greatly boosted the intelligence agency’s capability to accomplish its goals in the new century.

The disintegration of the Soviet Union — the United States established the CIA in 1947 to counter Soviet intelligence wings — transformed the former socialist republics in Eastern and Central Europe, and created a golden opportunity for the CIA to trigger “color revolutions” in the region as well as in the Middle East and Central Asia.

The end of the Cold War gave the CIA the reason to help establish the US’ global hegemony by exploiting its advantages in cyberspace to infiltrate, spy on and subvert other countries’ governments.

A report “Empire of Hacking: the US Central Intelligence Agency — Part I” jointly published by China’s National Computer Virus Emergency Response Center and the 360 Total Security, a Chinese cybersecurity company, on Thursday deserves credit for not only its systematic and professional approach to the ugly role of the CIA, but also its advice to the agency’s “victims all around the world” in order to help them better respond to the US’ cyberattacks and manipulations.

The report can also be seen as part of China’s efforts to help build a community with a shared future in cyberspace, because it regards maintaining silence in the face of the CIA’s dirty tricks as being complicit in the US’ overall destructive strategy.

The report says that, working with US internet companies, the CIA provides encrypted network communication services, and reconnects service and on-site command communication tools directly for its proxies in targeted countries and regions. For instance, a software called RIOT, developed and promoted jointly by US companies and the CIA, helps the intelligence agency to remote control its pawns triggering demonstrations and riots in other countries, by ensuring they have reliable…

Source…

[Editorial] There Is No Privacy Without Stronger Security — That’s Why We’re Joining Forces With the Security Community To Keep You Safe

/in


▲ Seungwon Shin,1 VP and Head of Security Team at Mobile eXperience Business, Samsung Electronics

Dangerous Times

It’s hard to imagine a better time for cyber-criminals. The conditions are ideal right now for anyone with ill intentions and technical know-how.

 

A rise in remote workers means more reliance on unsecure public Wi-Fi. New frontiers like the blockchain leave confused customers ripe for scams. Cyber-attacks are on the rise. And not just where you expect them. Recent wars have started with digital attacks on critical infrastructure, months before physical incursion.

 

All this when we are putting more of our lives into our smartphones. They are our wallets, our house keys and our IDs. A single intrusion can be devastating, so now more than ever we need our devices to be secure. Let’s examine what truly makes a device safe — so that you can go out into the world and live freely, without worrying about your data getting into the wrong hands.

 

 

What Security Is… and What It Isn’t

By now you’re likely thinking you’re fine, because you’re sensible. But there are many common misconceptions about security. You don’t let apps share your name, email, or habits. You even disable app tracking permissions. Great, but that doesn’t mean your data’s safe. Please don’t confuse privacy for security. Closing your curtains will do no good if someone kicks your door down. You think you have chosen a safe mobile ecosystem, one akin to a walled garden. But hackers adapt to their targets. Unsecure Wi-Fi, social engineering scams — these are threats regardless of what ecosystem you use.

 

You don’t open suspicious attachments. Great, but there are ‘zero-click’ attacks, which compromise a device without user interaction. That happened with Pegasus, spyware that exploited a flaw in a popular messaging system. All it took was for users to receive a message, and the hackers got in. Feeling safer than you are leads to complacency — that’s what cyber-criminals are counting on.

 

It’s unsettling to think that there are so many threats and no safe harbor. But that’s what inspires our work on Samsung…

Source…

Editorial | Cybercrime and banks | Commentary

/in


With reports of cybercriminals targeting local bank networks, customers are understandably feeling vulnerable that they, too, might become targets in the future.

Cybercrime, to include online banking, is complicated. There are three critical groups to consider when examining cybercrime – organised criminals, victims, and those who seek to deter those criminals.

Online technologies have given birth to a new generation of fraudsters who have become experts at breaking into people’s accounts and illegally removing their money for their own benefit. It is happening all over the world despite the fact that some institutions have ramped up cybersecurity spending to keep these criminals at bay. It is estimated that breaches against banks have increased by 300 per cent since 2014, costing the industry some $1 trillion.

With the onset of the COVID-19 pandemic, many financial institutions accelerated their use of alternate platforms on which customers could conduct business in order to eliminate face-to-face interaction because of lock-down measures. By employing technology, the banking sector aims to be more efficient. Unfortunately, it is these same platforms that criminals are using to commit a litany of fraudulent actions, involving credit card scams, blackmail, and other illegal activities such as personal attacks.

ACUTE DAMAGE

Acute damage can be done to an economy by cybercriminals because they threaten the safety and security of the country. Not only do they develop methods to steal money, they also gain access to vital business information, which they can use to interrupt commercial activity. One of the looming threats is that people might take their money overseas if they get the sense that their funds are not safe in local banks. Besides, the monetary losses from these crimes are borne by customers and the banks, whose credit ratings and reputations could be shredded.

The Bank of Jamaica (BOJ), the country’s central bank, is itself not immune to these attacks. There are documented examples of central banks being hacked and millions of dollars siphoned off by hackers who can be anywhere from Bangladesh to Vietnam. Therefore, the BOJ has an overriding…

Source…