Issue link: https://maltatoday.uberflip.com/i/1188980
maltatoday | SUNDAY • 1 DECEMBER 2019 17 COMMERCIAL Statistics Cyberattacks are continuing to in- crease to levels that have never been reached before. Today, cyber crimi- nals rake in over €1.3 trillion every year. By the year 2021, organisations are projected to lose over €6 trillion due to damages caused by different types of cybercrimes. Consequently, cyber actors continue developing new malware whose level of stealth and sophistication is alarming. As the processing power of computers increase and innovative technolo- gies are made easily accessible to everyone, malware is also increasing in complexity such that it can infect and exploit a computer resource without the user noticing. Anonym- ity tools are used by malicious actors to disguise their identity and tracks while performing their cyberattacks. In this emerging era of modern cy- ber threats, the human intervention is simply not enough. MITA Secu- rity Operations Centre bolsters a variety of security tools making use of innovative technologies - includ- ing Artificial Intelligence, Machine Learning, Big Data and Blockchain technologies - such that they can identify and flag down anomalous or suspicious behaviour, in a timely manner, for MITA's team of security analyst experts to handle. Hackers vs Security Engineering In a phishing campaign, cyber ad- versaries send out batches of mali- cious emails, with every batch having a different approach, but all attempt- ing to infiltrate the security meas- ures put in place. The motive behind such emails are mainly theft of sensi- tive information such a user creden- tials or financial scams but can also be regarded as an ingenious way to infiltrate an otherwise impenetrable infrastructure. The email could be crafted in such a way that it appears harmless by spoofing the sender ad- dress and/or the writing style. The recipient is lured to a malicious re- source intentionally developed to mimic a familiar resource such an online email service. The MITA Security Operations Centre Team deals with phishing instances by adding specific secu- rity mechanisms on the Government infrastructure to minimise further influx of a phishing campaign and provide additional protection to the victims. In the case an email con- tains a suspicious attachment, this is analysed and reverse engineered in a detonation or sandboxed environ- ment in a bid to discover indicators of compromise (IOC). These IOC re- fer to any unique resource which can be attributed to the original mali- cious source or campaign. However, the attacks become more danger- ous if the malicious emails originate from legitimate domains such as 'accounts@yourusualsupplier.com' that have been compromised such that the recipient would unlikely suspect a phishing incident. Experi- ence shows that it is very important that the files attached in an email are analysed by an antivirus solution and only opened by the user if they relate to the contents of the message. For example, to take a real-life scenario, it would be very unusual for a suppli- er to email an invoice which is in Ex- cel format. Such a case would require the recipient to use other means to contact the supplier to determine the authenticity of the email. The risk of cybercriminals using compromised user credentials ob- tained from data breaches is now being mitigated through the imple- mentation of multi-factor authen- tication, adding an extra security layer. As the name suggests, users re- quire to provide a correct password in addition to a second authentica- tion mechanism such as a randomly generated code from an app, an SMS or a phone call delivering a code on their personal phones. One may visualise this scenario better by comparing it to a safe. The safe is secured by a key lock. Anyone possessing an exact copy of the key would have access to the safe. If the safe is protected by a key lock and a PIN code, how much harder would that be for a thief to get in? Multi- factor authentication should be im- plemented to protect your online identity and is available as a security feature in most social media plat- forms. Back-up Back-up is an important security control which is commonly over- looked. Scheduled back-ups are crucial to safeguard the availability of data, since mishaps can never be predicted and one needs to be always prepared. Back-ups have evolved from the less secure hard drive or pen drive back-ups to cloud back- ups which offer better reliability and availability. Given the ransomware trends in the past three years, all back-up data should be segregated from the live system such that mal- wares cannot tamper with the back- up copy of data. A common type of ransomware is the encryption of the user's files making them unusable, asking users for a 'ransom' in order to reverse the encryption. To be- come immune to current threats, a traditional cloud back-up would not be sufficient. One needs to opt for a cloud back-up with version history to contravene ransomware attacks. If we were to compare this process to a computer game, backing up your data every day is like giving an 'extra life' to your data whilst renewing it every day. This stance will be drasti- cally reducing the chance of a game over (unrecoverable data). Cyber Hygiene The UK's National Cyber Security Centre, who amongst other respon- sibilities are entrusted to support the UK's most critical organisations, advise users to use a three-word ran- dom password known as passphrases that are easy to remember but diffi- cult to be guessed by others. Adding a symbol to the passphrase would significantly increase its complexity, making it impractical for any com- puter to brute-force a 15-character passphrase. Investment in security tools is im- perative for additional security. However, without adequate cyber- security education and awareness, they would not be as effective. On- going cybersecurity awareness cam- paigns are crucial in imbuing a cyber hygiene culture. Cybersecurity is a shared responsibility and it should be everyone's priority because as the saying goes "you are as strong as your weakest link!". threats