By Francisco Camargo, President of ABES
On Friday (12/05/2017), the whole world was frightened by the scale and scope of the hacker attacks, which show that cybercriminals have a lot of resources, both financial and technological. Generally, data hijacking attacks (ramsoware) target specific victims, but this is not what happened this time, as they reached both governments and large companies, as well as home users, micro and small companies.
In a preliminary analysis, we know that it will be very difficult to identify the attackers, as this would require large-scale international collaboration, perhaps the creation of Interpol da Net and there are countries that are more closed and do not participate in these initiatives. The use of Bitcoin itself prevents the use of the most traditional line of research for criminals: following money.
Nowadays, in DeepWeb (accessible via a specific browser), it is possible for people to buy viruses and malware for a variety of tasks, rent an armada of zombie computers to effect denial of service attacks, and sending thousands of emails, among other practices. Even criminals with very little technical knowledge, but with financial resources, can make a cyber attack highly profitable.
We are experiencing the professionalization of the cybercrime market and the emergence of the concept of cybercrime as a service. Everything is similar to a systems engineering project and can be summarized in 7 stages of planning and execution: 1) the targets are defined; 2) the geographical extent and dispersion of the attack is established; 3) estimated revenue is estimated; 4) the costs of operating the attack are estimated; 5) choose the tools to be used; 6) people are hired, whether to provide “consultancy” on money laundering, to establish a social engineering strategy, etc; 7) malware is purchased or developed that exploits a little-known and not yet fixed or under-corrected vulnerability in the operating system or other systems, such as ERP, CRM, Office, Content Manager, PDF, etc. E: let's go to the attack!
On the other hand, understanding the mechanisms of this attack helps to prevent the occurrence of similar ones. The question is not just whether other large-scale attacks will occur, but when they will occur and how to minimize their impacts. Another clear point in this latest attack is that, however small the amount collected by criminals, these actions cost hundreds of millions of dollars for companies and governments, even when the ransom is not paid because several systems go down and paralyze business and the management.
We remind you that all of this could be minimized if the “Eighth Layer of the OSI Model”, the “Peopleware”, formed by the uninformed and unsuspecting users received guidance. The more users who are sensitized about the problem, the better, as it is like a vaccination campaign, in which for some viruses, it is enough to immunize 50 to 60% of the population to protect the entire population. Each conscientious and disciplined user avoids contamination by hundreds of other users.
ABES created the Brazil Country Digital Initiative to discuss data usage, flow, privacy and security. Now, in the face of security problems and the growth of cybercrime, the entity will launch another initiative to inform the population about this type of crime and how it can be prevented.
There are also three simple and inexpensive measures that each user can take to protect themselves from ramsoware attacks.
With this, the home user, the small merchant, the service provider will not only be protecting themselves, but will protect the whole society, as they will not be spreading viruses to other users. There are other additional measures that can and should be taken and we recommend:
Another specific weapon for developers and systems and for the customers of these companies is the Source Code Auditing, which can accelerate the discovery of vulnerabilities in applications. In system programming, there are, on average, 15 errors per thousand lines of code, one at least creates a vulnerability. Large systems have up to 30 million lines of code, 30,000 vulnerabilities due to unintended errors. To learn a little more about attacks and how to protect yourself at low cost, see this article in Globo News.
On the internet, in the virtual environment, the security of one increases the security of all.
* Francisco Camargo is President of ABES. Production engineer from Escola Politécnica, the executive has a specialization from Harvard University. Francisco is also the Founder of the CLM Group, a Latin American distributor focused on Information Security, Advanced Infrastructure and Analytics.