Protecting your business against Covid-related cyber crime - comment

Opportunists have always looked for the weak link, that chink in the armour that can be exploited. The pandemic has provided many opportunities for cyber criminals to take advantage.

Falling victim to a cyber fraud attack can have devastating outcomes on a business and can result in major financial losses. Data breaches severely damage trust and impact reputation, which is hard to regain.

China spokesperson denounces cyber-crime threat accusations in Canadian intelligence report

 Chinese Ministry of Foreign Affairs spokesperson Zhao Lin Jian has denounced as “groundless” assertions in a recent Canadian national cyber threat assessment report that named China, as well as Iran, North Korea and Russia, as its greatest cyber-crime risks, fearing espionage and attacks on critical Canadian infrastructure. 

The report by the Canadian Communications Security Establishment (CSE) released Monday acknowledged that since the Covid-19 pandemic, many individual and organisation activities have migrated onto the digital sphere, while cyber-threats are becoming more sophisticated due to the increase of hacking talent and cyber tools’ usage world-wide. The CSE said it was aware of the potential that Canadian proprietary information and intellectual property related to the fight against Covid-19 might be stolen by cyber threat actors. The CSE also noted that there has been ongoing online foreign activity trying to influence elections in multiple states around the world. Even though Canada is considered a low priority target, its close media ties with the US could potentially result in some form of collateral political manipulation. 

The cybercrime ecosystem is growing despite a global effort to enact cyber-crime related legislation. This is because cybercriminals take advantage of jurisdictions that have lenient or no cyber-crime laws. The CSE insisted that any future safeguards must include taking the social and technical aspects of internet usage, pledging to advance and invest in cybersecurity while providing arms-length support to Canada’s critical infrastructures. The report also declared that a key component to successfully combat cyber-crime is reciprocal participation with other jurisdictions to prosecute cyber-criminals. 

Canada’s relationship with China has recently been strained by the arrest of Huawei’s CFO Meng Wanzhou and Canada’s repeated condemnations of China’s treatment of Hong Kong and of ethnic Uighurs in XinJiang. 

Why Is North Korea So Good at Cybercrime?

 Despite U.S. and U.N. sanctions designed to stop the illicit financing of nuclear weapons, North Korea continues to baffle the world with its unprecedented success in sanctions evasions and cybercrime. As countries scramble to find consensus on cybersecurity protocols, North Korea has moved quickly to expand its cyber capabilities both at home and abroad. This signals to U.S. policymakers that as sanctions tighten in other areas, North Korea continues to exploit the vulnerabilities in cybersecurity to acquire funds for its dangerous nuclear weapons development program.

The cyber market’s size and lack of legal safeguards is a major attraction for North Korean financial crime as the country’s cyber operations are low-risk and low-cost, with potentially high gains. According to Nam Jae-joon, former director of South Korea’s National Intelligence Service, Kim Jong Un himself equated the importance of developing cyber capabilities to that of nuclear power, claiming that “cyber warfare, along with nuclear weapons and missiles, is an ‘all-purpose sword’ that guarantees our [North Korea’s] military’s capability to strike relentlessly.” 

Combating the Iranian Cyber Threat

 Republic at the Center of Cyber Crime Charges in Three Cases

Criminal charges announced this week against multiple alleged hackers in Iran show the breadth of the cyber threat emanating from that country and the FBI and partner agency efforts to neutralize it and hold the individuals accountable.

The hacks included cyber intrusions and fraud, vandalism of U.S. websites, and intellectual property theft from U.S. aerospace and satellite technology companies. In each of the cases, the suspects were believed to be operating at the behest of the Iranian government, or in support of it.

While the cases filed in federal courts in Boston, Alexandria, and Newark are separate and unique, prosecutors and FBI investigators said they send a message that hackers will face consequences regardless of distance and borders.

“No cyber actor should think they can compromise U.S. networks, steal our intellectual property, or hold our critical infrastructure at risk without incurring risk themselves,” said Executive Assistant Director Terry Wade of the FBI’s Criminal, Cyber, Response, and Services Branch. “The FBI will continue to work with our partners to protect U.S. interests and to impose consequences on those cyber actors working on behalf of the Government of Iran in furtherance of their nefarious goals.”

On Tuesday, Behzad Mohammadzadeh, of Iran, and Marwan Abusrour, of the Palestinian territories, were indicted in Massachusetts on charges of damaging multiple websites as retaliation for U.S. military action in January that killed the head of the Islamic Revolutionary Guard Corps-Quds Force, a U.S.-designated foreign terrorist organization.

https://www.fbi.gov/news/stories/iran-at-center-of-cyber-crime-charges-in-three-cases-091820  

The Massive Shift to Cyber Crime

 There is a cartoon in The New Yorker of March 30, 2020 showing four mobsters, one with a gun, sitting around a table. The caption reads: “For health and safety reasons, we’ll be transitioning to cyber crime.” You can see the cartoon at https://www.newyorker.com/cartoon/a24009

No kidding! The huge increase in cyberattacks since the pandemic began is absolutely staggering, but not unexpected. I said as much in my BlogInfSec column of March 23, 2020, with the title: “Cybercriminals’ Motivations during Catastrophic Times.”

But now, some five months later, we are beginning to see some statistics in the press. One such source is the article, “Top Cyber Security Experts Report: 4,000 Cyber Attacks a Day Since COVID-19 Pandemic,” available at https://www.prnewswire.com/news-releases/top-cyber-security-experts-report-4-000-cyber-attacks-a-day-since-covid-19-pandemic-301110157.html

The article attributes the rise to many more “people working from home, shopping online, and generally being more connected than ever.” While this explains the supply of opportunities, as it were, the demand by cybercriminals is likely exacerbated by the hardships of the times and the vulnerabilities and gullibility of a frightened population confronting a dreadful disease, economic collapse, and social upheavals—all at once.

India to get new, ‘robust’ cyber security policy soon, says PM Modi

 New Delhi: India will soon have a new cyber security policy, announced Prime Minister Narendra Modi in his speech on India’s 74th Independence Day Saturday.

Modi said that his government is aware of the threats emanating from cyber space and how they had the potential to impact India’s society, economy and development. 

“Cyber security is a very important aspect, which cannot be ignored. The government is alert on this and is working on a new, robust policy,” he added.

The announcement was made in the backdrop of the government’s initiative to connect 1.5 lakh gram panchayats through optical fibre network, thereby increasing the country’s internet connectivity. 

Peeking At ‘Privacy’—A Call For Better Cyber Laws Against Crimes Online

While India advances towards abolishing an array of draconian offences embedded in its Penal Code inherited from its colonial ancestors, the likelihood of shedding its age-old skin of punitive measures wrinkled in the criminal justice system as it exists today stands far away from reality. Nevertheless, the disparity between an effort to evolve into a better criminal system and its failure to evolve is hard to ignore.

While we live in the era of demolishing the State’s right to infringe the privacy of an individual’s right to consensual acts of sexual pleasure, the normalcy and nature of which emerges from an interpretation of self-expression into the right to life, the same era breathes and bellows upon us those acts of sexual pleasure that resurrect from the deviant behavior characteristics buried in the mentality of sexual predators online over which the State takes little to no interest.

Fight cybercrime with the Budapest Convention!

A new report from the Cybercrime Convention Committee (T-CY) lays out the benefits and impact of the Budapest Convention on law making, domestic and international investigations, public/private cooperation and the strengthening of criminal justice capacities on a global scale.

Practical experience shows that the Budapest Convention is more than a legal document. Backed up by the T-CY and the C-PROC specialised Cybercrime Programme Office for global capacity building, it is a framework that allows hundreds of practitioners worldwide to share experience and create relationships that enhance cooperation in specific cases, including in emergency situations, beyond the specific provisions foreseen in the convention.

As treaty membership keeps growing, capacity building programmes are expanding and the treaty is further evolving through the future 2nd Additional Protocol on enhanced international cooperation and access to evidence in the cloud. The Budapest Convention is therefore likely to remain highly relevant and make an impact worldwide for many years to come.

Cyber Criminals Target Teachers by Filing Fraudulent Unemployment Claims

Cyber criminals have been targeting teachers across the state during the pandemic. Spectrum News has learned hackers used personal information from teachers to file fraudulent unemployment claims and the crime has apparently spread to other employers.

The hackers apparently broke into into virtual teaching portals, which were set up to make things easier while schools were shut down during the pandemic. To register to use them, teachers provided personal information.

One detained for cyber crimes in Tbilisi

Police have detained a Georgian citizen for cyber crimes in Tbilisi, Interior Ministry reported yesterday.

The ministry said the individual, identified only as A.B. and born in 2000, fraudulently accessed the Facebook accounts of 25 people between December 2019 and May 2020.

Career Choice Tip: Cybercrime is Mostly Boring

When law enforcement agencies tout their latest cybercriminal arrest, the defendant is often cast as a bravado outlaw engaged in sophisticated, lucrative, even exciting activity. But new research suggests that as cybercrime has become dominated by pay-for-service offerings, the vast majority of day-to-day activity needed to support these enterprises is in fact mind-numbingly boring and tedious, and that highlighting this reality may be a far more effective way to combat cybercrime and steer offenders toward a better path.

Cyber crime in India: COVID19

The COVID 19 virus has affected most countries in the world.  Security of companies is at stake as all data such as financial information, trade secrets, customer information and such other confidential information of the company is accessible to the employees from their homes with a click of a button. It is essential for employees to take utmost care of the company’s data and secure it from other members of the family and friends in order to avoid misuse of data or breach of confidential information. Apart from company’s information, personal sensitive information and financial information of an individual is also at risk in view of the increase in the Cyber Attacks.

Cyber-crime against children spikes amid stay-at-home orders

The sudden shift to remote work has forced millions of individuals and families to set aside their daily routines and quickly adapt to self-isolating measures to stay safe amid the pandemic

While social distancing helped us flatten the curve, the unprecedented spike in online consumption has opened new doors of exploitation for adults and children alike.

Adults are not the only ones susceptible to the dangers of online exposure. During the stay-at-home orders, millions of children have stored away their backpacks and school gear, participating in online courses along with their teachers and classmates.

Coronavirus Lessons To Help Fight Cyber Crime

The benefits of good personal hygiene, like washing your hands, have been taught to all of us since we were in kindergarten.

Over the past two decades, the cybersecurity industry has often proclaimed the benefits of good “cyber hygiene.” Borrowing ideas from doctor’s office posters and public health announcements, the information security community frequently offers helpful tips to protect ourselves online and tries to present security materials in ways that audiences will pay attention and take action.

5 ways COVID-19 is reshaping the cyber-crime economy

As the COVID-19 pandemic pushes the above-ground economy to the brink of a major recession, the cyber-crime economy appears to still be hard-charging ahead. And yet, the virus has rapidly reshaped the way business is being done on the dark web, as buyers and sellers jump on the opportunity to capitalise on global fears, as well as dramatic shifts in supply and demand.

Back in 2018 Cybersecurity Ventures warned that by 2021, cyber-crime damages might reach US $6 trillion (£4.7 trillion), a sum that would equal the GDP of the world’s third largest economy. Whether the coronavirus will drive that figure up or down remains to be seen, but things are changing in the dark web economy.

IA teams up with US firm to tackle cyber crime

The UK’s Investment Association has set up a platform to help investment managers protect their firms against cyber security threats.Covid-19 has highlighted the “critical role” cyber security plays in ensuring operational resilience, according to the organisation.The platform – called IA Titan, and powered by US-based cyber security company Anomali – comprises a real-time dashboard providing up-to-date alerts from law enforcement, government agencies and other authorities.The alerts will cover a range of threats including: malware, ransomware, and software vulnerabilities.  

China toughens crackdown on cyber crime as cases increase

China launched a crackdown on cyber crime as it has seen a rapid spread of online fraud, rumor-mongering and infringements of individual privacy, among other offenses.

Chinese police have captured 6,329 suspects involved in Internet scams related to the COVID-19 epidemic, 3,870 engaged in manufacturing or selling fake or substandard face masks and protective garments and 496 suspected of illegally selling precious wild animals and their byproducts amid the campaign initiated this year, said the Ministry of Public Security.

Moreover, police nationwide have solved seven criminal cases involving the transmission of false information about the epidemic on the Internet and detained 24 suspects implicated in the illicit activities, the ministry said.

Global police agencies issue alerts on Covid-related cyber-crime

Europol and Interpol have joined the list of cross-border law and order regulators set out to tackle Covid-19 scams and misinformation campaigns. 

“With a huge number of people teleworking from home, often with outdated security systems, cyber-criminals prey on the opportunity to take advantage of this surreal situation and focus even more on cyber-criminal activities,” Europol executive director Catherine De Bolle wrote in its latest security advisory.  

The announcement comes a week after Europol published a detailed report on how criminals modified their strategies to make the most of the pandemic scare, based on information it received from the EU member states.

Cybercrime rises during coronavirus pandemic

The president of the European Commission, Ursula von der Leyen, warned on Tuesday (24 March) that cybercrime in the EU has increased due to the coronavirus outbreak.

Cybercriminals are taking advantage of the increasing amount of time that people spend online due to new measures taken by member states to stop the spread of the virus - while they also benefit from the health crisis itself.

"They follow us online and exploit our concerns about the coronavirus. Our fear becomes their business opportunity," von der Leyen said in a video message.

Pakistan: Cybercrime Affecting Banking Sector And Economy – OpEd

Cyber-crime is not a conventional offence as its ramifications transcend borders.  It affects a society in different ways. The term “cybercrime” denotes any sort of illegal activity that uses a computer, cell phone or any other electronic device as its primary means of commission. The computer and electronic devices serve as the agents and the facilitator of the crime. Cyber criminals take full advantage of obscurity, secrecy, and interconnectedness provided by the internet and are able to attack the foundations of our modern information society. Breaching of cyber space is an issue of utmost concern for the banks and financial institutions. The menace of data theft is growing in magnitude with huge financial impact. As custodian of highly valuable customer information, banks have always been the favorite target of the cyber-attacks. 

Moreover it is estimated that banks are more frequently targeted by the hackers than any other business organization. IT based financial solutions of the banks such as ATMs, mobile banking and internet banking are exposed to various forms of frauds including skimming and phishing etc. Affected banks may also witness decline in their share prices. Banking industry is more susceptible to the breach of cyber security due to its financial lure for the transgressors.

FBI director stresses collaboration in fighting cybercrime

BOSTON — Fighting cybercrime in a world that is increasingly doing business online will require new approaches, including greater collaboration across nations and the business and academic communities, according to FBI Director Christopher Wray.

“An audience like this recognizes that the old approach of tackling the cyberthreat one case at a time isn’t going to work,” Wray told a crowd at the fourth annual Boston Conference on Cyber Security at Boston College this week. “As soon as we find and stop one cybercriminal, another one pops up.”

Wray’s second tenure in government said he’s seen some positive changes in the way the agency works across borders and sectors to more effectively take down cyberthreats.

Kenya: Court Dismisses Bloggers' Cybercrime Law Case

High Court judge James Makau has dismissed a case filed by the Bloggers Association of Kenya (BAKE) that challenged the constitutionality of the Computer Misuse and Cybercrime Act.

He issued the judgment on Thursday morning, saying the petition was unwarranted and had lifted sections which had earlier on been suspended by the court.

Cyber-crime profits reached $3.5bn in 2019, says FBI

Criminals netted $3.5bn (£2.7bn) from cyber-crimes reported to the FBI alone in 2019, according to the service's internet crime complaint centre (IC3).

It received 467,361 complaints from individuals and businesses during the year and has had nearly five million since its inception in 2000.

Phishing and extortion remain the most popular ways of scamming people.

It says techniques are becoming more sophisticated, making it harder for people to tell "real from fake".

Davos: The clock is ticking on climate change but cyber crime and emerging technologies add to risks

For the first time in history, the greatest and most pressing risks facing humanity are risks to the environment.

Extreme weather, the failure to tackle climate change, natural disasters and water shortages will have a catastrophic impact on populations.

Over the past 15 years of forecasts by the World Economic Forum, the most pressing risks facing the world have shifted from economic threats to the risks posed by cyber wars and technological dystopia.

Cybercrime laws need urgent reform to protect UK, says report

Britain’s cyber-defences are being endangered by the outdated Computer Misuse Act, which prevents investigators from dealing effectively with online threats while over-punishing immature defendants, according to a legal report.

Thirty years after hacking became a criminal offence, a study by the Criminal Law Reform Now Network (CLRNN) calls for urgent revision of the legislation governing illegal access to computers, denial of service attacks and other digital crimes.

Coaxing Cops To Tackle Cybercrime? There's An App For That

Cybercrime is booming, and victims are often at a loss about where to get help.

In theory, Americans should report the crimes to the FBI, via its Internet Crime Complaint Center. In practice, the feds get hundreds of thousands of complaints a year, and have to focus on the biggest cases.

But the other option, calling the police, can seem even less promising.

Army of hi-tech police reservists could help tackle cyber crime crisis, senior officer claims

Britain should recruit an army of volunteer police reservists to help tackle the growing cyber crime crisis, a senior police leader has suggested.

Paul Griffiths, president of the Police Superintendents' Association, said forces would never be able to compete with private firms when it came to recruiting the brightest and best from the IT world.

But he said one answer might be to create a reservist police force - along similar lines to the military - allowing cyber security experts and other specialists to volunteer to help alongside full time warranted officers.

DFSA launches initiative against cybercrime

The Dubai Financial Services Authority (DFSA) is initiating a cyber threat intelligence platform in partnership with the Dubai Electronic Security Centre, the National Computer Emergency Response Team and the Computer Incident Response Center Luxembourg. The platform, which is scheduled to go live in January 2020, will help companies in the Dubai International Financial Centre strengthen their cyber security framework and minimize any cyber risks.