Are we vulnerable to online crime?
In recent times there has been an increase in the cases of the attempted theft of data, passwords, confidential information, WhatsApp accounts and even bank accounts. The Threat Landscape Report, a semi-annual report launched by the cybersecurity services company S21Sec, confirms an increase in cybercrimes compared to last year's data. And it is that these mechanisms of deception related to social engineering make it easy to fall into the trap to those people who are not sensitized to this type of attacks.
The concept of cybersecurity is related to the security of the Internet or networks. That is why, even though the Internet has always had vulnerabilities, these are increasing exponentially as we make more use of it. Igor Unanue is CTO at S21Sec. He explains that the more users and applications there are on the Internet, the threats also grow, "so that security incidents increase." "Cybersecurity," he says, "is necessary to counter this situation." And it is that "there are still many people who do not take into account if the mail that arrives is a hoax, or that they install improper applications without having security measures implemented."
Those vulnerabilities are often exploited by cybercriminals. These are usually "organized gangs that massively launch spam, phishing, vishing or smishing to infect or access confidential information." Infections initially come from this type of attack, and then spread on the network.
Precisely in this area 21Sec works, and that is that the company is dedicated exclusively to offering cybersecurity solutions. "There are ways to reduce risk and vulnerabilities, so that we have more secure connections and protect our data."
Cybercrime turned into a business
Unanue explains that "one of the most important motivations of cybercriminals is money, so the increase in transactions or purchases over the Internet brings with it an increase in cyberattacks." Thus, the theft of bank data bring them economic benefits.
In the early years of the Internet, "we could find security incidents based on an attempt to prove one's worth," not so much for benefiting from data, but not for money. On many occasions, hackers perpetuated these attacks "to learn, discover vulnerabilities, out of pride, to prove or claim something."
Today, Unanue clarifies, "this is totally dominated by organized gangs where their main interest is economic." There is a whole organized business where there is the sale of stolen data, cards or confidential information, and even online stores on the Dark Web where it is possible to buy malware or crimes on the Internet.
Digital education at the user level
The acceleration of the use of the Internet and electronic devices requires, in parallel, training and awareness of the user. Cybersecurity systems may not be enough, "if not, we will always find ourselves with the weakest link in the chain, which causes it to break."
Unanue highlights human error as "one of the most important factors" that makes these security incidents occur. Despite the fact that, certainly, technological systems are insecure or have vulnerabilities, "people make mistakes that make data accessible to a cybercriminal."
Citizens are not fully protected by default, "that is why we must take extreme measures when we use Internet technologies, as we do in the non-virtual world."
The technology director of S21Sec has illustrated the concept with an example: "we are used to closing the door of our house or car so that no one steals from us, but on many occasions we see that people do not take the same measures with sessions or with Internet access". Precautions on electronic devices or in applications are "important," since the information we have in them is personal, confidential, or may be critical.
That's why Unanue recommends "logging out, using proper passwords, or taking steps to prevent someone else or any app from accessing our data." Keeping these precautions in mind is not simple or automatic in many cases, so he believes that education, training and awareness in cybersecurity are "key".
How to increase cybersecurity?
For its part, the Ertzaintza recommends, in these cases, not to follow the links that come to us without having verified their origin, as well as to check the URLs we access (the domain must be correctly registered).
Another precaution to take may be not to download applications outside the official repositories. Likewise, it is recommended to analyze the permissions that these present to us before accepting them; Excessive permissions can be a symptom that the application does not do only what it advertises and has hidden processes of information collection.
In the event that the device is infected, it is possible to contact the telephone company to deactivate the SMS, in order to avoid its spread and possible high bills.
If uninstalling the virus or Trojan is not achieved, you can always reset the device to factory settings. To recover the data, it would have to be restored from a pre-infection backup.
Arabic
French
Spanish
Portuguese
Deutsch
Turkish
Dutch
Italiano
Russian
Romaian
Portuguese (Brazil)
Greek