The war against cybercrime
There has been a rapid increase of cybercriminals hacking the online accounts of depositors from major Philippine banks. So far, there have also been a number of arrests. However, many continue to be apprehensive because hacking syndicates keep developing new and more sophisticated ways to launch cyberattacks. According to the Bankers Association of the Philippines, more than P1 billion was lost last year due to cyber fraud, with the criminals using emails, text messages and even social media to dupe people into disclosing sensitive data or personal information to hack credit cards, debit cards and the like.
But more than individual credit card holders or depositors, cyber criminals are focusing their attacks on private businesses and government institutions. Earlier this month, a news report claimed that the servers of the Commission on Elections had been hacked, with the usernames and PINs of vote counting machines allegedly downloaded, raising concerns that the outcome of the May 2022 elections could be compromised.
During an inquiry last Friday by the Joint Congressional Oversight Committee on the Automated Election System, Department of Information and Communications Technology Undersecretary and Cybercrime Investigation and Coordinating Center (CICC) executive director Cezar Mancao – a recent visitor here in Washington, DC – said their preliminary investigation showed that the Comelec servers have not been hacked because they were offline when the supposed attack happened, but raised the possibility that the system of Comelec contractor, Smartmatic, may have been compromised.
Experts warned that cyber criminals are getting more creative and sophisticated in their tactics, increasing their reach across industries. According to Cybersecurity Ventures, the annual cost of global cybercrimes is projected to reach $10.5 trillion by 2025. Aside from the use of social media to target victims, one particular trend that everyone should watch out for is the rise in ransomware attacks. Simply put, a ransomware attack involves the use of malware (malicious software) to gain access to a computer system, which would then become inaccessible unless the victim pays a ransom. Sometimes, hackers also threaten to leak sensitive information unless payment is made.
While there are instances when a hacking attempt fails, the damage to a system may still be costly. This is what happened to the Defence Academy of the UK (a school for diplomats and British personnel from the Armed Forces, the Civil Service and other government departments) that was targeted by hackers in March last year. Although the hackers did not succeed, the damage was still significant due to the time that had to be spent in repairing the damage to the system and restoring the network.
Just very recently, Canada’s Foreign Ministry was also targeted by hackers, resulting in the disruption of internet-based services and downtime in some internal systems, preventing diplomats from accessing some online services. The attack came just a few days after Canadian officials issued a warning for the public to be vigilant in the face of cyber threats including “state-sponsored” cyberattacks.
A few days ago, the domestic intelligence agency of Germany disclosed that a Chinese hacking group known as APT (Advanced Persistent Threat) 27 has started attacks against German companies, particularly those involved in technology and the pharmaceutical industry. Active since 2010, APT 27 has been targeting critical sectors and foreign embassies to collect information pertaining to government, defense and technology sectors, according to German officials.
The United States of course is one of the biggest targets of these cybercriminals. Last year, hackers targeted oil companies, among them Colonial Pipeline Company, the biggest pipeline system in the US for refined oil products. The attack caused such panic that the company officials decided to shut down the 5,500-mile pipeline system – the first time ever in its 57-year history – effectively cutting off the supply of gasoline and other fuels to the East Coast, causing shortages, higher prices and long lines at gasoline stations.
According to investigators, the hackers, who were affiliated with Russian cybercrime group DarkSide, were able to obtain a password from a private network account used by employees to remotely access Colonial’s computer network. The company paid a $4.4-million ransom, although the FBI was able to recover $2.3 million of the ransom money.
The FBI also said that Eastern European cybercriminals have been trying to hack US companies engaged in the transportation, defense and insurance industries by sending fake letters containing a USB stick loaded with malicious software that, if inserted into a computer, could steal information or access a company’s network.
As the World Economic Forum’s Global Cybersecurity Outlook 2022 report noted, the pandemic has demonstrated the interconnectivity of businesses, and how digitalization has exposed the global population to a new trajectory of cyber threats and attacks. The experience of such companies as Colonial Pipeline clearly shows that an attack on one can have a domino effect on others. No less than US Secretary of Homeland Security Alejandro Mayorkas had said that they “consider ransomware to be one of the gravest threats in the cybersecurity domain that we in the United States and, quite frankly, the world is vulnerable to.”
There is absolutely no doubt we need to support the CICC team of USec Mancao and increase their yearly budget (which was a meager P11 million) if we are to strengthen our anti-cybercrime efforts and capacitate the agency in performing its mandate as lead agency in coming up with effective measures to “prevent and suppress increasing future cybercrime activities” that will surely pose the greatest threat not only to private businesses but our national security as well.
* * *
Email: [email protected]
- Latest
- Trending