The biggest cyber heist in the history may motivate Hollywood directors and movie makers to produce another sequel to a cyber-attack thriller movie. While the authorities are figuring it out, Hackers have figured it out and “Gone with the Wind”. It is going to be a challenge for the authorities to crack-open the case and find the perpetrators. Hopefully they will catch-up without splashing ketch-up on the issue.
This February the hackers were able to gain access to the Bangladesh Bank’s computer systems, transferring $81 million from the Federal Reserve Bank of New York to casinos in the Philippines from Feb. 4 to 5.
It comes as no surprise that both in Bangladesh and Philippines, the threat of Cyber Crime looms at large.
According to a press release from the Philippine National Police Anti-Cyber crime Group (PNP ACG), a total of 1,211 cyber crime complaints were filed with them from 2013-2015. The top five complaints received were online scams (366), online libel (240), online threats (129), identity theft (127), and photo and video voyeurism (89). – Source : http://www.gmanetwork.com/news/story/534597/scitech/technology/top-5-cybercrimes-complaints-in-the-philippines-according-to-pnp#sthash.sY6b9BMe.dpuf
Initial investigations by FBI has revealed that this was performed by an organized criminal syndicate operating from six countries. What is more astonishing is that this was not just a one off heist. There were 35 requests that unknown hackers made for payments from the bank’s New York Fed account in early February.
Cybercrime is real and it is on the rise. It was last December when Ukraine’s Ivano-Frankivsk region plunged into darkness as a result of a cyber-attack. The hackers even launched a denial of service (DOS) attack to the phone system to keep the customer hotlines busy and prevented legitimate customers from reaching the power company.
You can get more on this via http://www.wired.com/2016/01/everything-we-know-about-ukraines-power-plant-hack/
Does Crime Pay?
It surely appears to be. Especially Cyber-crime. The perpetrators are much smarter and intelligent than the investigators. The proliferation of networks, electronic transfers and the intricate crime network is too much to navigate making it extra hard to trace, zoom and apprehend criminals. Most cyber-crimes go unnoticed. In some cases, governments and big corporations try to keep a lid on it and avoid a PR disaster, embarrassment and rolling of heads. The criminals know this and use it to their advantage. We are not talking few millions of dollars here. We are talking of billions of dollars that are lost around the world and in some cases, authorities are still struggling to add-up the numbers.
Here is just a tip of the ice-burg – the situation of one nation. “The Norton Cybersecurity Insights Report reports that the U.K. public lost close to £134, or $203, for every individual victimized by cybercrime. This amounts to an approximated total of £1.6 billion, or $2.42 billion, throughout the nation. Furthermore, U.K. consumers lost nine hours, or over one working day, handling the aftereffects of the cybercrime. This means two in five, or 44 percent of all U.K. consumers, were victims of online crime.” ( Source: http://www.techtimes.com/articles/109896/20151124/one-in-five-brits-was-victim-of-a-cybercrime-in-the-last-12-months.htm)
Now imagine the loss in other countries. Add them up. It will be staggering. The total heist can solve world hunger problem for a couple of years. Free healthcare can be provided to millions of people for decades. Imagine the R&D that can be done, the industries that can be floated, the employment that can be created. It is simply mind boggling. For the criminals, hec! It pays. At least so far!!!
Here is the link of FBI investigations to cybercrime https://www.fbi.gov/news/stories/story-index/cyber-crimes
145 million eBay user accounts were hacked recently. Hundreds of users all over the world complain that their Facebook accounts were hacked. What lessons are we learning from these?
The Good, The Bad and the Ugly
The cowboys of the cyber world have their work cut-out. Governments in the developed world are leading the fight by drafting new legislature, giving teeth to the existing laws and investing on crime-busting machinery. The Department of Homeland Security (DHS) in the US works with other federal agencies to conduct high-impact criminal investigations to disrupt and defeat cyber criminals, prioritize the recruitment and training of technical experts, develop standardized methods, and broadly share cyber response best practices and tools. Most IT companies have joined this fight. Norton, Semantic and Microsoft, PricewhaterhouseCoopers, Carnegie Mellon University are just to name a few. But the dark forces are much stronger and sophisticated.
Security experts say that hackers most often use very simple techniques to breakthrough. Social engineering has been one of the most widely used methods of getting vital information and a record number of users fall victim – literally handing over the information on a platter.
Besides this, malware has been a key contributor in assisting the cybercriminals to syphon information out from computers, phones and other computing devices that we use every day. Downloading a cool trial software, the latest hot fix for one of the software products running in your business, the songs of your favorite band or the latest Oscar winning movie that you downloaded can be delivering you more than what you expect.
Imagine, very soon we may hear hacking of drones, traffic systems including air-traffic, on-board computers of the latest vehicles and even IoT devices used in modern homes to manage security and energy systems. In a world where our information, businesses and economies are interconnected and integrated, it is not far from reality to face a complete system wipe-off by a hacker.
How do we bust this?
Millions of dollars are spent every year building cyber defense systems, firewalls and intruder detection systems. Yet the hacking incidents are not slowing down, scores are getting larger and the attackers are getting smarter. Sometimes we forget the basics, we tend to overlook simple things and quite easily keep backdoors open. Leaving room for exploitation by the hackers with a knack for figuring these out. Our cyber habits need to be checked. Are we too open, careless and overly confident with basic security? Do we care about genuine software, music and movies? Are we immune from attacks? Are we happy that we have the most expensive firewall? Remember we are living in a world where people still hide the door key under the rug or the flower pot. How different are we with our passwords? Unlike the house door, we will never figure out if someone has accessed our computers, data or information. Perhaps one option may be to look at a trusted cloud service provider and ensure that they guarantee and take responsibility for any disaster. Just like banking our money. We don’t build our own bank. We select a bank that we can trust and make sure that the bank takes responsibility for our deposits. We can also demand that our service providers, banks and businesses take cyber security seriously. Why not make cyber-security audits a mandatory aspect? It’s time to change the rules. What worked in the past may not work in the future. It’s time to think differently.