Interview with Pascal Steichen about the current cyber threats

blog-thumb

After the past two months of lockdown, Luxembourg is slowly moving to a recovery of its economy. However, this particular period has brought its share of challenges, among which are the efforts made to become even more cyber engaged and to face the increase in digital crime.

In this regard, Pascal Steichen, CEO of SECURITYMADEIN.LU, shared his analysis of this increasing threat in an interview with AMCHAM Chairman Paul Schonenberg.

AMCHAM Chairman Paul Schonenberg: It seems that this period of corona crisis has seen the rise of a Tsunami flood of criminal activities, especially criminal activities related to cyber crime. Pascal, can you confirm this and identify the increased threats we are facing and explain why and how this is happening?

Well, in fact, there is no real rise of the criminal activities, it is only that the criminals use the topic of the COVID/Coronavirus or alike to perpetrate. The fact that videoconferencing platforms or other remote tools are targeted, is a pure opportunity because the expected impact can be high and lucrative for the criminals. From the Luxembourg perspective, and this is aligned with our counterparts, we see specialisation, even professionalisation of the criminal actions, meaning: less quantity, but higher quality. One exception, though: phishing, which is really on the rise again and is massively spread, using all the “buzzwords” with high impacts, like COVID, masks, teleworking, etc., etc.

What we see/hear/read as well is the opportunistic uproar of “security companies” that, unfortunately also use (or better said abuse) the situation to sell their services…

One recent threat has been a particularly well-written LuxTrust scam designed to get people to click on a scam link. Please tell us about this threat, what to do if so confronted, and absolutely what not to do.

These recent “phishing” attempts are, as of what we saw, part of a global “campaign” targeting the VISA and Mastercard 3Dsecure platform. In every country/region that uses this mechanism, dedicated emails are being sent to people to get hold of their credit card details. It’s indeed well forged, as it uses the real local entities’ logos and visuals to make it as “authentic” as possible.

The master word here is: Think before your click! Check the link (below the button): this can be easily done by hovering the mouse over the button without clicking to see which URL is hidden beneath. Generally, this shines a light on the crime and exposes the fake website trying to trick people. If, already on the fake website, there’s still a way to deal with it: Never give any credit card details online, if you’re not about to buy something!

To help the cybersecurity community and others, feel free to submit the identified “fake website”, so we can make sure to get it deleted as soon as possible.

In addition to the Lux Trust scam, there have been at least two banks which have been hacked into, a strong cyber attack against Cactus and a rash of sex scams accusing guys of watching pornography and threatening to tell their friends and family via allegedly hacked home video recordings made by the hackers. It appears that Luxembourg is an appealing target. What is going on and what can individuals, companies, and the government do to prevent these attacks?

These dedicated “sex scams” are on the rise for nearly two years by now. An evolution of the classic “scams”, involving shame and fear, to make people uncomfortable and hinder them on reporting such cyber-attacks. More and more it’s us, humans, who are the main target, not the computers, and criminals abuse our human vulnerabilities, like fear, doubt, greed and libido. All these, as well as, the Cactus attack, involve a ransom because money is still the criminals’ prime focus. Luxembourg is not more appealing than other places, it’s a pure statistical fact that in a wealthy country/region the chance to get a ransom to be paid is higher. The most important advice here is to make BACKUPs regularly and keep them OFFLINE.

While home working is attractive to many employees to achieve greater work life balance, it appears to be inherently riskier from a cyber security point of view. Is this so? And if so, how big and serious is the risk and what can companies and employees do to protect corporate critical information from theft or misuse?

Technology-wise, secure solutions are out there and are being used by most of the companies. The main risk when homeworking is the mixing of usages of electronic devices. Working, homeschooling, and online gaming on the same device are definitely risky, as malware or other threats can “hop” from one environment to another and potentially impact the company and/or school infrastructure, from remote. This shouldn’t be really new, as for some years, perimeter security is not the prime focus anymore, and many companies have adopted the “security on the edge” principles. Making sure that employees are aware of the threats and know and understand their risks, is key, especially when in a remote working mode. Training and awareness raising are more important these days than ever. We can help the business on each step of their way to cybersecurity: