Preventive analysis: Specialists spoke about the risks posed by information technologies

The digital world in which we currently live has given rise to interconnection scenarios that have allowed us not only to be more connected, but also exposed to various attacks and threats that could endanger our physical and emotional integrity. Aware of this reality, the British-Venezuelan Chamber of Commerce (britcham.com.ve) addressed the issue this Tuesday afternoon with three specialists, who, based on their experiences, shared valuable data with the participants.

Rafael Eladio Núñez Aponte, director of MásQueDigital and MásQueSeguridad, was one of the invited speakers and presented the paper Computer Risks 2022.

 

 

Rafa began his speech by recalling that he has been working in the computer security area since 1998 and that since that year, until now, not many things have changed. He stated that the topic of social engineering (which is the art of deceiving cognitive biases in the human factor as the weakest link) continues as a trend, but added that currently the pandemic has been added, which has brought with it the implementation of telecommuting and the use of sensitive company assets at home.

Hybrid working model and phishing

In this sense, he referred to four factors that he considered relevant to explain in detail and have to do mainly with The hybrid work model and the challenges for the company. He recommended as fundamental to have the antivirus updated, as well as the operating system with its patch also updated and legal.

He then talked about phishing and the human factor as a key model. “We have seen in the news how millions of dollars have been stolen from people, simply pretending to be any link that you have of an affective nature, or other patterns of behavior, of how you can be looking for information on the Internet and the phisher goes and sends you a fools trap,” he expressed.

He mentioned Instagram’s privacy and image safety policies. He explained that when the user publishes a photo or music, and they ask him to fill out a form so that his account is not closed, people practically end up giving away the password.

He also mentioned the case of a journalist who recently had his Telegram hacked.

He explained that this person received a text message from a company offering him a promotional code and ended up delivering his download and validation code from the aforementioned network. “We helped report him, he recovered his Telegram, he activated two-step verification, but at the end of the day the criminal kept his entire contact list. What does the criminal do? He impersonates him from another number and begins to say that he has financial problems, that they send him a Zelle and he scammed about 5. Imagine the reputational damage that this can also cause to a public figure.

The next factor he alluded to was that of the technological challenges for the company: “The biggest challenge is that you expand the surface of the attack, which means greater risk,” he said while recommending having all the prevention mechanisms with this work hybrid, “up to a VPN that not even companies implement to encrypt information between home and office.”

Future of cybersecurity

Rafael Núñez Aponte also addressed the future of cybersecurity and suggested:

• That the organizations of the region improve their security policies, migrating towards Zero Trust management.
• Use Blockchain to guarantee the integrity and availability of information.
• Implement powerful technologies such as Blockchain and Machine learning, since it is what is being used a lot at the server level.

Finally, he referred to the 2022 cyberattack forecasts, among which he mentioned: development of remote access banking Trojans, QR code attacks and Skimmers or card cloning devices that are used with the aim of stealing payment data. of customers.

 

 

Ransomware, to pay or not to pay?

Carlos López Rodríguez, a specialist in information security with more than 15 years of experience in the area, was also present at the event organized by Britcham Venezuela, through the presentation Ransomware, Pay or not pay?

During his presentation, López, who has also been a panelist and lecturer at different events on cybersecurity, told the audience that ransomware is a malicious code, “a virus, which is dedicated to hijacking information from our files, from our computers, servers, mobile devices, with the intention that we cannot access our data and the attackers ask us for a ransom for returning said data.”

He stressed that it has been evolving and that it is becoming more and more destructive. Each time it is about extorting in as many ways as possible. “In the beginning, only these victims suffered from the blocking of their devices, then it evolved to encryption of their data, then so that they had a double extortion, not only did they encrypt the data, but they also indicated that the encrypted data they were stolen and that they were going to be exposed.”

He also spoke of a third transformation of this crime where the victim is not only the organization that has been attacked, but also the suppliers who are also being extorted.

Smart Contracts

The meeting concluded with the presentation Blockchain Smart Contracts and Impact on Commerce, by Lawyer Jesús Rodríguez. The specialist in Public Management, Criminal Law and Computer Law, made reference during his 25 minutes of exposure to smart contracts and how these, through a Blockchain digital platform, can have viability and security.

“What we are clear about as far as lawyers are concerned and their participation in support for organizations and corporations, is that it has a relevant reflection at the moment, if that lawyer manages to see a little more than what he has traditionally attended. That is, to have a multidisciplinary vision of realities, to have a greater breadth of what the world today means and contains… and see how it can now be translated into software so that this can have a safe digital dimension or scope,” he shared.

 

Source: doblellave