Prima pagină » Features and Reports » The Future Starts Today » Protecting Against Cyberattacks

Protecting Against Cyberattacks

Many things go unseen, but not so unseen in the area of cybersecurity

Corina Cristea, 08.03.2024, 13:02

Three years ago, an aerial photo of camels in the Saudi Arabian Desert at sunset was named one of the best photos of the year by National Geographic. In this image, the camels are small white lines, and the black spots, which are shaped like camels, are just their shadows. The metaphor of this image is that we live in an era in which illusions, shadows, occupy practically the entire field of rational visualization of mankind, while realities, camels, go unseen. Does this metaphor also apply to cybersecurity? This is one of the questions answered by Maria Manuela Catrina, deputy director of the National Cybersecurity Directorate (NCSD), on Radio Romania. Her answer: many things go unseen, but not so unseen in the area of cybersecurity, that is, if we don’t always talk about them, it doesn’t mean we don’t see them, it’s hard at this moment not to realize what is going on.

“Many times, there are automatic systems that immediately notice changes in behavior in a network and help us, so that afterwards the human user comes to see what is happening, how it is happening, etc. Know that if you look carefully at the desert, and look every day, you see things, even when the wind blows. Even if it doesn’t seem like the wind is blowing, you still feel that something is wrong and you dig until you find what’s going on. That’s the beautiful part of cybersecurity – finding those things, feeling the things that are coming. There is an extremely large amount of data, there are tens and tens and tens of signals per second that we analyze, obviously using machines, because we are not able to do this at the human level, and see the ‘camels’. “

According to the latest data, Romania faces approximately 25,000 cyberattacks every day. These have intensified since 2022, and have grown in intensity and complexity from year to year. In February, for example, following ransomware attacks, information was stolen from the Parliament’s database, and the activity of a few dozen hospitals was temporarily affected. The expert in health and national security policies Ioana Stăncel considers that the security of the systems of several public institutions in the country was tested by attackers. She explained that, as far as hospitals are concerned, she is concerned about the fact that personal data, and medical information in particular, were at risk. Ioana Stăncel points out that the responsibility for preventing such incidents rests with all institutions involved:

“Those who collect data and process them through these computer systems, namely hospitals, those who ensure the security of networks, the communications, transmission part, should have thought about this. Those who operate the servers on which there are programs and, not least , the state, which regulates this transfer, and the management of data through cybersecurity tests, should have considered forcing the providers, at the moment they enter into a contract with the state, respectively when they are financed by the state, to have this part of communication remote digital and data processing secured.”

First of all, we are referring to personal data, medical data, data regarding the vulnerabilities of some people, perhaps public figures, who can be blackmailed, who can be affected by finding out some information about their personal life, about their state of health, says Ioana Stăncel.

“It is very serious, because these cyberattacks show us that it is possible to break into the networks of hospitals. And then we can think of at least two other types of risks: changing medical prescriptions, changing medical data in such a way that a person can be in a position to receive a medication that was not intended for them, or in concentrations that are not appropriate for their pathological condition. All of this may affect their state of health or lead to death. On the other hand, it is possible to interfere with the data recorded in connection with services and the financial claims for these services, either deleting data or adding data, all of which affect the accuracy of the data and claims to the state.”

We asked how can we protect ourselves from cyberattacks ? Clearly, at some point, any system can be broken into, says Maria Manuela Catrina:

“There are many things that can happen. The first advice I can give you: install an antivirus program on your phone, on your computer, there are free antivirus programs if you think a paid antivirus is expensive. It certainly protects you from many things that we are not always aware of. Sometimes we are in a hurry, sometimes we are tired, we don’t see well, and we click on something. We do many things that ‘open the door’. First, we are tempted to say far too much about ourselves. Consider that most cybercriminals do social engineering, they create a portrait of you based on what you post on various sites. If you are asked for information, think twice about why you are being asked that information. Why would someone from the power company, for example, call you to ask for your ID data? They have your data, because they have a contract with you. Common sense always protects us from 90% of things, but we have to be careful, not to rush.”

Connecting to a public Wi-Fi network without using a VPN (Virtual Private Network), at a hotel for example, is also very dangerous, says Maria Manuela Catrina. At the same time, the software must be adapted, passwords changed, the home network secured, as well as devices connected to the Internet – phones, tablets, refrigerators, vacuum cleaners, doorbells, cameras, children’s toys, adds the deputy director of the NCSD.