The Week In Review 18th March

stuart-wilkesThere is no doubt about it technology has in some ways made us lazy. It has taken away some of the more mundane tasks in order to make our lives convenient. It dawned on me quite a while ago that I no longer know phone numbers, even of close friends and family. Admit it, you are the same. In the past I could rattle of a stream of phone numbers as if I was a mathematical savant. Not any more, I just find the contact by name and select ‘home or mobile’. In fact, 9 times out of 10 nowadays I actually ask Siri to do the work for me.

Technology has (attempted) to make users much better spellers. Spellcheck has helped us all out on a regular basis. However, it is not infallible. In fact, it does have a tendency to swap out words with more US biased spellings, or attempts to predict what the user is writing. Most of the time spelling ‘mistakes’ if not caught by Spellcheck can be corrected or even overlooked, but imagine when something as simple as a spelling mistake foils a cyber crime. Last month on online heist involving the central bank in Bangladesh failed in its attempts to steal $1bn (US) due to the fact that the hackers misspelt the word “foundation” as “fandation”. This tiny error prompted Deutsche Bank, whom the transaction was being routed though, to seek clarification. This clarification stopped the transaction.

According to the news agency Reuters, who reported this story, “The transactions that were stopped totaled $850-$870 million (US)”, however it also pointed out that four requests to transfer a total of about $81 million (US) to the Philippines successfully went through, which actually still makes it one of the largest known bank thefts in history.

Cyber crime in so many cases does come down to one thing; money. Although there many other motivations – revenge, IP theft, hacktavism – money is so often the primary motive. This can be seen in the continuing and alarming rise in ransomware. Cyber thieves manage to infect computers with malware that then encrypts users data and it cannot be decrypted without a complex key that has a limited lifespan. Pay and you get the key, don’t pay and you lose your data – forever. Oddly the thieves behind ransomware are oddly moral, as was pointed out to me on the recent Cyber Security & Privacy Essentials (CSPE) course that I attended. (please forgive the product placement plug here, but it was an excellent course and well worth attending).  If you do pay the ransom, then the thieves will provide you the key and release your data. Think about it, if they didn’t, then nobody would ever pay and their schemes would fail. More and more victims are paying and hoping to keep their names out of the press, but the Hollywood Presbyterian Medical Center, who paid $17,000 in ransom seems to continue to be in the news. This incident is being used by cybersecurity experts as an indication of the escalation of ransomeware and how hospitals are particularly vulnerable. The advice from law enforcement is ‘don’t pay’, but of course when there is a very real threat of losing data and critical systems, especially when there is genuine threat to patient care, then it’s a very brave decision to fight against a ticking cyber clock.

With continuing threats being faced, more and more research is being done into cybersecurity and according to the Tech City News website, the UK could transform into a cybersecurity hub. They discuss how the UK government has announced a publicly funded accelerator to nurture UK cybersecurity start-ups which is part of the treasurer’s £1.9bn pledge to build the UK into a global cybersecurity hub. With leading universities who have world-class cybersecurity credentials plus GCHQ who is considered one of the world’s most sophisticated cybersecurity organisations then the UK building blocks are there. With many cyber start-ups being formed and the growing domestic market for cyber security skills and products then there should be no reason why this predication doesn’t come true.

Cyber security has evolved so much in the last handful of years, from a theoretical risk to a technical challenge, from an operational issue to a regulatory concern. There is no doubt about it, it is now very much a political issue as well. With governments all round the world looking to protect and defend their own critical national infrastructures, to ‘rogue states’ attacking their enemies from the other side of the globe. There is now, thanks to the FBI v Apple battle that is continuing, a rift growing between governments and the technology world. This issue was discussed by President Obama as he addressed the recent SXSW festival. He explained the fine balance between individual privacy and the government’s obligation to keep the public safe adding that that he is ‘on the civil liberties side’. Who knows, when this rift between the government on the technology world is resolved it would be mildly amusing if it turns out that the FBI couldn’t access what they wanted due to a spelling mistake.

For links to all these stories and more, or to contribute with some comments join us by searching for the National Cyber Skills Centre on our social channels of FaceBook, LinkedIn and Twitter, or just click the relevant links from our website.

Share: Share on FacebookTweet about this on TwitterShare on Google+Share on LinkedInPin on PinterestEmail this to someone