Experts sound alarm on more cyber heists

Criminals need not be in cahoots with company insiders to pull off a successful cyber bank heist because “unwitting moles” are aplenty, he said. (Pixabay photo)

MANILA – Cyber security experts are sounding the alarm bells over the probability of a surge in computer-enabled crimes amid radical lifestyle changes ushered-in by the so-called new normal.

The warning was issued on the heels of the United Coconut Planters Bank (UCPB) heist which was referred to as a “foreshadowing of things to come” as business enterprises and the general public became increasingly dependent on the internet.

Palo Alto Networks country manager Oscar Visaya said the shift to the work-from-home arrangement, coupled with an explosion in online businesses since the pandemic restricted travel, was a boon for cyber criminals.

He said many firms jumped into the new normal bandwagon unprepared to fend off sophisticated cyber criminals mainly because of their ignorance of basic “cyber hygiene”.

Criminals need not be in cahoots with company insiders to pull off a successful cyber bank heist because “unwitting moles” are aplenty, he said.

Negligent employees using a company issued laptop for personal surfing or one who remotely logs into the company system using a virus-laden device can provide hackers with a way in, he added.

Visaya revealed that a survey conducted by the company in July this year indicated that many corporate executives are confident they are adequately protected against cyber attacks, indicating a disconcerting level of complacency despite the rising threat.

“Overconfidence is the enemy of the current state, kasi nga (because) we will never know when we will be attacked, ang malaking problema ang mga (the big problem is that) cyber attackers are becoming smarter and they’re using advanced technologies like artificial intelligence,” he warned.

Visaya said many companies continue to rely on outdated systems and poorly trained personnel who are outgunned by today’s cyber crime syndicates.

He described them as ill prepared to meet current cyber threats because they “are lacking in the necessary systems, technology and processes”.

Visaya further revealed that Palo Alto, touted as one of the world’s top cyber security companies, has mobilized a group known only as Unit 42 to electronically hunt down cyber crime rings and to foil future cyber attacks.

He said the US-based company is open to working with local law enforcement, including the National Bureau of Investigation (NBI) Cybercrime Division to ferret out criminals on the internet.

Meanwhile, internet watchdog Democracy.Net.PH, warned that the surge in information and communications technology (ICT) dependence created by the coronavirus disease 2019 (Covid-19) outbreak practically guarantees a commensurate increase in cybercrime incidents.

The group’s co-founder Pierre Tito Galla said “black hat hackers”, which is the ICT industry’s moniker for criminal hackers, will naturally set their sights on banks and other financial institutions because the reward is potentially greater.

Galla, however, clarified that while the financial sector is certain to be targeted by “black hat” syndicates, most large banks in the country, as well as the Bangko Sentral ng Pilipinas (BSP) itself, have strong cyber defenses at their disposal.

“There is an attack every day, they are just being defeated by the “white hat”, he said referring to cyber security professionals’ daily clashes with criminal hackers.

On the other hand, while the BSP may be adequately protected, the computer systems and the information contained therein of other government agencies are not as solidly fortified, he said.

Galla called on state agencies to upgrade their cyber defenses.

“Except for the BSP, which has a very strong cyber security unit, most government agencies do not have this kind of capability. This is why every so often, hindi na nakakapagtaka (it is not surprising) when we get the news na may na-penetrate na naman (there are agencies that are penetrated again),” he added.

Galla, a cyber security practitioner himself, said that while electronic attacks on large companies may prove lucrative for internet criminals, ordinary individuals can just as easily be the targets.

He added there is also big money to be made by stealing personal information.

Galla cautioned the public against entering sites showing pirated movies and pornography, as well as those offering business deals that seem “too good to be true”.

“Filipinos are so prone to social engineering attacks, these include fraud and other person-to-person crimes which rely on a con artist building a relationship with the potential victim” Galla said in Filipino.