In the wake of the recent cyber attacks that affected hundreds of computers in over 150 countries worldwide, many people and businesses have become wary about their cyber safety. We spoke with an Information Security Professional, Hector Dotse, who threw more light on the recent attacks and some cyber threats Ghana faces.
What is cyber security?
This is basically the protective measures put in place to protect systems, networks and most importantly data in cyberspace/internet. Cyber Security sits under Information Security, which many people consider to be the same.
What are the cyber threats individuals/organization encounter?
There are a myriad of threats/risks including malware (Viruses, Trojan, worm etc.), Distributed Denial of Service(DDoS), Phishing, Social Engineering amongst others. Individuals and organizations are susceptible to these and other attacks.
What do you make of the recent cyber-attacks and its implications to cyber security globally?
In the past couple of months there has been quiet a couple of attacks specifically against big organizations. Most of these attacks I would say have been targeted, e.g. the Sony attacks. With the most recent ‘WannaCry’ attack even though there is some considerable information available on the attack, the piece of puzzle still missing is who or which group is behind the attack. Looking at the way the attack played out it doesn’t look like it was a targeted one directed at specific countries or organizations. Cyber Security is a dynamic thing and not a one-off activity. Day in day out new exploits and vulnerabilities are being discovered and as such countries and organizations must make it a point to put in place protective measures. Such measures include Patching and Hardening their systems, deploying security tools (Firewalls, Web Application Firewalls, Intrusion Detection and Prevention Systems, Antivirus etc.), putting in place Security Awareness and Education programs and others.
How alarming are these cyber threats?
For the ’WannaCry’ ransomware to infect thousands of users in over 150 countries around the world, that means they are at an alarming level based on the numbers involved. So in this scenario, if all the affected big organizations did not have a regular back-up process before they fell victim to the attack and they are unable to pay the ransom then they would be looking at losing critical business data. This would affect their business continuity. Other attacks may also lead to individual and organizational reputational/brand damage amongst others.
Does Ghana have any disadvantage in terms of our infrastructure that will hinder our fight against cyber threats?
Ghana like any other developing country which is moving at a fast pace towards the e-commerce area is at risk. There is work in progress to implement action plans in the approved Ghana National Cyber Security Strategy plan. Various entities such as the government of Ghana, the public and private sectors are part of the action plan for this strategy. With the implementation in place this would add to the existing laws and implementations to help strengthen our cyberspace. It’s important to note that no country is at an advantage even with all the best infrastructure in place because Security is never a one-time activity.
What are some Long-Term cyber security challenges?
- Cloud Security – Motivation will be mainly for personal and critical data stored in the cloud.
- IoT – With the increase in interconnected devices now and in the long term security would be a challenge in this area. As we are seeing already IoT devices are being used to perform DoS attacks and if care is not taken this would increase.
- Lack of subject matter expertise in the various information security domain areas.
- The sophistication of cyber-attacks are going to differ and in addition to the increase in number of such attacks.
- We may see an increase in the number of hacking groups with specialized skills who will seek to undertake targeted attacks.
Does the use of social media have any impact on individuals’/businesses’ cyber-security?
It does in a lot of ways, if users are not careful and vigilant. Threats such as ‘Phishing’, Malware, Social Engineering are some of the ways an attacker can utilize social media to compromise users. That’s why it’s always advisable not to accept friend requests from people you don’t know personally, one be careful of the type of personal or business information they share on social media, be wary of attachments or links that you open or click on.
Is it expensive to stay safe from cyber-attacks?
Putting in place protective measures is most of the time expensive. This is due to the cost of the tools to be acquired and other costs related. However the level of protection needed to be put in place depends on the type of data which the business handles. In a scenario where an organization processes and stores customer Personal Identifiable Information(PII) such as full name, address, mobile number, home address, credit card details and so on, the organization would have to spend a considerable amount of money on protecting this information because there will be a high motivation for hackers to want to attack the organization for this information.
What can the average internet user do to stay away from such attacks?
- Use a fully paid-up anti-virus(AV) software.
- Enable the firewall on your computer at all times and make sure it’s configured to restrict incoming and outgoing traffic.
- Update your devices including your computers and mobile phones with the latest operating system and security updates.
- Enable and apply email filters on your computer to help you manage unwanted emails(SPAM).
- Avoid downloading and opening attachments which are sent from unknown sources or websites. Also avoid clicking on links in emails or text messages. This may contain viruses, spyware, ransomware, adware, and the lot.
- Be careful when using public internet hotspots. Some of these public hotspots may be rogue hotspots which are maliciously setup to capture user traffic.
- Securely set smart and strong passwords/PINs. Do not give out or write down your passwords and PINs where people can have access to them.
- When using publicly shared or someone else’s computer and you’re logging into your email account remember to untick the ‘remember password’ box. If you don’t the password would be saved in the browser and anyone who has access to that computer can read your mails.
- Regularly perform data back-ups.
How high is the demand for security experts in the wake of these attacks?
There already is a shortage in the number of Cyber Security Professionals currently worldwide. The ISACA, a nonprofit information security advocacy group, predicts there will be a global shortage of two million cyber security professionals by 2019”. Looking at the security threat landscape it’s easy to see why cyber security professionals are in demand. The stakes for organizations are high and increasing due to this cyber-attacks and data breaches.
What role are government agencies playing in preventing such threats?
Looking at the work being carried out currently for the Ghana National Cyber Security Strategy plan, the various government agencies have actions plans to undertake.
What can the government do to prevent cyber-attacks on its websites?
Firstly the Government of Ghana has to compile a list of all its websites and detail them in an asset list. All the websites need to undergo Security Assessment and Assurance to validate that it confirms to Web Application Security best practices. This will assure that there are no vulnerabilities in them. Also protective security tools such as Web Application Firewalls(WAF), need to be put in place to protect all web facing government systems. A vulnerability assessment management process needs to be put in place to ensure frequent patching and hardening of this government systems. Awareness and Education for system and security administrators is also key, it should be put in place. The above and other mechanisms should in a long way prevent issues such as DDoS, Website Defacement, MySQL Injection attacks and others.
From your view, is there enough discussion about cyber security or more has to be done?
I think there is some talk about this topic but not as widely as other countries are discussing it. Definitely, we have to take up the notch higher on discussing the topic of Information Security as a whole, not limiting it to just Cyber Security. Ghana is moving towards an e-commerce centered environment and that means many organizations/businesses whether private or public sector, small medium enterprises will be relying deeply on the cyberspace to thrive. If we don’t actively encourage the discussion of cyber security matters now, then we would be lagging behind and we may not be prepared for attacks such as the ‘WannaCry’ attack. For this to happen it must be a collective effort involving the government, the private sector, information Security professionals and also all end users.
Profile of Hector Dotse
Hector Dotse has a wealth of experience working in the Technology industry at various levels in both technical and team lead focused roles. The last Six(6) years have been focused primarily within the IT and Cybersecurity field in a number of roles including lead and senior team positions. His specialities include: Information Security Management, Cyber Defence and Security, Security Operations, Security Improvement Programmes, Data Centre Security, Security Consultancy, Security Architecture and Design etc.
Checkout Hector’s blog Heconsecurity.com