"The Internet has no doors." Even the Israeli Defense Force, one of the most technologically advanced militaries, is not immune to social engineering and cyber attacks. Leaving technology security in the hands of “common sense” is naive and dangerous. We all can fall prey if the trap is set right.
Cyber fraud victimizes millions of people every day. In 2016, three billion passwords and user credentials were stolen. As of April 2017, 8.2 million passwords were being stolen daily. That is equivalent to around 95 passwords per second. Cyber Attacks are not confined to ordinary individuals who use the Internet, but more so for businesses and public organizations.
Using Social Media for Cyber Attacks
Recently, Bloomberg reported of a security breach in the Israeli army that was caused by unassuming social media relationships. The phones of the Israeli troops were infected by Hamas after militants posing as women struck an online relationship with them. Using Facebook Messenger, Israeli cadets began the online relationship with a “friend request” supposedly from a woman from either the U.S. or Europe. With a special app to talk to the cadets, a code was then stealthy inserted into the phone of the cadet exposing its contents such as SMS, location, and photos to the Hamas spy. Similar social media engineering tactics have been used by Israel Defense Forces (IDF).
The Hamas cyber attacks were only detected by accident by Kaspersky Labs in July but continued up to February of this year. According to Aaron Joseph of Cisco Systems, it is virtually impossible to have an airtight defense against cyber attacks even with simple technology like social media platforms. Joseph says, “terror organizations will try to get information any way they can and all of us have some kind of connection to social media.”
According to Facebook, about 2% of the profiles are fake although there is no software that can detect these bogus accounts. The IDF had to initiate a massive campaign to educate and inform its forces on phone and Internet security.
Another relatively recent development is a stealth file-less malware that has been affecting businesses in North America. Ransom-ware hijacks critical business systems and data only to release it after a random is paid – usually through bitcoin. The attack operates under the radar of top security software and many businesses have opted to pay rather than restore the system because doing so would cost them more. In addition, they worry about their business reputation and operation downtime.
Fighting Cyber Attacks
The best strategy in preventing cyber attacks is vigilance, an effective company-wide information campaign on Internet security and the use of social media, and a professional security team with a clearly defined and tested Backup and Disaster Recovery plan. The fact is cyber attacks are a form of terrorism and modern warfare. You can be absolutely certain that without a clear and detailed security plan, any individual or group intent on hacking into your system will work day and night without letup to gain unlawful entry. Why? For some, it’s for money and prestige and for others, it’s just a game.