Cyberattacks: “Hackers can apply for credit cards, loans or bank accounts on behalf of their victims”

WATERLOO — As the world becomes more connected online, it also becomes more vulnerable to cyberattacks.

The dark web isn’t just a conspiracy theory, it’s a place where personal information stolen from corporate networks and personal devices is sold to the highest bidder. Your information might already be compromised, and you might not even know it.

If you look at virtually every measure of cyberattacks since the start of the pandemic, the number of attempted and successful network entries is increasing, said Aman Guliani, president and cybersecurity specialist at Waterloo-based CarefreeIT.

According to the 2021 Cyberthreat Defense Report, at least 78% of Canadian businesses experienced at least one cyberattack in 2020. In 2021, that figure rose to 86%.

The Waterloo Region District School Board announced that it had been the subject of a cyberattack earlier this month. More than two weeks after first being noticed, some staff are still having difficulty accessing certain employment records.

On Monday, the council sent a message to parents saying it was unable to receive payments for its extended day program. The Record has also heard of some employees who have been unable to receive EI benefits and others who are struggling to complete home purchases because they cannot access their pay stubs. and other financial documents.

While the council’s IT staff are working with outside experts to get the system working, Guliani warns network disruptions are probably not what the attackers were looking for.

More than likely, he says, they’re looking for personal information.

Many of these attacks have links to organized crime, he said, and there are examples of extremely sophisticated organizations that have offices full of hotline teams to help people trick people into disclose material information.

And due to the nature of the internet, he said, these cyber attackers can operate from virtually anywhere in the world that is connected.

Unfortunately, most businesses are unaware of their vulnerability to an attack.

“That’s what these attackers take advantage of, and the pandemic has only made it worse because it’s opened up that very wide attack surface,” he said. “Now all of these employees are outside the office network, everyone is working from home, and they’re outside firewalls and layers of protection.”

That’s why cybersecurity training should be in place for all staff who work online, he said.

Companies should focus on identifying phishing emails, where attackers impersonate a recognizable or known person in an attempt to gain access to a network. These emails will often include links or attachments that will grant them access, often without the person even knowing that they have been compromised.

These attempts are becoming increasingly sophisticated, with attackers using scraping software that can extract personal information from social media sites as well as corporate websites to establish a chain of commands so they can impersonate themselves. real people.

The emails might be from a CFO asking to check an Excel spreadsheet or to buy gift cards for a corporate event.

The only way to guard against this is to train every staff member to be wary of links and attachments. Whenever something seems a little off, Guliani said, the policy should always be to call and consult with the person who is supposed to send the email.

But what happens once they’ve entered?

Recovery from a cyberattack can take up to several months, said Rima Khatib, associate professor of enterprise technology management at Wilfrid Laurier University.

“Several factors can play a role in this context, including the type of attack, its sophistication, the amount of data compromised, the duration of the attack, the level of preparedness of the organization affected and the prevention strategies that have been implemented,” she said.

Hackers can then take advantage of the compromised data in several ways.

In the public board attack example, she said, one of the most plausible scenarios would be to use the data for identity theft. Hackers can either do it themselves – which can be quite risky – or sell the information on the dark web to the highest bidder.

“In the short term, hackers can apply for credit cards, loans or bank accounts in the name of their victims,” ​​she said. “They can also use the information they have to expand the scope of their attack in the future.”

They can do this by attacking personal systems or devices, she said, or by learning more information about the people they’ve compromised and using it to gain credibility and further deceive victims.

Hackers can also keep the compromised data for an extended period of time to demand ransom.

In response to the recent attack on the public board, it said it would offer one year of free credit monitoring to alert any staff to attempted credit fraud.

Credit monitoring does not prevent fraud but helps detect it immediately if it occurs, Khatib said.

It could soon be a necessary service for everyone operating in the online sphere.

Cyberattacks aren’t going away anytime soon, Guliani said. More than likely, he said, the situation will get worse as more of our daily lives become integrated online.

With doorbells, locks and electrical outlets all connected via wireless internet, he said, the ways someone can be compromised are only growing.

“Cyberattacks are on the rise every year and there’s no reason to believe it won’t happen again,” Guliani said. “Technology is becoming more and more complicated and people are more and more connected to the Internet. The more devices you have, the more at risk you are and the more things you need to protect.