Finish cyber security expert Mikko Hypponen informed IMD students about today’s security threats and how to prepare for them
During his keynote speech to the Orchestrating Winning Performance 2014 audience, cyber crime expert Mikko Hypponen reminded us we are vulnerable to a host of online attacks including viruses, Click fraud (money generated illegally using pay per click advertising), keylogging (a way of recording computer keystrokes), and even ransom trojans that restrict your computer and demand a ransom to unblock it.
The Finnish cyber security expert, who has helped governments and companies crack online crime for over 20 years, said one of the most common problems he finds in business is employees in the accounts department surfing the web on the same computer they transfer money from. “If you don’t surf the web on that computer, it will never be infected,” said Hypponen.
Such infections include the now dismantled SpyEye, which defrauded businesses of millions of dollars. Hypponen explained how the malicious software, called ‘malware,’ waits for the computer user to carry out online banking transactions and when they hit the Send button, it changes the bank account number you are sending to in real time, as well as the amount.
Hypponen said the men behind these attacks have changed since the nineties, when writers of viruses were teenagers with no agenda. Now, new paradigms and risks have changed the way we think about security as there are three types of attacker: cyber criminals, hactivists (who infect a computer for ideological reasons) and governments. All have an agenda, he added.
Criminals include Russian SpyEye creator Aleksandr Panin who was arrested for cyber crime in early 2014 as was ‘Paunch,’ the man who created Blackhole, the malware that enables SpyEye to get into your computer. Blackhole attacks a website, infecting your computer when you visit the site. Paunch thought he was untouchable, as he was not infecting anyone per se but, rather, selling his malware online. “He was like an arms dealer,” said Hypponen.
Then there is Vladimir Tsastsi, an Estonian cyber crime lord who created DNS Changer, a tenacious malware that infected millions of computers and made him rich in the process thanks to his programme’s Click fraud. Among his riches, said Hypponen, the hacker owned 159 properties in the Baltic country. He was finally arrested and after 10 months in jail walked free as the court could not convict him due to lack of evidence over who the victims of his crimes were. Tsastsi and his partners in crime have since been extradited to the US, where they will probably be convicted, and there have been more frequent arrests than in recent years, enthused Hypponen, as law enforcement agencies take this crime more seriously. He explained that some countries like Russia used to turn a blind eye, despite millions affected.
Some victims open their computers to find it has been locked down or that all their files have been encrypted by a fraudster. The criminal, sometimes posing as a government agency claiming copyright infringement for music or videos, then demands a ransom to unlock it. Hypponen said companies should always have backups of all their files, in case this happens. “You should have a backup system in place that would survive even if your building burned down,” he said.
But servers and computers are not the only devices at risk. Mobile phones are also increasingly vulnerable to attack, said Hypponen, and can also receive ransom trojans. Hackers write the infected app which they upload to the App store. The virus then enters the phone via the infected apps when you download them, Hypponen explained. The best way to prevent this is to be very careful about what apps you upload and keep them up to date, he advised.
Money can be made in several ways via the internet and the advent of cryptocurrencies such as bitcoin have created a way of generating money through computers. Bitcoin is a virtual currency (although physical versions do exist) that can be ‘mined’ by a computer when it confirms a cryptocurrency transaction. By doing so, the process releases a bitcoin. This is not a crime and some people have set up multiple servers whose sole purpose is to mine these coins. However hackers, explained Hypponen, are taking it a stage further: they are using other people’s devices. “Such hacking is no longer user-centric and the valuable thing at this point is the computer,” he said. Hypponen added that some apps hack into your phone, using it as a mining device while it is recharging. He added that as the internet of things becomes more common, where any object can soon be controlled via the web, all sorts of objects such as CCTV cameras and even fridges could be hacked.
Hactivists are less trying to make money and more endeavouring to send a message to the world when they hack into a computer. In 2013, Syrian hackers whose aim was to communicate political messages via the web, hacked into the AP news wire claiming two bombs had gone off in the White House. The hack was quickly discovered but during the four minutes the fake news was published, the New York stock exchange crashed by 30%.
But the companies that make the most money from the Internet are corporations such as Google, said Hypponen – thanks to our data. Google is a prime example of a company that has very high costs ($100 million per year just for electricity bills) while offering a free service. But data has provided it with a profit of $17 billion in 2013. By recording all the searches any of us have made before, it is now able to predict what we might search, said Hypponen. “Our thoughts as well as our communications are moving online, so we are creating a type of big brother scenario” he warned.
Edward Snowden confirmed our suspicions with his revelations about governmental institutions’ breach of our security, said Hypponen, but Barack Obama’s response was to protect only Americans’ online activities, he said. The lecturer explained how 80% of operating systems are from the US. This means the majority of internet traffic as well as storage in the cloud goes via the United States, where government agencies are breaking no laws by accessing our data. Europe offers no competition to the likes of Microsoft, Apple, Google and Facebook, said Hypponen. So perhaps it is too easy to blame the States, because in many ways we are also to blame, he said.
Hypponen concluded by re-iterating that we should always have back-ups and surf safely. Only then should we consider installing an anti-virus.