Interpol is running a two-week awareness campaign in the first half of June; mainly through social media, warning the public that cyber attacks can happen to everyone, and at any time. The international police body is highlighting tactics adopted by cybercriminals to exploit vulnerabilities, and offering tips on how to spot them so that individuals and businesses are better equipped to safeguard systems, networks and devices.
More than 60 countries, private-sector partners, non-governmental organisations (NGOs) and others will take part. Craig Jones, INTERPOL’s Director of Cybercrime said: “People often do not think or believe that they will fall prey to cybercrime until it is too late. Unfortunately, cybercriminals exploit every opportunity and vulnerability that they see in networks, systems and programmes. By taking advantage of these vulnerabilities they can cause severe financial loss, distress and harm to millions.”
Comment
Ilia Kolochenko is founder of ImmuniWeb, and a member of Europol Data Protection Experts Network. He welcomed the new campaign as well-timed. He said: “Cybercriminals are becoming increasingly more creative, for instance, demanding ransom not only from a breached company but from its customers whose personal data was stolen. Today, inventive threat actors may blackmail the breached company and all its clients in parallel, so every victim can pay a few dollars to remove his or her data from the compromised database prior to leaking the data publicly.
“Worse, even if everyone pays, there is no garantee of any kind that the data will stay private. Oftentimes, such databases are later silently sold to other hacking groups to conduct large-scale password reuse or spraying attacks. For example, once your credentials from one service provider are known, hackers will try logging in to all other popular websites, social networks or business applications: if they succeed, you will probably be blackmailed once again. To prevent the domino effect of data breaches, people should stay vigilant, avoid using the same pattern-based passwords and enable 2FA wherever possible.”
