Cybercrime fighters on high alert

Recent successful cybercrime attacks on big businesses have raised fresh alarm calls across the globe, an acknowledgment that cybercriminals are getting the upper hand in this stealth war between tech-savvy syndicates against law enforcement agencies.

Last month was a particularly jolting wake-up call in the US when Colonial Pipeline, the country’s biggest fuel pipeline, and JBS, the world’s largest meatpacker, were held hostage in two separate ransomware attacks.

If you have friends or family in the southern parts of California, where fuel supply had been jeopardized hardest for five days, you would have heard firsthand how queues at service stations started to form and prices of gasoline and diesel edged much higher than in any other part of the US.

Thankfully, Colonial has a good appreciation of how vulnerable it could be should cyber saboteurs successfully infiltrate its IT network and compromise its computer-based operational system involving 5,500 miles of pipelines and delivery scheduling of fuels to the pumps.

Colonial paid $5 million to the hackers who used a ransomware program created by the now infamous DarkSide criminal group believed based in Russia. The pipeline company says it has successfully pinpointed its weakness, which led to restarting pipeline operations last May 12.

Agricultural sector weakness

The attack on JBS last May 30, on the other hand, is more complicated, largely because the company had been accused of putting on the backburner recommended investments on cybersecurity defense from a 2018 audit that detailed IT weaknesses.

The Brazil-based company has denied the allegations, supporting its statement by the fact that it was able to restore normal full operations a day after the cyberattack. The company did not provide more information, specifically on whether it paid any ransom.

The JBS attack, however, exposed the weakness of America’s food and agricultural sector to digital threats, especially now that automation and the internet have become essential tools of the country’s farmers in producing and delivering food to bigger aggregator companies like JBS.

Audits of the US food and agriculture businesses, which account for a fifth of the economy, have red-flagged the existence of virtually no mandatory cybersecurity rules and guidelines. As a result, there are farms that still operate antiquated computer operating systems vulnerable to infiltration by cybercriminals.

Big companies like JBS may have firewalls and standard operating procedures designed to mitigate any malicious attacks on its IT systems, but smaller farms are not inclined to do so, believing that they are not going to be substantially exposed to digital sabotages.

Yet, as farmers increasingly lean on the internet and connectivity to improve efficiency through drones and GPS mapping, weather monitoring, soil evaluation, and the operation of autonomous farm machinery, the risks of malicious interferences grow.

Weak ‘endpoints’

The Philippine agriculture sector does not face the same magnitude of threats that American farm owners do, but other businesses operating here that rely on a digital platform are equally exposed to malign threats that attempt to penetrate any weak cyber defense line.

Cyber criminals have a pecking order when determining their victims, and those that have the potential to pay more will for sure be at the top of their list. They are not prone to be choosy, though, especially since bigger companies are paying smartly to keep their data safe.

Evidently, investments in cybersecurity are worth every peso spent. Of the 7,000 Philippine companies that encountered ransomware attacks last year, all were thwarted, according to a more recent Kaspersky Security Network Report.

Cyber attacks, however, have more than doubled from 2019 while becoming more vicious. “Endpoints,” mostly privately owned electronic devices that connect to the internet, have become the entry portals for cyber criminals.

Work-at-home protocols arising from the pandemic’s new normal work style have contributed to the increased vulnerability of information flow over the internet. While companies impose security guidelines to block hacker access, failings of distracted employees are difficult to totally prevent.

Vigilance and cooperation

We may be seeing the end of this pandemic, but this will not deter the world’s continuing march towards increased digital connectivity – and consequently, encouraging a league of more determined cybercriminals. To this end, policymakers are being urged to establish the necessary environment to contain future assaults.

Investments in cybersecurity are costly, but while not always providing an apparent return for the money spent, they protect businesses and end-consumers from debilitating losses. To this end, the government must be resolute in determining the right guidelines that will encourage observance of cyber security measures.

Several of our government agencies will be at the forefront of this war against cybercrimes, and staying ahead will need their concerted effort when working with the private sector in keeping abreast with new threats from increased applications and even a radical restructuring of digital knowledge from an emerging era called quantum computing.

Coalitions at the regional and global level must, likewise, be strengthened where technology and business leaders are able to provide sound advice to nations’ governments as they navigate digital transformations.

While businesses prepare for more vicious threats, consumers have a role to play too. Spam and phishing are age-old problems that thrive on petty cybercriminals, and while victims are deprived mostly of small amounts, this must be stopped.

As technology experts will agree, everyone who uses the internet is a potential weak link in the chain. Thus, getting all onboard safely is of paramount importance.

Facebook and Twitter

We are actively using two social networking websites to reach out more often and even interact with and engage our readers, friends and colleagues in the various areas of interest that I tackle in my column. Please like us on www.facebook.com/ReyGamboa and follow us on www.twitter.com/ReyGamboa.

Should you wish to share any insights, write me at Link Edge, 25th Floor, 139 Corporate Center, Valero Street, Salcedo Village, 1227 Makati City. Or e-mail me at [email protected]. For a compilation of previous articles, visit www.BizlinksPhilippines.net.