Cybercriminals look for the weakest link

Published on 13/09/2021 in Tech, tips & tricks

Cybercriminals look for the weakest link

“You don’t just need a safe car, you also need a responsible driver.” Miguel De Bruycker, Director of the CCB, says that good cybersecurity demands you pay attention to both your infrastructure and your IT users.

The Centre for Cybersecurity Belgium (CCB) is the national authority for cybersecurity in the country. The CCB supervises, coordinates and monitors the application of the Belgian cybersecurity strategy, helping companies, the government, providers of essential services, and the public to protect themselves and their information. The CCB conducts campaigns aimed at both businesses and consumers.

“This year, the focus is on raising awareness about the dangers of phishing,” says Director Miguel De Bruycker. Anyone who notices a suspicious message can forward it to verdacht@safeonweb.be. “We now receive about 12,500 messages a day,” continues De Bruycker. The CCB then instructs the major internet companies – such as Microsoft and Google – to block the malicious URLs involved.

Understanding the risks

The CCB’s campaign is part of a broader strategy. “We have to work on different fronts,” says De Bruycker. “To use an analogy, it’s not enough to equip a car with all kinds of safety equipment, you also have to teach the driver to drive sensibly.” That’s exactly what the CCB is aiming for. “Obviously, it’s important that companies strengthen the security of their IT infrastructure. But they also have to teach their employees to understand the potential risks they’re dealing with.”

In order to improve the security of our infrastructure, we have to focus on innovation, according to the CCB. “We need to develop more expertise, via colleges, universities, and other institutions. I also see an important role for certification so that we can assess which requirements a particular infrastructure meets or doesn’t meet.” But it is just as important to provide targeted support to IT users.

“We do this not only via awareness campaigns,” says De Bruycker, “but also through the best-practice standards we share with companies. In that context, the CCB is also an active member of the Cyber Security Coalition.”

The security of the IoT deserves more attention. We are still seeing a lot of connected devices that don’t receive automatic security updates.
author

Spear warning

The CCB also wants to focus more on direct action. “Take, for example, a spear warning. This is a very targeted warning for a person or a company, as opposed to spear phishing, which is a very targeted attack.” It turns out that people are much more likely to respond to a direct message than a general warning. The CCB is testing a new version of the Safeonweb app so that companies will receive highly targeted warnings about possible risks that apply specifically to their infrastructure.

The CCB’s strategy also focuses on the cybersecurity of critically important services and organizations, such as airports, nuclear power plants and headquarters of international institutions. “It’s equally important to be proactive in combating cybercrime,” says De Bruycker. “This battle is also taking place on various fronts, with the disruption of cybercriminal organizations and the prosecution of criminal offenses, but also through military intervention and diplomacy.”

Improve your cybersecurity approach.

Discover our solutions

In the event of a ransomware attack, we recommend that you never pay the ransom. There is no guarantee that you’ll get what you pay for.”
author

Greater focus on IoT

One of the main challenges remains the fact that cybersecurity is a moving target. “You have to deploy your resources at the right time and in the right place,” says De Bruycker. “There are relatively few incidents on common operating systems – such as Windows or iOS – that have been correctly updated. As a result, cybercriminals target other, more vulnerable links in the whole chain.” The Internet of Things is a clear target. “We are still seeing a lot of connected devices that don’t receive automatic security updates. It’s an area that deserves more attention.”

If real-life incidents occur, CERT.be (Computer Emergency Response Team) will take action. This is the operational service of the CCB that detects, observes, analyzes, and reports on online security problems. CERT.be primarily helps providers of essential services and critical infrastructure, but ‘ordinary’ companies can also contact the organization in certain circumstances.

Should you pay a ransom?

In recent months, there has been a lot of talk about ransomware attacks. “Most ransomware problems can be traced back to a phishing message or a vulnerability within the network,” says De Bruycker, “so it remains absolutely essential to focus on prevention.”

In a ransomware attack, only an offline backup – which cannot be reached via the network – can provide a solution. “We recommend that you never pay a ransom,” concludes De Bruycker. “Very often this might seem the fastest and cheapest solution, but there are never any guarantees. Very often the cybercriminals then ask for an additional payment, or they don’t release all the data after you pay up.”

The Centre for Cybersecurity Belgium is a federal administration, under the authority of the Prime Minister, charged with coordinating cybersecurity policy in Belgium.

Miguel De Bruycker studied applied information technology at VUB. He worked for 30 years at the Ministry of Defense as Head of Cyber Defense and in other positions. He has been the Director of CCB since 2015.

One

One magazine is the Proximus B2B magazine for CIOs and IT professionals in large and medium-sized organisations.

Other articles of One