World needs to tighten cyber security

Amid the mind-blowing influence of digital technologies in everyday life, the need for a foolproof system to protect people, organisations and governments from cyber attacks should never be underestimated.

The complex cyber-crime network that operated from Eastern Europe and fleeced victims — including small businesses and charities — of some $100 million is the latest incident that has highlighted the vulnerability of people to cyber crimes.

The GozNym network, led by a man from Tbilisi, Georgia, used phishing emails to infect the computers of more than 41,000 victims with malware. Specialised members of the group in Bulgaria and Ukraine then seized control of victims’ online bank accounts. The stolen money was then laundered in the US and other accounts.

The security challenge is huge as the network operated across countries. Prosecutions have been launched in Georgia, Moldova, Ukraine and the United States over the scam, while five Russians charged in the US remain on the run.

As Scott Brady, the US Attorney General for Pennsylvania where the US indictment was unsealed, pointed out, the operation involved an “unprecedented” international effort.

Sadly, unsuspecting European and American victims thought they were clicking on a simple invoice, but were instead giving hackers access to their most sensitive information.

The complexity of the security operation could be gauged by the fact that though the five Russians charged in the US included the alleged developer of the malware, they cannot be extradited because Russia does not send suspects abroad.

Even reputed organisations are susceptible to cyber attacks. The Singapore Red Cross  (SRC) declared on Thursday that its website had been hacked and the personal data of more than 4,000 potential blood donors compromised in the latest cyber attack on the city-state.

Despite being one of the world’s most digitally advanced countries, Singapore has been the target of multiple high-profile hacks in recent times, including the theft last year of 1.5 million citizens’ health records.

Personal details, including names, blood types, and contact numbers of 4,297 potential blood donors were compromised after an unauthorised access to a section of the SRC website on May 8.

Weak passwords can pose major problems, as preliminary findings showed that a “weak administrator password” may have made the SRC site vulnerable.

Last July, Singapore’s biggest ever data breach saw hackers gain access to a government database and make off with the records of 1.5 million Singaporeans, including Prime Minister Lee Hsien Loong.

Nonetheless, awareness seems to be growing. Leading Western industrial powers will for the first time jointly simulate a major cross-border cybersecurity attack on the financial sector next month.

The exercise, organised by the French central bank under France’s presidency of the Group of Seven nations (G7), will be based on the scenario of a technical component widely used in the financial sector becoming infected with malware, as per Nathalie Aufauvre, the Bank of France’s director general for financial stability.

Institutions such as the European Central Bank and the Bank of England have already conducted such tests, but the June exercise will be the first across borders at the G7 level.

The financial sector is the most common target of cyber attacks, accounting for 19 per cent of the total, according to a recent study by IBM.

Malicious cyber activity and threats should be fought efficiently and unitedly through stronger cooperation among countries.