Cyberattacks have grown enormously globallysays Luis Cordón, academic director of cybersecurity at Galileo University, in an interview with Prensa Libre Radio.
Cordón adds that Central America is no exception. “As we move to the digital world, our exposure increases and also the number of malicious actors. Before, threats were more within organizations; today, by being connected to the Internet, we go from a few risks to millions,” he explains.
For his part, Estuardo Alegría, manager of professional services at Sistemas Aplicativos (Sisap), points out that the recent unprecedented event in Guatemala demonstrates that cybersecurity ceased to be an exclusive matter of technology and became a pillar of national security and operational continuity.
“The main strategic reflection in the face of the increase in these threats is that the protection of critical infrastructure stopped being an operational expense to become an investment that prevents disasters on a national scale. The guideline must be to prioritize immediate mitigation actions, focused on interrupting active damage and protecting vectors whose consequences are permanent, such as citizen biometric identification data,” adds Alegría.
About the deep internet, deep web or the “dark internet”, Cordón explains that it can be compared to an iceberg. The visible part is the public internet, which everyone accesses.
Below is the deep webwhich includes anything that requires authentication, such as emails or private accounts.
Below is the dark weba parallel internet that is accessed with special tools. Anonymity and privacy are prioritized there. It is also where illegal markets operate, such as the sale of data, weapons or drugs.
This deep network houses information that cannot be found by common search engines. In addition, electronic money is frequently used, such as bitcoins, which have their own exchange rate.
Cordón adds that before the attacks focused on large companies because they generated more money, but that has changed.
Attackers now prefer many small victims, because together they generate the same benefit with less effort. Therefore, nowadays anyone is exposed.
In the recent cases in Guatemala, there are probably economic and political motivations. “There are indications of economic extortion, but there could also be an intention to destabilize. It cannot be stated with certainty,” says Cordón.
What to do if the data is vulnerable?
Cordón indicates that it is important to understand that a person can become a target of fraud or extortion.
The main rule in the digital world is to distrust everything.
You should pay attention to:
- suspicious calls
- unexpected messages
- questionable emails
Some warning signs are:
- emails from institutions sent from accounts such as Gmail
- spelling errors
- links with fake addresses
Plus, if something sounds too good to be true, it probably is fake.
The expert adds that it is important to take care of yourself on public networks. An attacker can place themselves between the device and the Internet and intercept the information. “For this reason, it is recommended not to carry out sensitive operations, such as online banking, on public networks,” he says.
“If someone gains access to your email, they can probably also access your online banking. Therefore, this data has value in international markets,” he adds.
What to do if you have already been the victim of an attack?
In the case of companies, Alegría recommends that, in a scenario of active disclosure, the strategy be based on transparency and technical containment.
“It is not enough to notify; it is urgent to implement monitoring mechanisms in collaboration with financial entities and activate controls such as circuit breakers to isolate services by detecting anomalous patterns and blocking avenues of fraud. In parallel, it is mandatory to require multi-factor authentication and subject the systems to independent forensic audits to ensure that the adversary has been eradicated,” he explains.
For individuals, Cordón recommends:
- change all passwords
- close all active sessions
- activate two-factor authentication
This adds an extra layer of security, such as codes sent to the phone or biometric recognition.
For his part, Mauricio Nanne, general director of Application Systems, indicates that the user must verify the URL of the sites they visit and confirm the authenticity of messages or emails received. “Think before you click,” he advises.
It also recommends properly managing passwords, avoiding using the same one on different platforms and opting for complex passwords with letters, numbers and symbols. There are free or paid applications that help manage them. If a person suspects that their data has been compromised, they should immediately change their passwords, says expert Nanne.