Don’t wait to act. Pirates, on the other hand, don’t wait. 🏴☠️ With the intrusion of new technologies, we are faced with a world full of possibilities and facilities, but also more dangerous! Who manages our data? Where will it end up? Will this website be safe? Will I have a virus? These are many of the questions that users ask themselves every day, on Computer Security Day we want to give you all the answers!
At Moneytrans we’ve taken a stand against cyber pirates and who better than our CTO, Luis Quijada, to inform us all about computer security in a day like today!
What are the advantages of a secure website?
The main advantage is to give confidence to the user. All companies that have services on the Internet, even more so when a business is based on the management of the money of our customers, we must make the user feel that we offer a platform where we protect their privacy, their personal data, all the activity that develops in it and their transfers.
No doubt we owe to the trust that our customers place in us. Without it we would not exist and therefore is the most important value to protect, from all areas.
What do you consider to be the main cyberattacks today?
The main threats today go from credential theft to information and data hijacking and even extortion. Over the past two decades, exploited security breaches have generated major global events that have challenged the security of major companies like Facebook, AOL and Yahoo in the past by stealing millions of account credentials.
We recently experienced the attack known as WannaCry, during the summer of 2017, which affected globally more than 100,000 computers of different companies and individuals, hijacking the information of those affected. That reflected two important things for me:
- The vulnerability of systems.
- The globalization of threats.
I believe that from that moment on, companies were much more aware that computer security has to be considered as a critical point to which resources, trained personnel and a lot of work have to be allocated.
No one is safe. A company can not think that it will be free of a potential attack, especially when you have some relevance, obviously small companies are safer from cyber-attacks because the balance effort / profits is less beneficial than the result of attacking a large.
In any case, I don’t think we’ve yet seen the potential of a massive global attack and I think WannaCry served as a stress test, a test that many companies, including the world’s largest telecommunications companies, failed. The creation of BotNets (networks of infected computers willing to go out and fight at the right signal) is, for me, a threat that could have, well organized, very serious consequences globally.
The recent discoveries that governments of very powerful nations could be behind cyber-attacks, gives us food for thought if we are not feeding and professionalizing cyber-criminals… but let’s leave this other issue because we could devote an entire post.
Which more specifically are remittance companies currently facing?
Companies like ours face fraud and of course, more generally, any theft of information, such as user credentials and their personal information.
Fraudulent transactions, whose origin is false and not legitimate, I would say is the most common case of IT security threat in a company dedicated to money remittances. Rather, I would say that unauthorized remote use of our systems would be the threat, with the fraudulent transaction being the result of the threat. In this sense, the attack using viruses that open a backdoor on computers with access to our systems is our greatest threat.
Like any other company, although to a greater extent by the business we develop, our main challenge in security is to ensure that it is the physical, identified and authentic individual who is operating on our platform, and not another.
How can companies prevent these attacks? And Moneytrans in particular, what cybersecurity solutions do you offer?
There are measures at different levels that we apply. So we have:
- Security audits by our internal and external control entities (central banks and auditing companies) which are regularly carried out, identifying the different risks and analysing them in order to apply the necessary corrective measures while minimising them.
- Education and awareness of the user so that they become familiar with the threats. Many companies spend millions on IT security, however, without proper education and more importantly user awareness, this effort can be minimized if base users do not follow a good set of good practices. Everything counts.
- Technical implementations such as Web Application Firewall, network segregation, strict security management in both cloud infrastructure and physical offices.
- Use of corporate antivirus and antimalware with centralized management.
- Implementation of secondary authentication measures based on physical tokens or Google Authenticator.
- Implementation of services and audit reports for access to all types of content.
- Implementation of basic account security rules such as automatic expiration of passwords.
Test and trial measures:
We conduct regular ethical hacking reviews that allow us to identify weaknesses and allow us to implement the necessary measures either to override a possible attack or to minimize the risks of occurrence.
If a cyber-attack occurs, find out as soon as possible what is happening, only then will you be able to act precisely and minimize the effects of it. To do this, we have the help of devices from well-known cyber security companies such as Darktrace, which, through machine-learning, analyze usage patterns and alert us to possible deviations that could often lead to threats.
What preventive measures can our customers take? What about fraud?
The best prevention is to educate the user on the threats, follow a set of good practices and always have a certain level of caution when surfing and interacting with any type of service on the Internet.
You need to be familiar with threats and be aware of their most common manifestations, such as phishing. I would say this is the most common threat, the easiest to implement and exposes millions of users to credentials and information theft on a daily basis.
A person who follows good practices and here I could extend a lot, has a minimal probability of suffering some cyber-attack. I will mention the ones that seem most important to me:
- Enable secondary authentication systems, such as Google Authenticator, to reinforce typical user and password-based account security. With this simple mechanism that is installed in your most important technological device, which is the mobile, we provide our accounts with an important extra level of security. Moneytrans was one of the first to implement this extra security system for user authentication.
- Have a legitimate and updated operating system.
- Have an antivirus / antimalware installed and updated.
- Do not visit unsafe sites such as software download sites, movies and more generally any illegally distributed material.
- Be very observant and cautious and use common sense.
What about our Moneytrans team?
As simple as following the rules and recommendations set out in our IT security policy document. In this document we include not only the whole set of rules that every group worker should be concerning safety, but also a set of tips and recommendations to avoid endangering not only their safety, but also that of their colleagues.
Security and user
Do you think citizens are sufficiently aware of cybersecurity or information security?
I think the user is aware of the dangers, but I sincerely believe that what is insufficient is user education on fraud, phishing, viruses and malware. Mainly what puts at risk the security of the user is the misuse, either by ignorance or by being overconfident. Never lose the caution on the Internet. These things should be studied directly in high schools as part of education because all our lives will be spent in a technological environment and technology and its use involves these threats.
Do you see any difference between when you started working and now?
Well a fundamental difference is that 20 years ago the number of users connected to the Internet was much lower, and therefore and as I said before, today the threat is global, worldwide. We are already inside what, by the time I started, was then a dream, the “Internet Of Things”, and we are getting more and more devices connected to the Internet, that means that vulnerabilities multiply.
It’s true that Internet security has also been strengthened to a large extent through the improvement of prevention software such as antivirus and malware, but even so, attackers are always one step ahead. Today there are a variety of services in the security technologies market that offer complete solutions at reasonable prices that did not exist 20 years ago. I hope that in the near future, the artificial intelligence / machine learning have progressed enough to stop being behind the attackers and that these systems provide dynamic, intelligent and self-evolving measures through the investigation of usage patterns and the environment in which they are deployed. We must bear in mind that threats are changing and there are even threats that mutate; it could be argued that a computer virus is a living being (there is scientific discussion on the subject), then the tools that destroy and prevent them must also have this changing and mutable nature, adaptable to changing environments, otherwise as I said, we will always be behind the threats.
Also today there is a black market, known as Darkweb, financed in crypto-currencies such as bitcoin, very well established. In the beginning they were basically programmers with almost prodigious skills who used viruses not only to be destructive, but also to show themselves as talents. Today, it is a submerged daily trafficking market whose main traffic object is user data, of all types and colors.
Therefore and to concretize, I would say that the main difference is that the threats have been globalized and also professionalized, so that the panorama today in terms of IT security is at least disturbing and that forces us all to take it very seriously, from users to professionals.
What are the correct reflexes to have as a user when surfing the Internet?
To say the least, I would say that you have to be cautious, use common sense, be intelligent and watch carefully. Above all, it is not to expose ourselves to unnecessary risks by visiting sites of dubious reputation offering free services (or software) when they are not. Who doesn’t get emails almost every day offering them ways to earn money in absurd ways… it’s just an example, but if they do, it’s because there are people who fall into deception. At the end of it all there is only fraud.
Is there any way to detect that a website is not safe?
A very basic clue, although insufficient to determine if a site is safe or not, is that the communication is made by HTTPS and the famous padlock is seen in the address bar of the browser, but be careful, this only indicates that the communication between client and server is encrypted, not that the site to which we are connecting is safe and much less that its content is safe.
More oriented towards background or content inspection, there are tools like this Google website checker. They inform the user if the navigation to the site is safe or not. Anyway, the best thing is to have a good antivirus updated since most of them warn you if you could be visiting a site that presents a potential threat to security.
What are the signs of a virus in your device?
Well it depends a lot on the type of threat. There are those of observation and espionage, others of data theft (WannaCry), destructive, of enlistment in a BotNet… Depending on the nature, because the computer will start working in an unusual way, for example could slow down or behave in a “strange” way. If we had been infected by a remote control attack, you might see our screen flickering, or “doing things alone”. There are also attacks that make the typical fields where we type our passwords in web browsers look clear text instead of asterisks or dots.
In general, pay attention to unusual things in the behavior of your device and report when anomalies are detected.
What are cookies?
Cookies are data files that are stored on the user’s computer. When a user connects to a website, the server generates a cookie that is saved by the browser. While the user continues browsing the site, this cookie will be exchanged and the information it contains may change.
It is important that as users we know what they are and why they are there and how companies use the information exchanged in these files.
A tip as CTO to users?
Always be cautious and careful, use common sense, follow good practices and if in doubt, consult with a professional.
At Moneytrans we have it clear: your safety and the safety of the people you care about is our priority! For 20 years we have been constantly investing in security and technology to give you the best service with the utmost caution: your money transfers are tracked and the data stored on secure servers and respecting the GRPD law. Thank you for trusting us! 🔒Ⓜ️
If you still have any questions regarding your safety in the use of our services do not hesitate to contact us at firstname.lastname@example.org and, we will be happy to resolve your doubts! 😊