← Back to Blog
ArticlePublished on 2015-04-163 min read

Cybersecurity: Our Duty to Our Community

Verizon and Symantec studies reveal that just ten malicious emails are enough to breach any company with 90% success. The Dyre Wolf gang is a striking example of how cybercrime has evolved.

CybersecurityTechnology

This post is a translation of the original Arabic article.

I was reading an article in Reuters today by Joseph Menn (Twitter: @josephmenn, site: http://fserror.com) about two studies from Verizon and Symantec on the causes of cybercrime (link to article). Both studies found that the majority of attacks people face are caused by simple mistakes, such as installing suspicious software or clicking links in untrusted emails.

The statistic I found most shocking: for a hacker to breach a company, they only need to send ten malicious emails with infected links to ten employees — and that gives them a 90% chance of successfully penetrating the company.

This made me keenly aware of the role every technology professional plays in continuously educating the community around them. I used to think that what we do — blogging, sharing on social networks, making videos — was a nice-to-have. But now it is clear to me that it is an obligation and a duty to our community, because the harm of ignorance is severe and its cost is steep.

The Most Important Tip for Staying Safe Online

The most important piece of advice I give family and friends for staying safe online is: "Don't act on something presented to you — search for it yourself." This means if you receive an email with a link that interests you, don't follow that link. Instead, search for it yourself or go directly to the source. And if a website prompts you to update or install a program, go find and download the update or software yourself — never trust the site that suggested the download.

The Dyre Wolf Story

Finally, to understand the full extent of the damage possible and how sophisticated cybercriminals have become, here is a story known as "Dyre Wolf" — an Eastern European gang uncovered by IBM Security.

The gang targets customers of a specific bank and sends them malicious messages. A portion of recipients open the message and click the link, installing spyware on their devices. The criminals then wait for the victim to visit the bank's website, at which point they display a message on the screen:

"Dear customer, we have found a problem with your account. Please call us at ##gang hotline## and please do not trust unsafe links or websites."

They kill the victim and then march in the funeral procession! Of course the customer calls the number, believing it is their bank, and willingly gives away their password.

If you agree or disagree, or would like to share your own way of keeping your family and friends safe online, please share in the comments.

Wael
Wael A. Kabli
Serial Tech Entrepreneur • Advisor • Digital Health Pioneer
Get in touch