Dr.. Raghda El-Bahy – The Egyptian Center for Thought and Strategic Studies
There is no doubt that 2020 was a busy year in terms of cybersecurity, as this year witnessed abundant opportunities, unprecedented risks, and many protection mechanisms. There is no doubt that the Coronavirus has greatly changed the map of cyber risks, its mechanisms and tools, along with other notable changes and features, but in return it has pushed electronic services forward, especially work, distance education, e-commerce, and so on. This trend is unlikely to reverse or reverse even with the possible confinement of the virus, and it is also unlikely that individual, bilateral or collective efforts of all kinds will contribute, at least in the short term, to confronting the cyber challenges that the whole world witnessed in 2020.
The year 2020 witnessed a set of unprecedented cyber challenges on the quantitative and qualitative levels, which are challenges and risks that can be summarized in the following points:
1 – Increased trade in user data: There was information about the “Muslim Pro” application selling user data to the US Army and the Special Operations Command in particular, which resulted in its use in US liquidation operations around the world. The audio streaming service “Spotify” also warned its users against leaking some user registration data (such as: email addresses, passwords, gender, and dates of birth) to third parties due to a flaw in the program. A hacker was also able to sell passwords to hundreds of executives around the world, for a hacker forum known as (Exploit.in.) At prices ranging between $ 100 and $ 1500. On the other hand, in October 2020, Google removed two of the famous “Android” applications from the play store due to the collection of sensitive user data.
2- The United States assumed the role of the global policeman: The United States imposed sanctions on the Iranian cyber threat group and 45 individuals associated with it and other things, and the sanctions extended to Hezbollah as well. The United States has justified the sanctions imposed by the global threat imposed by Iran in terms of cybersecurity and human rights, which means that the Iranian threat is not only an American threat, but it is also a global threat, which in turn reflects that the United States plays the role of a “global cyber policeman”, if yes. Expression.
3- Infiltration of medical institutions: At a time when health institutions mobilized all their possible efforts to confront the Corona virus, the World Health Organization and a number of hospitals and medical institutions have been subjected to piracy, penetration and cyber attacks in search of information related to treatments, tests and vaccines for the virus. The mechanisms of piracy have varied to include: pirates and hackers claiming to be officials of the World Health Organization, the provision of fraudulent websites with anti-virus equipment, and the creation of fake websites and e-mail using the logo of the World Health Organization and ministries of health in national governments. Not to mention targeting doctors and health institution workers through fake emails, some of which carry malware (phishing), and targeting private and government hospital systems with ransomware attacks.
4- Causing human deaths: September 2020 witnessed the first human death due to the ransomware attack. The attack caused a breakdown in the information technology systems of the German University Hospital Düsseldorf, causing the death of a woman after she was transferred to another city 20 miles away for treatment, and after the hospital was unable to receive any emergency cases. Some reports indicated that the attack was not aimed at the hospital itself, but at Heinrich Heine University, which was addressed to provide the ransom.
5- The intensity of cyber attacks increased: In the fall of 2020, hackers were able to penetrate the internal system of the Finnish Parliament, and access the e-mail accounts of some of its members. The United States was also subjected to a cyber attack, which is the worst in its history, after the breach included several government agencies. Dozens of journalists’ phones were also hacked in July and August 2020 using the “Pegasus” spyware. Avast revealed that 3 million people around the world have been infected with malware. Manchester United European football club revealed a breach in its internal systems. Iranian government-backed infiltrators have targeted more than 100 high-profile personalities who might have attended the G20 summit in Saudi Arabia.
Besides, the website of US President “Donald Trump” campaign was partially compromised in a cryptocurrency-gathering scam. The International Maritime Organization (IMO) of the United Nations also confirmed that it was subjected to a sophisticated security breach against its information systems. The Norwegian parliament has also fallen victim to a cyber attack announced in August 2020, which targeted the private internal email system. The US government has also warned that North Korean pirates may use global banks to make money transfers. And the “American chipmaker Intel” investigated a security breach after 20 gigabytes of its internal documents were stolen.
6- Increasing targeting of countries in the Middle East: The “Thanos” ransomware requested several government institutions in the Middle East and North Africa region in July 2020, in a prominent example of the use of data-scanning tools in launching mysterious cyber attacks. Pirates known as MoleRAT have also used phishing messages related to the Middle East to spy on a number of prominent government officials in the Palestinian territories, the UAE and Turkey.
7- The steady development of ransomware: Microsoft has previously warned about modern strains of malware called (Adrozek) that target users and steal their data. Alongside this, there were warnings of malware attacks known as “emote”, particularly in Japan and New Zealand. On a related note, Garmin was forced to close call centers and some websites and other services after the ransomware attack on its internal network. The Japanese multinational company Canon also suffered a ransom attack, along with Amazon in February 2020.
In the opposite direction to the previous risks, there were many opportunities related to cybersecurity, as follows:
1- Intensification of remote work: Against the background of the Corona pandemic, technological technologies have turned into unconventional tools that enable various institutions to perform their work remotely. A number of factors have contributed to this, first and foremost: digital transformation, artificial intelligence, and the Internet of Things. The steady development in communications and information technology has enabled various institutions to interact and communicate via social media, some mobile phone applications, audio and video conferences, and file sharing, to ensure continuous communication with employees, exchange information, receive orders, and more. Governments and companies have tended to hold high-definition video conferencing, in a manner that allows hundreds of people to participate, and to record content. Not to mention the ability to communicate via cloud services, to meet the requirements of the business environment and enable remote follow-up of workflow.
2- The increasing reliance on the Zoom app: Against the background of the Corona pandemic and quarantine measures, various institutions and companies have tended to adopt new practices to enhance remote work, in light of successive changes that affected the business structure and how it continues optimally. In light of remote work and study, the growing dependence on free applications, and the need for institutions and individuals to organize virtual meetings; The increasing reliance on a number of developed applications; Among them, the Zoom app has grown in popularity for video calls and meetings. In this context, the application has become one of the most popular and used applications in recent times.
3- Pushing for technical solutions to combat the Corona virus: Various countries have pushed their technical solutions to the front lines to confront the Corona virus, to concert government efforts with the private sector and various innovators, to be manifested in a number of: innovative robots, innovative initiatives, electronic applications, and more. These are the efforts that contributed in their entirety to combating and encircling the Corona virus and reducing the chances of infection on the one hand, and unleashing the efforts of innovators and human cadres and activating smart technological technologies on the other hand.
4- The increasing number of internet users around the world : In January 2020, the total number of internet users reached about 4.5 billion users (which constitutes about 59% of the total world population), and more than 3.8 billion people used social media with a rate of 49%. This has resulted in the increase in the number and performance of individual smart devices, and the use of home Internet, especially during times of quarantine.
5- Introducing the Azure cloud platform in space: Microsoft cooperated with SpaceX to expand its cloud computing platform aimed at the space industry, and link the Azure cloud computing platform to the SpaceX network of satellites that orbit the earth at levels. Low, which gives the company an advantage in its battle against “Amazon”. In the face of Intel, Nvidia is creating a new type of data chip that can drive artificial intelligence efforts, detect hackers and review network traffic.
Ramping up protection efforts
In the past year, there have been numerous efforts aimed at protecting various users, whether individuals, companies, or countries from escalating cyber risks, and enhancing the aforementioned opportunities, which are efforts that can be identified most notably in the following points:
1- Closure of the VPN service by Europol: Both Europol and the Federal Bureau of Investigation shut down the VPN service known as Safe-Inet for the first time due to the increase in its use by hackers and cybercriminals, as it allows to hide users’ real locations, which enables them to inform Their identity is completely anonymous, and preventing the ability of the supervisory security services to track them. This is due, one reason or another, to the efforts of the security services that concluded using these networks to facilitate ransomware attacks on the one hand, and spying on nearly 250 companies around the world on the other hand.
2- Intensifying data protection efforts: Apple, for example, has released a guide titled “Accessing the device and data when personal safety is at risk.” This guide is primarily intended to verify the ability of others to access users’ data or devices. This guide also aimed to explain the safety options and the available risks, and to introduce the means of protection, towards a safe use of technology. As such, the guide included several sections on comprehensive privacy settings, along with a series of checklists that outline the steps to follow to stop sharing and maintain the privacy of users’ sites.
3- Fighting ransomware: Efforts to address the threats of that software have gone beyond, which has translated itself into the efforts of dozens of technology companies, led by Microsoft and McAfee, in the form of a new alliance called (Ransomware Task Force) to look into technical solutions. The available tools that can be employed in the face of ransomware attacks, in partnership with a wide number of experts, companies and industries who precisely identify potential gaps and ways to confront them, in order to reach common mechanisms that all members can employ in the event of an attack.
4- Preserving users ’privacy: Google and Apple have banned X-Mode Social technology to track and sell website data, by requiring developers to remove the company’s technology code from apps. This is because this technology relies on giving developers a code to put in applications to track users’ locations and send them to the company for sale. In this context, Apple gave developers two weeks to remove the code, in exchange for one week that Google gave developers.
5- Tightening controls on spyware: The European Parliament has taken steps to limit the export of surveillance technologies, especially spyware, outside the European Union, by: Including licensing standards that place greater emphasis on human rights, reporting on exports from member states, and more. This paved the way for new rules for the sale of dual-use technologies that could be misused illegally. In parallel, the Netherlands imposed strict anti-espionage rules through new security regulations for telecommunications service providers. The European Court of Justice also ruled that member states cannot collect collective data on citizens via mobile phones or the Internet, with the exception of cases that pose a threat to the national security of countries. Google also imposed an official ban on spyware applications ((Stalkerware) that track users’ movements, calls, and messages.
6- Global initiatives to protect data security: In September 2020, China presented an initiative to set global standards for data protection, promote pluralism and prevent the creation of back doors in its products that might enable illegal data acquisition, respect for sovereignty and jurisdiction, and respect the rights of other countries in managing their data. And to prevent other countries from monitoring or obtaining information from foreign citizens through illegal means. In its entirety, this aims to protect global data security rules and respect the interests of other countries on the basis of global participation.
7- Development of National Cyber Armies: Britain has unveiled the latest offensive unit of its cyber units known as the National Cyber Force. It is a unit of the British Intelligence Agency and the Ministry of Defense, and it has begun its work secretly since April 2020 with several hundred infiltrators stationed in the city of Cheltenham alongside other military sites. Its primary goal is to disrupt the communications of anyone who poses a threat to the UK.
In conclusion, the year 2020 indicates the increasing risk of cyber threats to government agencies, nuclear reactors, global organizations and health institutions, targeting individuals, companies, small, medium and large countries without discrimination, and the development of ransomware, hacking methods, piracy, and the trade and sale of data. Despite the multiplicity of opportunities available on the one hand, and international protection efforts on the other hand, the already raging international conflict over user data remains the most intense, especially after user data has become the most important and prominent strategic commodity and even the oil of the twenty-first century.