27 April 2021

On the road to a safe cyberworld

Every day, countless companies and organizations fall victim to cybercriminals. Their computer systems are attacked using destructive viruses, hacked via phishing and sometimes completely shut down as a result. According to estimates, cybercrime accounts for annual worldwide losses of EUR 500 billion. “And it’s only going to get worse,” says Michiel Borgers. “It’s war and we’re right in the middle of it.”

borgers

Bitcoin

The perpetrators were most likely Ukrainians living in Russia, and it didn’t take long for them to make their demands known. They demanded a ransom of nearly two hundred thousand Euros, paid in bitcoin, to release the servers. “Over my dead body, was my first thought. If we pay, it means we’re doing business with criminals and we’re talking about public funds. However, rebuilding everything myself would take about three months. The damage from that would far exceed two hundred thousand. So the Board of Governors decided to pay.”

Cards on the table

The initial reaction was to avoid widely publicizing the situation. “We quickly reversed course on this too. We decided to lay our cards on the table and warn other organizations, telling them how the criminals did it and where we failed. Painful? I don’t really think the shame is justified. Should someone be ashamed if their house gets broken into? You can prevent these crimes in the future by sharing information on them. And maybe even catch the perpetrators, although that’s hard to do when it comes to cybercrime. Leads about the hack seem to point to Russia, and criminals may find it easier to do as they please there. Cybercrime is part of a global digital war. Perhaps if we take a stand at the European level, we can achieve something.”

Phishing

The Maastricht University systems were up and running again within four weeks. The UM received an award for its open communication, in part because other organizations were able to take measures as a result of the publicity. This was not the end of the matter, however. “No way,” Michiel Borgers continues. “This must never happen again; we were in complete agreement about that. First, we analyzed what went wrong. It started with an employee who clicked on a phishing message. That was in October 2019. The hackers had all the time they needed to do their work after that. They tracked down passwords and keys and appropriated login rights. They apparently had enough information by December, and the systems were down within an hour.”

Deceptive

So, all it takes to carry out an attack using ransom software is one wrong click? “No, and I don’t think that we should blame people who click a message like this. Phishing messages are starting to look deceptively real. As an organization, you have to make sure that a criminal breaking in doesn’t immediately spell disaster. You could compare it to a burglar in your house. If he forces the door, you shouldn’t keep your valuables, money and car keys on the hall table. Valuables, such as data and files in our case, need extra protection. And this can be done with all sorts of software, keys and security. This is all in order here now, of course.”

Rapid respons

So, better security is crucial, but so is paying better attention. “Yes, if we had paid more attention to certain signs after that fatal mouse click, we could have prevented a lot of problems. These clues might include a slower computer, a virus scanner that drops out, software that is secretly installed or abnormally high data traffic. IT specialists can pick up on these kinds of signs. We quickly set up a Security Operation Center that monitors all traffic, day and night. Every abnormality is investigated. Rapid response is crucial. And believe me, this is necessary; we face attacks and attempts every single day. So far, we’ve managed to keep everything at bay. Does this mean we’re safe? You can never say this with 100% certainty.”

Collaboration

UM has invested considerable amounts of money in software, equipment and manpower to keep criminals out. In Michiel Borgers’ view, “home security” is not enough to win the war. “We need to work together, warn each other and share information. After the hack, collaboration in Dutch higher education really got off to a good start. But cybercrime doesn’t care about borders. If we’re safe, the criminals will just find other victims. Companies, hospitals, power plants, you name it. Worldwide. If we all work together, across borders, hopefully we’ll be ready for battle. In that sense, I really see a great opportunity for Brightlands Smart Services Campus in Heerlen to play an important role as a cybercrime prevention center.”

 

Source: Brightlands newsletter

Cybercrime is part of a global digital war. Perhaps if we take a stand at the European level, we can achieve something.