In August 2020, Juan Carrasco was monitoring online forums on cyberattacks from his home in Chile. The pandemic had struck for months and as Head of Cybersecurity for Banco Falabella, Carrasco is in charge of protecting the digital infrastructure. Migrating thousands of employees to work at home and offering more online services broadened the risk surface where cybercriminals can attack.
“We began to see some incipient events of extortion attacks,” says Carrasco in a videoconference with EL PAÍS. “We learned about specific attacks on organizations, entities in Brazil, something that happened almost at the same time in Argentina, we found out the following week.” Carrasco turned to networks of professionals like him in other countries to gather more information and found that the attacks were part of a campaign that most likely included Chile. He asked to expand the internal capacity of the company to control the attack, which is measured in bytes, and managed to prevent it.
The ransomware and threats to supply chains have rapidly escalated the list of concerns for businesses and governments in the wake of the pandemic. In the first six months of this year, the security firm SonicWall recorded a volume of 304 million attacks, a number never seen before. According to data from FS-ISAC, a global cyber intelligence sharing organization focused on financial services, global cyber intelligence sharing between member financial firms increased 60% between August 2020 and August this year. The number of threats has been such that it broke intelligence-sharing records around the world.
A common way in which these attacks usually occur is that a company or government receives an email demanding that it pay a certain amount of bitcoin or another cryptocurrency if it does not want to be attacked. If you do not pay, the company can upload a blackout of its website or online services. Criminals have also paralyzed physical infrastructure, such as factories or pipelines.
The pandemic brought a paradigm shift, explains Carrasco. “There was an acceleration in the digital transformation, also of companies that did not have, for example home office y now yes ”, says the specialist. In the case of a bank, accessing the information system requires additional “locks” that had to be multiplied rapidly for all employees. “The ecosystem and the irrigated surface increased a lot and for financial services, everything that entails digitally transforming your service so that customers can have more direct access and do not physically also go to the branch or other dependencies, generates that you are going to have more infrastructure exposed to internet attacks ”.
For preventing the attack last year, FS-ISAC announced this month that it awarded Carrasco and his team their first Global Leader award, which they designed to promote collaboration between financial institutions – the key to keeping the Chilean bank from falling. prey to an attack that would have denied service to their customers. At the national level, banks are already beginning to share information to prevent attacks, but international cooperation is lacking, says Adriana Villaseñor, spokeswoman for FS-ISAC, an organization based in New York.
“What Juan managed was to identify a pattern of an attacker in other countries”, explains Villaseñor, “if you are limited only to the information of your country, you no longer saw it, you already lost it, you already had the risk and maybe you were affected . What they are lacking is connectivity with the region and with the rest of the world, because no matter where these campaigns start, they can go through all countries ”.
Last week, the US Department of the Treasury announced that it imposed sanctions on a cryptocurrency exchange called Suex, where transactions and payments are made. The Government’s announcement has been, so far, its most decisive action against cybercrime. “The ransomware and cyberattacks are victimizing businesses large and small across the United States and are a direct threat to our economy, ”Treasury Secretary Janet Yellen said in a statement on Sept. 21. The US also seeks to regulate the use of cryptocurrencies.
In May, an attack co-opted a gas pipeline called Colonial Pipeline, which provides much of the gasoline and jet fuel for the east coast of the North American country; a month later, another similar attack paralyzed the meat processing plants of the JBS company. However, many of the attacks may be going unnoticed, as companies may choose to pay extortion to avoid paralyzing their operations, which could be criminal.
For its part, the Government of China announced on Friday that any transaction with cryptocurrencies will be illegal in the Asian country. The price of Bitcoin, the world’s best-established and most-traded cryptocurrency, fell in response to the announcement. However, the value of this and other digital currencies has climbed rapidly in the last year, driven, in part, by the enormous liquidity in global financial markets.
Cryptocurrencies guarantee anonymity, Carrasco warns, which makes cyber crime very efficient. “I think they have to be regulated in a certain way,” he says, “nowadays when we guarantee anonymous transactions, there is also this other side of the coin, how do we protect ourselves from crime? Of the criminals who use this form to be able to demand the ransom of a certain attack and how can I reach them? It’s a bit of a dark subject ”.
Subscribe here to the newsletter from EL PAÍS América and receive all the informative keys of the current situation of the region