2024-05-02 23:41:48
The Director General of the Romanian National Cyber Security Directorate also says:
We will apply together for European funding
– Mr. Kimpean, in January your cyber security service signed a memorandum with the European Digital Innovation Hub “Thrace”, which aims at cross-border cooperation with countries of the European Union. In Romania, the development of public-private partnership plays a key role in cyber security, why It is important?
-Thanks to the signed memorandum, we can now work together, create and implement
unique and innovative products,
which could be very relevant in cyber security. The Romanian National Directorate is tasked with identifying and evaluating innovative cybersecurity services, solutions, products.
– How does the memorandum help you?
– It is a formal first step in our cooperation. This is a common and good practice, a framework for cooperation. Then we continue with more detailed, deeper steps, actions, activities, joint projects.
– What are the joint projects?
– For example, we want to explore together some financing possibilities through European Union funds. There are many EU programs for research, innovation, development in the field of cyber security, where government bodies, private companies, academies, scientific organizations, individual experts are encouraged to work together, have access to European funds and build, develop innovative solutions, products, services. We want to explore this path.
– Do you plan to work together with other Bulgarian companies? For example, LEV INS offers various cyber insurance products, and in our country it is also known for its “Protect the child on the Internet” campaign.
– Yes, we would like to get to know LEV INS cybersecurity insurance products better, as well as the related services they provide with their partner network. The company has a very significant regional role.
Cybersecurity is a team sport and is an area in which to partner with companies that have proven expertise. We can deliver important messages about cyber hygiene, about good practices, about what the average user should do. Partners needed. It is impossible for the government or a single company to cover millions of consumers. So a joint campaign with multiple participants is basically required.
– Are you planning any campaigns at the moment?
– In Romania, we have specific campaigns aimed at hospitals. In our country two months ago we had a serious cyberattack – 26 hospitals were affected by a ransomware attack. Their data was encrypted and it was a very, very complicated situation. So we want to prepare some specific awareness campaigns in the health sector.
Then we want to do some campaigns targeting citizens to help them better protect themselves and recover their social media accounts, because that’s where we see a significant increase in cyber attacks. Almost everyone uses social networks. In Romania we have probably 12 million active internet users. We need it a stable campaign with partners such as LEV INS to consumers, to guide them, convey good practices and strong messages. So, as well as their partners from CYBER ONE, who offer technological solutions and consulting services in the field of cyber security.
– What are the biggest cyber security threats currently in Romania?
– About 80% of the incidents reported to the Romanian Directorate are generated by cybercrime and are clearly motivated by money. They want to take data for ransom. They hijack legitimate user accounts and demand money.
But let’s not forget that and geopolitics matter.
At the moment, there is a strong increase in attacks by politically and ideologically motivated actors, in particular those linked to the Kremlin, linked to the Russian Federation in the context of the war in Ukraine.
– In Bulgaria, one of the biggest threats at the moment are crypto investment scams. Are there similarities with Romania?
– Definitely. Starting in July and August last year, there was an increase. They use the image of public figures, usually politicians. So it’s a combination of cybercrime because some of them collect personal data and try to hijack user accounts. But the main motive is financial fraud.
Bulgaria and Romania are not the only countries in Europe that are affected by this type of activity. And one of the reasons is simple – there are usually international cybercrime gangs. They operate in cyberspace and are very easy to reproduce.
– Do you have compromised business correspondence? In Bulgaria for the past year, there were 56 such cases where cyber fraudsters changed bank details for personal gain.
– They are significantly less. The most popular are investment scams. They use social engineering techniques to trick users into providing data, making payments, and so on. Investment fraud relies on reaching a larger number of victims. With compromised business correspondence, hackers study a company’s habits for months, perhaps years. For the same period of time, in the case of investment fraud, they will manage to defraud a much larger number of customers, and we can assume that the financial losses will be many times greater.
– A big problem with these frauds in Bulgaria is that they use artificial intelligence to create clips with the president and other politicians. Is that the case with you?
– It’s the same. We issued a guide a few weeks ago to help citizens recognize and to test whether an image, voice recording or video recording is real or not.
The problem is that the use of artificial intelligence is becoming increasingly complex. It is difficult for an ordinary person with little training and insufficient attention to distinguish a real clip, photo or voice message from a fake one.
– What are your concerns about artificial intelligence?
– We look at the use of artificial intelligence from different perspectives when it comes to protection. Obviously, there are a lot of interesting ideas, ways to create technical solutions, artificial intelligence solutions, algorithms to protect critical assets, track threats in real time. So that’s one perspective.
But there is another perspective – that of cybercrime. There are already known cases in which cybercriminals use artificial intelligence, machine learning to create new types of malware or malicious code. They use it to improve their techniques for bypassing protections, bypassing antivirus programs, avoiding intrusion detection systems, and so on. This is a new, unconventional threat. We try to adapt and deal with it.
– In Bulgaria, there are cases in which hackers encrypt the data of companies and extort the owners for a ransom. Are there similar cases in Romania?
-Recently, this type of attack has been increasing. And definitely this is a worrying fact.
We have to watch her. We must be careful and try to anticipate what may happen in the near future so that we can prepare and protect ourselves as best we can.
– Do you have recommendations on how companies can protect themselves?
– Currently, they are common to businesses. We could use the recommendations that have already been published by NATO, by the European Commission, by common business practices that we all know. For example, access protection, two-factor authentication to protect important assets, backups. These are the basic business practices we hope are in place.
One of the first steps is informing the staff. Awareness and especially to consumers.
Users are the ones who need to be trained and be careful, when they open apps, emails. It’s really important. Two weeks ago, when we had this cryptocurrency situation, at least one user received an email posing as legitimate, it was with the name and photo of the President of Romania. And when he clicked on the attached file, he landed on a ransomware server. The warning should be clear. It should be regular.