Cybersecurity experts, students caution against fraud  | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware

From left, Darren Numoto, Kanna Sekar, Girija Narlikar, Donald E. Hester and Mark Nagel speak at a cybersecurity panel on May 23, 2024. Courtesy Kiran Khanna.

When uttered in the context of cybersecurity, phrases like “pig butchering” and “jail breaking” hold totally different meanings from those most people find familiar.

A panel of experts deconstructed terms like these and cautioned against the perils of internet fraud at an event titled “Cyber Secure Palo Alto 2024: Panel Discussion & Science Fair,” held at Mitchell Park Library on Thursday, May 23. A few local community members worked with the city’s IT department to organize the event.

The panel comprised Girija Narlikar, director of engineering at Google; Kanna Sekar, a sales engineer with Google Cloud Security; Mark Nagel, deputy district attorney from the office of Santa Clara County; Darren Numoto, chief information officer for the city of Palo Alto; and Donald Hester, a cybersecurity advisor for the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency.

Their discussion was followed by presentations, made by three teams of middle and high school students from Palo Alto, aimed at educating locals about internet safety. At a similar event held in February, Erin West, deputy district attorney for Santa Clara County, added to that panel discussion.

Project titles included “CyberSmartz” by Ajay Gopinath and Aadi Belwal, who pitched an idea about an app that protects teenagers from internet fraud; “EnGarde” by Krish Khanna, Anish Mathan, Kavya Mathan and Kanaan Kuartei, who spoke about an app that protects the elderly from falling prey to online scams; and “Paly Cybersecurity Awareness Program” by Samarth Karnam, Agastya Parikh, Aiden Miao and Om Rajan, whose idea was focused on teaching elementary school kids about the dangers of malvertisement, which is a type of cyber fraud that injects malware into a person’s computer through online advertisements.

All three teams were given awards for participation including an honorary citation and certificate from the mayor of Palo Alto as well as an invitation to City Hall in September where they will be congratulated by the City Council.

Cyber crimes and frauds have, unfortunately, become a lot more sophisticated in recent times, the panel said. Phishing emails and text messages are just the tip of the iceberg; today, bad actors can use deepfake technology to potentially replicate anyone’s voice over a call.

“As AI gets better and more available, cyber criminals are going to leverage it more,” said Hester, who gave the example of scams that involve faking the voice of a company’s CEO to get the CFO to transfer funds. “We just have to be on our guard and know who we’re talking to on the other end — even if we think we know who it is.”

According to Sekar, things are likely to get worse, especially around election times. “There will be a lot of fake videos morphed together, it’s going to be more prevalent,” he said. “It’s going to be challenging before it gets better.”

While no one is immune to these cyber attacks, susceptible sections of the population include high net worth individuals, young kids and old people, the organizers said.

“The name ‘pig butchering’ comes from the Chinese term for the name, which is where this fraud originated,” said Nagel, referencing the Mandarin term sha zhu pan. “It is so named because of the intent to consume the victim from snout to tail — in other words, to take the victim for all that they’re worth. It’s a very pervasive fraud that’s going on right now.”

The panel shared tips like being mindful of what one shares on social media, using a monitoring service to safeguard one’s social security number, opting for multi-factor authentication to validate access to online accounts, creating 16-character passwords, using password managers, avoiding accessing bank accounts on public Wi-Fi, and being sure not to respond to a message if it looks suspicious.

“If you are seeing something that doesn’t seem right, doesn’t seem genuine, report it — don’t reply. It really helps us to train our classifiers, our systems, to learn,” said Narlikar, according to whom the scale of these scams is poised to grow, especially because cyber criminals are quickly learning how to misuse Generative AI, which is a type of artificial intelligence that can create online content like text, images, videos and music, among other things. “The more we learn from you all, the better we can do in protecting everybody.”

Numoto concurred with her and urged people to come forward and do their part by reporting fraud as soon as they encounter it. “Most of us have heard in the news about breaches that happen because a user got compromised on some level,” he said, highlighting the fact that it’s human vulnerability over anything else that cyber criminals are out to exploit. “No longer are they trying to hack firewalls or hack systems — why do all that complex work when they can address the human?”


Click Here For The Original Source.

National Cyber Security