[ad_1]
– Mr. Kolev, did we have to study and work online so abruptly that not only we, but also the platforms we use, neglect security?
– The risks occurred mainly at the beginning of the pandemic, when the platforms that were used were not well developed. They made it possible for a stranger to join a conference chat. She had all the rights as legitimate participants in the conversation. This resulted in several incidents with obscene content posted on children’s computers.
The good thing is that in Bulgarian education the platforms are already improved and at the moment there is no evidence of interference on them. However, it should be noted that the age of users using these platforms and computers is decreasing. These are already 4-5 year olds who are taught at the preschool level in math, languages, and other subjects. They use these platforms and use computers on a daily basis.
– What do the companies that provide these services do?
– For the improvement of online training programs, for example, “Zoom” in March had 10 million users, now there are more than 300 million The company has invested heavily in providing security.
“And the parents?”
– Parents should monitor their child, even if he is educated on the computer. It is mandatory that children do not use their parents’ machines. They must use computing systems and devices designed just for them. You know that children are more vulnerable, and these systems must have adequate antivirus programs to prevent both intrusion and manual installation of illegal programs in operating systems, so that children have fewer opportunities.
– But were children on the Internet before they had to study online?
– That is why I make a strong appeal not only to warn that the virtual world hides dangers, but also to take action. One way is with antivirus programs, the use of legal operating systems, and parental control software. Restrict certain content.
However, all this would be meaningless if parents allowed their children to register on social networks from an early age. They don’t even allow registration of under-13s, but many children label themselves as years. Let parents check their browser history; young children would not think of erasing it.
Even common chats like Skype and Viber can be risky. Pedophiles themselves know that they are more encrypted and harder for researchers to reach. So even when they meet a kid on Facebook, they try to transfer the conversation to one of these apps. Therefore, I recommend teachers to use only special learning platforms. I advise you to use these training platforms, because now we even use Skype for that communication, and it does not give enough guarantees. In the same way to see what applications the child has on her smartphone.
– What are the risks for parents who work from home?
– Some of them are still related to children. Specifically for those who work from the family computer. In it, children often download movies, games and applications of unknown origin. All of them can easily overturn the computer. Therefore, the rules to combat COVID-19: distance, discipline and “hand washing” (antivirus program) apply to the work computer.
Another important thing is not to be tempted to work from the park. Yes, there is wireless internet, but it is a public network. Experienced hackers may have compromised it and aggregated all of our data, so use encrypted connections, although it is great to get out of the park.
– But many don’t even use a legal TV and Internet provider.
– It is the most dangerous for them, because the entire network they use is unprotected. It is as if someone with an iPhone downloaded applications from anywhere else, but not from the official page of the application.
– How many viruses circulate on average per day?
– 5-6 thousand malicious codes for the working day. This has been told to me by representatives of the largest companies that offer antivirus programs. That is why it is good to have only the most necessary software, not to clutter your computer.
– But do we seem to miss employers?
– Do all the recommendations apply to them? As well as the most important addition. It is up to them to provide the network and remote access to the people who are the home office. Have employees use complex passwords to change frequently. If some applications also want code, it must be different.
Let’s not forget that even if an employee who is a home office is violated, it compromises the entire company. The hacker enters your network and has access to everything the workers have. From there, it can be much easier to infect the chief accountant’s computer, for example. Remember what you will do if you are successful with such an attack.
– Indeed, how do hackers attack Bulgarian companies?
– The most popular attack is the replacement of correspondence between companies. In it, by infecting the computer of one of the contractors, you get complete information, electronic communication, the list of emails. It is usually done by email with an attachment. It’s supposed to be an invoice, a letter from the PEA, or something like that. If a person opens the file, their computer becomes infected.
Then the follow-up of the correspondence between two companies begins. At some point, an invoice is sent containing all the details of the partner company except the bank account. So the money goes to the gang’s account.
She is a financial mule, from where money is redirected to other accounts in various ways. They quickly reach the organizers, who are from countries of the former Soviet Union, Nigeria and other African countries. Here we only have mules, which we periodically arrest and accuse us of money laundering.
– What should companies do if they have become victims?
– React quickly. They must report immediately. However, if time has passed and money passes quickly through several banks in different countries, recovery is almost impossible.
– And what are the damages of the Bulgarian companies?
– They are for millions of levs. As the national cybersecurity coordinator, I recommend that when correspondence is held through a company computer, it is well protected. Do not download attachments from an unknown sender, do not enter social networks, which are the main source of malicious code. Complex passwords and legal programs should also be used.
It is also very important that accountants are careful where they send funds. We have a case in which a Spanish company sends an invoice with a Hungarian ayban. In another investigation, a Belgian company with a history of about 150 years sent an email with an Estonian bank account. Companies looking at the emails of those who received the invoice may differ by just one sign.
– A phone call before sending the money?
– Maybe, but lately we have cases where criminals appear in telecommunications offices with a false power of attorney. So, on behalf of the head of the company, they took out a duplicate card on his phone. Then he was left without contact and until he learned that his card was blocked by the withdrawn duplicate, the transfer was made.
– What are your plans for the future?
– To be useful for society and my family.
Yavor Kolev is an international expert on cybersecurity and the fight against cybercrime
Yavor Kolev has 25 years of experience fighting high-tech and organized crime. He is the founder of the structures to counter cybercrime in Bulgaria, and for almost 15 years he has been its head, both in the Ministry of the Interior and in SANS. He has completed numerous specializations in cybercrime, electronic evidence, and international law enforcement cooperation. He is the author of methodologies for investigating copyright offenses in the field of telecommunications and software piracy, and for investigating and prosecuting cybercrime perpetrators. In the period 2006-2020, under his leadership, he is the 24/7 national contact point for high-tech crimes in the Council of Europe and the single point of contact of Bulgarian police agencies with the most popular social networks.
He holds honorary medals from the Ministry of the Interior – 3rd, 2nd and 1st degree, awarded with the Badge of Honor of the Ministry of the Interior 3rd and 2nd and 1st degree, as well as the Honorary Medal of the Ministry of the Interior, awarded by The ministers of the interior.
He holds an honorary insignia of the Ministry of the Interior of Belarus.
In his work he has received four certificates of merit from Europol directors for successful international operations.
He is the first winner of the Giovanni Falcone Award, awarded to professionals working in the field of justice and security, for the successful fight against organized crime, presented personally by the President of the Giovanni Falcone Foundation, Prof. Maria Falcone.
He holds the gold medal “Justice, Freedom, Security” for his contribution to the accession of the Republic of Bulgaria to the European Union.
In 2006 he was awarded the individual award “Police of the Year” in Bulgaria, and in 2011, the sector he leads was awarded the collective award “Police of the Year” for their contribution to the fight against cybercrime.
In 2010 Commissioner Kolev received the title of Knight of the Book by the Bulgarian Book Association.
In 2013 he was awarded an honorary plaque by the Director of the United States Secret Service.
In 2014 he received a diploma from the president of the State Agency for National Security.
In 2014 Commissioner Kolev received the Order of Police Merit of the Kingdom of Spain “Cruz Blanca”.
In 2018 he received a Diploma from the Director of the South Korean National Police.
He currently advises Bulgarian and international companies in the field of cybersecurity and the protection of intellectual property. Participate in international projects related to cybersecurity and the fight against cybercrime.
Yavor Kolev is married with two children and a granddaughter.
[ad_2]
