Lebanon successfully fighting cybercrime

Jo

Jo

Administrator
Master Penguin
Financial cybercrime cases in Lebanon down by 15 pct: SIC chief

BEIRUT: Financial cybercrime in Lebanon has seen an “absolute decrease” of 15 percent in 2018 from the previous year due to an extensive awareness campaign, the head of the Special Investigation Commission said Thursday. Speaking at the opening of the Anti-Cybercrime Forum, the Secretary General of the Lebanese Special Investigation Commission Abdul Hafiz Mansour said the number of cybercrime cases decreased to 107 by the third quarter of 2018, down from 165 overall in 2017.

However, he did not let the positive development cloud his vision when it comes to challenges in the near future, saying that a further increase of transactions would inevitably lead to more cybercrimes and that there technically still is no solidly effective mechanism to combat such crimes.

“We don’t have a culture of online shopping in Lebanon yet, but once it becomes a fixture, once the new [electronic transactions and personal data] law will be implemented, then we’re going to have to deal with all the headaches that come along with it,” Mansour told The Daily Star.

Asked about the current status of the law, Mansour said that since it was issued two months ago, a process of implementation had begun, with companies and banks “starting to open up the systems.”

Mansour said the Central Bank would continue to implement key measures in the coming year to further mitigate the risks involved in cyber transactions.

One of these measures is a binding circular disseminated by the Central Bank to warn citizens and pre-emptively make them more aware of such risks, and motivate them to proactively detect any inconsistencies that might indicate fraudulent transactions.

[...]

Read More: Financial cybercrime cases in Lebanon down by 15 pct: SIC chief
 
  • Advertisement
  • mrsrx

    mrsrx

    Newish Member
    Orange Room Supporter
    “We don’t have a culture of online shopping in Lebanon yet, but once it becomes a fixture, once the new [electronic transactions and personal data] law will be implemented, then we’re going to have to deal with all the headaches that come along with it,” Mansour told The Daily Star.
    Key part of the interview. Crime follows attractive catches and for now the lebanese market is very dry the only cash cows for cyber criminals are lebanese banks who get attacked on a daily basis and most of them cover up and never declare the attack and it will hurt the public trust.
    I know for a fact that a lebanese bank a few years back was held hostage in a databreach and had to pay off their attackers and nowadays they are pumping up a bit of their investments in that area.
     
    kalel

    kalel

    Well-Known Member
    Orange Room Supporter
    Key part of the interview. Crime follows attractive catches and for now the lebanese market is very dry the only cash cows for cyber criminals are lebanese banks who get attacked on a daily basis and most of them cover up and never declare the attack and it will hurt the public trust.
    I know for a fact that a lebanese bank a few years back was held hostage in a databreach and had to pay off their attackers and nowadays they are pumping up a bit of their investments in that area.
    that above is the definition of breaking your own anti money laundering rules
     
    mrsrx

    mrsrx

    Newish Member
    Orange Room Supporter
    that above is the definition of breaking your own anti money laundering rules
    I know our banks are not secure and not a role model of legality. Actually know lots of people in that field (bankingsec) they had the same words repeated to me several times: "if you know the state of their IT infra/arch you would not put a cent in them"

    Should point out that a few big ones are very very serious will go to a lot of lengths to cover themselves and they have real deal sec teams.
    On the other hand, friends in the companies that these activities get outsourced to say they only care about looking like they are covered in terms of regulations but always look to spend less money with the old mindset of executives that think this is not a major risk. And that is how i know for a fact that they have already paid off at least once! can be a way more common thing.
     
    mrsrx

    mrsrx

    Newish Member
    Orange Room Supporter
    Another point that is important:
    it is actually detected attacks that dropped and that is a double edged sword. Are we getting better thus successful attacks are 15% down or are we getting worse that we are detecting 15% less?!
     
    kalel

    kalel

    Well-Known Member
    Orange Room Supporter
    Financial cybercrime cases in Lebanon down by 15 pct: SIC chief

    BEIRUT: Financial cybercrime in Lebanon has seen an “absolute decrease” of 15 percent in 2018 from the previous year due to an extensive awareness campaign, the head of the Special Investigation Commission said Thursday. Speaking at the opening of the Anti-Cybercrime Forum, the Secretary General of the Lebanese Special Investigation Commission Abdul Hafiz Mansour said the number of cybercrime cases decreased to 107 by the third quarter of 2018, down from 165 overall in 2017.

    However, he did not let the positive development cloud his vision when it comes to challenges in the near future, saying that a further increase of transactions would inevitably lead to more cybercrimes and that there technically still is no solidly effective mechanism to combat such crimes.

    “We don’t have a culture of online shopping in Lebanon yet, but once it becomes a fixture, once the new [electronic transactions and personal data] law will be implemented, then we’re going to have to deal with all the headaches that come along with it,” Mansour told The Daily Star.

    Asked about the current status of the law, Mansour said that since it was issued two months ago, a process of implementation had begun, with companies and banks “starting to open up the systems.”

    Mansour said the Central Bank would continue to implement key measures in the coming year to further mitigate the risks involved in cyber transactions.

    One of these measures is a binding circular disseminated by the Central Bank to warn citizens and pre-emptively make them more aware of such risks, and motivate them to proactively detect any inconsistencies that might indicate fraudulent transactions.

    [...]

    Read More: Financial cybercrime cases in Lebanon down by 15 pct: SIC chief
    What a shameful self promotion.

    Cybercrime is globally under reported. The fact that we have 107 reported criminal cases by Q3 2018 is a joke and that is fundamentally a problem related to how Lebanon defines cybercrime. The definition of cybercriminality in Lebanon is really just abt some types of cyber-enabled crime. Not actual cybercrime.

    Cyber-enabled crime is defined as a crime that may have a digital component in it. ie sextortion, BEC Fraud (business email compromise, which is mainly social engineering) or drug trafficking online.

    Actual Cybercrime will refer to attacks that focus on malware deployment to either:
    - disrupt an environment
    - alter an environment
    - extract data from an environment
    - manipulate and action data within an environment

    This will be your typical, malware that targets payment platforms, ransomware that encrypts your hosts, servers and shared drives, or complex malware that will deploy in infra as part of larger espionage campaign.

    Its not because we dont have a popular adoption of online shopping that we dont see big numbers reported in the cybercrime case registry. The real reason is that we are sh*t at detecting cyber threats, we barely see 0.1% of what is hitting the country, we have legacy software and infra everywhere. We have little robustness in the financial sector entities and probably disastrous hygiene in our national critical infrastructure.

    Lebanon is trying to fight a very abstract type of threat with a bow and an arrow but sure, lets make big statements like these telling the world that we are kick ass at stopping cybercrime, and lets taunt cyber criminals to come and obliterate our ridiculous and minimal technological infrastructure and services when we continue to live under the mirage of excellence when we are bathing in incompetence.
     
    Top