Last night, in the middle of a meeting I received a strange email. The subject line piqued my interest as it was one of my old passwords, random group of characters and numbers. The letter was an attempt for blackmail.
My initial shock, turned to analysis, then to anger and finally to action.
Firstly, let me share the experience. Then, what I think we need to do to stop this all too familiar story repeating itself again. Perhaps next victim will be more vulnerable.
The letter that I received has a mixture of facts and fictions. My email address and passwords were facts. The rest were generic fictions to shock; mentioning masturbation video, and porn site visits. But, it was the small facts make me think of what ‘real’ information did they get from my account?
My first attempt was to contact Swiss Cyber police. Their response? Change your password and throw the letter away.
My next attempt was to walk into the police station to make a formal complaint. Their response? As much as we are sympatric since no one has been killed and the blackmail amount is small. So, we don’t care.
I believe this issue is an escalation of a hack that initiated back in June last year. Out of the blue while in London on business, I had a message about a new connection to my apple id. I instantly called Apple and asked them to investigate. Their response? Change your password. Not our problem!
Realizing the support person wasn’t going to provide any quality assistance, I ended up changing my password and not pursuing it further.
Three months later, I had several purchases of iPhone 11’s under my apple id in the USA. Apple Support’s response? Change your password. Not our problem!
This time I was adamant and escalated the issues further up the support chain. Where we found, missed by original Apple support, during the attempt in June, the hacker had connected their computer to my family account. We could see it still attached although turned off. After putting a block on it, I asked Apple support to report details of the hacker to the police. Their response? This will infringe the privacy rights of the hacker! No can do!!
Next, I contacted American Express to report the fraud. Their response? Cancelled my Amex card and all related unauthorized purchases, within the blink of an eye the new card was delivered to me in Europe, initiated contact to Apple to investigate further.
Wow! What a refreshing response!!
A few months later, bringing us up to the present, the email arrived!
Where does the responsibility lie?
Does the blame lie with us, the users? After all, we are willing to gamble sharing our private information with corporations, like Apple. When our risk doesn’t pay off and they don’t safeguard our information as promised, we blame them while they blame us, or we stay silent hoping no one notices the mess that we’re in.
Every so often, the shame and/or guilt drives some individuals to suicide!
Does the blame lie with the corporations, like Apple? A willing participant, in the crime against us, by protecting the identity of the original criminals who have stolen and are abusing our entrusted information.
Is it with the Police? They have taken oath to safeguard us against harm. They are also willing participants by spending their energy to pacifying the problem and by refusing to do an effective cross-border collaboration with one other unless someone is dead or there are millions at risk. They are in fact endorsing the growing cross-border cybercriminal activities.
Is the blame with software technologists? For failing to keep software technology in line with the growing demands. Resulting in creation of systems with more holes in their logic than Swiss cheese, creating easy gateways for cyber hackers.
Or is it solely with the original criminals? The creative opportunists, who have found loopholes between all these factions and while everyone is paralyzed into inaction, they are thriving! As far as they keep their extorsions for small sums and no one dies, then they can continue forevermore. Even if a very small fraction of the blackmail recipients respond, they are still free and clear with billions in tax-free income. To them the recipients are not people, they don’t see the pain and anguish in the face of their victims. They only see a bunch of alphanumeric characters on the screen, which makes their attack even more ruthless.
We are ALL guilty of creating and feeding this cesspool of cybercriminals.
Each thinking, but I am JUST ONE person?
Every person counts. But instead of working as individuals, we need to come together to create a united global network to uproot this disease.
WE ARE ALL GUILTY OF CREATING THIS CESSPOOL, LET’S ALL GET TOGETHER TO CLEAN IT UP.
We shouldn’t wait for another person to take their life or lose their livelihood before the police acts. Then, it is too late.
The problem today is far smaller than it will EVER be.
If each company/organization and country/region committed at least ONE person on this task force to coordinate and follow on their behalf, we can begin to turn the tides.
YES, the task ahead seems daunting and NO, you won’t wake up the next morning and the world is cleansed of all cybercriminals.
But, every single cybercriminal that is found and brought to justice, will make the list shorter. Over time, cybershield’s success will also become a deterrent for these startups.
Reach out to representatives within your organization, country and region requesting them to assign ONE agent that will coordinate activities that have originated or have taken place within their borders.
INSTEAD OF PAPER CHAIN, WE CAN CREATE AN ACTION CHAIN.
After all, this will not only benefit the individual victims, it will help organizations to identify and plug technology holes that exists within their realm and governments to track and detain their undesirables.
TOGETHER WE ARE STRONGER. FIRST STEP IS TO REACH-OUT.
Sally M Solaymantash