Straight from Las Vegas — Nobody disputes that technology has made life easier for scammers. After all, just look at the scams involving Pix and WhatsApp. But, for former criminal and current cybersecurity consultant Frank Abagnale, the main reason for the increase in the number of attacks of this type is another: no one is arrested or punished for these practices.
You must know Abagnale from the movies. His trajectory was portrayed in the film Catch Me If You Can2002. In the work, Leonardo DiCaprio plays an imposter who frauds checks and passes himself off as a doctor, lawyer, teacher and airplane pilot, until he is arrested and starts collaborating with the FBI.
“Nobody goes to jail for fraud crimes anymore. There are criminals from all over the world doing this without being punished”, says Abagnale. “In my day, I was caught in Europe and sentenced to 12 years in the US. Today, I would get a year, or I wouldn’t even be arrested.”
This Wednesday (24) Abagnale participated in Dell Technologies World 2023, in Las Vegas (USA). He spoke at a session on the human factor in cybersecurity.
The panel also featured Kim Zetter, a journalist specializing in cybersecurity, and Oz Alashe, CEO and founder of CybSafe.
In his presentation, Abagnale said that it is a mistake to think that his company’s system is 100% secure. Also, it was straightforward: if a hacker attack happened, it’s because someone failed to do what they should, or did what they shouldn’t.
Technology Helps, But It’s Not Everything
The consultant also said that artificial intelligence will make scams even worse, but joked: “I won’t be here to see it.”
On the other hand, he thinks that some technological innovations will help with security.
“We’re still using passwords, which have been around since before I did everything I did,” says Abagnale. “Now, let’s switch to passkeys. We are moving in the right direction, and I am sure we will improve on that.”
Alashe, in turn, believes that it is necessary to better explain and communicate security tools.
“Most people don’t know what two-factor authentication is”, evaluates the founder of CybSafe. “This is a term that makes sense to us who work in technology. To other people, it means nothing.”
Alashe emphasizes that knowledge is not enough to protect people and organizations. He says what matters is changing behavior. “Most individuals don’t need more awareness, they need help,” he warns.
Zetter brought a case where the human factor was decisive, not to allow an attack, but to protect a company.
Analyst Henna Parviz, who worked at Mandiant, noticed something strange in an alert triggered every time a user registered a new device. It was a cell phone without a number, with an IP from Florida, and the user lived in another state.
Parviz blocked access, and Mandiant launched an investigation. It was the first clue for the hacking attack on SolarWinds to be discovered.
Giovanni Santa Rosa traveled to Las Vegas at the invitation of Dell.
