Two-factor authentication for online shopping, a solution recommended by ANSI

Computer security has been a lot of experience in the last 2 months.

Like the global pandemic, cybercrime on the other side has only grown. The first quarter of 2020 was truly catastrophic in several respects.

This article will also interest you: Multi-factor authentication and biometric security

According to US giant Microsoft, no state in the world has been spared the calamity. To believe that fate here is common. Redmond's firm notes that virtually every country in the world has experienced computer attacks inspired by the pandemic. States such as Russia, the United States and China have been most affected by these computer attacks. The U.S. computer company said it had targeted more than 76 categories of coronavirus-related threats. This is very easily explained, such an expansion of cyber malice. The pandemic resulted in containment. Containment in turn to push to the massive use of internet-related services. Whether in terms of entertainment with streaming services (Netflix, Dysney, etc.) and social networks (TikTok, Facebook…) that have the wind in their sails or professional services such as remote collaboration tools (Zoom, Skype, etc.) through online stores and other usual essential services (Amazon, uber…), everything is brought together to keep us on the internet for as long as possible.

Cloudfare in a recent report revealed that global Internet use has increased by more than 17%.

Mondher Smii, a computer security analyst with the National Computer Security Agency, said in an interview with the ITU-sponsored Startup Story episode 112 that cybercriminals have used existing vulnerabilities in several systems and applications because of poorly controlled and hastily implemented telework. "Unsecured and unsupervised Remote Desktop Protocol (RDP) and Virtual Private Network (VPN) were opened when they were not even prepared to ensure business continuity. Hackers took advantage of this context to carry out ransomware attacks, DDoS via botnets (network of infected machines, ed.) or even send spam via email addresses … stressed the analyst. And when the issue of Zoom video conferencing application and its setbacks was raised, the analyst immediately pointed out that the application so far does not offer end-to-end encryption. "When the user sends a hyperlink, the app converts it and adds the path of the user's computer, i.e. its access. This is a risk if this data is ever intercepted by a hacker." He notes. The analyst himself recommends using other open source applications that offer more security.

Regarding the other application that is growing rumors about its security i.e. TikTok, Mondher Smii revealed the fact that two security flaws were discovered on the application thanks to cyber criminals. "To prove the presence of this flaw, which they took advantage of to spread false information, they posted an explanatory video on Youtube." In addition, the same cyber criminals involved in the TikTok breach also revealed a vulnerability on the World Health Organization website. This allowed them to spread false information about the pandemic.

Beyond that, it was not known that the National Computer Security Agency has deployed a set of measures to ensure optimal security in this time of crisis. According to the analyst, the security agency is permanently on standby through tools designed for this… "We also rely on our partnerships with public and private internet service providers and telephone operators. We are also recognized by the Forum of Incident Response and Security Teams," he said. But the agency's key recommendation is to ensure that financial transactions in this time of turmoil must be accompanied by a dual-factor authentication system. In addition, users of different online payment platforms are required to be more vigilant than usual.

Now access an unlimited number of passwords: