*INTERNATIONAL WEBINAR*

“Cybersecurity in a Connected World”

STEKOM University, Indonesia – International Seminar entitled “Cybersecurity in a Connected World” brought together a number of international speakers to discuss in more depth aboutcyber securityin this increasingly connected world.

Seminar Speakers:

1.    Prof.S.Noorul Hassan PhD (Head of Department AI&DS, CSE (CS)) AEC, India

2.    Ereso Negi (Lecturer in Management Department) OSU, East Timor

3.    Cherlina Heleina Panjaitan M.Kom (Lecturer of Computer Systems Dept) STEKOM University, Indonesia

Seminar Opening:Dr. Joseph Teguh Santoso (Rector of STEKOM University) Indonesia

Master of Ceremony : Anggi Novita Sari (International Affairs) STEKOM, Indonesia

In this International Webinar, we know that cybersecurity has become a major concern nowadays. Advances in digital technology have changed the way we work, communicate, interact and access information. However, as technology advances, increasingly complex challenges emerge, especially in terms of personal data security.

In this seminar,Cherlina Heleina Panjaitan M.Kom (Lecturer of Computer Systems Dept, STEKOM University, Indonesia) explained thatThe internet is a network system that can connect us with users all over the world digitally.Connected worldDigitally is a condition where there is a digital ecosystem that allows instant exchange of data or information and communication between devices or individuals and organizations throughout the world. There are many examples of technological advances in how the world can be connected. We can see the Internet of Things or IoT, global connectivity, e-commerce and online social media.

In his presentationCherlina toosaid that when we talk about this internet-connected world, we also have to talk about its security. Because information flows freely over the internet and devices are constantly communicating with each other. Cybersecurity has become an important concern. In a journal entitled Cybersecurity: Trends, Issues and Challenges, it is stated that in today's internet world, where technology supports almost every aspect of society, cyber security and forensic specialists are increasingly facing cyber threats. When we talk about cyber threats, it will always be associated with hackers. But what they actually do, here are the cyber crimes committed by hackers:

1.    Identity Theft or identity theft is a crime that uses someone else's identity to gain profit or fraud by impersonating someone else using that personal data.

2.    Phishing is a fraudulent attempt to obtain sensitive information or data such as passwords and credit cards by posting as a trustworthy entity in electronic communications.

3.    Ransomware is malicious software that encrypts a user's files or system demanding payment for its release.

4.    Cyber ​​espionage is a covert activity carried out through digital means to gain unauthorized access to sensitive information or intellectual property

5.    Malware is malicious software designed to interfere with, damage, or gain unauthorized access to a computer system.

6.    Denial of Service (DoS) Attacks are threats to shut down a system or network so that it cannot be accessed by users. Distribution or consumption of explicit content involving minors.

7.    Financial Cybercrime is an illicit activity that targets financial systems and institutions to obtain money or valuable financial information from users.

More, Cherlinaexplains that phishing is a cyber crimewho use email, telephone,text messages, personal identity information banking details, credit card details and passwords. The following is the Phishing process:

1.    The attacker sends the victim emails or other types of communications designed to help attack the victim

2.    The victim clicks on the email and opens a phishing site

3.    The attacker collects the victim's credentials

4.    The attacker uses the victim's credentials to access the victim's account

According toCherlinaPhishing is one of the most frequent cyber crimes and takes many victims, so we have to be more careful with our personal data. The following are several types of Phishing:

1.    Deceptive phishing or deceptive pieces. Attackers impersonate legitimate companies and try to steal people's personal information in their login passwords.

2.    Spear phishing, is a type of phishing attack that targets specific individuals or organizations, usually via malicious emails.

3.    Clone phishing, a type of phishing attack in which official or previously obtained emails contain attachments and links that are shared and used to create identical emails or clones of the same.

4.    Whaling, is an attack with the aim of obtaining more profitable and confidential information by destroying large targets.

5.    Link manipulation, when the user opens the link, the link opens on a website that has been set up by the fraudster.

6.    Voice phishing, a scam that uses telephone calls to trick people into giving money or revealing personal information.

The following types of cybersecurity can be used to prevent phishing attacks:

1.    Firewall, is a layer of defense that monitors and controls internet traffic in a network.

2.    Antivirus and antimalware, are programs that will detect, block and remove malicious software, including phishing.

3.    Email filtering, used to check and identify suspicious or suspicious emailsphishing. This filter can block suspicious emails before they reachuser inbox.

4.    Multi-Factor Authentication (MFA). M.F.Arequires users to provide more than one form of identification to access their accounts. This can reduce the risk of phishing attacks because attackers often cannot access both required authentication factors.

5.    URL Filtering, this tool can prevent users from accessing websites that are predicted to be phishing or dangerous by blocking access or providing warnings to users.

6.    Connection termination, if a phishing attack is detected then preventive measures may involve terminating the connection between the user and the suspicious source.

7.    Software updates, ensuring all software including web browsers and operating systems are always updated to the latest versions to reduce the risk of phishing attacks.

Cherlina mentioned There are several things you can do to prevent attacksphishing :

1.    Be wary of spam in this type of prevention

2.    Communicate personal information only via telephone or secure websites

3.    Don't click on links, download files or open attachments in emails from unknown senders

4.    Good security policy

5.    Security awareness training

The next speaker, namelyProf.S.Noorul Hassan PhD (Head of Department AI & DS, CSE (CS)) AEC, India spoke aboutcybersecurity and the role of cybersecurity in this digitally connected world and how to measure cybersecurity. In this seminar,Prof. S. Noorul explainedthat cybersecurity is technology and processes designed to protect networks and devices from attack, damage or unauthorized access. Cybersecurity is very important for militaries, hospitals, large corporations, small businesses, and other organizations and individuals in a country because this data is the foundation of any organization. If the data is exploited, there are of course many risks.

FurthermoreProf. S. Noorulalso explains the CIA Triad and its relationship to cybersecurity. The CIA triad is a general model on which system development is basedcybersecuritywhich coverconfidentiality, integrity and availability. And the security of any organization will start with these three principles. The following is an explanation of the CIA Triad:

·      The principle of confidentiality emphasizes that only authorized parties can access sensitive data or information.

·      The principle of integrity, emphasizes that only authorized people and parties can change or add sensitive information.

·      The principle of availability, emphasizes that system functions and data must be available according to the request of the authorized party.

Prof. S. Noorulalso explained the importance of cybersecurity in this digitally connected world. Cybersecurity should not be ignored. Because one cybersecurity breach can result in the exposure of millions of people's personal information. And this violation has a large financial impact on the company or organization. Therefore, cybersecurity is essential to protect businesses and individuals from spammers and cybercriminals.

According toProf. S. NoorulA cyber attack is an attempt by a hacker to access a computer network or system, usually to change, steal, destroy or reveal information. When targeting companies or other organizations, a hacker's goal is usually to access sensitive company information, such as intellectual property (IP), customer data or payment details. Then what kind of strategy needs to be carried out against cyber attacks. The following are mitigation strategies against cyber attacks according to Prof.S.Noorul:

·      Strong passwords, use strong and unique passwords for each of your accounts.

·      Update software, always update your computer, smartphone and other devices with the latest security patches, because each update will fix security bugs.

·      Firewall, using a firewall to monitor and control incoming and outgoing networks

·      Antivirus, install antivirus software on your device to detect and remove malicious software such as viruses and worms.

·      Data backup, back up your important files and data to an external hard disk or cloud storage regularly.

·      Multi-factor authentication (MFA), enable multi-factor authentication whenever possible.

·      Train awareness, educate yourself and your employees about cyber threats

·      Limiting access, only giving access to sensitive information or systems to those who need it for their work.

Prof.S.Noorul also explained about information disclosure bug. Information disclosure bug refers to a security vulnerability in which an application or system accidentally discloses sensitive information to unauthorized users. This disclosure of information, is also known as information leakage. So we must ensure that information disclosure must be in a safe manner. Because if not, hackers can easily get or steal our data from the website.

Then Prof.S.Noorul added that disclosure of sensitive information can be caused by software vulnerabilities, misconfigured systems, weak access controls, inadequate encryption, insecure network transmissions and poor data handling by employees or third-party vendors . The dangers of disclosing sensitive information can pose major threats such as identity theft, financial fraud, reputational damage, regulatory sanctions, loss of intellectual property and legal liability. It can also damage trust among customers, partners and stakeholders. Therefore, a cyber-aware culture is neededto be able to identify, prevent and respond to cyber threats. The following builds a cyber-aware culture:

·      Discussion of the role of educational awareness in fostering a cyber-aware culture

·      The importance of training individuals to recognize and respond effectively to cyber threats

·      Conduct outreach about cyber security awareness in schools, workplaces and communities