This week, the “CYBERCOR” National Institute of Cybersecurity Innovations hosted a new training session dedicated to special-status public officials from the Ministry of Internal Affairs of the Republic of Moldova, focusing on information security and cyber threat awareness. These sessions, led by Dinu ȚURCANU, Vice-Rector for Digitalization at the Technical University of Moldova, are part of an essential series of courses aimed at strengthening national cybersecurity capabilities.
In an increasingly complex digital world where cyberattacks are becoming more sophisticated, it is critical that personnel handling sensitive information are prepared to quickly identify and respond to cyber threats. The courses, titled “Information Security” and “Cybersecurity Awareness,” provide the necessary knowledge for preventing and managing security incidents.
“Information security is no longer an option, but an absolute necessity. Within the Ministry of Internal Affairs, managing sensitive information is vital to protecting the integrity of data and citizens. These training sessions equip officials with the tools needed to address the complex challenges of cybersecurity,” stated Dinu ȚURCANU, emphasizing the importance of fostering a strong cybersecurity culture in state institutions.
During the session, participants were introduced to best practices in information security, cybersecurity defense techniques, and effective methods for preventing incidents. Topics included data protection, identifying and managing cyber threats, defense strategies against ransomware and wiper attacks, and the importance of quick, conscious responses by implementing appropriate security measures.
One key issue discussed was the vulnerability of Bluetooth connections, a risk often underestimated. Participants were informed that keeping Bluetooth enabled can allow unauthorized access to devices. Three types of Bluetooth attacks were covered: Bluejacking (sending unsolicited messages), Bluesnarfing (stealing data without consent), and Bluebugging (taking complete control of a device). To mitigate these risks, it was recommended to disable Bluetooth when not in use, avoid unknown connections, and set the device to “invisible” mode.
Another major theme was the creation and use of secure passwords, emphasizing the need for complex passwords of at least 12-14 characters, combining uppercase and lowercase letters, numbers, and symbols. The use of a password manager was recommended for added security, along with regular password changes.
Phishing threats were also a focus, as 91% of cyberattacks begin with phishing emails. Participants learned how to recognize suspicious messages, avoid clicking on unknown links or attachments, and enable two-factor authentication for enhanced protection.
Regarding app usage, the importance of carefully reading terms and conditions before accepting them, restricting permissions, and reviewing privacy policies to protect personal data was emphasized. Awareness of these risks is crucial to preventing the misuse of private information.
The training sessions also included discussions on recent security breaches in the European Union, the United States, and Australia, highlighting the dangers of public Wi-Fi networks and the failure to adhere to minimum security requirements. In such cases, only secure, trusted networks should be used, with VPNs recommended to protect data, along with adopting preventive measures to safeguard online information.
The training also covered various aspects of cybersecurity, including:
– Cybersecurity: offline and online identity. Types of organizational data. Confidentiality, integrity, and availability. Security breaches and their impact on personal and organizational data.
– Cyber warfare and its impact – espionage, sabotage, and disastrous economic effects. Attacks, concepts, and techniques.
– Analysis of a cyberattack. Identifying security vulnerabilities within the organization. Classification of security vulnerabilities. Types of malware and analyzing their symptoms.
– Methods and infiltration techniques. Social engineering. Breaking Wi-Fi passwords. Phishing and SMiShing. Exploiting vulnerabilities. Combined cyberattacks and their impact. Techniques for reducing and minimizing the impact of security incidents. Protecting and maintaining data. Safeguarding online privacy.
– Protecting institutions. Best security practices.
At the end of the session, Dinu ȚURCANU thanked the participants for their responsibility and reiterated UTM’s commitment to cybersecurity education: “CYBERCOR is committed to being a leader in training cybersecurity specialists in the Republic of Moldova, and our partnerships with state institutions like the Ministry of Internal Affairs are essential to creating a safe and secure digital space.”
This continuous training initiative demonstrates UTM’s commitment to enhancing national response capabilities to cyber threats, preparing key public sector personnel to effectively manage digital crises.
It’s worth noting that this training is part of the series planned for 2024, carried out in partnership with Cybercor and Cisco, with the support of the Moldovan Development Foundation, the implementer of the Google grant for Cybercor. The goal is to bring expertise to public and private institutions, transferring knowledge to entities that can then implement and use the best practices and solutions in the aforementioned areas.
The “CYBERCOR” National Institute of Cybersecurity Innovations, inaugurated on September 18, took an important step from its very first day, solidifying its position as a leader in cybersecurity by signing a Strategic Agreement with the Ministry of Internal Affairs. This agreement will contribute to ensuring a robust national cybersecurity and resilience framework, with a focus on technological innovation and the application of legislation to combat cybercrime.