October is European Cybersecurity Month - an ENISA initiative that aims to "promote cybersecurity among citizens, businesses and public entities". The manager of the cybersecurity service of the National Research and Education Network (RCTS CERT), Carlos Friaças, describes the work done by the National Scientific Computing Unit in its mission to improve security conditions and shares some advice that can make a difference.
This month is European Cybersecurity Month. Can you explain to us the relationship between FCT's National Scientific Computing Unit, FCCN, and the area of computer security?
The FCCN Unit is effectively the Internet access provider for the Research and Education Community in Portugal. This means managing a nationwide digital infrastructure that naturally suffers attacks from the Internet and participates in attacks when some of its nodes are infected. For this reason, there needs to be an incident response team to deal with these situations, trying to minimize the damage.
Within this area, what projects does the FCCN unit promote?
In recent times, the focus has been on developing capabilities that transform the incident response team (CSIRT) into a security operations centre (SOC). In this context, we have been trying to develop new services aiming at strengthening the cybersecurity of entities related to the Science, Technology and Society Network (RCTS).
In this sense, what are the main added values in the area of Cybersecurity, from an institution's point of view, made possible by joining the Science, Technology and Society Network?
Free access to the entire RCTS CERT portfolio of preventive and reactive services. This includes, for example, periodic website audits, awareness campaigns or the use of a name resolution service that prevents communication with known malicious domains.
What are the main threats facing institutions that use FCCN's security services?
I believe that the main threats are no different from those experienced by most companies today in Portugal. The volume of fraudulent messages is huge, either to infect users' devices or to capture their authentication. There are also some distributed denial of service events, but they are not very frequent. And, still in relation to authentication, the value of a login/password of the RCTS community is great, because due to the eduroam service, these credentials will allow access to the Internet from networks of higher education institutions in about 70 countries.
One of the objectives of the European Cyber Security Month initiative is to highlight the importance of this topic to citizens. How do you rate the general public's knowledge of the most important cybersecurity practices and principles?
I think there is a long way to go, although in recent years there has been
there has been a lot of progress in recent years. Media cases actually amplify the importance of the topic (unfortunately resulting in successful frauds) and people will be increasingly careful, especially if they receive clear and simple messages on how to adopt them.
And what behaviors in the area of cybersecurity can make a difference, from the point of view of the average user?
Exchange impressions with other regular users, in circumstances where there is the slightest doubt. On the other hand, when options exist to increase security, they should be used - such as activating a second authentication factor (SMS, code in an app, etc...). It is also useful to keep in mind that there should always be a context for any incoming message. Another behavior that will increase security on an individual level is not to expect "free lunches", because they don't exist (laughs).
Are there any other issues you would like to highlight within this area?
Cybersecurity Month is a useful initiative, but the utmost care and attention must be maintained throughout the 12 months of the year. RCTS CERT, as part of its mission to strengthen the cybersecurity of the infrastructures managed by the unit FCCN, regularly cooperates with national and international teams, and is very open to increasing this cooperation with new teams.
