Back CyberEast Interview: On Gender Misbalance in the Field of Cybercrime and Cybersecurity and the Work of the CERT-GOV-MD in Moldova

The CyberEast project, funded by the European Union and the Council of Europe and implemented by the Council of Europe through its Cybercrime Programme Office (C-PROC) based in Bucharest, Romania aims to support cyber resilience of the Eastern Partnership countries. The project builds on previous capacity building efforts in the Eastern Partnership region and on the good cooperation relationships developed along the years. What is less brought to the foreground, however, is the human factor and the work of individuals driving the progress forward in the country. In this interview you can meet Natalia Spînu, from Moldova.
Republic of Moldova
  • Diminuer la taille du texte
  • Augmenter la taille du texte
  • Imprimer la page
  • Imprimer en PDF
CyberEast Interview: On Gender Misbalance in the Field of Cybercrime and Cybersecurity and the Work of the CERT-GOV-MD in Moldova

C-PROC: Please introduce yourself and the work that you do. What are the reasons for your interest in cybercrime?

Natalia Spînu: I have devoted my recent professional career to cybersecurity. I have embraced constant communication with leading experts in the cyber community and through bringing people together to reach the cutting edge of the cyber domain addressing ever-complex challenges and aiming to achieve the highest results in organizational, national and international environments.

Engaging as a chief of Moldovan governmental computer security incident response team – CERT-GOV-MD, I started with building together with my team, since 2012, a series of national cybersecurity awareness conferences for the public and private sectors.

Given my educational background in International Relations and Computer Science, I have always approached technology and cybersecurity from a vantage point that seeks to decipher the interplay of human factors with rapid technological advancement – the reason why humans are at the front and centre of many problems, as well as of many solutions in cybersecurity.

The human factors remain the key issue in cybersecurity around the world. From an increasingly complex landscape, cybersecurity has always boiled down to the people, the process and the technology – three elements that we are putting together to maintain a cybersecure environment. We are not implementing only technology, but we are addressing the human element as well. In the end, I think the ultimate determinant of success in cybersecurity is the implementation of the right process, which is the bridge between people and technology.

The world of cybercrime and cybersecurity is constantly evolving. Cybercrime is running rampant and cyber criminals are constantly evolving with their techniques, and methods such as ransomware are becoming more sophisticated. In cybersecurity, I never feel that I am doing archaic, unnecessary work. Staying ahead of criminals is a significant part of my job. Criminals perpetually update their technology to incorporate the very latest emerging technologies into their operations. My interest in this field is about where we are going tomorrow; many of my colleagues from different institutions are not aware of these looming technology developments, let alone their growing exploitation by both organized crime and terrorist organization. I am deeply concerned about the trends I observe all around me. As I look towards the future, I am increasingly concerned about the ubiquity of computers in our lives and how our dependence on it is leaving us vulnerable in ways that very few of us can even begin to comprehend. I still believe it is possible to anticipate and prevent tomorrow’s crime today before we reach the point there is no return.

Source: The Republic of Moldova – Official Page. Training in the field of cyber security for civil servants. (2018)

 

C-PROC: There is an obvious gender misbalance in the cybercrime and cybersecurity professions in the Eastern Partnership region. With you being one of the few exceptions, are there any challenges in your professional life related to this?

N.S.: Cybersecurity is a scary word to a lot of people. But it is a field of endeavour, a career, a way of thinking – and also our future. The most creative people are drawn to the field of human endeavour in which the biggest advances are being made. Now tech and cybersecurity is the place to be. So why does it seem as if women, who make up 51 percent of the world’s population, cannot manage to break into the most exciting field of human endeavour on the planet today? I must admit there is a community of women in cyber; however, we are failing to bring more women into cybersecurity in the first place and unfortunately the number of women in cybersecurity is dropping every year. There are several reasons why there are not so many women in this field – for instance, sexism, discrimination, evolutionary and social preferences; there may be other reasons as to why women appear to not be a good fit in the cyber field. I still do not understand why someone would think I do not belong. I love technology and this field of work, and I love to bring people a new perspective, to make the world a better place.

Source: Moldova Cyber Week 2019 (Agora.md)

The reason why many believe that women would not be good in cybersecurity is an unconscious social bias – not some sort of conspiracy. Saying that men are sexist does not lead to anything except for defensiveness and counterattacks. Men in cybersecurity are simply interested in creating a great life for themselves and to help others if they are given a plan – and should not be blamed for everything wrong in the world.

I think it is time to change this perception. We can have a family, children while also working in a highly stressful programing job, and we should be able to choose what we do with our lives, not close off cybersecurity as a potential field for our career because of being afraid of the stories heard about how hostile the environment is to women.

I am nothing special when it comes to working in cybersecurity. The difference between me and someone who has been in this field for many years is that I started with an outsider view on the field and then worked my way in. I run workshops, speak publicly and figure out how to make cybersecurity a career path. I do not have a lot of enthusiasm for rules and people who tell me I cannot do something I want to do. I am sure there are a lot of women who are smarter than I am, but I also know that I want to spend years of my life trying to bridge this gap between women and the careers they deserve to have. I simply refuse to accept limitations that other people try to impose.

C-PROC: How much of an impact did the COVID-19 pandemic have on the situation with cybercrime and cybersecurity in Moldova, in your opinion?

N.S.: The COVID-19 outbreak is having a huge impact on people’s lives, families and communities not only here in Moldova, but all over the world. This has had an immediate effect on organisations, that had to change the way their employees worked, this unprecedented situation bringing along new cyber risks as well.

The COVID-19 pandemic has forced the Moldovan official offices and public services to embrace new practices such as remote working and social distancing. From our part at CERT-GOV-MD, we have observed a spike in phishing attacks, malspams and ransomware attacks; attackers are using COVID-19 as bait to impersonate brands, thereby misleading employees and customers.

We have observed how many existing organized crime groups have changed their tactics to use
COVID-19 related materials on health updates, fake cures, fiscal packages, emergency benefits and supply shortages. Typical give-aways in emails that may be suspect include poor grammar, punctuation and spelling, design and quality of the email (which is not to the standard you would expect); also, a suspect e-mail is not addressed to you by name but uses terms such as “Dear colleague,” “Dear friend” or “Dear customer”, it includes a veiled threat or a false sense of urgency and directly solicits personal or financial information. We recently blocked almost over 500 000 spam mails and received more than 1 million alerts on intrusion and unauthorized authentication attempts.

Ransomware attacks against the financial sector increased nine-fold from the beginning of March to the end of April 2020. Few domestic financial agencies and central banks have been alerted to or detected an increase in scams branded as public notices related to the COVID-19; they are also facing the new challenges with a range of measures, from technology tools to customer education.

In our day-to-day experience, we found that one of the biggest lessons learned from this pandemic is the importance of having a Business Continuity Plan (BCP) and Incident Response Plan in place. Raising awareness, keeping up with the latest cyber-attack trends and remaining vigilant is all can do at the moment. Now is the time to implement action plans to mitigate these risks that have been discovered.

C-PROC: In you experience as a manager of CERT-GOV-MD, what could be done to improve cooperation between law enforcement and the CSIRT community in order to better prevent and tackle cybercrime?

N.S.: When it comes to cybersecurity, law enforcement agencies, intelligence agencies and CSIRT communities share a high-level goal: to maintain a secured cyberspace and prevent cybercrime.

Due to extremely rapid digitalization, it is important to keep the legal framework up to date to enable law enforcement to do their work. Where possible, adopt an approach that could make the legal process clearer and cross-state investigations faster. The legal framework should give the right tools to investigate cybercrimes and to quickly respond on cyber incidents.

In some cases, cooperation is impeded upon by legislation. National laws on privacy and data exchange prevent CSIRTs from formally sharing data with entities; for governments it works the same way. For future cooperation, which is necessary, it is important to find out the difference between perceptions and legal reality. The solution may be a functional agreement of collaboration based on findings or, in some cases, new or adapted laws might be needed.

To help and to have a strong impact on prevention and control of cybercrime, governments, together with CSIRTs and law enforcement agencies, need to develop and establish a functional policy about information exchange on a query basis, oriented and taking place at an operational and technical level – a shared mechanism. Also, creating an open environment with dedicated communication channels, for engaging and intensifying the dialogue between these entities, a place where they can collect valuable lessons on their experience, share knowledge on what might help to shape cyber norms… this would be helpful.

C-PROC: Is there anything that the joint European Union/Council of Europe CyberEast project can do to support your work and make a difference in Moldova?

N.S.: It would be helpful if the CyberEast project could assist in adjusting national strategies and legislation on cybersecurity by providing the necessary expertise, as well as also grants. Support would also be needed for activities on education and professionalization, including through programs for youth and students. At the same time, contributing to strengthening regional partnerships (in the framework of the European Union Eastern Partnership) could create new possibilities, new platforms for cooperation.