Cybersecurity is everywhere, even in the watch on your wrist
Cybercrime is set to amass an 8 trillion dollars in damages in 2023, and the numbers are only going to grow. It means that now, more than ever, we need to prioritize education at all levels — from youth at schools to our parents at home — to avoid falling victim to cyberattacks. Our IT Monitoring Engineer Kristaps Kozlovskis, a cybersecurity enthusiast, is actively promoting the topic in his local community and is a frequent speaker at schools and tech events. Join us as we dive into Kristaps’ professional journey and learn about the hottest topics in cybersecurity.
Where did your interest in cybersecurity begin?
I became passionate about technology in the mid-90s, aged 10. As a child, I liked to dismantle and rebuild electronic devices: televisions, radios, and anything else with wires and microchips. Later, when I had access to computers, I started to research everything about and around technology, including cybersecurity. At that time, there were not yet many options or resources for buying my own computer, so I had to use my parents’ workplaces, school, and the then-popular internet cafes, where I spent countless nights.
I wanted to study programming, but advanced mathematics wasn’t my strong point, so I was not accepted into university. I was sad, and as a result I moved to the music industry, where I worked for 10 years as a DJ and created my own electronic music. Unfortunately, the economic crisis impacted this, so in 2011 I left my home in Liepāja for Sweden. Initially, I worked in construction in Stockholm, but something clicked in my head, and I decided to go back to IT — I made WordPress websites for customers. Three years later, I suffered burnout and returned to Latvia, where I had to start from scratch. I worked in a call center for a year because I knew Swedish, then I moved to Riga and began working in IT for various international companies, before starting at If two years ago.
Cybersecurity is my hobby, not my main job. I began to get involved with it in depth in 2020. I obtained various certifications, then the pandemic began, and I moved back to Liepāja from Riga, where I started to build a community. I found people who thought similarly to me (as few as there are here), and
we set up a Discord server which currently has around 100 participants, from young people and teachers to industry professionals. It is a platform for them to discuss and learn.
You often speak at schools about cybersecurity. How interested are young people?
Lots of them are interested to start with, but when they see what it means in reality, many stop there. You can’t become a hacker in two weeks, and it can take years if you want to be elite. Once, when the cloud didn’t exist, it was easier, but now you have to understand technology very well. For example, if you want to break into something, you first have to learn about the technology you want to break in to.
If you are a beginner in IT, it is quite difficult, because you have to understand things like networking: servers, cloud, network layers, etc. Plus, you also need to know coding so that you can understand how web apps and so on work. You have to be flexible. But there is interest, and that is good.
We have one young person who has been in the Discord group since the beginning. At first, I was teaching him, but now he organises his own sessions for beginners. It’s great that he is learning and passing his knowledge on to others.
And what about the teachers? What is their perspective?
As far as I have heard, teachers are also positive about young people learning about this topic. They also understand that technology isn’t going anywhere.
Somebody learning about cybersecurity doesn’t mean that they have to become a hacker or cybersecurity expert. Even programmers need to know about cybersecurity from their work’s point of view. If you write an easily penetrable code, your web app won’t be secure, but if you implement a few steps while writing your code, you can significantly reduce the risk of hacking.
Cybersecurity is everywhere right now, even in the watch on your wrist.
What knowledge and skills are needed to work in cybersecurity?
I think that knowledge of various computer networks is one of the most important things needed to start working in cybersecurity. It would also be useful to learn the Linux operating system, because two-thirds of the world’s servers are based on Linux. Of course, knowledge of Windows is also valuable, because it is widely used, for example, in the corporate sphere, and is a very tempting target for cyber criminals.
I would also recommend Python, which is useful in cybersecurity because it is fairly versatile and easy to learn. Python can be used to automate various tasks, write scripts, extract data from websites, analyse data, and many other things.
What is the hottest topic in cybersecurity right now?
Phishing and the like. Particularly if you look at CERT’s figures, the situation is fairly dismal.
Definitely artificial intelligence and automation, too — they are used everywhere. Current issues also include data manipulation, deep fakes and audio manipulation. Now, this just involves recording and playing audio in a certain voice, but there are now technologies which can livestream a certain voice, which is quite frightening. Imagine, your mother or friend calls you and asks for €200, which you transfer because you know them. This is real and will be our future. We can’t avoid it; technology will only get more innovative.
Currently, everything is moving towards the cloud. Half of everything, if not more, is already there. DDoS attacks are also very popular.
Have you ever fallen victim to a cyberattack?
Not as far as I know. But I could have, because no one is safe, even professionals or enthusiasts like me. Normally, of course, I can see and understand whether a scammer is calling or writing to me. For example, when you look at the link hidden under the text, it is quite evident that it is wrong.
I have received phishing calls and social media messages.
If a “bank representative” calls me, I usually ask them what bank, what their name is, can I call them back and to what number. And the call ends there.
I also come across scam attempts on the internet. In these cases, I troll them a bit, then block them. 😊 If you work in IT, these things seem obvious, but to other people, it’s not so simple. Many believe that someone really is trying to contact them. For example, pensioners or even our own parents who have less knowledge of technology.
Can anyone become a hacker?
Of course, anyone can become a hacker. I believe that you can become whatever you want. You just need to understand that you have to spend time on it and study. For example, I had a colleague who was an architect who used AutoCAD in his work, and he rang me whenever he had an IT question. I recommended some courses to him, and he became a programmer within seven months. It will soon be two years since he began working in this field. Sure, it was hard, but that doesn’t matter. Getting to the Moon is hard, but you get there in the end. Of course, contacts, and being in the right place at the right time, are important.
There are currently a lot of options for learning: free and paid courses, communities, support groups.
Exactly. If there had been this many opportunities in the nineties, I would probably be a business owner by now. There were so few resources in those days, a couple of books on PHP, that’s all.
What would your three recommendations be for anyone to protect themselves in virtual space?
First, read everything that you receive carefully, and use your head. Second, always check who is messaging or calling you. For example, you have the right to call the post office and check whether the message you have received really comes from them, particularly if they are asking for an ID number or other sensitive information. Third, educate yourself.
Even if it doesn’t interest you, it is important, because technology is part of our lives. When you learn the basics, you protect yourself and you can teach others — your partner, mum, sister, colleague — the same.
Are there any myths about cybersecurity that you have to debunk in your presentations?
The usual myth about hackers is that they are just after money. But that’s not always the case. Hackers can be good, bad or in between. There are also hacktivists and political hackers. Nobody is 100% bad or good, it all depends on what side you are looking from. For example, in places like Russia or China, it is normal for hackers to work with KillNet or APT 41, but we view this completely differently. Here, the bad hackers are the ones who steal money. But in hacker culture, these people aren’t even called hackers, because a normal hacker doesn’t steal money — that’s the lowest level of hacking.
Where do you keep up with current cybersecurity issues?
On a Latvian level, definitely the CERT website. I attend various webinars and follow several YouTube accounts. LinkedIn and X (Twitter) also have a lot of valuable discussions on the latest news. I don’t follow any specific people, just topics.
I already mentioned how important it is to regularly increase your qualifications. I update my own knowledge through various courses on Coursera, Pluralsight and others. I also attend conferences when possible. At schools, I tell students that IT isn’t the field where you can leave university and earn big money while never having to learn anything ever again. You have to learn constantly if you want to get ahead and work in large, serious businesses like If. You have to be innovative and ahead of your clients, for example, in the use of AI.
With technology evolving so rapidly, knowledge sharing is key to ensuring that as many people as possible are informed about the possible threats and know how to protect themselves. Let’s create a safer digital community for all together! 💻
