Cyber attacks have reached unprecedented levels, and the phenomenon of international attention is becoming more and more visible in Romania. In mid-April, Dan Cîmpean, director of the National Cyber Security Directorate (DNSC), detected 20,000-30,000 cyberattacks daily in Romania, targeting “150-250 nationally relevant infrastructure elements.” I warned that.
The number of attacks has increased significantly since the COVID-19 pandemic struck the world, but DNSC officials emphasize that users are setting up increasingly efficient and reliable traps. increase. Most of these attacks are aimed at data corruption, which is a major risk to Romanian organizations and businesses. Such incidents can lead to serious losses, which can also lead to temporary disruption of activity. Therefore, it is imperative that administrators understand the magnitude of these risks and act early to effectively protect their data so that their activities are as uninterrupted as possible in the event of an attack.
Following the release of Veeam Data Protection Trends Report 2022 Now, given that data protection challenges are becoming more complex, we can generally find that 89% of global organizations are not paying enough attention to data protection. In addition, security incidents can affect not only the reputation of a company, but also the very existence of the business. Therefore, it is important for organizations of all kinds to be confident that their data is effectively protected and can be safely accessed at any time, regardless of the environment in which it is stored.
The six most common types of attacks that organizations and physical users can prepare to protect against attacks are online fraud, digital attacks, blackmail, business email breaches, ransomware attacks, botnet networks, and attacks on mobile devices.
Most attacks are carried out by cybercriminals operating in well-organized criminal networks, not just opportunists. They spend time and money investigating and improving attack methods using the latest technology. Veeam Software experts say that any organization should start with the idea that an “when” attack will occur instead of an “if” attack.
These attacks tend to target older generations who are less familiar with digital technology. These people are usually more confident and unfortunately often lose more. Many of these scams tend to mimic bank communications and abuse the trust and respect that older people have in banks. To make matters worse, scams become more sophisticated and reliable, and appear legitimate and plausible to untrained and inexperienced people.
This type of attack surprises many. Just spending more time online puts school children and adolescents in their 20s and older at greatest risk. This type of fraud is based on threatening to cause extreme social and reputational damage. In some cases, it’s easy to avoid blackmail if you haven’t had a previous dangerous situation, such as sending a dangerous selfie, but younger age groups tend to fall into that situation.
Business email infringement
These scams, commonly known as phishing, trick people into leaking personal information such as passwords and PINs by sending emails claiming to have come from reputable or well-known businesses. Remote work amplifies this phenomenon and criminals because many employees are not working in secure corporate networks or have (or are ignoring) cybersecurity training that could protect them. Gives a much greater reach.
This form of blackmail has at least caused losses It will reach $ 20 billion worldwide in 2021 and is projected to increase losses more than 10-fold by 2031. It’s no wonder many business owners have insomnia, as this type of attack is extremely beneficial to criminals and can cause immense damage to a company’s reputation.
A ransomware attack is considered successful if some companies prefer to pay the ransom rather than face a reputational disaster due to a complete loss of data. The criminals behind the ransomware attack are organized and use sophisticated tools. This is probably the biggest threat to the corporate world.
The level of risk that ransomware poses depends to some extent on the type of business. For example, banks, which are primarily digitally operated, suffer catastrophic losses in the event of data loss, while manufacturing is still at significant risk, but capable of generating revenue. You will not inevitably lose. Regardless of the industry, loss of reputation and loss of customer trust can be so great that it can lead to the collapse of a company. Therefore, no industry is unlikely to escape the negative effects of ransomware attacks.
This is usually the way hackers hide. Hackers compromise and use personal or corporate computers to organize and launch attacks. This means that the chances of identifying the source of an attack decrease rapidly. If a company or organization does not regularly scan for viruses and malware, there is a risk of unknowingly helping hackers access computers on the network.
Attack on mobile devices
Attacks on mobile devices via malware are said to be gaining momentum recently. Europol report.. For some time it was only a threat to Europe, but this year cybercriminals have successfully penetrated secure networks and more and more cases of mobile malware have been reported. Trojan horse malware attacks in Android banking have new tactics and techniques for stealing information. Many malware programs for mobile banking use an automated transfer system (ATS) with the Android Accessibility Service system to implement new capabilities to cheat by manipulating banking applications on the user’s device. increase. Cerberus and TeaBot can also intercept messages containing unique access codes (OTPs) sent by two-factor authentication applications such as financial institutions and Google Authenticator.
What can an organization do?
Veeam Software points out that executives play an important role in the fight against cybercrime. Everyone needs to be involved in protecting the joint ownership of company and customer data. All departments use the data to make decisions. Therefore, board members need to support the strategies, investments, security and technology policies of their cybersecurity colleagues. Building an effective cyber resilience strategy also requires the involvement and commitment of all departments to assist in communicating and monitoring its ongoing progress.
In addition, effective cyber resilience strategies need to work in harmony across all departments of the enterprise. Prevention should always be a top priority, but in the event of a breach or attack, the enterprise must have an understood and communicated disaster recovery plan. Cyber attacks can be devastating, so there is no compromise in how threats are prepared and handled. The best way to protect and recover your data in the event of a ransomware attack is to work with a third-party specialist to invest in an automated synchronization solution that protects many production platforms in your data center. Is to do. And today, from the cloud, which is the foundation of organizations of all sizes.
Organizations that really want to be more resilient should constantly educate their employees on how to identify suspicious emails and handle sensitive data to minimize phishing and botnet intrusions. While these can be avoided, they require efficient email management and application of machine learning and artificial intelligence tools designed to minimize the chances of email reaching the user’s mailbox.
As technology has advanced significantly over the last two years, companies need to consider implementing state-of-the-art data protection tools and strategies to ensure data recovery in the event of a catastrophic breach.
Backup and recovery
Criminals are evolving and businesses should do the same. The old 3-2-1 backup method is no longer sufficient. Three copies, two different media, and one offsite copy. Now, best practices add two more levels of security to the old rule, which is 3-2-1-1-0. Three copies of the data, two on different media, one offsite, and one copy with no internet connection. The vulnerabilities need to be recovered without error to prevent them from being reintroduced into the production environment.
As you can see, it’s good to understand how cybercriminals attack consumers and businesses alike. However, this is just one aspect of the problem. Second, we need to take advantage of this reality to develop systematic training and backup strategies that are applied bottom-up, based on best practices and up-to-date data management.
https://www.romaniajournal.ro/business/the-most-widespread-methods-of-cyber-attack-on-individuals-and-companies-in-2022/ The Most Popular Ways of Cyber Attacks Against Individuals and Enterprises in 2022 – Romanian Journal