Cyber ​​attacks multiply since the invasion of Ukraine and become more frequent, diverse and complex | Technology

Cyber ​​attacks have multiplied and intensified. Up to 39% of companies and 30% of entities have reported weekly digital breaches of their systems, according to the UK Digital Department. It is ratified by the FBI (Federal Bureau of Investigation) in the United States and the European Chamber of Accounts, which concludes in a report: “The community of institutions, bodies and agencies of the EU has not reached a level of cyber preparation commensurate with the threats. The attacks are more frequent, sophisticated and diverse, including all devices and all areas: also the private sector and humanitarian aid NGOs. Companies in the sector corroborate the increase. Ricardo Sanz, director of cybersecurity at Evolutio, assures: “Since the invasion of Ukraine, some companies that have maintained activity with Russia have registered an increase in attacks of 1,000%”.

The Digital Department of the British Government has no doubts: “The new figures show that the frequency of cyber attacks is increasing”. According to data from the public body, a quarter of NGOs have been added to the list of companies and entities that are victims of this activity.

The FBI has joined the warning. As explained by Bryan Vorndran, director of the security division of the US federal entity, to the House Judiciary Committee: “Cases of Russian scanning have increased.” It refers to the programs developed to know the activity of an organization and its weaknesses. According to Vorndran, “Moscow-linked computers have been probing the networks for vulnerabilities to a series of cyberattacks, possibly in the works.” “Scanning activity,” he explained, “is similar to reconnaissance missions, in that cyber actors are trying to see what security systems look like before setting up an attack.”

This Wednesday, the attorney general of the United States Merrick Garland has reported that, with the help of governments, they have removed a Russian malicious program from computer networks around the world. According to Garland, it was a program controlled by Russian intelligence and created to massively infect private computers. “Fortunately, we were able to remove it before it could be used,” Garland said.

Europe is not spared. Unlike. According to the latest report from the EU Chamber of Accounts, “the number of cyber incidents is on the rise [hasta diez veces más que hace cuatro años]” and are becoming more sophisticated: “They usually involve the use of new methods and technologies and can take weeks, if not months, to investigate and recover systems.” The institution points out, as an example, the cyber attack on the European Medicines Agency, where sensitive data was leaked and manipulated “in a way designed to undermine confidence in vaccines.”

The European institution warns that the preparation is not adequate to the level of risk and that this weakness, given the interconnection of community entities and private and public organizations, “can expose several other organizations to cyber threats.” The Chamber of Accounts also concludes that good preventive practices are not always followed, “including some essential controls”, and that the entire digital environment is not covered. According to Bettina Jakobsen, head of audit at the European Court of Auditors, “The EU needs to do more to protect its own authorities.”

increase due to war

Cybersecurity companies agree on the analysis of public bodies and point out that the Russian invasion of Ukraine has been a trigger. The Check Point company has detected an increase in digital attacks to more than 1,500 per week per organization, 39% in Ukrainian entities and 17% in Russia in the days after the start of the war. According to this company, “the trend of cyberattacks directed at NATO countries continues to grow.”

Eusebio Nieva, Check Point’s technical director for Spain and Portugal, explains that, after the war, the increase in attacks is recorded in all areas: “It seems that cybercriminals are increasing their efforts to take advantage of the situation. The trend is visible not only in the two countries involved, but throughout the world. I think they are trying to take advantage of the hype and interest around the war, as they seek to attack organizations that span the public sector as well as non-profit entities or the private sector.”

The trend detected is that war is not only the goal of cyberattacks, but also the excuse. In this sense, Bitdefender Labs has published an investigation into new fraudulent email campaigns with alleged charitable purposes to send financial aid to Ukraine. In the same vein, Check Point points out that “cybercriminals are using lures ranging from official-looking writing to news articles and job postings” to access everything typed on the keyboard (keylogging), steal user credentials and passwords stored in browsers (Credential Harvesting), copy files, screenshots or clipboard data, and even take control of computers.

In this way, not only large companies, such as Iberdrola, which suffered an attack last week, are threatened by cyberattacks. According to the company Avast, 29.25% of global users are at risk of suffering from them. And as the report from the EU Chamber of Accounts explains, they are becoming more sophisticated every day. In this sense, Jakub Kroustek, Director of Research at malware Avast explains: “In the past, malware was often designed to perform a single action. Today, these programs are like Swiss Army knives, capable of more than one intervention and often designed to do more harm.”

According to Ricardo Sanz, head of security for companies at Evolutio, “solidarity is another attack vector and it will be more sophisticated and difficult to detect the more attractive the target is and the more money there is involved.” The basic recommendation is to avoid clicking on the links that come to us by mail or SMS. Sanz explains it with a simple example: “If you meet someone you don’t know on the street, you normally don’t say hello; Well, you don’t have to click on something that comes from an unknown source, an email address or a strange phone number. That is the first step. The second is to pay attention to details, even if they seem to come from entities we know.”

Vulnerable devices have also diversified. According to Sanz, “attacks have adapted and, if people use mobile phones or tablets more, obviously there will be many more attacks against them.” According to the company Proofpoint, mobile malware infection attempts in Europe have grown by 500% since February.

The Police have warned of the proliferation of scams through unknown WhatsApp numbers that pretend to be an acquaintance or a relative who has changed their mobile and asks for money. It is best not to answer, but if there is any doubt, the interlocutor can be challenged with a question or information that only the person they claim to be knows. If the answer is ambiguous or incorrect, the interlocutor has assumed the identity of another person.

The introduction of a double authentication factor (through mobile phones) or biometric elements (such as fingerprints or facial scans) is a general practice in some economic transactions. But among ordinary citizens, preparation is still lacking.

Jesús Cabet, from Persán, pointed out during the first Andalusian Cybersecurity Congress, held at the end of last month: “The problem is the low level of cybersecurity in society. In companies, there are people who normally have a very low level of personal cybersecurity” Sanz agrees: “Not all people are prepared.” According to a Proofpoint survey, 68% of Spanish IT security managers consider human error to be the biggest cyber vulnerability in their organization. These mistakes are clicking malicious links, downloading compromised files, and not having a strong password (not changing or reusing it).

You can write to us [email protected]will follow THE COUNTRY TECHNOLOGY on Facebook Y Twitter and sign up here to receive our weekly newsletter