Recent Cyber Incidents

Rise in ransomware attacks and global threats

According to the report by Marsh and Microsoft, most leaders are less confident in their ability to ensure protection against cyber risks than they used to two years ago. Such processes, as digital transformation, increasing number of ransomware attacks and changes in the work processes are the main prerequisites beyond this change of mind.

The State of Cyber Resilience report provides responses from more than 660 cyber risk management decision makers, based on an analysis of executives' perception of cyber risk at the world's leading organizations, including CEOs, risk and insurance, finance, IT and cyber security professionals.

According to Anna Pluta, who is the Cyber Risk Practice Leader at Marsh Poland, approximately  “two-thirds of respondents admitted that their companies had been the victim of an attack in the past year. Phishing and ransomware attacks were cited most often”. 

Besides mentioned above, there are other numerous ways intruders attack organizations worldwide. COVID 19 related issues and shift to remote way of work worldwide attributed issues remain popular vectors of intruders’ attacks.  Indisputably, intruders haven’t stopped to exploit numerous vulnerabilities, including outdated software or hardware. Thus this ever-lasting threat, providing intruders with uncountable vectors for performing attacks still poses information security risks. 

This year the negative trend of deepfakes usage was detected as well. The significant increase of deepfakes and stolen Personally Identifiable Information usage for applying to numerous remote work positions was reported.  During the interviews, the potential applicants spoofed some specific attributes (for instance, voice). Fraud cases with deepfakes usage took place too. One of the most common technique is to impersonate company’s CEO to illicitly get money. 

One of the most critical type of information security incidents is connected with data leaks. Recently, this negative and dangerous trend received new impetus. The amount of data leaked grows permanently. The result of such incidents is the exposure of large troves of data, in many cases really sensitive and confidential. Besides, personal, confidential and sensitive data leaks are among main prerequisites for growth of phishing attacks amount. What’s more, the exposed sensitive data helps intruders to perform sophisticated and efficient cyber-attacks. 

Find out how to protect data and prevent leakages.

It is crucial to implement the complex approach to information security. Information security and IT departments are taking the lead in sustainably implementing technologies and controls, such as email filtering and web security, endpoint detection and response, amplification techniques for remote access protocol (RDP), and privileged access management (PAM). It is also required to implement protective measures against internal threats – for instance, DLP systems and DCAP tools help enterprises and organizations to protect efficiently against internal threats. Probably the easiest thing to do in terms of enhancing an organization’s security is to permanently educate staff members in the information security related issues. Besides it is not very complicated to do, increasing user’s computer literacy is one of the most important and basic aspect of efficient organization’s protection.