.
The frequency and scope of threats and cyberattacks is increasing in Portugal and worldwide. Every day we find news in the media about cyberattacks on government institutions and large private companies. In addition, the effects of cyberattacks are increasingly harmful, due to their increasing technical sophistication, which makes it more difficult for companies and states to defend themselves.
This is a trend that will continue as long as the criminal groups responsible for these cyberattacks continue to make large profits with minimal risk to themselves – as the motivation for cyberattacks is generally economic – and as long as the international community does not act against governments that not only protect but also encourage these types of cyberattacks.
In this sense, Cipher presents some key points that summarize the seriousness and relevance of this type of crime in Portugal:
- According to data from the National Cybersecurity Center, cyberattacks increased by 26% in 2021, compared to 2020. The victims of cyberattacks are mainly related to the commerce and services sector, as well as banking and financial institutions and institutions such as public administrations. In the last year, there has also been an increase in attacks on critical infrastructure, which affects the general population and its essential services.
- According to the National Cybersecurity Center, during 2021, actions that use social engineering, such as phishing (via email), smishing (SMS) and vishing (phone), stood out as particularly relevant cyber threats. as well as ransomware threats, online scams and scams.
- In relation to phishing campaigns, very common in our country, users and organizations are advised to be aware of emails from unreliable recipients, and to refrain from providing personally identifiable information (PII) or downloading files to from unreliable sources.
- Regarding ransomware or data diversion threats, it is expected that they will continue to increase in the remaining months of the year and in 2023, so it is recommended to exercise a series of practices that will help prevent this type of crime. For example, implementing regular backups; install operating system, software, and firmware updates and patches as they are released; scan domain controllers, servers, workstations and directories for new or unrecognized user accounts; not granting administrator privileges to all users or disabling unused remote access (RDP) ports; and monitor remote access logs for unusual activities.
- In this context, part of the solution is to define priorities and carry out a risk analysis. To this end, it is recommended to define a medium and long-term investment plan, as well as a communication plan for crisis situations.
Cipher is the company that brings together Prosegur’s activities in the field of cybersecurity and has operations in Europe, the USA and Latin America. The company has 3 cybersecurity centers (SOC/CERTs) from which it provides services 24 hours a day, 7 days a week, 365 days a year.
Other interesting articles:
.
