Is Portugal more exposed to cyberattack risks? Five experts respond – Internet
After a very complicated start to the year, a wave of cybernetics that hit large companies in Portugal, which had many results in their operations and irreparable losses, can increase the level indicated as a month in which the attack could return to. The idea that this threat circulates, at a health level, was not confirmed by the experts contacted by SAPO TEK, who technically admit the high threats to critical sectors, especially health, but without identifying an influence on health.
“There is no concrete data that can corroborate this theory. In fact, we are witnessing an exponential growth in cyberattacks. Whether there will be an aggravation from the middle of this month, we are not sure how to predict”, he explains. Rui DuroNational Manager of Check Point Software Technologies. The idea is shared by the National Cybersecurity Center (CNCS), Hugo Nunes from S21sec, Daniel Creus from Kaspersky Labs, Luís Lobo e Silva from Focus2Comply.
All indicators and studies show that cyber studies are growing, with more or less specialized threats, and a significant weight of ransomware that has been one of those responsible for business deals, as shown by several reports and studies.
THE National Cybersecurity Center warns that “the possibility of cyberattacks should be a constant concern on the part of entities”. The entity that is responsible for promoting national cybersecurity and promoting the use of cyberspace in a free, reliable and secure way also refers that “as it has been possible to control since the beginning of 2022, no one is immune to these attacks and prevention and preparedness is increasingly important so that a cybersecurity incident does not have extreme consequences”.
What is certain is that even without targeted threats or threats not defined in time, it means that they are not risks. These are global but also Current waves or specific issues, such as in the wake of Russia’s attack on Ukrainethat started with a cyberwar, and the possibility of attacks on critical infrastructure.
Hugo NunesCyber Threat Intelligence Team Leader at S21sec in Portugal argues that the greater intensity of attacks is a trend that is not new to the technique but that in recent times has become more transparent to the general population. The expert who claims that with the start of Russia’s war against Russia “we are also witnessing an increase in attacks on European strategic sectors and cyberattacks are expected to increase in the coming times”. Even so, he recalls that these threats circulate worldwide, and despite being transversal to all stores, there will be more problems in critical sectors, such as the Energy, Logistics, Transport and Telecommunications sectors.
On the same line, Luis Lobo e Silvamanaging partner of Focus2Comply recalls that there are countries, such as Austria, preparing for a potential power grid blackout.
“Out of place? Will not be! If we consider that everything works with electricity, if it has a generalized failure in all sectors, it could be at stake, and whoever talks about the electricity grid, talks about water supply services”, underlines Luís Lobo e Silva.
The concept of recurrence must also be considered. “We know that they are sometimes more cyclical, or that they are especially relevant in the cybercrime environment.that trigger coin toss actions with these advances,” Daniel CreusLead Security Researcher of the Global Research and Analysis Team (GReAT) at Kasperksy Labs.
Concerns that serve to raise awareness
The National Cybersecurity Center also does not welcome the idea of a special alert for the month of May and believes that there was an effect in this regard, with a perception of what, in many entities, did not yet exist. “This moment serves to increase the levels of awareness and prevention capacity of the entities”, replied to SAPO TEK.
How can organizations prepare to be prepared and enough to face threats? Daniel Creus states that “the first step is to assume that, as a company, being attacked. As such, we should have implemented a clear response and recovery plan.” For before Kaspersky Labs, prioritize comprehensive security and ingress prevention measures that protect at the level of endpoints, devices, and everything possible.
The key word is proactivity, as highlighted by Rui Duro. “The concept of proactivity applied to security in companies means having cyber security solutions that protect all potential access points”, he justifies.
“There are a number of safe measures to protect as organizations. These have to do essentially with 3 temes vectors: people; Processes and Technology. Raising awareness of people, implementing cybersecurity processes and relying on technology solutions that guarantee protection throughout the corporate environment is the most that should guide companies”, argues Rui Duro
Luís Lobo e Silva believes that there are a few more issues that are not being addressed. “It is currently noted that theOrganizations are willing to be components of techniques and models of little more than Cybersecurity Government, something that is essential for any organization”, he says. “Risk management systems, with effective risk management capability, with an effective management capability of technical vulnerabilities and management capability according to your organization of management decisions and controls that are implemented to minimize risk management impact models potentials.
The CNCS also points a set of companies to companies that can be consulted in the your site.
Is Portugal more exposed?
Portugal is not a special target and the wave of cyberattacks that have emerged in recent months is part of a global exposure. “From information currently, a wave of targeted attacks in Portugal since the beginning of 20222 and that claim to have come directly to public knowledge and not related to specific attacks to our infrastructure or specific IT devices”, Hugo Nunes, Team Leader Cyber Threat Intelligence at S21sec in Portugal.
“It is rather a generalized and global increase in attacks, increasingly advanced, that exploit all existing vulnerabilities in organizations”, says Hugo Nunes.
The idea is highlighted by all K specialists contacted by SAPO TE, starting with the National Cybersecurity Center. “Big attacks nowadays are an automatic part of automatic or semi-automatic attacks or that sometimes cause attackers to ignore the type of entity they are targetingthere are few results that attack, it is the outstanding results, reputational or outstanding, the center of the attack’s highlight”,
Ransomware, Cryptocurrency Platforms and Threats in 2022
The idea is that if we look at the methods known and explored by the main ones, the whole connected that the risk is on the side, as long as you are in a networkand that there is no more effective method and that all must be followed to minimize risk in organizations.
In March, 13% of Portuguese companies were impacted by Emotet malware and Rui Duro argues that the threats we face in 2022 do not differ much from what we have seen so far, with an increase in ransomware. “In the same sense, we have many attacks that are seen through taking advantage of vulnerabilities presented in platforms, whether through social engineering tactics that deceive people to obtain access data or intercept transactions”, he highlights.
“All cyberattacks always have a technological aspect and a purely social and opportunistic one, using simple processes.”, says Rui Duro.
The professionalization of cybercrime is one of Hugo Nunes’ warnings. “We believe there will be an increase in ransomware-a-service (RaaS) such as the BlackCat, LockBit, and eti groupswhere cryptocurrencies are available to all third-party devices, to also target emerging vulnerabilities such as IoT and 5G, and cryptocurrencies and blockchain ecosystems.
“At S21sec we believe that creating and maintaining networks of trust between companies, customers, partners, telecom operators and official entities are fundamental for the future of resilience in cybersecurity”, he indicates.
As many of the incidents are related to compromised accounts, or ransomware, the CNCS pays attention to the correct execution of backups, as well as remembering that it is the multi-factor authentication for access to the exposed services. “Phishing and various forms of online fraud, which take advantage of the human factor, are also threats to be taken into account, which must be made aware of for training and fighting people”, adds the CNCS.