“There have already been eight computer attacks” this year, major attacks in Portugal. In two, “everything was destroyed”
There are cyberattacks every day (or even every hour) but this year there have already been eight major attacks in Portugal. With different consequences. “The difference in the consequences was in who prepared and who did not prepare. And it’s a huge difference.”
Portugal has already been the target of eight major cyberattacks this year, revealed António Gameiro Marques. In two of them, “all the information was destroyed. All!” But the differences in the consequences of the companies are not really as to whether or not they may have been prepared beforehand for larger intrusions. And there, the difference for companies is revealed almost between their life or their death.
The data from the director general of the GNS/National Cybersecurity Center, an entity that starts its major annual conference today in Estoril, was advanced about a week ago at the XVIII Reinsurance Meeting, organized by the Portuguese Association of Insurers. According to António Marques, which was not based on any of the attacks, although the State can assume that many of them were eight of them already reported, two were already reported by a private company.
“Total destruction
So-called “ransomware” (ransom-demand attacks) is the “leading threat” in the world in terms of cyberattacks, says today minutes before Martin Kreuzer, senior risk manager at Munich Re. In these cases of money, access the data in exchange for intruders, offering them to release them or change payment in cash. But these are not the only cases.
“In two of the cases this year” in Portugal, revealed António Gamer Marques, the intruders destroyed all the information. There are even cases of destruction of backup copies (“backups”) and in which the data “is lost forever”. And if the information is strategic for companies (invoicing data, customers, suppliers, etc.), this can throw the company into the quagmire.
“It’s not a question of knowing if you’re going to be attacked, but of knowing when you’re going to be attacked,” said Jorge Portugal, from Cotec, on the occasion.
Even those who invest are attacked
It’s not just companies that don’t prepare that are attacked. “Eight major attacks per year, two were made for large strategic companies and two were major investments” in cybersecurity, Gameiro Marques also detailed. There are no impregnable organizations. But there is a big difference between those who prepare and those who do not.
The difference in these eight big attacks is in the solutions, which were “different differences, in the companies that had and plans in case of an attack. Companies that had prevention and reaction plans “managed to clearly form” the effects of the attacks. Because they were quick to act and even communicate.
“In one of the attacks, an organization with millions of customers acted quickly, resumed activities quickly and was very effective in communicating with its customers, including through its CEO”, said António Gameiro Marques. The good example was not named, but it is possible to assume that it was Vodafone, which was the target of an attack earlier this year, resumed services in a few days and communicated to the community at a press conference led by its president, Mário Vaz . Other media cases of attacks this year were the Sonae Group, Impresa, the Germano de Sousa Laboratories, the Municipal Services of Urban Transport of Coimbra and the Garcia de Orta Hospital.
The National Cybersecurity Center has been working with companies and good practices, including free online training courses “that anyone can take to train themselves to be more resilient when using digital devices to consume information”, says António Game Marques. The National Cybersecurity Center is organized from today, and for three days, the C-Days 2022, which takes place at the Estoril Congress Center. This year’s meeting has as its theme, precisely, “Betting on Prevention”.