Increasingly sophisticated, targeted and pervasive attacks, which often go completely unnoticed or take a long time to detect, and which generally remain financially motivated. This is the internet threat, according to him latest report published this Tuesday by Cybersecurity Agency of the European Union (ENISA), which warns of a deterioration in the situation as a result of the outbreak of the covid19 pandemic and an increase in practices such as’phishing‘, cyberbullying and fake virtual stores.
The socioeconomic crisis caused by the coronavirus has forced companies, administrations and educational systems, among others, to adapt and establish teleworking and distance study regimes. A transformation full of opportunities but also of risks that have led IT specialists to adapt the lines of defense to minimize exposure to a variety of attacks when workers and students connect to servers from home or from smart devices such as phones and tablets.
The report confirms, in any case, the existence of “malicious actors & rdquor; with a level of capacity that allows them to adapt quickly as corroborated by the increase in certain forms of cybercrime. For example, during the pandemic the number of online shopping websites and from merchants who sell fraudulently online. “From copycats of popular brand websites to fraudulent services that never deliver merchandise, the coronavirus has revealed weaknesses in the trust model used in online purchases, & rdquor ;, warn European experts.
Attacks by state actors
The European agency has also identified an increase in the number of incidents of cyberbullying and sextortion as well as attacks aimed at collecting high-value data – such as intellectual property or state secrets – sponsored and meticulously executed by state sponsored actors, Although without accusing any country in particular, such as China, whom the European authorities came to target last June in relation to cyberattacks against European hospitals. A trend, in any case, that according to the report will continue especially in areas such as internet of houses (5G), la natural gas industry and the manufacturing industry.
Another problem identified in the report is the increase in the number of victims who are impersonates identity using the covid19 crisis as an argument. “COVID-19-themed attacks include messages containing malicious attachments and messages containing malicious links that redirect users to & rdquor; download ‘malware’ sites, warns ENISA.
The most common attacks continue to occur through ‘malware’ infections in the form of viruses, malicious code, worms and other programs that seek to harm the user. According to the report, last year the European agency detected 400,000 malicious software programs installed on mobile devices, 71% of organizations experienced some type of activity of this type spread from one employee to another while 46.5% of all the malware in the emails were ‘.docx’ documents. In addition, ENISA detected a 50% increase in malicious software designed to steal personal data while 67% was distributed through encrypted HTTPS connections.