That’s why the European Union launched a campaign named Cybersecurity Month (ECSM). ECSM promotes cybersecurity among EU citizens and organizations and provides up-to-date online security information through awareness-raising and sharing of good practices.
What is Cybersecurity?
According to ISO/IEC 27032, Cybersecurity is the process of protecting privacy, integrity, and accessibility of data information in Cyberspace.
Indeed, cyber-attacks are an increasingly sophisticated and evolving danger to an organization’s sensitive data. In other words, attackers employ new methods powered by social engineering and artificial intelligence to circumvent traditional data security controls.
European CyberSecurity Month (ECSM)
The European Cybersecurity Month (ECSM) is the European Union’s annual campaign dedicated to promoting cybersecurity among EU citizens and organizations and providing up-to-date online security information through awareness-raising and sharing good practices.
The ECSM campaign is coordinated by the European Union Agency for Cybersecurity (ENISA) and the European Commission and supported by the EU Member States and hundreds of partners from Europe and beyond.
Enisa has developed a website about European Cybersecurity Month that provides information, guidelines, and tools about cybersecurity. We find all the material very useful, and we prompt you to visit it.
Why Cybersecurity is so important?
Cybersecurity is important because it protects all categories of data from theft and damage. More specifically:
- Sensitive data
- Personally identifiable information (PII)
- Personal information,
- Intellectual property data
- Governmental and industry information systems
Without a cybersecurity program, an organization cannot defend itself against data breach campaigns, making it an irresistible target for cybercriminals.
Common Threats
The most common cyber security threats are the following:
[icon name=”circle” prefix=”fas”] Malware
Short for “malicious software”, Malware is intrusive software, with a design to damage and destroy computers and computer systems. In addition, common malware examples includes viruses, worms, Trojan viruses. Also, it includes spyware, adware, and ransomware.
[icon name=”circle” prefix=”fas”] Ransomware
The type of malicious software that infects a computer and restricts users’ access to it until a ransom is paid to unlock it. Ransomware variants have been observed for several years and often attempt to extort money from victims by displaying an on-screen alert. Typically, these alerts state that the user’s systems have been locked or that the user’s files have been encrypted. Users are told that unless a ransom is paid, access will not be restored. To enumerate, the ransom they demand from individuals varies greatly. For instance, it is frequently $200–$400 dollars and must be paid in virtual currency, like Bitcoin.
[icon name=”circle” prefix=”fas”] Password Attack
A password attack refers to any of the various methods used to maliciously authenticate into password-protected accounts. Typically these attacks are facilitated through the use of software that expedites cracking or guessing passwords. In particular, most common attacking methods include brute forcing and dictionary attacks. Moreover it includes password spraying, and credential stuffing.
[icon name=”circle” prefix=”fas”] Denial -of- service (DoS) Attacks
This reffers to a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet. To explain, this is typically accomplished by flooding the targeted machine or resource with superfluous requests. So that in an attempt to overload systems and prevent some or all legitimate requests to fulfill.
For instance, in a distributed denial-of-service attack (DDoS attack), the incoming traffic flooding the victim originates from many different sources. Effectively, this makes it impossible to stop the attack simply by blocking a single source.
[icon name=”circle” prefix=”fas”] Phishing Attacks
The practice of sending fraudulent communications that appear to come from a reputable source is called a Phising Attack. Usually, it is done through email. Specifically, the goal is to steal sensitive data like credit card and login information, or to install malware on the victim’s machine. In brief, it is a common type of cyber attack. For this reason, everyone should learn about in order to protect themselves.
[icon name=”circle” prefix=”fas”] Man-in-the-middle Attack
A Man-in-the-middle, in cryptography and computer security, is a cyberattack where the attacker secretly relays and possibly alters the communications between two parties. In particular, these parties believe that they are directly communicating with each other, as the attacker has inserted themselves between the two parties.
One example of a MITM attack is active eavesdropping.
In this case firstly the attacker makes independent connections with the victims. Secondly he relays messages between them to make them believe they are talking directly to each other over a private connection. In fact, the entire conversation is controlled by the attacker.
The attacker must be able to intercept all relevant messages passing between the two victims and inject new ones. In fact, this is straightforward in many circumstances. For example, an attacker within the reception range of an unencrypted Wi-Fi access point could insert themselves as a man-in-the-middle.
As 2021 progressed through its second quarter and into the third, cybercriminals introduced new—and updated—threats and tactics in campaigns targeting prominent sectors.
Campaigns of Ransomware maintained their prevalence while evolving their business models. Furthermore, they extract valuable data and millions in ransoms from enterprises big and small.
In the second quarter of 2021 topped ransomware attacks were the following:
Many ransomware crews have portals in which they announce the victims they have breached and samples of data they have gathered to force the victims to pay the ransom. Consequently, if they don’t pay, their data will leak, and in some cases, sold. In detail, leak sites are showcases of failed negotiations and do not reflect the full extent of attacks executed by the ransomware crews. However, it insights into reported sectors and geo’s are interesting data to observe.
The most common attack patterns or techniques used by ransomware families in the second quarter of 2021 are the following:
- Data Encrypted for Impact
- File and Directory Discovery
- Obfuscated Files or Information
- Process Injection
- Deobfuscate/Decode Files or Information
- Process Discovery
- Inhibit System Recovery
- PowerShell
- System Information Discovery
- Modify Registry
The most common cloud threats in the second quarter of 2021 are the following:
- Excessive Usage From Anomalous Location
- Insider Data Exfiltration
- Privilege Access Misuse
- High Risk Data Exfiltration
- Privilege Access Exfiltration
- Land Expand Exfiltration
- Suspicious Superhuman
- Data Exfiltration by Privileged User
While, the most-reported cloud incidents in the second quarter of 2021 are the following sectors:
- Financial Services
- Healthcare
- Manufacturing
- Retail
- Professional Services
- Travel & Hospitality
- Software & Internet 8. Technology
- Computers & Electronics
- Non-Profit Organization
The Cyber First Aid Map
The Cyber First Aid Map is a tool map that provides valuable guidelines and advice for every European Country. It showcases the local authorities someone should address in case of a cyber-attack.
Visitors choose to browse on the tool map with their mouse and select a European Country. There are helpful guidelines and advice about local authorities and how you should address them in case of a cyber-attack for each country.
You can access the Cyber First Aid Map from here or click on the following image.
Now, let’s answer some questions
Which techniques should I follow to protect my Organization?
Some of the most important techniques to protect your organization are the following:
- Select Strong Passwords
- Use 2FA or MFA
- Use Antivirus in your System
- Avoid Suspicious Texts and Mails
- Secure your Wi-Fi
- Use Encryption and Firewalls
- Keep your Mobile devices under your sight
Which are the benefits of cybersecurity?
- Business protection against cyberattacks and data breaches.
- Prevention of unauthorized user access.
- Business continuity.
- Improved trust for partners, customers, stakeholders and employees.
- Regulatory compliance.
- Protection for data and networks.
- Prevention of unauthorized user access.
How f society helps your organization to be safe and protected?
- Consulting Services in ISO 27001:2013 and ISO 27701:2019
- Implementation of Information Security Management Systems (ISMS)
- Implementation of Implementation of Privacy Information Management System (PIMS)
- GDPR Compliance
- Vulnerability Assessments and Penetration Tests
- Education and awareness of your Organization’s staff
Sources:
- https://cybersecuritymonth.eu/
- https://www.mcafee.com/enterprise/en-us/lp/threats-reports/oct-2021.html
- https://www.enisa.europa.eu/