Although companies of all sizes are increasingly confronted with cyber attacks, too few have a strategy for cybersecurity.
If 2020 was exceptional in terms of global health, 2021 will have been the year of the explosion of cyber attacks on companies of all sizes.
Since the start of the health crisis, cyber threats have increased by 400%.
A cyber security strategy is still too often lacking.
Humans themselves are the weakest link in cyber security.
Around the world, attackers are setting up four main vectors to attack an organisation's environment:
- identity theft
- phishing
- exploitation of vulnerabilities
- botnets.
Globally, ransomware increased by 13% to 25% of all compromise incidents, while the supply chain was involved in 62% of incidents.
Among the main targets of cyber attacks, security specialist CheckPoint lists:
- education and research
- government and military sites
- communications groups
- IT service providers
- healthcare
20% of IT managers have experienced a fraud attempt originating with a teleworker (with a sharp increase since the generalisation of teleworking).
2 in 3 companies have experienced a fraud attempt and 1 in 5 have experienced more than 5 attacks.
33% of companies that have experienced fraud have suffered a loss of more than €10,000.
82% of security breaches are caused by human error, with telecommuting, spam , information not deleted on old devices are the culprits.
94% of cyber attacks are triggered by an e-mail.
In Belgium the pandemic can be seen as a driver for cybercrime. Social engineering, spam a& phishing, and lost or stolen devices were among the top three cybersecurity incidents.
Among companies, 70% of the incidents were deliberate and related to the increase in homeworking during the pandemic.
Moreover, these companies often have only basic protection (such as antivirus software), but no anti-spyware or anti-spam software or a firewall.
Only 20% of companies are protected by a security professional, while 80% leave their IT security to their managers or have not appointed a manager.
On the other hand, the use of backup is increasing (+56% compared to 2020), indicating that SMEs are aware of the risks of a cyber-attack.
However, only 8% of companies have encrypted computer data, which makes confidential data and passwords vulnerable to hacker attacks.
Another concern is the distinction between private and professional life. For example, almost 60% of employees have already shared a password with an external person via the company's internal Wi-Fi, and more than 30% of companies do not delete data from devices that are being replaced.
Read more on cyberwar
-
Interview
Is Belgium ready for an attack with military cyber weapons?
War takes place not only on the battlefield, but also in cyberspace. The CCB is keeping a watchful eye on the situation in Belgium. -
Interview
What happens if a cyberwar breaks out?
Kristof Tuyteleers, CISO of DNS Belgium, explains what the possible consequences of cyberwar are and how citizens or companies can protect themselves. -
Interview
Cyberwarfare Convention
Adopted at a time when wars were 'traditional', do the Geneva Conventions need to be adapted to the new reality of cyberwarfare? -
Interview
Cooperation public and private sectors is essential
Europe, and Belgium in particular, are investing significant human, technological and financial resources to deploy their cyber security 2.0 strategy.