The geopolitical context helped drive the growth trend in cyberattacks that had already been seen since the beginning of the pandemic. With the war in Ukraine, this pace accelerated, with Portugal being one of the countries in Europe with the highest annual growth, in the order of 30%, according to data from the Portuguese National Center for Cybersecurity. Throughout 2022, the country recorded 25 serious incidents, and ransomware was the type of attack that grew the most, having doubled in this period.
In addition to volume, cyberattacks are also faster in execution, more sophisticated, and are no longer just targeted at specific sectors. Any company can be the target of an attack, regardless of its business area or size, although there is a tendency for threats perpetrated by organized groups that choose telecommunications companies or IT services, which can be a gateway for others, its partners, and with systems linked to those of the main target.
State attack groups (hacking as a service, hiring attack groups to destroy government organizations and critics of nations), activists, economic cyberspace (information exfiltration to monetize the attack by selling information, and encryption for ransom) are also increasingly frequent.
The methods used have evolved, becoming increasingly complex, but continuing to take advantage of the most common loopholes. That is, the compromise can be via email, directly to the control of devices, even if they are not used to access resources, applications, business information; or via identity with data acquired on the Dark Web or in a phishing action, or social engineering.
People continue to be the 'weakest link' in the attack chain, being responsible for 61% of violations, a number of incidents that could be reduced through greater commitment by companies to training their employees, preparing them to identify the most sophisticated threats.
According to Microsoft data, 98% of attacks are due to the lack of hygiene in organizations, which includes the human factor, but also practices such as the weak adoption of “Zero Trust” measures, namely the lack of implementation of double factor solutions. authentication, the lack of advanced anti-malware solutions, the reduced frequency of updating critical systems and solutions, or the deficit in the definition and implementation of strategies in the area of information protection.
These practices contribute to the increase in business costs in the event of a cyberattack, and explain the record value of 4,35 million dollars verified, globally, in 2022, according to the Ponemon Institute report, 'Cost of a Data Breach'.
Detect fast, respond fast.
To reduce the costs of a cyberattack, prevention will always be the best medicine. However, no company can be permanently ahead in this 'cat and mouse' race. It is, therefore, essential that you have the appropriate tools for a quick identification of threats and to ensure the reduction of response time, preventing the expansion of the attack.
The classic protection of the network perimeter is no longer enough, so new approaches are needed that protect the entire value chain of the organization, allowing a real-time and efficient view of what is happening. The Microsoft Security solution is an example of this, through integrated management enhanced with artificial intelligence and machine learning, which analyzes and correlates 73 trillion signals a day, from different devices, applications, platforms and endpoints, synthesizing them
in incidents that contain the entire history of the attack.
Additionally, Microsoft's solution allows to guarantee the total protection of attack vectors, through rapid support teams for incidents and recovery of compromised environments, access to security analysts, and to specialists focused on enabling customers to reach higher levels of maturity.
