Cybersecurity has been one of the priorities for companies of any size and sector for a few years, and 2019 will be no different.
Why is my company's cybersecurity threatened?
If you're responsible for a company, you've probably wondered more than once why cybercriminals would look at your company and attack their systems. Well, the answer is simple, and with it you will clearly understand the modus operandi of these criminal groups: cybercriminals are not going to select your company because of turnover, assets or confidential information, but because their attacks are automated and massively directed to “all” companies that work with a certain versions of Windows or Linux. In short, your company is not in the eye of the hurricane because it is an objective in itself but because of how easy it is to be attacked.
Taking advantage of the European Data Protection Regulation
Once overcome the initial doubts, the next immediate question is: if I am attacked, how do I have to act in relation to the European Regulation on the Protection of Data? From the past May 25th, 2018, the entry into force of the Regulation imposes on companies the obligation of notification of security violations within a maximum period of 72 hours, from the moment it is aware of the breach, the result for example, of a massive attack. This is of the utmost importance, since the failure to communicate and the effects of the attack can result in a large amount of administrative fines for the company.
Mass attacks and data hijacking
We will therefore be facing a scenario in which cybercriminals will be launching massive attacks, encrypting information and exploiting vulnerabilities, with the aim of hijacking databases. It is at this point that cybercriminals will contact the company to ask for a ransom which, as seen in previous attacks, will be half what is imposed by the Regulation, i.e. between 5 million EUR and 1% of annual turnover. Their modus operandi is extortion in which cybercriminals take advantage of the explicit limits indicated by the Regulation.
In 2019 this type of attacks will be the years protagonists. They are ransomware attacks, which blackmail companies demanding an economic bailout in exchange for avoiding notification of the incident, and consequently, the fine and deterioration of the company's image.
Therefore, don't forget that cybercriminals are there and you have to take whatever action you think is appropriate to stop them. Having a technology partner like Altia guarantees you to be able to solve these types of threats, since it has extensive experience in providing the solution to a problem that involves the inclusion of information systems,and components equipped with artificial intelligence.
Jose Luís Muñoz de Morales Silva, expert in Cybersecurity