Trendy Cyberattacks: what to do to avoid them?

Trendy Cyberattacks: what to do to avoid them?

Current Landscape

In the first half of this year, we have seen how the landscape has changed with cyberattacks on companies, as significant security incidents have been reported to companies in different sectors almost weekly. According to a report by Cybersecurity Ventures, in 2023, there was an attack every 39 seconds, amounting to more than 2,200 per day. In another study on this issue, the European Union estimated the global annual cost of cybercrime at over 5 trillion euros.

Various reports indicate that technology and service companies are the primary victims of cybercriminals, representing 32% of the attacks. Among these, companies in the communication sector stand out, including media and advertising firms as well as those dedicated to telecommunications services. Therefore, companies today face a cybersecurity threat landscape that is periodically updated, especially with the recent introduction of Artificial Intelligence, underscoring the need to adopt and implement adaptive cybersecurity strategies.

Trendy Cyberattacks

In recent months, we have observed that as new vulnerabilities, attack vectors, and malware variants emerge, the threats evolve. Among the threats that companies have most suffered in recent months of 2024 are:

• Ransomware: This type of malware prevents users from accessing their system or files and demands a ransom to recover and regain access to all their data. It can develop from the implementation of fake security programs, computer screen blockers, or those that encrypt data. In 2024, Europe detected 24% of the world’s ransomware attacks, with the communication sector being the most affected, experiencing a 177% increase in attacks.
• Supply Chain Attacks: A supply chain attack (also known as a third-party attack or value chain attack) occurs when a cybercriminal gains access to a company’s work network through its suppliers or supply chain. These attacks are often directed at the source code of an application, making them more challenging to detect.
• Multivector Attacks: These are sophisticated cyberattacks that use multiple methods to gain access to an organization’s systems. Multivector attacks often require more resources and sophistication than single-vector attacks but offer a higher probability of success.
• Use of AI in Cyberattacks: With the widespread deployment of AI in society, it has been observed that these tools are used as threat actors to streamline and enhance security attacks.

 Tips to Avoid Cyberattacks

With the increase in digitalization in companies, the risks have also risen, so many companies should review their cybersecurity measures and plans comprehensively and strategically. These measures could include: conducting robust backups of company data, encrypting systems, training employees on cybersecurity, increasing the training and updating of company resources around preventive measures, security protocols, greater investment in technological infrastructure, increasing security patches, implementing user authentication measures and achieved solutions, and even designing a cyber threat response plan to protect remote work environments and their digital resources, with all these being key points to consider.

Mainly, it is important for companies to update their cybersecurity measures and bear in mind that the more these cyberattacks advance, the more their defense techniques must advance, especially those related to the early detection and analysis of anomalies and new attack patterns, particularly in AI.

Therefore, in light of this new legal uncertainty, Letslaw is at your disposal to resolve any doubts that may arise, help you implement these measures and infrastructure, and review those you already have in place as cybersecurity lawyers.