Lights and Technology
05 April 2022

Eight out of Ten Ransomware Attacks Occur by Human Error

In the increasingly digital world, companies must start from the premise that they will be attacked one day and develop a culture of cyber defense.

How will cybercrime evolve this year?

With businesses increasingly digitized, there is a growing increase in computer attacks, accentuated from March 2020 and, in Portugal, in a more mediatic way, in recent weeks. Several reports identify this exponential increase and indicate that the number of attacks and cyber threats will not decrease.

What is the foreseeable impact on companies in the financial sector?

All companies, regardless of their sector of activity, must be prepared. Organizations must develop a cyber defense culture with the premise that they will be attacked one day. Starting with the CEO and ending with the employees who guarantee operations daily, the focus should be on cooperative work between the organization, employees, manufacturers of cybersecurity solutions, and IT consultants specialized in this type of service. It's necessary to guarantee the security capabilities of the technology that are holistic concerning the specificity of the IT architectures, which allow minimizing the risk and mitigating the impact of a cyberattack.

What types of attacks are evolving the most, and why are the ideal conditions for these particular attacks in place?

The most frequent attacks are machine-to-machine (M2M), silent, highly personalized, sophisticated attacks, website cloning, or phishing scams. The most common are:

  • Fake emails or fake messages. Use of apparently real messages and images to persuade the user to take specific actions. If the user does not realize that it is a phishing email, they may click on a fraudulent link or change their account password.
  • Attacks on cloud data. Currently, more and more data is stored in the cloud, which increases the possibility of cybercrime. The modus operandi is similar to the one mentioned in the previous example, often with sending fake emails.
  • Phishing by ransomware. In this type of phishing, the user also receives a malicious link. However, instead of being directed to a fake website, that link installs malware on the computer. The attack's intent is not only the theft of information but also the virtual hijacking of the computer itself or a "silent" entry into an organization's network. Allowing it, from then on, to remain incognito on that same network, stealing gigantic amounts of data, or taking control over other platforms, systems, for example.

How can companies in the financial sector involve their employees in data security?

Some steps help companies and their employees to reduce risk. Organizations can and should carry out phishing simulations and raise awareness among their employees. This type of initiative and test allows not only to assess employees' level of preparation and attention to possible attacks but also for everyone to prepare themselves in the best possible way to deal with real threats.


Does it make sense that this awareness goes through training actions?

Yes, for sure. Expel's annual report concludes that most ransomware attacks in 2021 are self-installing. Researchers have identified that eight out of ten ransomware attacks occur by human error after victims have opened a file with malicious code. Therefore, it's essential that all organizations, regardless of their size or sector of activity, are increasingly attentive and, above all, prepared for an eventual attack. Employees are an essential part of this process.

Do you believe that cybersecurity has to become a cross-cutting issue across all company departments?

The topic of cybersecurity is one of the significant challenges facing organizations, regardless of their profile, sector of activity, or size. Cybersecurity is a problem that affects us all, both at a corporate level and personally. It's essential to analyze the risks to which we are exposed and define roadmaps that allow them to be mitigated. Cybersecurity is no longer just a topic for IT departments. It's central and should be on any CEO's agenda.

What advice do you have for companies to create a safe ecosystem?

They must focus on security architecture through a holistic approach that includes "smart" technological capabilities, including standards, guidelines, processes, and practices that guarantee mechanisms to safeguard information and access security and privacy policies. In this context, artificial intelligence is a strong ally in the service of cybersecurity and an essential investment today.


Published (in Portuguese) at Risco