Cyber criminal is knocking on your door?

Televisions, portals and experts warn all of us against various types of cyber threats. The topic is media attractive and often discussed. However, in the sheer volume of information, these warnings are relegated to the background as relating to other people and not ourselves. We assume that, because we are careful, no one will steal our access data and empty our bank account. Anyway, in order to make their offer more attractive, banks offer various types of insurance that provide reimbursement of lost money in the event of unauthorized withdrawals from the account.

However, there are threats not only to individuals but also to larger communities. In recent months, we have dealt with our clients several times with attacks consisting in encrypting data belonging to the enterprise. The criminal undertook to decrypt the data after paying the ransom. In this case, the threat concerned the entire company / organization.

Attacks that will affect entire communities, cities or entire countries are also possible. Will we be able to function without electricity, without telephone services, without tap water? A case of the virus Stuxnet showed that even installations completely separated from the Internet can be attacked. In the case of Stuxnet, there was physical damage to the nuclear material equipment. Could certain devices, for example in a power plant, also be destroyed?

Why would anyone attack power plants, water networks, telecommunications companies, transport companies? There can be many reasons: for ransom, as an act of aggression by another state, as an act of terror. I invite you to read the an interesting article on cyber threats in the Polish energy sector on the portal defence24.pl.

Reading assures us that the Polish State has institutions responsible for our security (including cybersecurity). It is worth mentioning here the Internal Security Agency to which tasks include the fight against cyberterrorism. As part of the ABW structures, the Governmental Computer Incident Response Team was established - CERT.GOV.PL monitoring and correlating on an ongoing basis (system ARAKIS-GOV) cyber threats in the area of public administration and civil space.

Despite the security we have and the activities of institutions established for our protection, we should not feel completely safe. Firstly, the attack protection systems are to a certain extent reactive, secondly, the process of implementing modern security measures is costly and lengthy, and therefore does not keep up with known threats, and thirdly, new threats appear every day, with more and more qualified development teams ( e.g. REGIN).

The conclusion of our considerations is to start from your own backyard: o) because many known attacks are long-term multi-stage actions that start not in the attacked institution but with taking control over the computers of subcontractors, cooperators or employees.

Therefore, let's choose good anti-virus and anti-spam solutions, firewalls, IPS / IDS systems or SIEM class systems that are appropriate for our budgets. Let's perform periodic security audits and penetration testing in our IT systems and, above all, let's implement security policy. And we train our employees because they (as always) are the weakest link in our security systems.