noun_Email_707352 noun_917542_cc Map point Play Untitled Retweet Group 3 Fill 1

Five cyber threats you need to be aware of

Our Head of Cybersecurity, Sigrun Hansen Bock, gives you an overview of five of the most important cyber threats you need to know about.

Sigrun Hansen Bock / October 30, 2023

Even if the National and European Security Month is coming to an end, you need to continue to think about your security. Our Head of Cybersecurity gives you a quick run through of five cyber threats you always should have on your radar.

"Many have likely become more aware of the risk of hacking and data theft, but that doesn't mean the risk has decreased. On the contrary, it's more important than ever for both private and public entities to be aware of the digital threats they are facing and what can create a crisis if they are not prepared," says Sigrun Hansen Bock, Head of Cybersecurity at Tietoevry.

She recommends that the following five threats should be a part of your organization’s IT security readiness plan.

1. Ransomware

Ransomware does not only affect private individuals but also businesses and other organizations, explains Hansen Bock.

"Ransomware continues to be a lucrative cash cow for criminals. It can target both large and small entities, in both the public and private sector. While larger companies have generally become better at controlling, monitoring, and securing their business data backups, it is still essential to have an emergency plan that you do regular dry runs on so that you are fully prepared in case of an attack,

2. Supply Chain Attacks

One underestimated risk is supply chain attacks, which involve data breaches occurring through suppliers or partners.

"Smaller suppliers invest less in IT security and have fewer defenses, while larger companies have stronger defense mechanisms. However, most businesses rely on smaller suppliers. Therefore, it is crucial to remember that your security is not only dependent on your own security measures but also on those of the subcontractors you integrate with. Often, we see that a small software supplier introduces vulnerabilities," says Hansen Bock.

She emphasizes that IT security should also be a part of agreements and guidelines.

"Many businesses have ethical guidelines that they also impose on subcontractors. These guidelines should also include IT security. There is significant room for improvement in this regard, and it is important to remember that it's crucial to test the entire value chain, including partners." 

3. Phishing

"When we talk about phishing, it is all about how alert employees are when it comes to not falling for an email that lures them with a link or an attachment. Phishing threats still come through email, but new techniques based on artificial intelligence have increased the risk of more people being tricked into clicking on links they shouldn't or opening infected attachments," she says.

Whereas previously, criminals lured people with discounts or special offers if they clicked on a link before a given deadline, they have now moved on to impersonating the boss or a colleague who needs help approving something just before the weekend or a holiday.

"The latest trend is the manipulation of images or videos, making you even more likely to believe that the criminals are who they claim to be. It's essential to be aware of who the actual sender is," says Hansen Bock.

4. Information theft

Cybercriminals have also used artificial intelligence to impersonate people to a much larger extent than previously seen.

"Identity theft, where criminals steal your information, is on the rise. They can then use your information to deceive others into thinking that they are you, by, for example creating a fake video."

5. Espionage

"At the intergovernmental level, we see an increased risk globally due to the war in Europe. This makes crucial infrastructure that is managed digitally, such as water and sewage services, the electricity grid, and the internet very vulnerable.

In addition to the geopolitical situation, there is also an increased risk of espionage, says Hansen Bock.

"The very rapid technological development we are currently seeing, gives criminals conducting espionage online new tools. This is something we need to be mindful of".

The IT expert points out that it's important to allocate adequate budgets for cybersecurity.

"IT threats are not new, and while the awareness of this has certainly increased, it is still important to remember that this is not something that has 'gone away.' On the contrary, protecting your organization against data breaches is very important. I would therefore encourage all businesses to continue their good work on data security and make this a priority as they are now planning their budgets for next year".

Sigrun Hansen Bock
Head of Cybersecurity Services

Author

Sigrun Hansen Bock

Head of Cybersecurity Services

Share on Facebook Tweet Share on LinkedIn