If you’re reading this article, chances are that you accessed it from your phone. That wouldn’t be unusual: in 2020, around 68% of website visits came from mobile devices, a 5% increase from the previous year. This situation is just a simple, everyday example of how fast digital transformation is happening. A phenomenon that started more than 30 years ago is only recently becoming more easily observable and widely analysed.

Digitisation is also about people

The social distancing rules imposed as a result of the pandemic have accelerated, if not forced, the digitisation process even further. Working from home, the use of social platforms and new applications, equipment or infrastructure services have highlighted our need for technological solutions. In turn, companies have focused on automation solutions and upgrading with new capabilities. The number of digital users has grown.ore and more data has moved to digital environments – and here we refer specifically to the transfer of data to cloud solutions.

But digitisation is not just about systems and infrastructures. Digitisation is also about people. They are the ones who use them and who need to be aware of both the benefits they can enjoy and the risks they are exposed to. Lack of digital experience unfortunately leaves the door open to cybercrime. It only takes a simple internet connection to become a potential target for an attacker. Thus, the human factor is the primary cause of security breaches.

Cyber attacks in Romania

Compared to other European countries, Romania has a much harder time adapting to technological processes. There is also still a tendency to think that cyber-attacks only target reputable individuals or large, global companies. Thus, there are too few prevention, detection or response measures taken against such incidents. According to a recent study, Romania ranks last in Europe in terms of cyber security.

In recent years, various business sectors have been targeted by cyber attacks. Probably the most broadcast have been ransomware attacks on healthcare institutions across the country. With ransomware, the cybercriminal encrypts data on a network and demands huge sums of money as ransom from the victim to have their data unblocked. The most recent is the case of the Witting Hospital, which in July 2021 fell victim to an attack with the ransomware application known as Phobos. This program has also been used in similar attacks that took place in 2019 on four hospitals. Even though we are talking about a ransomware application with a medium level of complexity, the Phobos attack was successful due to the lack of antivirus solutions. This series of attacks has thus highlighted the low level of cybersecurity within the healthcare system and the need to implement security measures and policies.

A few months later, the Faculty of Electronics of the University POLITEHNICA of Bucharest was targeted by cyber attackers. They extracted lists and some personal user data from the platform that provides the interface between students and the secretariat. Representatives of the faculty said they have faced numerous attacks over the years. This is the first one that was successful, as the targeted platform used an older interface function.

The banking sector is also a popular target for attacks, especially phishing attacks. With these, attackers use the image of a legitimate institution to gain (via email, SMS, social media or even phone calls) access to customers’ personal data and subsequently to their financial resources. A recent example is provided by ING Bank. In this case, the attackers sent SMS messages that appeared legitimate to the bank’s customers. However, they asked for personal data to be updated via SMS, an unusual practice for ING. Phishing attacks are also very common on marketplace platforms such as OLX or Publi24, where communication is mainly via email or direct messages.

Unfortunately, these are just a few examples. The real number of cyber attacks in Romania is much higher. In 2021, CyberInt identified over 16,000 attacks with the most popular ransomware application alone – Locky. Also, in 2020, working from home has favoured the perpetuation of phishing attacks. As a recent study by Orange Romania shows, these totalled 32% of all monitored attacks. According to the same study, most cyber threats (29%) were critical. At the same time, Bucharest, Iasi and Timisoara are the most targeted cities by cyber criminals. Last but not least, Orange’s series of real-time reports consistently show at least 100,000 security incidents in the last 7 days monitored.

 Awareness – a vital step in stopping cyber attacks

The above-mentioned examples show very clearly that cyber attacks can be launched against public and private institutions or even individuals and companies alike. Therefore, prevention in this area is not only the responsibility of internal IT teams or specialised teams, but also our own responsibility as digital users.

In order to best fulfil this responsibility, various organisations in the public environment have launched or support awareness campaigns. For example, October is European Cyber Security Month, an annual campaign coordinated by the European Union Agency for Cyber Security (ENISA). This year, it addresses, among both citizens and organisations, security issues related to the digitisation of everyday life, which has been accelerated by the COVID-19 pandemic. Another campaign is SiguranțaOnline, launched by the Romanian Police, the National Cyber Security Directorate (DNSC) and the Romanian Association of Banks (ARB) to inform citizens to protect themselves against online fraud.

Cybersecurity education – a must-have for companies

Any massive change in society, such as digital transformation, especially when it is generated by a crisis like the pandemic, favours the activity of cyber criminals. In such situations, they will take advantage of any vulnerability, including users’ lack of knowledge and training.

We mentioned earlier that the work-from-home phenomenon of late has meant that phishing attacks in particular, and cyber risks in general, have increased. Now more than ever, organisations’ infrastructure is exposed to threats because the perimeter of activity has expanded. But just as the human factor is the main cause of security breaches, it may also be the best line of defence in the incident response strategy any company should develop.

To achieve this goal, every company’s human resource should be trained on multiple levels to create a strong cybersecurity culture. In other words, every employee should:

  • understand what the real impact of a cyber-attack on the company might be and what damage it can actually cause;
  • accept that they themselves play an important role in any cyber criminal’s plan of attack and that they are responsible for any consequences that occur as a result of an attack;
  • know the rules for using the infrastructures, systems, platforms and devices provided by the company;
  • become familiar at a theoretical level with the different types of cyber attacks that can occur;
  • know how to identify and report a potential attack to qualified personnel.

To ensure results, cybersecurity awareness must be supported by constant communication between the employee and the company. This can include internal information campaigns on cyber news. However, they will only be effective if they are supported by regular training sessions, starting from fundamental to more advanced or up-to-date topics. It is also useful that any theoretical concepts learned are put into practice through regular testing of employees.

And to ensure long-term results, all these activities should be seen as core and mandatory throughout the employment period, not optional. Just as occupational health is carried out annually, the company should also ensure that there is a cyber security hygiene in place, checked regularly.

There are various platforms offering access to courses and practical resources alike that companies can use in these sessions. One such platform, for example, is PhishEnterprise. It focuses mainly on educating employees to identify phishing attacks – which are the most common. In addition to theoretical resources that explain various basic concepts about phishing and other social engineering tactics, the platform can also be used for hands-on exercises that simulate such tactics to give employees a real-life experience.

The role that each of us inadvertently plays in cybercrime strategies is extremely important. It is not enough to simply rely on the latest and most powerful systems or tools that could guarantee our data security online. It is our duty as digital users to be aware of the risks we are exposed to on a daily basis by simply connecting to the internet. And our awareness is the result of a continuous process of education, started with the sole purpose of developing a proper and healthy cyber security culture.

About the author:

This article is authored by the BIT Sentinel team