PL
DE
UK
In the age of the Internet, which can be accessed everywhere and on almost every device, the threat of cyber attacks continues to grow. Each year there are more and more attacks, and cybercriminals are phishing for more and more data, as well as stealing more and more money in both traditional and digital currencies. The attacks affect not only companies and state institutions, but also individual Internet users. Thus, everyone is exposed to attacks. What was the situation with attacks in 2022, and what steps is the EU taking to combat cybercrime?
Huge increase in attacks in 2022
The statistics show a huge increase in the number of cyber attacks in 2020. Even already the statistics in 2021 were higher than in previous years. This is a result of the pandemic outbreak and the massive shift of businesses to remote work. People, working from home, operate data and store it on their own computers or smartphones, not always using adequate protection, which simply makes attacks easier. In 2022, the war in Ukraine is also not insignificant. Particularly at the beginning of the war, we had to deal with the spread of massive disinformation, resulting, for example, in huge queues at gas stations or ATMs.
Based on Check Point data from June 2022, the average company was attacked about 938 times a week! This is thought-provoking and frightening. On the other hand, the FBI’s department that analyzes reports of cyber security breaches received twice as many notifications in 2021 as in 2019, so it can be assumed that there were many more such notifications again in 2022. It is worth noting that the reported incidents involved an average loss of about $8,000. Allot, on the other hand, which is one of the world’s leaders in the field of cyber security, registered (and, of course, blocked) as many as more than 2.3 billion attacks on Internet users at the beginning of 2022, and this is an increase of as much as 618% compared to the beginning of 2021.
Who can become a cybercriminal?
Unfortunately, everyone. The huge increase in attacks, especially small ones, is also due to the fact that it is very easy to become a cybercriminal. There is a widespread myth that one needs to have skills, know programming, hacking, etc. Even criminals who previously conducted their business traditionally are already moving into the digital world. Today, technology is no longer an obstacle and even any smartphone user can become a cybercriminal. An additional magnet for cybercriminals is the rapid development of the cryptocurrency market and the possibility of obliterating digital footprints behind them. This is what attracts even people who previously had no connection at all with the IT industry and computers. In addition, modern criminals do not flaunt their criminal successes. They prefer to hide and not arouse interest, while keeping an eye on changing trends and looking for new ways to launch their attacks. Cybercriminals are very quick to adapt to changing conditions, as demonstrated, for example, by the pandemic. There was a very large increase in phishing and phishing attacks, and these attacks did not require any specialized knowledge at all.
Most popular attack methods in 2022
The most common attacks in the first quarter of 2022 were attempts to infect phones and computers with Trojans, as well as adware. This accounted for more than 90% of all actions taken by cybercriminals. At the top of the list of methods are computer Trojans, or Trojan horses, a specific type of virus capable of capturing data. The Trojan impersonates applications, files, programs and is downloaded by the user along with them, after which it can bring serious damage. Trojan attacks accounted for as much as 62% of the total in the first quarter of 2022.
In addition, a large increase in the number of banking trojans has been observed over the past quarter. Such trojans are malware designed to obtain information from a user’s electronic banking, such as login credentials, PINs or authorization codes. In addition, there has also been a record of attacks using bitcoin trojans. They were popular in 2017, and then their popularity declined, only to suddenly rise again now, and dramatically. The number of blocked bitcoin Trojan attacks has increased by as much as 600%. Most importantly, this does not only apply to software that, once installed on a computer, uses the user’s resources to mine cryptocurrencies. Worst of all, cybercriminals have an entire arsenal of Trojans, which, interestingly, cyber-security experts described as having been successfully eliminated. Allot analysts point to the three most dangerous types of Trojans still wreaking havoc on unsuspecting device and Internet users. These are:
- Coper – is a banking trojan. Coper impersonates the official app of the financial institution Bancolombia. It uses very similar iconography and branding. Once launched, Coper infects the device, and after the user grants the application permissions, it takes control of messages, installs a keylogger and can do even more damage.
- Beating Bian – first located in 2019, but not many attacks carried out with its help were recorded afterwards. This changed at the end of 2021, as this Trojan again became one of the most popular among cybercriminals. It is difficult to detect because there is no communication with the server, and it collects credentials by recording the device’s screen. Criminals download the recording at their convenience.
- Emotet – the world’s most dangerous Trojan according to EUROPOL. It can even lock a computer or smartphone to then demand a ransom to unlock it. It was reportedly due to be eradicated in 2021, but it looks like there has been a resurgence of attacks using it.
Phishing: second only to Trojans
Phishing attacks increased by 37% in the first quarter of 2022. Such attacks were blocked as many as 64 million times, compared to 47 million a year earlier. Criminals are exploiting not only the potential of phishing, but also the high interest in cryptocurrencies. They create cryptocurrency exchange sites and infect devices with malware through them.
Adware – not just unwanted ads
Another popular method of cyber attacks in 2022 is adware. Actually, it has been popular for years, but for the beginning of 2022, as much as 36% of all blocked attacks were those using adware. What is adware? The very name suggests: something related to ads. It causes annoying ads to appear, but this is the least of the evils. Often it’s just a lure to get users to download other malware. However, attacks via omnatour.com, which automatically opens in a browser infected with a special virus and displays error messages that are fake, have declined somewhat. They have one goal – to get you to subscribe to the notifications. They later turn out to be ads for adult sites, gambling sites or fake program updates. Instead, the number of attacks with the help of Fybian adware, which attacks Android phones through games and displays unwanted ads, has increased.
EU action to fight cybercrime
Individual countries are taking action on their own, but of course the European Union has also joined the fight against cybercrime. EU directives cyber security strategy, cyber security act, cyber security certification program, special agency for cyber security are just some of the ways to take care of cyber security in EU countries. The European Cybercrime Center helps EU countries detect and prosecute cyber criminals, while EMPACT is an initiative by EU countries themselves to identify, prioritize and level international crime threats, with cyber attacks as a priority. In May 2022, the EU unveiled new rules to protect children online. Law enforcement agencies, meanwhile, were given access to e-evidence of crimes. In addition, the EU Cyber Defense Policy was adopted in November 2022 by the Commission and the EEAS, which is expected to enhance the EU’s cyber defense capabilities and strengthen coordination and cooperation between the military and civilian cyber communities. To combat cyber attacks, €16 billion is set aside for the coming years.
How do you protect yourself from attack?
First of all, you should have an antivirus program on every device and update it and your system regularly. Also, beware of suspicious links and sites. Set strong passwords everywhere and don’t use unknown WiFi networks. Also, don’t download any programs, apps, game music or video files from unknown sources. For businesses, a secure Internet connection and protection of the entire network is very important. All this will be provided by a good telecommunications provider, such as ITH. Secure hosting and domain, which is offered by KRU.PL, a company cooperating with ITH, will in turn take care of the security of the company’s website.