It appears from an overview by the Estonian Information System Authority (RIA) of the cyber space in the second quarter of the year incidents in recent months confirm that ransomware attackers have made their tactics more brutal as, in addition to encrypting data, it is also stolen and threatened to be disclosed.
Mart Hiietamm, head of the analysis and prevention department at RIA, said all authorities should realize that in the event of a ransomware attack, the data on their devices is not only encrypted but often stolen and disclosed.
Therefore, backing up data is not enough to combat ransomware attacks, RIA said.
"Important and sensitive data must always be backed up and encrypted, and care must be taken to ensure that backups are not on the same data carrier as the original data. The latest version of any software should definitely be used as well and staff should be trained so that they are aware of the dangers and can protect themselves from cyber attacks," Hiietamm said.
Due to the emergency situation created to prevent the spread of the COVID-19 pandemic, people were left to work and study at home, which meant that they urgently needed to create a new account on several platforms. According to RIA, experience has shown that not enough time is devoted to creating the passwords of new accounts, and passwords already in use elsewhere are used. However, this means that if a password is leaked through one environment, all other accounts with the same password are automatically compromised.
"However, we see large-scale data leaks constantly and everywhere, from airlines to children's virtual playrooms. It is probable that as a result of the data leak of the British airline Easyjet in May, the personal and banking information of several Estonian residents was also endangered. Although data theft is quite common, people's behavior in cyber space remains risky -- one of the main risks here is the re-use of passwords on different platforms," RIA said.
Editor: Helen Wright