Martti Kebbinau: Cybersecurity awareness still poor in Estonia
Understanding cyber hygiene must reach a broader population, which in turn will enhance corporate cybersecurity, writes Martti Kebbinau.
In the second quarter of 2024, Telia's security filters prevented over 700 million cyberattacks aimed at disrupting business operations. This figure is not an anomaly, as the total number of attacks in the first quarter reached 729 million. While this number may seem utopian, it reflects a reality that businesses must face. Meanwhile, many still believe that cybercrime is a temporary issue that will eventually subside.
Cyberattacks can be compared to someone trying to break into your home through doors and windows multiple times a day to steal all your belongings. The difference is that instead of burglars, criminals are in cyberspace, trying to access unguarded virtual doors and windows to steal valuable data or disrupt business operations, using increasingly sophisticated technology.
Despite this, people are more willing to protect their homes with security systems and expensive locks, while businesses often neglect similar precautions. Business data is more valuable than household items, and theft can lead to reputational damage or, in the worst case, having to close shop.
Everyone remembers the recent data breaches at Apotheka, where 10,000 people's sensitive health data was stolen, the genetic testing company Asper Biogene or the Finnish psychotherapy center Vaastamo, which went bankrupt due to ransomware attacks and data leaks.
Although news about cyber incidents is almost daily, local businesses are not quick to learn from them. Why? One reason is that proper cybersecurity is not free, and in times of economic downturn, finding funds for it is challenging. Additionally, many believe their sector is not of interest to cybercriminals and there is no risk of attack.
This belief can be immediately refuted. According to Telia's Turvanet report, in the last quarter, cybercriminals primarily targeted the manufacturing industry (over 137 million attacks), wholesale and retail trade (over 127 million), hospitality and catering companies (over 90 million) and real estate-related businesses and organizations (over 48 million). These sectors were in the spotlight, but this does not mean that other sectors were untouched.
The main problem is poor understanding of cybersecurity. Non-IT people simply do not comprehend the nature of malicious bots, which attacked Telia's business clients over 3.5 million times in the past quarter, phishing pages, which were blocked over 467 million times, and DDoS attacks, which increased by over 70 percent compared to the first quarter and have the most significant impact. People do not know to fear things they don't comprehend.
Therefore, it is more than welcome that the Ministry of Economic Affairs, together with the Information System Authority, has for the first time included the need to develop cybersecurity skills in all age groups in the national cybersecurity strategy. It is clear that understanding cyber hygiene must reach a broader population, which in turn will enhance corporate cybersecurity.
Studies show that employee user accounts are often security holes through which criminals can access company databases. Having more competent specialists is also essential, as they would always be a step ahead of hackers and could train people to recognize potential security risks.
Most attacks recently come from Western countries: the USA (over 189 million), Poland (over 180 million) and Canada (over 93 million). Meanwhile, the security filter blocked "only" about 871,000 attacks from Russia.
The number of attacks from countries like India, China and Africa has significantly increased. Naturally, it is not to be assumed that our allies, such as the Americans, are actually hackers. Since the internet is global, there are more infected devices and server parks in Western countries, through which hackers of any nationality can operate.
Therefore, although we are on the periphery of Europe, cyberattacks do not leave us untouched, and unfortunately, there is no sign that this is a passing phenomenon. On the contrary, cyberattacks are becoming an increasingly common form of burglary that attracts criminals with easy profits. Just as we managed to overcome the rampant burglaries of the 1990s by making our homes safer, it is now time to protect our assets with a proper virtual security system instead of a robust lock.
--
Follow ERR News on Facebook and Twitter and never miss an update!
Editor: Marcus Turovski