Security IBM: Cyber ​​attacks have shifted from banks to industrial companies, phishing attacks on the rise

Cyber ​​attacks have increasingly shifted from banks to industrial companies, says US technology company IBM’s recent report on global cyber security trends.

Responsible for IBM’s X-Force security services in the Nordic countries Antti Pirinen According to the study, industry and industrial supply chains – even machines that run production directly – were hit hardest last year globally.

“Banks and insurance companies have traditionally been the most attacked because they have money and it is the job of professional criminals to make money,” Pirinen explains.

Banking Group On March 1, Nordea was hit by an exceptional and long-lasting denial-of-service attack that prevented many customers from logging in to the service. The perpetrator of the attack has not survived.

Read more: Financial Supervision Authority: Denial of service attack on Nordea was “exceptional and long-lasting”

Now the security and protection of banks and insurance companies has improved so much that criminals have changed targets.

“There are big machines in the industry that can’t be updated as agilely.”

Different downtime for production control systems or machines can also often be used to simply and quickly calculate the inconvenience and cost of machine downtime.

This makes it easy to calculate the opportunity cost for the tightener requirement.

An IBM report estimates that about 97 percent of hostile actors are crime, 2 percent are state actors, and one percent are online activists.

Last In the year, the Texas public fuel distribution company Colonial Pipelineen received the most publicity ransomware– ie a blackmail attack that disrupted the production chain and raised concerns about the availability of fuel for various critical functions.

The Colonial Pipeline tended to pay ransom to the criminals about five million dollars. U.S. officials said sincethat a ransom paid in bitcoins could be repaid for $ 2.3 million.

CEO of the company justified later in the U.S. Congress, the payment of ransom for the functioning of society and the saving of human lives.

In Finland According to Pirinen, no cyber attackers have been paid.

In 2020, an attack was carried out on the psychotherapy center Vastamo, demanding money from the company by threatening to reveal otherwise sensitive customer secrets.

However, the psychotherapy center refused to pay the blackmailer, who changed hands and began sending blackmail requests to individual clients, threatening them with disclosure of patient information.

“So the blackmailer made a mistake,” Pirinen said. “When the stolen data mass was made public dark on the webcommercialization went in there. ”

For years Europe has been hit hardest by the time, Pirinen says. Last year, however, Asia overtook Europe in terms of the number of attacks.

The attacks are aimed at finding various weaknesses in the system.

According to an IBM report, phishing scams were the most common means of launching attacks. According to research data, as many as three of the five attacks began with phishing.

Typical of these fishing companies was that the attackers reported that they were in the case of a major technology company such as Microsoft, Apple or Google.

“While phishing attacks are the most significant starting point for an attack, the vulnerabilities found in the systems are immediately second in the attackers’ arsenal,” says Pirinen.

“When it comes to attacks, I always emphasize to customers that the organization itself can’t judge if it’s an interesting target. An attacker determines whether or not you are a point of interest. ”

Often, cyber perpetrators look for vulnerable systems no matter where the devices are located.

“It’s full search shooting, where you can also hit Finland.”

IBM’s The report is based on information collected worldwide from the company’s ongoing security services alert data, analyzes of the unit specializing in threat data collection, reports from the Intrusion Detection Unit and the findings of the Vulnerability Detection Unit, Pirinen says.