aleBank.pl – Economic portal – Closest to finance

The scale increases, but so does the effectiveness of online threat protection. CyberTarcza, which protects users of Orange’s mobile and fixed network against them, protected 4.5 million people against the loss of data and money in 2021, according to the new edition of the CERT Orange Polska report. The scale of cybercrime is growing rapidly, since already in the first quarter of 2022 the number of Orange network customers protected against the effects of attacks reached 2.25 million. – Solutions based on machine learning and artificial intelligence help combat cyber threats. Consistent internet user education is also crucial, says Piotr Jaworski, Orange Polska board member for networks and technology.

Source: Newseria Biznes

The scale increases, but so does the effectiveness of online threat protection. CyberTarcza, which protects users of Orange’s mobile and fixed network against them, protected 4.5 million people against the loss of data and money in 2021, according to the new edition of the CERT Orange Polska report. The scale of cybercrime is growing rapidly, since already in the first quarter of 2022 the number of Orange network customers protected against the effects of attacks reached 2.25 million. – Solutions based on machine learning and artificial intelligence help combat cyber threats. Consistent internet user education is also crucial, says Piotr Jaworski, Orange Polska board member for networks and technology.

– Last year was marked by phishing and malware installed on customer devices. This trend has been visible for several years, according to the agency Newseria Biznes Piotr Jaworskimember of the Management Board of Orange Polska in charge of the network and technologies.

Cybercriminals not only use gaps in infrastructure or software vulnerabilities to attack, but also gaps in employee training

– Already in 2018 we noticed that the share of phishing attacks in general increased from a few percent to more than 20 percent, and in 2019 it was already 40 percent. and has remained at this level until now.

Phishing is currently one of the biggest cyberthreats aimed at the individual user, although companies can also fall prey to cybercriminals if a negligent and inattentive employee can be tricked – adds the expert.

The dynamic development of new forms of phishing

The new edition of the CERT Orange Polska report shows that phishing remains the most common type of malicious attack. Responsible for nearly 40 percent. all threats detected in the operator’s network. However, cybercriminals continue to perfect phishing techniques by extorting login credentials and money in various ways.

They text links to websites that look like bank or courier company websites under the pretense of extra payment for shipping or energy bill, create fake shops, lotteries or encourage investments on non-existent cryptocurrency exchanges.

In recent months, phishing has increasingly been accompanied by the installation of malware

They also often target users of classifieds sites and sales platforms, posing as buyers and providing them with links to fake sites for the alleged receipt of money.

“Phishing generally consists of extorting the identity and identifiers of the victim”, explains Piotr Jaworski. – We need to be aware of what data loss means, for example, your bank account login details allow you to clear the account. In other words, a victim who was deceived can lose all the funds accumulated in his bank account – warns the expert.

Read also: Bank Security Forum 2022, armed conflict and hybrid warfare versus banking sector security

Phishing and malware

The growing scale of the threat is reflected in the hundreds of millions of phishing events blocked by the CERT Orange Polska team in 2021. In total, in 2021 CyberTarcza, which protects users of Orange’s mobile and fixed network Internet Threats, stopped more than 335 million phishing incidents related to, among other things, phishing login credentials for bank accounts or social profiles. In this way, he protected 4.5 million people.

This is a huge increase, as in 2020 the number of blocked incidents hovered around 40 million and CyberTarcza protected 3.5 million users from losing data and money.

As the expert points out, this year’s statistics may be higher, because in the first quarter of 2022 the number of customers of the Orange network, whose operator protected them from threats, reached 2.25 million.

– So many people have not lost their money, their devices have not been hijacked by cyber criminals so they can spread their practice. This proves that we are more and more efficient, but on the other hand, unfortunately, it also reflects the scale of the phenomenon we are facing – says Piotr Jaworski.

Cybersecurity specialists have also observed that in recent months phishing has increasingly been accompanied by the installation of malicious software.

– After installing such software victim not only shares their data but also their device becomes a tool for the cyber criminal to continue operating. For example, he can use them to infect other users, explains the Orange Polska board member responsible for network and technology.

Cyber ​​Shield, which protects users of Orange’s mobile and fixed networks against online threats, has stopped more than 335 million phishing incidents

Statistics show that malware was the second most common online threat in 2021, accounting for almost 18%. all incidents recorded by CERT Orange Polska.

Malware – Flubot steals smartphone contacts

In addition, last year a new type of malware appeared – Flubot – which steals contacts from the address books of infected smartphones.

Subsequently, these stolen numbers were used to send mass SMS messages pretending to be voicemails, for example, and trick victims into installing malicious apps. Phones infected in this way were then used to spread more malware.

– The extent of this practice can be confirmed by the numbers, because last year we recorded up to one million such SMS per day – says Piotr Jaworski.

Also read: In the first quarter of 2022, attempts were made to steal someone else’s documents “only” PLN 52 million

DDoS attacks and identity theft

However, the threats don’t stop there, as last year a similar percentage (17%) were also DDoS attacks. They also remain one of the biggest threats to businesses.

You can expect more DDoS attacks (…) on the banking sector, as well as attacks on cryptocurrency exchanges and the theft of cryptocurrency wallets.

There are also new elements related, among others, with the Internet of Things. Cybercriminals not only use gaps in infrastructure or software vulnerabilities to attack, but also gaps in employee training.

According to CERT Orange Polska, this year – apart from phishing scams – we can expect more DDoS attacks with a large volume, incl. on the banking sector, as well as attacks on cryptocurrency exchanges and the theft of cryptocurrency wallets.

– It is also worth mentioning electronic identity theft, which is extremely important because many criminals steal a company employee’s data – their IDs, passwords, tokens, etc. – then impersonates him, gaining access to company resources. These are the incidents that will dominate in 2022 – says the expert.

Cybersecurity through AI and ML

The fight against cyber threats relies on solutions based on machine learning and artificial intelligence, which make it possible to predict and prevent many security breaches in the network in advance.

Without automation, artificial intelligence and machine learning, we couldn’t do much

The technologies also significantly shorten the response time, by around 40%. Phishing domains cease to be active within minutes of the first victim’s visit. This is why the future lies in automated tools and artificial intelligence, at the service of cybersecurity experts.

– Let’s be clear: without automation, artificial intelligence and machine learning, we couldn’t do much. We use these tools to extend the algorithms we use to “power” our Cyber ​​Shield. This is our proprietary solution that primarily detects threats and protects our customers – says Piotr Jaworski.

The operator has also implemented RPKI technology in its network, i.e. “cryptographic signature for IP resources”, which additionally secures the backbone network. This makes it difficult for your internet traffic to be hijacked.

Cooperation of cybercrime teams

The Orange Polska CERT – specialized team in the fight against cybercrime – has been present in Poland for 25 years, cooperating closely, among others, with NASK and CERT of other institutions, as well as with international organizations.

– Beyond the awareness and education of Internet users, which is never too much, it is cooperation that is key in the world of cybersecurity.

International trade is also very important to us. This allows in many cases to prevent events that have happened in other countries of the world and which, with a high probability, could also happen in Poland – says Piotr Jaworski.

Newseria Biznes logo

Leave a Comment