Attacks on cryptocurrency exchanges will only intensify

The material was created in cooperation with Orange Polska

Cybercrimes are the dark side, but also the daily bread of the Internet. In 2021, the number of social engineering attacks against telecom network users in Poland increased again, according to the latest edition of the CERT report Orange Polska, a unit tasked with monitoring and combating such threats. What awaits us in 2022?

money and identity

Criminals are often profit-driven, so the majority of attacks are aimed at saving. This year, CERT Orange Polska experts expect, among other things, continued attacks on cryptocurrency exchanges and the theft of wallets with these currencies. – The number of attacks on cryptocurrency exchanges is constantly growing due to the easy and anonymous transfer of funds. Unlike, for example, a bank and traditional money, cryptocurrencies are much harder to track. In combination with the mismanagement of the available funds necessary for the operation of the exchange (keeping too much of them in the so-called hot wallet), this makes it easy for an attacker to get rich, and recovering these funds can be extremely difficult – explains Robert Grabowski, head of CERT Orange Polska.

Moreover, adds Grabowski, over the last two or three years, the popularity of cryptocurrencies has also increased among the proverbial average users of the network. – Therefore, data-stealing malware is enriched with identification and password-stealing functions to access Bitcoin wallets. Such theft is more attractive to criminals because it bypasses one step of a burglary: adequate protection of stolen funds – CERT manager Orange Polska describes the way burglars think.

A major target of attacks this year. according to CERT experts, it will be a question of intercepting the electronic “ego” of the company’s employees. A person’s electronic identity consists of their access identifiers and passwords, incl. to email, Facebook, or corporate resources, including internal systems and infrastructure. The ultimate goal is one: to get “inside” the company. – Emails are targeted as potential fraud medium. An attack of this type against commercial, government and non-profit organizations can lead to massive data loss, security breaches and the compromise of financial assets. Small and medium-sized businesses are as much the target of email scams as big market players, says our interviewee. – The method to counter this phenomenon is the monitoring of events, the implementation of automatic notifications of irregularities and incidents detected, but also the use of two-factor authentication by the user himself – advises- he.

They pretend to teach

One of the most cost-effective ways to prevent cyberattacks is through security awareness training. – For individual users, CERT Orange Polska experts organize free training and webinars in the field of their online protection. We also publish information about current threats and protection methods on an ongoing basis on our website cert.orange.pl. Companies can also benefit from the knowledge of our experts for a fee, for example by purchasing simulated phishing attacks agreed between employees. Such exercises help strengthen the organization’s resilience to threats, says Robert Grabowski.

Hackers also learn. – Cybercriminals are improving their tools and techniques. However, this does not mean that there are dramatic year-over-year differences in the level of complexity and sophistication of phishing attacks, especially visually, presented to the user. This is due to the fact that the process of entering “cybercrime” is becoming simpler, which means that more and more hackers from the group of so-called script-kiddies, that is, low-skilled people , limited to running off-the-shelf modules and scripts for system exploration – says Grabowski.

Telecommunications operators exchange knowledge and improve technical tools to combat cyber threats. Orange Polska has implemented RPKI technology – Resource Public Key Infrastructure. It is an additional layer of security in the backbone network, providing protection against interception or “hijacking” of traffic.

Artificial intelligence (AI) is useful in the fight against cybercriminals. For example, the CyberTarcza, equipped with AI, protects users of the Orange Polska network from most threats. Thanks to AI, the efficiency of this solution increases. In 2019, CyberTarcza detected and blocked approximately 11.5 million phishing events, and in 2021 over 335 million, protecting 4.5 million users. In the first quarter of this year. CyberTarcza has already protected 2.25 million people against potential money theft.

Self-promotion


A unique opportunity

Annual access to content rp.pl half price

BUY NOW


The material was created in cooperation with Orange Polska

Leave a Comment