Last news in Fakti

Hristian Daskalov to FAKTI: Over 1/3 of corporate attacks against businesses come from Russia

I recommend everyone to install and regularly update anti-virus and anti-phishing software on their mobile device, he says

Jan 17, 2025 13:23 105

Hristian Daskalov to FAKTI: Over 1/3 of corporate attacks against businesses come from Russia  - 1

Continued…

- There is a war going on in Ukraine on the front line, but the cyber war with Russia is no less serious. How has it developed in recent years?
- Our digital innovation hub “Trakia“ is part of a pan-European network of another 150 such hubs, and recently we have at least 5 partner centers located in Ukraine. We all work with the support of the "Digital Europe" program, thanks to which we have the opportunity to both provide free services in protecting businesses in the respective countries, and to exchange with each other the development of the activities of enemy countries. Because any attack directed against Ukrainian infrastructure or users can instantly spill over into the global Internet and affect the interests of Bulgaria and Bulgarian citizens and companies. The example of the "NotPetya" virus from 2017 is indicative - malicious software, explicitly written in neighboring Russia to hit Ukrainian information systems, resulted in billions in damage worldwide. That is why, with colleagues from the Institute of Information and Communication Technologies at the Bulgarian Academy of Sciences and with funding from the MIR's Research, Innovation and Digitalization for Intelligent Transformation program, we are working on innovative solutions related to protection from ransomware attacks such as “NotPetya“, in which our data is encrypted and a ransom is sought, the payment of which does not guarantee decryption. Over 1/3 of corporate attacks against businesses are just such and a large part of them come from the Russian Federation. No one is insured. In fact, cyber insurance is offered in Bulgaria and we can insure ourselves in the literal sense of the word, but here we must open another topic - that of financial literacy, in addition to digital. On the topic of cybersecurity and insurance, ECIH Trakia will organize a large forum at the end of January and we will be able to comment more after it passes.

- Billions of fake emails flood our email inboxes every day. What do the “criminals“ want from us“…
- Spam in our emails is undoubtedly the most annoying and high-risk, because it is through email phishing that breaches in the security of our personal data are made and our systems and devices are infected with ransomware, spyware and other types of malware that do not lead to anything good. In fact, phishing - misleading messages, often with emotionally charged content, that provoke us to provide access to our personal data, install malware or be tricked in another way, represents less than 3% of the number of spam messages. Despite this relatively small percentage, this amounts to between 2.5 and 5 billion phishing messages per day (based on the total number of emails), not including the number of fraud attempts via social media messages, SMS and other channels.

Preparing and executing a phishing attack against an unlimited number of attackers or against a strictly profiled victim can take less than 60 seconds,

thanks to publicly available tools, even those without overexposed artificial intelligence. The discussion should be about "playing defensively" - what basic hygiene do we apply in order not to become a victim of social engineers. Both ordinary citizens and most companies are unprepared. For example, only a fifth of companies worldwide have adequate protection against spoofing attacks, although 85% of companies have been attacked by phishing in the previous 12 months. This means that anyone can impersonate them – to send an email from a malicious server, which email would look as if it was sent from the server of a specific company, on behalf of a given ministry, bank, etc. In combination with a deep-fake phone call (so-called vishing), it would become extremely difficult for the victim to distinguish a legitimate case from an attack scenario.

- Do people know how to protect their electronic communication?
- The short answer is – No. At the initiative of the Union for Economic Initiative, who are the coordinators of our digital hub, we conducted a survey that is nationally representative of the current attitudes of Bulgarian citizens towards cybersecurity. Here are a few examples from there. The data shows that less than 10% actively use two-factor authentication as a means of protecting their accounts. This is not enough, however. We also need to do a certain amount of intelligence and counter-intelligence work on a regular basis.

If we have made the mistake of reusing the same password in two or more places, after a data leak from one system, our accounts in another may be vulnerable.

Since the criminal on the other side will try to log in with the broken password in all other places where we could potentially have a registration. That is why, in addition to unique passwords, we should use tools such as “Have I Been Pwned“ to check which of our accounts and when they were compromised. This will inform us whether we need to take additional measures to “cut off our tail” on the Internet by changing our password, email, or even phone number. Statistics show that in 90% of data leaks, social engineering techniques are applied for subsequent exploitation of the acquired sensitive information.

This is how identity theft happens.

Mentioning thefts, we must also call for more attention in e-commerce. Regularly check your balances and do not keep excessive amounts in accounts with active electronic banking or cards to them. Activate notifications for payments, even minimal ones. Use disposable virtual cards for online payments and avoid shopping beyond traditional sources of online purchases, even at the cost of the occasional missed "mega offer" from dubious .shop domains, characterized by extremely high levels of fraud.

- Are mobile phones… less protected than our computers?
- It is not the manufacturers of the equipment, but us – the users, who protect them less during their use. I recommend that everyone install and regularly update anti-virus and anti-phishing software on their mobile device, because it often comes without one. Over 2/3 of successful phishing attacks occur after clicks via a smartphone and there is a reason for this – it is more inconvenient for the user to check through the smartphone screen than through the laptop what Internet address is hidden behind certain text or a button like “Click here“ or “Activate this“. That is why it is important to install appropriate applications that reduce the risk by blocking malicious traffic, even if we “take the bait“. However, even when working on a mobile phone, we can use free tools such as VirusTotal to quickly check where the active links we are offered to follow lead us, and thus reduce the risk of ending up in the wrong place.

There is nothing better than waiting at least 30 seconds before clicking anything,

to neutralize the attempt of initial psychological suggestion to action by social engineers - be they marketers, politicians or ordinary criminals. In general, as with manipulative content on social networks, email scams exploit a sense of urgency, curiosity, the fear of “not getting through”. Recognizing who and under what circumstances inspires these feelings in us will give us the best defense. Or as Sun Tzu said over 2,000 years ago, if you know the enemy and know yourself, you need not fear even a thousand battles.