Of money
All articles
2021 - A record year in cyber attacks
Are Siberian Attacks the New Terror?
Criminal attacks are taking place all over the world, but Israel is also exposed to security breaches by hostile elements.
2021 is a record year for cyber attacks.
The bad news: The attacks are expected to expand in 2022 as well. The good news: There is something to be done
Tags
Cyber
Shmulik Yehezkel, CYE
Monday, 06 December 2021, 18:30 Updated: 18:46
Share on Facebook
Share on WhatsApp
Share on general
Share on general
Share on Twitter
Share on Email
0 comments
Cyber attacks on Israeli businesses and government bodies in 2021 reached an all-time high. What began back in 2020 with cyber attacks on water systems in Israel and event Shirbit - considered at the end of 2020 one of the attacks the most difficult in the history of the country - continues to events even more severe, such as the events of the hospital Hillel Yaffe and a Community.
These attacks against websites "civilian" joined in the attacks In the face of critical infrastructure such as the IEC, the attackers attack targets indiscriminately, the presence of an Israeli website on the Internet is a sufficient reason for the attack, and all the targets - and means - are legitimate.
Israel has been a target of cyber attacks - especially by attackers from hostile countries, such as Iran - for many years, but most of these attacks were on "legitimate" targets whether in infrastructure, military sites, government, banks and more.
The attack on the Atref website - the dating site for the proud population - crossed a line that had not been crossed before, when a state assault factor actually revealed information that could infringe on a citizen's privacy at the individual level.
This incident caused fear and panic among many who chose to maintain their privacy, and were in fact threatened by an assailant acting on behalf of an enemy state (Iran). The era of "cyber terrorism".
The future is already here
The smart test that detects an increased risk of having a stroke
To the full article
Hillel Yaffe Hospital, the most famous victim of a recent cyber attack on an Israeli target (Photo: Courtesy of those photographed, Hillel Yaffe Medical Center)
Not only security, but also criminal
In parallel with the events we experienced in Israel, in 2021 we observed an increase of hundreds of percent in sexual extortion events - sextortion - assaults on individuals for extortion purposes, events that often cause fear and panic among many in the world.
These too are symptoms of the age of cyber terrorism, with enemies and rivals identifying the attack as an invasion of the citizen's privacy and a legitimate tool to achieve various purposes, whether it be money, causing panic, and more.
In light of the increase in these extortion incidents (mainly sexual extortion), our assessment is that this is a very successful trend on the part of assailants.
In addition, we recognize the beginning of the era of "boutique attacks on VIP destinations", for example business VIP destinations as a target for extortion, including sites / accounts of celebrities, politicians, and others.
After a year full of success - especially in the field of cyber terrorism - we estimate that these attacks will continue and even expand.
As is well known in the cyber world successes are copied (yet we are not in high school) so these attacks will increase significantly.
And with regard to attacks related to Iranian aggressors, it is estimated that the effort to harm the resilience and sense of security of the Israeli citizen will increase.
In addition to attacks on civilian targets, the attacks will continue in the "supply chain".
Everyone is probably familiar with the Solarwinds event, which took place in early 2020, in which the attackers (apparently a Russian group known as 29 APT) changed the source code developed in the company, and the attack effect rolled up to thousands of the company's customers.
This is called cyber supply chain attack.
Shmulik Yehezkel, Director of the Operational Cyber Division at CYE (Photo: PR)
What they understood in CYE
During 2021, the supply chain attack expanded dramatically, as reported almost simultaneously by Microsoft and 29 APT. However, other attackers continue to operate vigorously around the world to locate large companies and carry out attacks.
Research companies (including CYE) have understood That state-of-the-art attackers such as 29 APTs will work to locate companies called hub companies - large companies that can be used to reach additional destinations. Control of a large company, and possibly a large number of victims.Even here, unfortunately, we are forced to predict that the trend will continue and even intensify significantly.
In light of all that we saw in 2021 and the outlook for 2022, I recommend that every organization continuously maintain processes for identifying cyber threats on the organization (RISK ASSESSMENT), regularly receive relevant cyber intelligence updates (CTI), continuously maintain a cyber protection routine, perform proactively Activities to "raise walls" protect the organizational infrastructure as well as the VIPs of each organization and organization, perform exercises continuously and test the readiness of the organization, and God forbid when an event occurs to enlist the help of appropriate and professional intervention teams.
In addition, companies should use advanced tools, such as AI systems that enable the identification of cyber threats that are expected to occur in the organization, assess its level of readiness in the face of the threat, and at the same time present the expected effect on the organization's business activities. These systems have been tested and proven to be effective in companies from all sectors in the face of heresy threats and other threats.
The weighting of a low level of organizational readiness alongside the threats of heresy and a sense of success on the part of the attackers - all at a very "low cost" for them led to the fact that heresy events were the main events in 2021 and are expected to expand.
The author, Shmulik Yehezkel, is the director of the operational cyber division at CYE
More about cyber attacks and their protection, tomorrow live from the "Summit of Business" conference
More about the cyber attacks and the defense against them, tomorrow at the "Business Summit" conference of the Jerusalem Post, Maariv and Walla!
The conference will be hosted by Gil Schweid, founder and CEO of Check Point and will summarize the year 2021 in the cyber industry.
Live broadcast of the conference on the Walla! Website, Tuesday, starting at 9:00 AM
Share on Facebook
Share on WhatsApp
Share on general
Share on general
Share on Twitter
Share on Email
0 comments
