The Internet is already used by almost half of people in the world, in Poland it is almost 26 million users. On average, we spend about 6 hours a...
Every fourth cyber-attack concerns mobile devices. Fraudsters try to take control of payments and personal data
Cybercriminals attack Internet users on average several times per hour. Most often incidents involve extortion of money, confidential data or forcing a ransom in exchange for recovering encrypted data. Last year, every month, the security team of CERT Orange Polska identified nearly 150 thousand suspected incidents, about one thousand of which were serious security breaches. Last year, the percentage of threats to mobile devices also more than tripled, which already accounts for a quarter of all, according to the latest CERT Orange Polska report for 2017.
- Cyberspace has changed dramatically in recent years. More and more things are done online, using sensitive data, mobile or online payments. This has resulted in a growing interest among cybercriminals who want to use it for their own purposes. In Orange Polska we observe more and more such incidents in cyberspace, we have about 10 billion events per month to observe - says Newseria Biznes news agency Piotr Jaworski, executive director for networks and technologies in Orange Polska.
In 2017, the number of events recorded monthly by Orange Polska network monitoring systems exceeded 10 billion. That's over a billion more than the year before. Each month, there were almost 148 thousand anomalies, of which nearly one thousand were classified as serious security incidents requiring the intervention of specialists - according to the latest CERT Orange Polska report for 2017.
Most often they concerned the distribution of offensive and illegal content, including spam, the main carrier of malicious software. This is how phishing is most often carried out, the purpose of which is to scam sensitive data or money. It accounted for nearly half of all incidents. The second place was taken by attacks on resource availability, i.e. DDoS (19.5%), burglary attempts (14.7%). As experts have noticed, every year more and more risks concerning mobile devices emerge. In 2017, the CERT OPL security team recorded an increase in the share of mobile alerts to 25 percent. (against 7% growth in 2016).
- Cybercriminals see that more and more activity is taking place using mobile devices. This is a great opportunity for them to show off and take control of two basic processes: mobile payments and processing of our sensitive personal data. It is very easy to take control of an old smartphone in particular, where we have outdated operating systems installed - says Piotr Jaworski.
Phishing, a method of fraud where a cybercriminal impersonates another person or institution in order to steal confidential data, is still one of the most serious threats in cyberspace. Experts emphasize that a large percentage of Internet users can be fooled by increasingly sophisticated socio-technical games, especially as cybercriminals are constantly improving them.
Social networking sites also provide a great opportunity for cybercriminals. Due to their specifics focused on interpersonal contacts, Internet users are easily fooled by fraud and manipulation.
- When we use mobile devices, we very often frivolously welcome new friends, perform operations and share our data. In this way, we are putting not only ourselves but also our friends at risk in social media - warns Piotr Jaworski.
The Executive Director of Network and Technology at Orange Polska stresses that the first, basic pillar of network security is to update systems, use special applications and system patches.
- The second element is reason. We should not click on suspicious links or automatically open attachments that come in the mail. Every time we should think about what is coming to us - says Piotr Jaworski.
CERT OPL experts point out that for social networking sites it is worthwhile to take advantage of modifications to privacy settings, carefully accept invitations from new friends and protect location data. Users should also not click on suspicious posts or publish confidential, personal information such as their PESEL number, credit card photo, holiday plans or date of birth. It is also good to set a 12-character password containing numbers and special characters (and do not use the same password in all services).
- On smartphones, on the other hand, the most important thing is to use authorized stores, not to download free, suspicious applications that are not authorized by the operating system provider. The second thing is the ongoing update of the operating system of the smartphone, in particular Android, whose older versions are very vulnerable to hacking attacks. Make sure to have the latest version of the system at all times and do not click on any links or attachments - warns Piotr Jaworski.