(Then24.com).-He phishing It constitutes for long, the fastest growing cyberthreat in the country.
This was announced by specialists from the cybersecurity company Kaspersky who were in a series of activities in Costa Rica; the company estimates that the percentage of phishing amounts to 60% of all cyber attacks.
“In Costa Rica the phishing has had a growth of 60% by 2022This is consistent with what has happened in the region, which has had an overwhelming growth in the number of detections of phishing and what it tells us is that there is an intention of cybercriminals to collect information from userswhat they are most interested in is username and password and when they get it, we assume that they are going to gain access to our email and that there is nothing there.
But if my username and password is the same what do i use in my corporate files and social mediathey will not have access to the mail, but to all the digital resources and be able to join the organization for not having the good practice of having different passwords in each service,” said Eduardo Chavarro, Incident Response specialist of the Kaspersky Latin America Global Emergency Response Team, based on a recent report.
According to data from the Ministry of Science, Innovation, Technology and Telecommunications (Micitt), using the Cisco Umbrella tool, only last January there were 796 million blockades of phishing at the national level.
In previous months (July and August 2022) the figure was 3 million blocks, it increased in September and October (4 million monthly blocks) and the amount skyrocketed at the beginning of the year with almost 800 million records of locks.
The next most important threat is command and control attempts, i.e. remote takeover of a computer and thirdly malware.
Social engineering
He phishing It is neither more nor less than a social engineering procedure so that people fall into the criminal’s trap and thus provide them with sensitive data with which they can later obtain access to privileged information, including bank account keysinformation systems or emails.
Josué Gómez, manager of the regional SOC for Millicom in Latin America, emphasizes that the end user is the weakest link in the security chain“but there are a bunch of other distributed vulnerabilities.”
“There’s a lot phishing banking and the ransomware it also continues to be a latent threat and 3,000 new variants appear every day. What happens is that small and medium-sized companies believe that they are not subject to attacks, when it really is the other way around because they are the most vulnerable and have less defensive security. there are 2 types of companies today: those that have already been attacked and those that are going to be attacked.
Cyber attacks occur like when fishing with dynamite, they don’t throw the lure to bite, but they throw the dynamite and all the fish that die are ours; Meanwhile he express phishing it’s a targeted attack very worked with a lot of intelligence from behind, which goes to a specific person”, he highlighted during an event of “hacker hunting” and identification of risks in the infrastructure in a simulated scenario.
How to face this type of threats?
“A solution without strategy does absolutely nothing, you have to sit down to understand what the needs and pains are, we analyze what the future risks of that strategy may be in an institution or company and there we jointly develop a security strategy. There must be a budget to be able to execute things; The reality that we find is that this institution is a little late compared to how the cyber attack business is going.
The worst scenario that we find is that there is no budget, but by developing our own solutions we can adapt according to the need that we find, but nothing is solved by buying an antivirus or a report for cyberintelligence, you have to come tied to a cybersecurity strategy and we insist that within this strategy comes not only the software that protects the machine, but also invest in educating to that person who is not responsible for knowing what a cyberattack is and who understands what their role is in the information protection chain, because the user is the thinnest link in the security chain“, explained Daniela Álvarez, general manager for the North region of Kaspersky Latin America.
However, the representatives of the firm acknowledge Costa Rica is the Central American country with the most awareness of cybersecurity.
“The hard work is in making the teams aware because you can have the best perimeter team and incident response, if the end user, who is the one who actually processes the data and has access to it, is not aware, they have a very important gap”, concluded Gómez.
