We saw increasing surge in cyber-attacks all around the world. Also, this number is growing in Europe.
World Economic Forum’s Global Risks Report 2024 states “”AI generated misinformation and disinformation” in the second place and “cyber attacks” in the fifth place among the global scale current crisis. For short and long term cyber security is still in the top 10 global risks.
Global risks ranked by severity over the current, short and long term
| Current risk landscape | 2 Years | 10 Years | ||||
| 1st | 66% | Extreme weather events | 1st | Misinformation and disinformation | 1st | Extreme weather events |
| 2nd | 53% | AI-generated misinformation and disinformation | 2nd | Extreme weather events | 2nd | Critical change to Earth systems |
| 3rd | 46% | Societal and/or political polarization | 3rd | Societal polarization | 3rd | Biodiversity loss and ecosystem collapse |
| 4rd | 42% | Cost-of-living crisis | 4rd | Cyber insecurity | 4rd | Natural resource shortages |
| 5th | 39% | Cyberattacks | 5th | Interstate armed conflict | 5th | Misinformation and disinformation |
| III | Economic | 6th | Lack of economic opportunity | 6th | Adverse outcomes of AI technologies | |
| III | Enviromental | 7th | Inflation | 7th | Involuntary migration | |
| III | Geopolitical | 8th | Involuntary migration | 8th | Cyber insecurity | |
| III | Societal | 9th | Economic downturn | 9th | Societal polarization | |
| III | Technological | 10th | Pollution | 10th | Pollution | |
Source: Global Risks Report 2024
According to Fortinet all around the world infrastructure has become more complex and more vulnerable to attack:[1]
- 84% Companies are hybrid,
- 125+ distributed applications used by enterprise,
- 56B IoT Devices are in use,
- 90% of enterprises will have experienced a security incident related to the edge network by 2026
When attackers get in, they stay longer and cost you more:
- Average time from detection to remediation;
- 21 Days à Time to Detect
- 4 Hours à Time to Contain
- 6 Hours à Time to Investigate
- 12 Hours à Time to Remediate
- 52% of organizations report security opeations are harder than 2 years ago, cite threats, attack surface, volume/complexity
- 4 Days to disclose material cybersecurity incident
- $9.4M Average Breach Cost
Eu has objective in improving resilience to cyberattacks, contributing to increasing risk-awareness and the knowledge of cybersecurity processes, and increasing the efforts of public and private organizations to achieve at least basic levels of cybersecurity. In order to achieve this objective EU also has a target rate in Digital Decade Policy Programme 2030 that 20 million ICT experts will be employed in the EU by 2030.[2]
According to European Council;[3]
- monthly 10 terabytes of data stolen
- ransomware is one of the biggest cyber threats in the EU, with phishing now identified as the most common initial vector of such attacks.
- Distributed Denial of Service (DDoS) attacks also rank among the highest threats.
- The annual cost of cybercrime to the global economy is estimated to have reached $ 10,29 trillion at the end of 2025, double the figure of 2021. The global indicator “Estimated Cost of Cybercrime” in the cybersecurity market was forecast to continuously increase between 2023 and 2028 by in total 5.7 trillion U.S. dollars (+69.94 percent). After the eleventh consecutive increasing year, the indicator is estimated to reach 13.82 trillion U.S. dollars and therefore a new peak in 2028. [4]
- Russia’s military aggression against Ukraine has reshaped the threat landscape in Europe in 2022. The conflict has mobilised many hacktivists, cybercriminals, and state-sponsored groups.
[1] https://investor.fortinet.com/static-files/2d21430a-2c22-4b9d-b7f5-3f4bdaa420b6
[2] https://eur-lex.europa.eu/eli/dec/2022/2481/oj
[3] https://www.consilium.europa.eu/en/infographics/cyber-threats-eu/
[4] https://www.statista.com/forecasts/1280009/cost-cybercrime-worldwide
Estimated cost of cybercrime worldwide 2017-2028 (in trillion U.S. dollars)
Cybercriminals have become experts at engineering sophisticated attacks by tricking employees into clicking on malicious links that initiate attacks. Currently, 85% of data breaches involve a human element. [1]
Top Cyber Threats in the EU[2]
| Ransomware attacks | Attacks where cybercriminals take control of a target’s asset and demand a ransom to restore its availability. 60% of affected organizations may have paid ransom demands. |
| Distributed denial-of- service (DDoS) threats | Attacks preventing users of a network or a system from accessing relevant information, services and other resources. July 2022 saw the largest ever recorded attack against a European customer. |
| Malware | Malicious software designed to damage, disrupt or gain unauthorised access to a device. In June 2022 alone, adware trojans were downloaded around 10 million times. |
| Social engineering threats | Threats that attempt to exploit a human error or human behaviour to gain access to information or services. 82% of data breaches involved a human element. |
| Threats against data | Attacks to gain unauthorised access to data and to manipulate data to interfere with the behaviour of systems. Servers were the assets most often targeted by an attack (almost 90%). |
| Internet threats | Attacks with an impact on the availability of the internet. For example BGP (Border Gateway Protocol) hijacking. As of June 2022, 15% of the internet infrastructure in Ukraine has been destroyed by Russia. |
| Disinformation misinformation | An intentional attack that consists of creating or sharing false and misleading information to manipulate public opinion. Mass disinformation campaigns were already targeting Ukraine before Russia launched its invasion. |
| Supply-chain attacks | An attack strategy targeting an organisation through vulnerabilities in its supply chain with the potential to induce cascading effects. Supply chain incidents accounted for 17% of intrusions in 2021 compared to less than 1% in 2020 |
Companies and government organizations are to plan necessary resource to cope with cyber threats. As a Bilişim Academy we are well experienced to address cyber security and network lessons with our certified instructors.
Sources:
- https://investor.fortinet.com/static-files/2d21430a-2c22-4b9d-b7f5-3f4bdaa420b6
- https://eur-lex.europa.eu/eli/dec/2022/2481/oj
- https://www.consilium.europa.eu/en/infographics/cyber-threats-eu/
- https://www.statista.com/forecasts/1280009/cost-cybercrime-worldwide
- https://www.gartner.com/en/doc/3-steps-to-stop-employees-taking-cyber-bait
- https://www.consilium.europa.eu/en/infographics/cyber-threats-eu/
[1] https://www.gartner.com/en/doc/3-steps-to-stop-employees-taking-cyber-bait
[2] https://www.consilium.europa.eu/en/infographics/cyber-threats-eu/
Bir yanıt yazın