Last year there were more than 33,000 incidents related to cybersecurity in public sector entities and companies of strategic interest in Spain, representing an increase of 25% more than in 2017. Checkpoint and the Center for Industrial Cybersecurity (CCI) have presented in Madrid the report “Industrial cybersecurity incidents in essential services in Spain”In which 18 operators with five strategic factors participated: electricity, gas and oil, transport, water and sanitation. The study indicates that 75% of the companies that have participated in the sample consider that they are subject to a high degree of vulnerability. And 41% are convinced that the main cyber threat in the future will be the ones that compromise the security of IoT devices (Internet of Things).
Google supports the data. According to this company, "three out of four Spanish companies have suffered a cyberattack in the first half of 2019 and estimates suggest that global losses from cybercrime amounted to about six billion euros in 2012. In Spain, small businesses and users individuals were the main objectives of cyber attacks, with a total of 102,414. However, almost three million companies in Spain are little or nothing protected against hackers".
More than 90% of companies have already realized that they need to incorporate cybersecurity mechanisms to protect their systems. However, there are still some areas where entrepreneurs are less aware that they need protection. One of them is the industry. "Many industrial plant engineers do not think that if they are using machines connected to networks, they need security systems," says Mario García, general manager of Checkpoint in Spain and Portugal.
"We have a sense of lack of urgency," says Garcia. The City of Jerez de la Frontera (Cádiz), suffers from Wednesday October 3 a cyberattack that has affected the 1,300 computers that are part of the municipal computer network and has forced the Consistory to request assistance from the National Intelligence Center (CNI) for the eradication of the causative virus. Between 80% and 90% of services are expected to be operational again today. The Checkpoint director assures that his company had carried out an audit of this city council pointing out the possible vulnerabilities prior to the attack.
The precise segmentation or separation of the IT (information technologies) and OT (operation technologies) systems is essential, so that, if one of them is violated, it does not automatically go to the other
Incidents in a company can be intentional or not. Most are caused by failures of the software or also, due to a human error (lack of awareness or training). In intentional incidents it is very important to understand well the steps taken by a malware or by the attackers, be aware of the compromised teams and the affected processes, know who is responsible for the attack, which has been the routes of entry and spread, if the threat is limited or continues to spread, and the risks identified (operational , financial, environmental, worker safety, public reputation …)
Cybersecurity experts recommend that companies take one more step and not be left alone in detection systems. "It is essential precise segmentation or separation of IT systems (information technologies) and OT (operation technologies, so that, if one of them is violated, it does not automatically go to the other ”, says Eusebio Nieva, Checkpoint technical director in Spain and Portugal. It is also necessary to adapt to defense protocols. "On many occasions the systems of the companies are 20 years ago and even the entrepreneurs themselves do not know what they have installed," says Nieva.
However, and above all since the appearance of the WannaCry virus With global reach in 2017, industrial organizations are increasingly incorporating better cybersecurity measures. WannaCry was a virus from kind ransomware (cyber-kidnapping) infected 300,000 computers around the world. The user's screen melted to black and a few seconds later a message appeared announcing that the documents had been encrypted (encrypted). In a brief explanation, available in 30 languages, it was detailed that whoever wanted to recover them had to make a payment of $ 300 to an account number in bitcoins. On the left side of the screen there were two stopwatches, one with the time he had to make the payment and another with the exact moment in which his files would be destroyed.
Antivirus firewalls Conventional, IDS / IPS, internal security audits and incident response management are the most common technical measures to protect industries. Although the type of incidents varies depending on the sector, the report concludes that the incidents caused by malware are the most common. Experts recommend not to miss an incident and scan the entire system as there could be more hidden vulnerabilities.
. (tagsToTranslate) cyber attacks (t) company (t) interest (t) strategic (t) Spanish (t) Spanish (t) grow (t) 25% (t) report (t) record (t) 33,000 (t) incident (t) security (t) spend (t) year