Ransomware remains one of the leading cyber threats, with increasingly destructive variants. Additionally, financial cybercrime and state-sponsored cyberattacks are on the rise due to high economic rewards and geopolitical motivations.
Along these lines, cybercriminals have carried out another significant attack, this time compromising the information of more than 34 million drivers after a massive hack of the DGT. This incident adds to a series of recent cyberattacks, including that of the Hospital Clínic of Barcelona, Banco Santander, the medical records of the Civil Guard, as well as the companies Iberdrola and Decathlon.
“The large cyberattacks that have affected Spanish and international companies and institutions show that these incidents can occur again and even escalate to even more serious levels in the future,” warns Victor Ronco, CEO of Zerod. This is because cyber threats are constantly evolving.
Increase in cyber attacks
Many organizations do not adequately prioritize cybersecurity, leaving vulnerabilities that criminals can exploit. According to Zerod’s CEO, it is crucial for businesses, including SMEs, to keep their defenses up to date and take a proactive approach to stay ahead of threats.
If cyber attacks similar to those suffered by Spanish companies and institutions are repeated, the consequences could be serious in several aspects. Economically, the direct and indirect costs can be enormous, including operational losses, regulatory fines, recovery and forensic investigation expenses, and potential ransomware extortions, reaching hundreds of millions of euros.
Operationally, critical systems may become inoperative, disrupting key processes and causing significant delays in the delivery of products and services. Furthermore, a serious cyberattack can damage an organization’s reputation, affecting the trust of customers, business partners and investors.
What to do to avoid it
There is no single solution to prevent cyber attacks. However, taking a comprehensive cybersecurity approach with multiple layers of protection can significantly reduce risks. Some Zerod recommended practices include:
- Maintain a proactive and vigilant security posture.
- Conduct risk assessments, penetration tests, and asset audits with ethical hacking experts.
- Implement strong security controls, such as firewalls, intrusion detection and prevention systems, anti-malware/ransomware, multi-factor authentication, and data encryption.
- Keep systems and software up to date with the latest security patches.
- Rigorously manage access and identity privileges.
- Constantly train staff in cybersecurity practices to prevent phishing attacks.
- Have a solid incident response plan and disaster recovery strategies.
