13/01/2022 - General
Posted by: SC Inova Newsroom.
The sequence of cyberattacks on public and private institutions recorded in 2021 created problems for many people. In addition to IT teams who lost sleep trying to recover data, restore systems and ensure information security, users were also harmed. Santa Catarina city hall websites were off the air, customers of financial institution weeks with problems accessing services and even the ConecteSUS – application that enables, among other functions, the proof of complete immunization against Covid-19 – went offline. The episodes allow for discussions of different types to be opened, but one of the points that most requires attention, according to experts, is the use of this threat as a political weapon.
In the interpretation of some analysts, what is behind the attacks against bodies linked to the public administration is not necessarily a financial motivation - even if the cybercriminals' strategy is based on tactics of ransomware. The intention is to paralyze essential services and undermine the trust of institutions. For the cloud storage specialist Marcos Stefano, CEO of Armazém Cloud, one of the reasons is the fact that the cybersecurity infrastructure in Brazil, in many cases, does not receive due attention. “The loophole used was the programming language used, which was popular, but outdated. With a more robust maintenance plan, it is likely that the amount affected would not be as representative”, he says.
A survey by the Brazilian Internet Steering Committee (CGI.br) with 334 municipalities in Brazil shows that 54% of them did not even have an IT department or area. Although the most recent data is from 2014, it helps to understand why cybercriminals prefer to attack this type of structure. Unfortunately, this finding seems to be quite “democratic”: only in the last few months, more than 30 municipalities of different sizes were attacked. According to information gathered by the multinational specialized in security Trend Micro, capitals such as Vitória, Florianópolis, Belo Horizonte and Cuiabá, and smaller cities such as Santa Rosa de Lima (SC), with 2 thousand inhabitants; or Campinas (SP), with more than 1.2 million were affected.
This dispersion is what fuels the expectation that the epidemic character of digital crimes will be even more noticeable in 2022. The forecast is that 80% of organizations (including public and private) suffer some type of cyber attack with a high probability that they will reach customer information. The solution necessarily involves investments in critical points such as storage, systems performance, availability and resilience.
"The search PwC Digital Trust Insights 2022, which included 3,600 business, technology and security executives, brings encouragement: 83% of Brazilian organizations are expected to increase investments in cybersecurity in 2022. This is a sign that concern about digital assets has increased, and that the mindset that it is more important to prevent the problem than to pay the 'ransom' for the data is consolidating”, says the CEO of Armazém Cloud, Marcos Stefano.
The intention of the criminals who make cyberattacks a political weapon is to create social repercussions. Events of this type attract the press and, in a way, can encourage other evildoers in search of supposed notoriety. “And, to prevent this 'epidemic' from causing damage to all spheres of society, the recommendation is similar to that applied to combat the Covid-19 pandemic: Get vaccinated with strengthening cybersecurity culture and trust the cloud, as this type of computing is better structured to contain threats before they compromise your information”, concludes Stefano.
