Worldwide Cyber Security Threats

Uploaded on 2021-11-30 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW, TECHNOLOGY--Resilience

The last 12 months have seen cyber criminals take advantage of the COVID-19 pandemic and the increase in remote work to step up their attacks, exploiting both technical and human vulnerabilities. 

As attackers increasingly automate attacks, it’s easy for them to target hundreds, if not thousands of small businesses at once. Small businesses often have less stringent technological defences, less awareness of threats and less time and resource to put into cyber security. This makes them an easier target for hackers than bigger organisations.

Cyber security threats, risks and challenges vary significantly around the world from one country to another. 

Here are the top cyber security issues in parts of the world today: 

Africa:   Several African countries have very well-developed mobile digital currency systems with millions of users. People use these for salaries, groceries and transportation in some countries, especially in Kenya. Gangs attack these systems hoping to steal money from customers. While most global vulnerability assessments worry most about data protection, these mobile digital currency systems worry about money protection. 

The urban coastal regions of Africa also face risk from ransomware attempts on ports. Ports in South Africa, for example, saw shutdowns after a serious cyber attack on one of the ports. 

Regional and international tensions in East Africa and elsewhere engender cyber-spying cyber security threats, most recently using Pegasus spyware. As of the end of 2020, some 11 African national governments found Pegasus spyware. They presumed it to be part of spy work from both within the region and from abroad. 

South America:   Latin America is under cyber attack. Cyber attacks are on the rise globally, but Latin America is seeing more than its fair share. There is also low public awareness about cyber crime due to a lack of government programs to educate the public. According to an ESET Latin American Security Report (2017), the number of reported ransomware cases grew 131% in 2016. In Brazil alone, cyber attacks increased 197% in 2015, and a survey of Brazilian companies revealed that one-third had experienced a cyber crime. Many of these use COVID-related social engineering content, according to Trend Micro.

One major strain is fear-mongering COVID-related phishing scams. These aim to collect the information the criminals need to commit insurance and identity fraud. Emails offer stimulus money, access to vaccines and other benefits in exchange for personal information or downloading malware. 

The most heavily targeted countries in Latin America are those with the largest economies: Brazil, Mexico, Colombia and Argentina. 

Mexico has been hit recently by a large malware attack on oil giant Pemex as well as the Ministry of Economy. 
In Latin America and the Caribbean, state-sponsored attacks tend to spike in advance of international treaties, economic summits and other such events.

United States:   The US is targeted for all kinds of cyber security threats, especially very large-scale state-sponsored attacks like the SolarWinds attack. These are long-term and very sophisticated. Attackers could have a wide range of goals, from political and industrial espionage to influencing operations. 

Asia:   Geopolitical tensions in the region drive state-sponsored influence operations, cyber espionage and targeted financial crimes. Phishing attacks remain a common entry point for many cyber attacks across Asia. 
Tensions between countries drive a large number of cyber threats from both nation-state and non-governmental actors in all countries involved. Look at China and India, China and Taiwan, India and Pakistan, North Korea and South Korea and, of course, tensions between the U.S. and China, North Korea and Russia.

Also, much of the world’s electronics supple chain infrastructure is in Asia and the global trend of supply chain attack and disruption is acute in the region.

Electronics exporters, like Vietnam and Malaysia, depend on buyers and manufacturers in China, and vice versa. 
Plus, the world depends on goods made in China. Disrupting any part of this supply chain slows deliveries, raises prices and applies pressure to all concerned. Many of these connections involve cooperation and partnership in public and rivalry in private. Rivalries play out through cyber attacks and espionage.

North Korea deserves particular mention, as that country has a robust state-sponsored cyber-attack apparatus. On the other hand, the country has almost no targets for foreign adversaries to hit back due to the lack of development and internet connectivity there. 

Russia & Turkey:   Turkey and Russia straddle both Europe and Asia. Many global cybersecurity threats, both state-sponsored and criminal, start from Russia in particular. In the past year, according to a report from Microsoft, nearly 60% of the world’s observed state-sponsored attacks started with the Russian government, and one-third of the world’s successful cyber-attacks from non-state actors started there, too. 

The new wave of ransomware-as-a-service attacks is mostly a Russian trend. A disproportionate share of information operations and election-related disinformation campaigns start in Russia as well. 

Europe:   European hospitals have been affected by dangerous ransomware attacks in Ireland, France and elsewhere in a big way. The two French hospitals were attacked within a week, following several previous attacks in 2020, by attackers using the crypto-virus Ryuk. Both were battling COVID-19 and were at high capacity.

The attack on the Irish health service earlier this year disrupted health care nationwide and forced health care workers to resort to using paper records. 

The number of serious cyber attacks effectivley doubled from 2020 to 2021, according to ENISA

Middle East:   The Middle East region has more than its fair share of state-sponsored cybersecurity threats. These aim to disrupt rivals, cause economic hardship and sometimes even cause internal political frictions. An attack in Iran recently, for example, caused major disruptions to consumer petrol sales. In apparent response, people breached gasoline signs criticising the government for the gasoline lines. 

Any vulnerability analysis in the Middle East has to take account of the constant cyber conflict between Israel and its various hostile neighbours.

Many of the types and methods of cyber attacks around the world are similar, with malware and ransomware topping the list. At the same time, the attackers’ goals vary widely. The one thing all of these attacks have in common is that they appear all over the world.

ENISA:       Verizon:     CSIS:     IEEE:    Security Intelligence:     CSO Online:    Expert Insights:  

You Might Also Read: 

International Effort To Reduce Ransomware Attacks:

 

« Tesla Drivers Can’t Unlock Their Cars
Britain Is Fighting A Ransomware Epidemic »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

HPE Aruba Networking

HPE Aruba Networking

HPE Aruba Networking, a Hewlett Packard Enterprise company, is a leading provider of next-generation network access solutions for the mobile enterprise.

Wallix

Wallix

Wallix is a software company offering privileged access management solutions for enterprises, public organizations and cloud service providers

IABG

IABG

IABG offer independent, product-neutral consulting as well as technical and scientific services for the use of safety-relevant systems and technologies.

Blake, Cassels & Graydon (Blakes)

Blake, Cassels & Graydon (Blakes)

Blakes is one of Canada’s top business law firms serving national and international clients in specialist areas including cyber security.

Stage2Data

Stage2Data

Stage2Data is one of Canada’s most trusted cloud solution providers offering hosted Backup and Disaster Recovery Services.

Key Cyber Solutions

Key Cyber Solutions

Key Cyber is an IT consulting firm that specializes in agile software development services, program management and infrastructure services, cyber security and cloud and managed services.

DeNexus

DeNexus

DeNexus is the leading provider of cyber risk modeling for industrial networks. Our Mission is to build the Global Standard for Industrial Cyber Risk Quantification.

Kennedys

Kennedys

Kennedys is a global law firm with expertise in litigation/dispute resolution and advisory services, particularly in the insurance/reinsurance and liability sectors, including cyber risk.

International Association of Financial Crimes Investigators (IAFCI)

International Association of Financial Crimes Investigators (IAFCI)

International Association of Financial Crimes Investigators provides services and information about financial fraud, fraud investigation and fraud prevention.

Quatrro Business Support Services (QBSS)

Quatrro Business Support Services (QBSS)

QBSS is a tech-enabled outsourcing firm that’s changing the way companies think about finance, accounting, human resources and technology services.

Unified Solutions

Unified Solutions

Unified Solutions provide a full continuum of cyber security services, compliance, and technology solutions.

ProjectDiscovery

ProjectDiscovery

ProjectDiscovery is an open-source, cybersecurity company that builds a range of software for security engineers and developers.

Defence Innovation Accelerator for the North Atlantic (DIANA)

Defence Innovation Accelerator for the North Atlantic (DIANA)

The NATO DIANA accelerator programme is designed to equip businesses with the skills and knowledge to navigate the world of deep tech, dual-use innovation.

Reality Defender

Reality Defender

Reality Defender stops deepfakes before they become a problem. Our proprietary deepfake and generative content fingerprinting technology detects video, audio, and image deepfakes.

Intraframe US

Intraframe US

Intraframe US is a cybersecurity company in Memphis, specializing in Digital Forensics Incident Response and Managed IT services. We provide SMBs with a 24/7 SOC for proactive Cyber Threat Management.

Digital Twin Consortium (DTC)

Digital Twin Consortium (DTC)

Digital Twin Consortium is a global ecosystem of users who are driving best practices for digital twin usage and defining requirements for new digital twin standards.