Portugal was the third European country with the most cyber attacks in 2022


Share post:

Portugal was the third European country most affected by cyber attacks detected in 2022 by IBM, which resulted in data theft or leakage and extortion attempts, the company disclosed today, denouncing an increase in cases.

The IBM Security X-Force Threat, a team at the US multinational that deals with computer threats and is made up of ‘hackers’, technicians, researchers and analysts, today published the 2023 report, which brings together global-scale information gathered in 2022.

The “Intelligence Index” report tracks new and current cyber attack patterns from billions of pieces of data, including computer networks, servers, personal computers, cell phones, incident responses, vulnerability databases, and ways of exploiting vulnerabilities.

According to the document, the UK was in 2022 the country in Europe most affected by cyber attacks, with IBM accounting for 43% of cases. This was followed on the computer company’s list by Germany (14%), Portugal (9%), Italy (8%) and France (7%).

In Europe, the second continent after Asia with the most cases, the IBM team also responded to attacks, but in smaller numbers, in Norway, Denmark, Switzerland, Austria, Greece, Spain, and Serbia.

“The biggest impacts” of the attacks in Portugal were “the theft and leakage of information”
The “Intelligence Index” 2023 report does not detail information about Portugal, but, in statements to Lusa, the head of cybersecurity services at IBM Portugal, Duarte Freitas, said that “the biggest impacts” of attacks in the country were “theft and leakage of information,” followed by extortion attempts.

“Although there were many extortion attempts, the ability to mitigate much of the threats and the speed of incident response increased significantly from 2021 to 2022,” he pointed out.

According to Duarte Freitas, the use of ‘backdoors’ (tools that allow you to enter a system covertly) has made it possible to “carry out several successful attacks”, such as service unavailability (DOS) and ‘ransomware’ attacks (malicious program that locks the computer or specific files and folders to demand a ransom).

In exploiting backdoors, which contributed to 18% of the “serious incidents” that IBM responded to in Portugal in 2022, cybercriminals took advantage of “vulnerabilities in remote access systems, the abuse of user credentials, and the introduction of other pieces of ‘hardware’ into the victims’ network or systems.”

The victims of attacks in Portugal

Duarte Freitas specified that the computer attacks recorded by IBM in Portugal targeted, in most cases:

  • law firms
  • consultants
  • management, technology, advertising and media services companies
  • industry, banking and insurance

In these cases systems (such as personal computers, servers, network assets) connected to external networks (such as the Internet) were more vulnerable because they contained discontinued, unmaintained, or inadequately maintained software.

According to the responsible, there was in 2022 “a significant increase in cyber-attacks in Portugal”, but it was not identified “a single and objective reason for the increase in these attacks”.

“What is known is that when it becomes public among the community of attackers that successful attacks with specific characteristics have occurred in a given country, it is natural that the frequency of these attacks increases,” said Duarte Freitas to Lusa, who recommends investing in incident response plans and phased and flexible security plans that assess risks and financial impacts, the “use of strong multiple authentication systems,” the “permanent monitoring and analysis of detection and response systems,” and investment “in solutions for managing privileged access.

Europe has seen a “significant increase” after Russia’s invasion of Ukraine
According to the US computer giant’s report, Europe saw a “significant increase” in the use of backdoors from March 2022, following Russia’s invasion of Ukraine, which contributed to 21% of the attacks detected by IBM on the continent.

IBM also highlights, in Europe, ransomware attacks in 11% of the verified situations.

When assessing the impact on users or customers, the report notes that 38% of attacks were linked to extortion, 17% resulted in data theft, and 14% in credential harvesting.

According to IBM, European organizations were affected by abuse of valid local accounts in 18% of cases and by spear phishing links (phishing attacks against a specific target, such as a company, by sending unsolicited e-mail with links) in 14% of cases.

Finanças, seguros, indústria, energia e saúde foram os setores mais atacados por cibercriminosos na Europa.

À escala global, a IBM refere que o efeito mais comum obtido pelos cibercriminosos foi a extorsão, através de ataques com ‘ransomware’ e ‘e-mails’ comerciais comprometidos.

O uso de ‘backdoors’ emergiu em 2022 como a “ação de topo” dos cibercriminosos devido em parte ao seu elevado valor de mercado.

A IBM salienta, em comunicado, que a prevenção e a deteção de ataques com ‘ransomware’ estão a ser mais bem-sucedidas, apesar de os ataques com estes programas maliciosos serem mais rápidos – o tempo médio para concluir um ataque com ‘ransomware’ passou de dois meses para menos de quatro dias.

Phishing and hijacking were the most common attacks
The IT company also recorded a doubling (compared to 2021) of monthly ‘thread hijacking’ attempts in 2022.

Phishing(sending unsolicited emails with the purpose of inducing the user to provide personal and/or financial data) continued to be the most common type of cyber attack detected by IBM worldwide.

According to IBM, cybercriminals are prioritizing personally identifiable information such as names, emails, and home addresses – which “can be sold for a higher price on the dark web or used to conduct other transactions” – over credit card information in phishing tools.

The company also found that Russia’s invasion of Ukraine (on February 24, 2022) led to “increased cooperation” between cybercriminal gangs targeting Ukrainian organizations and “caused a significant global increase in cyberattacks.”

The “Intelligence Index” is an annual publication by IBM Security X-Force Threat. Through subsidiary IBM Security, the multinational computer company provides cybersecurity solutions for businesses, governments and organizations.

Every day, the company monitors billions of pieces of data in more than 130 countries.

Related articles

Vista Alegre eyes Asia and the Middle East in partnership with Ronaldo

The president of Vista Alegre said in an interview with Lusa that Cristiano Ronaldo's investment in Vista Alegre...

Benfica win women’s field hockey Portuguese Cup for the 10th time in a row

Benfica won the women's roller field hockey Portuguese Cup for the 10th time in a row today, beating...

Portugal beats Sweden to 11th place in European women’s under-20 basketball tournament

The Portuguese under-20 women's basketball team finished in 11th place in Division A of the European Championship today,...

Portuguese Navy accompanied passage of Russian force for more than 24 hours

The Portuguese Navy monitored the passage of a Russian naval force, consisting of a frigate and a refueling...