Analysts report on various methods of cyberterrorist attacks, among which attacks aimed at the servicing of remote devices accounted for 39% of the total number of incidents. Encryption of data and information leaks occupy second place with 37%, internet-application intrusions – 24%, attacks using ransomware programs – 7%, and other attacks – 11%. The cybersecurity council previously announced that national cybersecurity systems successfully reflected attacks using the 'ransomware' method, directed towards a number of strategic sectors in both the public and private spheres, the aim of which was data leakage and blocking of digital systems.
According to a council statement, recently complex attempts at intrusions were detected, including the use of artificial intelligence technologies, which pose serious challenges for digital infrastructure. Attacks originating from cyberterrorist groups from 14 countries were tracked, their sources identified accurately, and they were successfully mitigated using the most recent global methods in this field.
The influence of cyberterrorist attacks aimed at strategic sectors was felt across a number of industries, with the public sector in first place with 30%, the financial-banking sector and education sector at 7% each, technological, aviation, and medical sectors at 4% each. Remaining sectors accounted for 44% of the total number of cyberterrorist attacks.
The council also noted that attacks involve various methods, including the use of information technology and infrastructure (40% of the total number of attacks), attacks on networks for file sharing (9%), and database vulnerabilities (3%). Incorrect configurations of devices constitute 27% of the total number of attacks, followed by harmful programs (22%), scanning and attempts to enter the system (15%), unauthorized access (15%), phishing (10%), illegal actions, and web-attacks (11%).
The cybersecurity council identified the most hazardous detected methods of hacking and threats, targeting key sectors of the country, which were effectively and professionally mitigated. Attacks vary from traditional ones, such as phishing and social engineering, to more complex cyberattacks using artificial intelligence, which are harder to detect without more advanced methods. The council emphasized the need to comply with all state and private institutions' standards of cybersecurity to avoid similar malicious cyberattacks. It is warned of the constant rise of cyber risks due to the use of technologies of artificial intelligence, not only in the realm of deepfakes or social engineering, but also the increased use of AI for improving harmful programs, including ransomware-like programs.
According to estimates by the council, the current year will witness a continuation of cyberattacks, with the use of modern and advanced technologies among subjects. The cybersecurity agency of the country revealed that more than 200,000 cyberattacks occur daily in the country targeted at strategic sectors. Furthermore, threats from persistent groups, known as 'Blackcat', account for 51% of attacks using the ransomware method. The council emphasized that national cybersecurity systems have identified recurring types of cyberattacks.
