Only 6% of companies say they are aware of the threat when informed of a cyber incident

ZURICH (SWITZERLAND), June 30 (Portaltic/EP) –

only the 6 percent of companies to which the cybersecurity company Kaspersky reports an incident detected in their systems ensures that they have prior knowledge of the threatversus 42 percent of organizations that don’t even have a “single point of contact” for cyber incidents.

Kaspersky has a free initiative with which it notifies organizations about different threats that its researchers discover on the Dark Web and that can affect organizations or that have even already been identified in the systems of some companies.

Within this initiative, during the past year its researchers detected around 300 incidents, as the company has shared within the framework of the Kaspersky NEXT 2023 event, held in Zurich (Switzerland) and attended by Europa Press, where it has shown the different actions carried out by Kaspersky in the cybersecurity environment and, in this case , with organizations and potential critical threats.

As explained by the Kaspersky Director of Public Affairs, Yuliya Novikova, this initiative is free and In addition to warning of the threat, shares information with all available details and recommendations from its experts. Likewise, organizations are warned about critical incidents, that is, those that require immediate action by the victim company.

The researchers make sure that they are not “false, public or generic” data, and they make sure that it is not a fake data breach. That is, an old leak that malicious actors are trying to pass off as a new incident.

To carry out the investigations, Novikova has stressed that some rules are followed that are based on the security of the victim’s data. For this, all the information analyzed comes from external sources, either from forums, blogs or the Dark Web. These data are not verified for prevent “unauthorized access” to the infrastructure of organizations.

ONLY 6% KNOW THE THREAT WHEN THEY RECEIVE THE NOTICE

The director of Public Affairs has shared the different reactions that companies have when they receive alerts from Kaspersky about a threat. In this sense, she has indicated that of all the organizations that received notifications about the threats found, only 6 percent claimed to have prior knowledge of the attack.

Against this figure, the 42 percent of organizations they don’t even have a “single point of contact” for cyber incidents to go to in these cases. This is due to issues such as that employees “do not know who is responsible” in these situations or that there is no internal procedure on how to deal with cyber incidents.

Likewise, Novikova has also indicated that 2 percent of companies simply deny the incident. However, he has warned that this type of action negatively influences business processes, in addition to “breaking customer trust.”

Besides, 28 percent of organizations do not respond to notifications warning of a threat or They claim they don’t care about these attacks. The reasons for this reaction can be various, from not having the budget to invest in cybersecurity, to mistrusting the fact that Kaspersky has analyzed his data.

Finally, 22 percent of companies have a “positive” response, according to Novikova, since confirm the incident and accept the information that Kaspersky offers to solve it.

With all this, he has also detailed some of the most common questions that organizations carry out when they find out that they have been attacked or threatened. Some of these issues are if the incident can be hidden facing customers and employees, something not recommended as it can cause more harm to users.

On the other hand, they question if the ransom should be paid that malicious actors ask for in order to return stolen data or whether the company should buy its own data leaked on the Dark Web by cyber criminals. These options are also not recommended, as they can empower malicious actors to carry out further attacks or data theft.

EUROPEAN COUNTRIES ARE THE MOST ATTACKED

Among the threats reported with this initiative, Novikova has reported that the countries in which they have found the most threats are in Europewith a total of 66 incidents. Second, it stands Russia, with 43 threats found in 2022.

In addition, Kaspersky has found campaigns of different attackslike the type ‘infostealers’, that compromise company and user credentials to later sell them on the Dark Web, which stood out above all in European countries such as France and Italy.

Novikova has indicated that they have also found type attacks ‘ransomware’, those that encrypt computers and ask for payment in exchange for releasing the data, with an increase in identified blog posts about this type of ‘malware’ between 2022 and 2023.

He has also given other examples of attacks with data leaks found, from customer databases with information such as address, phone number and medical details, to the posting of videos on YouTube containing the recording of a confidential conversation of the victim. Code leaks and details about key projects have also been found.