2024-04-25 06:43:00
The hit rate of the attackers has increased alarmingly compared to the previous year. One in six cyber attacks are said to be effective.
Artificial intelligence is rapidly accelerating new types of attacks in the form of voice and video messages. With an increase of 119 percent, deepfakes in Austria have more than doubled in just one year, as the current KPMG study of 1,158 companies shows. Of these, 54 percent were affected by disinformation campaigns in the last twelve months, 42 percent even several times. According to the audit department, these are increasingly being used as diversionary tactics to hide the actual cyber attacks. “Companies are deliberately placed in an exceptional situation that requires the full attention of employees and crisis management, while the cyber attack can take place in the background completely unnoticed,” says KPMG partner Robert Lamprecht.
While one in ten cyber attacks last year was successful, it is already one in six this year. The attackers’ calculations are paying off as they have learned to adapt to their environment. In addition to deepfakes, insider threats (by 29 percent) and attacks on the supply chain (by 18 percent) have increased. State-sponsored attacks are also more common, with a twelve percent increase, as is social engineering, with a nine percent increase compared to the previous year.
– On the one hand, companies are better prepared when it comes to cyber security, but at the same time the perpetrators are upgrading and taking a closer look at the measures taken. The attackers act more professionally and their technical means become more effective. Established protection mechanisms and awareness-raising measures are not effective under these new circumstances, explains KPMG partner Andreas Tomek. Phishing attacks remain at the top of the list of successful attacks at 87 percent, closely followed by malware (86 percent) and CEO/CFO fraud (80 percent).
There are no signs of relaxation
As an entry point for cyber attacks, the supply chain is also increasingly becoming a focus for attackers. The target – the companies – is moved to an often weaker link in the chain, such as the supplier. Concern about such attacks is reflected in the numbers: 66 percent of respondents are concerned that cyber attacks against their service providers will affect them. With good reason, as 46 percent had successful attacks against the supply chain.
While last year there was reluctance to pay ransom, this year the picture has suddenly changed. Although ransomware attacks have fallen by more than a quarter in the past twelve months and only 24 percent of these attacks were successful, one in three companies have paid the ransom demand at least once in connection with a ransomware attack. There are no signs that the situation has eased at the moment, and the management level also recognizes this: for 33 percent of the supervisory board members, cyber security has become an important part of their lives.
Investments are necessary to survive
A forecast for attack development is becoming increasingly unpredictable. This affects the mood of the examined participants and exhaustion sets in. 29 percent hope that they will no longer have to deal with the topic of cyber security during the next twelve months. But there is no alternative: investing in cyber security is “necessary for survival” for companies. “We are in a race with attackers whose methods will constantly change. The key question is whether we are in the front or the back in the race for cyber security, can we surpass the attackers or will they overtake us, say the study authors.
With 63 percent, the most dominant psychological consequences for those involved in a cyber security incident were stress and anxiety. For 54 percent, the complexity of the system environment is the most stressful aspect. More than half had help from an external service provider when dealing with a cyber security incident. 45 percent see data protection requirements as the biggest obstacle to the use of AI. (here)
1714028916
#Cybercrime #company #paid #ransom