About cybersecurity

Cyfrowy globus połączony punktami danych

Significance and dimensions

Modern cybersecurity is a key element of global stability, protecting countries and organizations from the growing threat of cyberattacks. Its effective functioning requires a comprehensive approach that takes into account various aspects and potential consequences for multiple sectors and industries.

In light of the escalation of cyberattacks linked to the conflict in Ukraine and NATO's 2016 decision to declare cyberspace an official domain of warfare, the importance of this topic is now greater than ever.

In the face of the COVID-19 pandemic and the widespread shift to remote work, cybercriminals have been quick to adapt, taking advantage of new opportunities to intensify their operations. Adaptation to the new work model has exposed some vulnerabilities in IT systems, causing increased susceptibility to various types of attacks.

With the increase in the number of people working from home, phishing attacks and other social engineering techniques that exploit employees' low awareness of cyber security have gained in strength.

The number of ransomware attacks and their level of professionalization have also increased significantly, leading to the disruption of hundreds of thousands of businesses. Moreover, the pandemic has served as a pretext for spreading false information and increasing the negative impact of disinformation activities on societies' resilience.

With the onset of the war in Ukraine, an unprecedented increase in both the number and complexity of cyberattacks has been observed. The aggressor, along with its allies, is exploiting cyberspace to conduct intelligence activities, attack critical infrastructure, defense and official government services, and conduct disinformation campaigns.

The escalating activity of cyber criminals underscores the need to intensify active defense efforts, continuously improve detection mechanisms and strengthen international information sharing.

Impact on various sectors and industries

Znak ostrzegawczy nad podzespołami komputerowymi

Critical Infrastructure

Attacks on the energy, transportation or health sectors can lead to service disruptions and loss of customer and industrial data, directly endangering national security and the health and even lives of citizens. Examples of such attacks included:

During the attack, several institutions around the world were affected by the Exploit EternalBlue malware. The attack particularly affected Ukraine, in the context of which it can be considered an act of cyberwarfare. The Security Service of Ukraine pointed out that the same perpetrators in 2016 attacked the financial system, transportation and energy facilities - including depriving parts of Ukraine of electricity, as a result of the disruption of the Prykarpattyaoblenergo power plant in Zaporozhye.

One of the most high-profile victims of the attack was the NHS (National Health Service) in the UK. As a result, key hospital IT systems stopped working. Staff could not access patient records or use telecommunications services. The estimated cost reached £92 million.

An attack using malware known as Doppelpaymer. As a result, the Düsseldorf hospital lost access to its IT systems, which included ambulance communications, resulting in the death of a critically ill patient.

The shutdown of this 8,900-mile pipeline system proved to be the most destructive cyberattack in history, blocking the flow of millions of barrels of gasoline, diesel, and jet fuel to the US East Coast from the Gulf of Mexico region. The attack paralyzed the company's operations for an entire week, and in response to the hackers' demands, the company paid $4.4 million as ransom.

Government institutions and public administration

Cyberattacks on government institutions and public administration can lead to the loss of citizens' data and the disruption of public services, jeopardizing citizens' security and the continuity of state operations. Examples of such attacks included:

The attack leaked the personal data of more than 5 million people, including security personnel. It was one of the largest thefts of its kind in the US. The investigation revealed that a group of Chinese hackers was behind it.

A Trojan was used to hack into employees' email inboxes. As a result of the intrusion, the Bundestag's computer system had to be completely shut down for a while and many devices that were connected to the internal network had to be replaced (up to 20,000 new components), which generated huge costs and several months of network interruption. Russian hackers were behind the attack.

There was an attack on SolarWinds in 2020 for which Russian hackers were responsible. They infected SolarWinds software updates with malware, which led to the compromise of nearly 18,000 organizations worldwide. Among them were US government agencies, including the State Department, as well as numerous private companies. The incident was considered one of the most serious cyberattacks of the decade.

Industry

The development of Industry 4.0 comes with an increased risk of attacks on automation systems. This can result in production interruptions, data loss and multimillion-dollar financial losses. Among the most common forms of attacks are ransomware and DDoS attacks.

Examples of significant cyberattacks in the industrial sector:

The first-ever DDoS attack on such a large scale, which generated widespread media coverage. In February of this year, many reputable websites were paralyzed for several hours. Yahoo! reported losses of $500,000 in three hours, while traffic to CNN.com dropped by 95%.

The hacking group demanded a ransom of $20 million. As a result of the attack, Kia Motors America experienced a nationwide outage of its IT and telecommunications systems.

As a result of the attack, game source codes and employee and partner data were stolen. One of the direct financial consequences was a drop in the value of the company's shares on the stock market.

Considered the largest HTTPS attack in history, reaching 46 million requests per second at its peak. Google managed to block this attack, which was launched from more than 5,000 IP addresses originating from 132 countries.

Finance

The financial sector has been the target of attacks that can lead to data theft, financial losses and online transaction fraud.

Hackers stole information (account numbers and contact information) of 360,000 U.S. credit card holders.

Hackers tried to steal nearly $1 billion, succeeded in stealing approx. 80 million dollars. The money was stolen from a Bangladesh Bank account maintained by the Federal Reserve Bank of New York. The reason was the lack of adequate security measures, including a firewall.

Hackers using ransomware completely paralyzed the bank's operations. It was impossible to withdraw money from ATMs, use online banking and also banking applications.

The goal of the largest-ever attack on the websites of Ukrainian banks and government institutions was to destabilize the situation and create panic. Institutions, including Ukraine's largest commercial bank PrivatBank, were affected by the blocking of online banking services.

Research and education

Attacks on the education sector can lead to the loss of personal data of students and employees, technological espionage, and disruption of educational processes.

An example of such an attack is the recent (2023) cyberattack on the University of Arts in Poznan, for which ransomware was used. The attack may have leaked the data of several hundred people, employees and associates of the university.

A growing number of attempted attacks are reported by most Polish universities, including the Universities of Silesia or Lodz. Increased activity by cybercriminals on central infrastructure has also been observed by the Polish Academy of Sciences. The main target of the attacks is personal data.