November 29 (SeeNews) - Companies in Southeast Europe (SEE) should take a proactive approach to IT protection, as outdated software and patchy legislation put them at risk of cyber attacks, a senior official at global tech giant IBM told SeeNews.
"Security threats are on the increase both globally, as well as in the SEE region," Gyorgy Racz, Director of IBM Security Unit, Central and Eastern Europe, told SeeNews in a recent interview following the Fourth South East European Regional Forum on Cybersecurity and Cybercrime organised by market intelligence company IDC in Sofia.
"A record number of breaches and vulnerabilities in the last year clearly shows that cybercriminals continue to thrive and I believe the problem will be further exacerbated as the number of incidents within the next five years is expected to double."
Today, crime rings operate with a level of organisation and productivity that most businesses would envy, offering customer support and money-back guarantees if their tools fail to cause successful hacks, Racz added.
In his view, due to inherent weaknesses companies in SEE can be an easy target for the local hackers, many of whom, especially in Romania and Bulgaria are highly skilled.
The IT infrastructure in SEE is immature, as organisations in the region still use less effective and obsolete systems, which makes them vulnerable to cyber attacks, the official said, quoting IDC Executive Brief, 2015 (https://ibm.co/1hpYJi2). At the same time, according to the same report, the regulatory framework is underdeveloped, while cybercriminals are becoming increasingly sophisticated and collaborative.
IBM has built up a big security business in response to cybercrime, monitoring 35 billion security events per day for 17,500 clients in more than 133 countries and holding more than 3,700 security-related patents.
In June, IBM opened the European IBM X-Force Command Center in Poland, which is designed to provide a global Managed Security Services capability. Its first clients are using the European-dedicated service, while the centre has new cognitive capabilities, including IBM Watson for Cybersecurity, and expanded data localization services designed to help address clients' preferences and GDPR requirements.
As awareness of IT security issues grows and companies in SEE increase their investments in IT security, a number of them have turned to the tech company for support in developing and implementing comprehensive long-term cybersecurity strategies.
Financial services, having routinely been among the top targets of cybercriminals, are among the early adopters of proper security technologies and techniques.
United Bulgarian Bank in Bulgaria, Zagrebacka Banka and Splitska Banka in Croatia, BRD-Groupe Societe Generale in Romania, and Societe Generale Banka in Serbia are all using the IBM Security Trusteer to protect their web applications, computers and mobile devices against advanced malware and phishing attacks.
"If we look back in 2016 and take into account the indicators from reports like the 2017 IBM X-Force Threat Intelligence Index, the top-targeted industries include the healthcare, manufacturing, financial services, retail, information and communications, as well as the government sector, with the financial services industry being the one targeted most frequently in last-year cyber attacks," Racz said.
However, criminals attacking financial services were not as successful as they were in other industries, since finance was the third most breached category.
Recently many attacks have taken place in the government sector, Racz also said.
"Attackers certainly target the governments in the SEE region, and we have received a large number of requests to create security strategies for the public sector. What is important is that the awareness about the need for protection in this sector is growing."
Each industry has its own specifics, which, naturally, affect the type and number of attacks. If we take for example information and communication service companies and the government sector – those organisations experienced the highest number of incidents and breached records in 2016, the IBM official also said.
"I would say that organisations in this region face various kinds of attacks every day, such as phishing campaigns, malicious PDFs, SQL injections, crypto viruses, infected websites, brute force, misconfigured firewalls, botnet communications, 0-day exploits etc. However, a visible trend is the one where cybercriminals do not focus on a single type of threat or a group of threats, because they do not expect that such an approach will give the desired result," Racz explained.
"The attacks are persistent enough to find a weak point and thus reach the desired goal, namely stealing money, valuable information, encrypting data, demanding a ransom, etc."
Two years ago, IBM Security X-Force researchers detected new malwares that exclusively targeted 12 Romanian and nine Bulgarian banks. The previous versions of this malware attacked a number of European countries as well as the U.S., Australia, Saudi Arabia, etc. These examples, according to Racz, show that fraudsters are eager to test out their abilities to rob bank accounts in territories that are perhaps less protected or less experienced in dealing with advanced malware.
"You can think about cybercrime as the organised crime that can affect everyone on the planet. You, me, anyone. Cybercriminals are no longer thinking to go and rob a bank – why do that when they can tap into corporate accounts, steal a whole bunch of credit card numbers and sell them," he said.
"Therefore, we are back to the most important thing. It really is not that important in which region you are conducting your business; what matters is whether you have a developed security strategy and the extent to which your system is immune to external attacks. This will make a difference."
According to the IBM official, although awareness of security issues certainly exists in SEE, the real question is to what extent the users in the region have adapted to the new technological trends.
"We are witnessing major changes in the communications world, both among individuals and companies, in the domination of new technologies, new platforms, cloud services, mobile devices and applications, social networks, as well as the dynamics of business demands in accordance with the "anytime and anywhere" principle," Racz said.
"This entire new world of communication poses new challenges in terms of security. Nowadays, everything takes place online and no one is immune to the dangers lurking in the cyberworld."