TALLINN – Altogether 78 percent of European enterprises and organizations consider cyber security to be the main risk both this year as well as in the next few years, it appears from the business risk mapping report Risk in Focus 2020.
It also appears from the report that 93 percent of attacks can be avoided solely by updating software, blocking suspicious e-mails and raising people's awareness.
"We can see that phishing campaigns are spreading like wildfire in Estonia, too. For example, over the last few months, attempts have been made to steal large amounts of money from victims' bank accounts by using the insignia of different banks. At the end of the summer, employees of the Tallinn city government were hit by a phishing campaign aiming to obtain account information. Most importantly, these types of attack bear fruit -- people's accounts are compromised and money changes hands," Aigar Kais, head of the cyber security field at Telia Estonia, said.
According to the Information System Authority (RIA), approximately 1,700 cyber incidents were registered in Estonia in the first half of the year. Attempts are mainly made to approach the victim via e-mail, but the web, cloud applications, mobile devices, computers as well as corporate branch offices and headquarters server centers are also used.
"Hackers skillfully exploit human weaknesses. No matter how powerful the security solution is in the enterprise, the person is still a weak link in the entire chain through which a hacker can gain control of the system," Kais said. According to him, slip-ups still happen too easily -- be it clicking on suspicious ads on the internet or sharing data in response to e-mails or unfamiliar text messages.
The cyber security expert said that alongside security solutions, the best way to detect fraud is still people's own attention and awareness.
"In case of doubt, one can contact their bank, colleague or any service provider to verify the accuracy of the information. Of course, this must be done before clicking anywhere or sharing one's contact and account information," Kais said.