He believes that, in 2023, everyone knows the importance of investing in cybersecurity, in order to maintain the protection and confidentiality of information, especially when it comes to the business sphere. Because, concomitantly with technological advances, increasingly efficient strategies have also emerged to divert confidential data and cause problems through malicious applications.
With each passing year, the losses caused by cybercriminals reach gigantic amounts, hindering the progress of activities and even causing companies to have to close their activities. According to information from Cybersecurity Ventures , there is an estimated eight trillion dollars in losses this year, making cybercrime one of the biggest economies in the world.
Regarding the gains obtained with this type of strategy, there is an expectation of growth of 15% per year until 2025 . Making investments in cybersecurity increasingly greater for companies.
For this reason, it is necessary to adopt strategies for recognizing digital vulnerabilities to protect information . One of the biggest triggers for the growth of cybersecurity strategies is the advancement in the use of cloud computing. Considering that, it is a technology that adds a lot of practicality and more efficient and complete information exchange.
The advancement of artificial intelligence has also highlighted the need to adopt tools aimed at protecting information. The recently implemented General Data Protection Law establishes in its articles protocols and basic requirements so that companies can guarantee the confidentiality of information handled and stored. And failure to comply with this rule can cause countless losses for the business.
Understand better how LGPD can impact your organization:
Data Security
Continuing with what is established by the General Data Protection Law , we need to understand that the protection of information that is collected, manipulated and stored by a company must be a priority for the business . The main objective of this legislation is to ensure that the data collected remains confidential for the protection of its holders and to prevent it from being used illegally.
In Brazil, data leaks are one of the main problems affecting companies of all sizes and segments , ranking third as the country most affected by a major data leak that hit the Chat GPT platform.
Check out the main news in 2023 about data security:
The GPT Chat leak | Digital Look
GPT chat is an OpenAI platform and has gained a lot of popularity in recent months. Users from all over the world have been using this platform as a way to develop projects and even for entertainment . The big problem is that most of these users do not recognize the risk of entering personal information and end up favoring the incidence of leaks.
Recently, this platform suffered a major data leak, putting the information of thousands of registered Brazilian users at risk, causing countless losses. Information from these compromised accounts was exposed on the dark web , putting the confidentiality and reliability of the artificial intelligence platform into question.
Among the countries most affected by this leak are India, Pakistan and Brazil in first place. These numbers demonstrate how Brazilian users are giving up certain precautions to protect their personal data . This is because the information leak was not caused by a security flaw in the platform, but rather by security problems directly located on the affected users' devices, as is the case with the Racoon virus .
Ethereum blockchain crisis | Exam
The personal account on X (formerly Twitter) of Vitalik Buterin (developer of the Ethereum blockchain) was recently hacked, and cybercriminals took advantage of the access to launch a scam. Reporting on a (false) distribution of cryptoactives, these cybercriminals victimized hundreds of users and caused losses of US$800,000.
The false publication was made available on the 9th on Vitalik Buterin's personal account, publicizing the launch of NFTs (Non-fungible Tokens), accompanied by an access link. This link requested registration and users provided various personal information, including digital wallet data.
With this information in hand, cybercriminals diverted thousands of crypto assets and caused great losses for users. Access to the account has now been resumed, but the damage caused was enormous.
Cryptocurrency theft in North Korea | Exam
In 2023 alone (with consolidated data from January to August), North Korean cybercriminals have already caused the diversion of US$200 million in assets. To do this, these hackers use different strategies, covering their tracks and preventing the redemption of these cryptocurrencies.
Once they manage to divert these values, these assets go through a process of conversion into fiat currencies, where the responsible bodies are unable to exercise more assertive control.
The company Atomic Wallet suffered a diversion of crypto assets in June 2023 , suffering a huge loss of US$100 million. The scam was linked to the Lazarus cybercriminal group, which has been carrying out numerous scams of this type in North Korea.
Network security
When we talk about the internet used by companies, network security is one of the most important aspects to be considered. All confidential and vital information for business continuity circulates through the corporate network. It becomes necessary to adopt strategies to ensure that this data remains confidential and the exchange of information carried out by employees.
It is very important that the company adopts tools and resources that help keep network traffic more secure and prevent problems and information leaks. Many cyber threats end up reaching companies through network vulnerabilities. In this sense, having resources that help filter this traffic is essential to avoid the main problems and cyber threats that can affect a business network.
Considering that most of the cyber problems that cause losses to organizations can arrive through failures in the company's network, as is the case with some cyber threats that we will mention below.
Check out the main network security news in 2023:
CoinEx hack | Your money
The famous cryptocurrency broker CoinEx suffered a network hack this week that resulted in several transactions being carried out. Without a history and without the possibility of tracking, these cryptoactive transactions caused a huge loss.
Although the company did not provide further details, these transactions point to a possible cyber attack, and it is necessary to wait for more information from the company. These illegal transfers accumulated losses of US$27 million.
Although a cyber attack by CoinEx has not yet been confirmed, the security platform Cyvers Alert issued an alert about what happened. Using X (formerly Twitter) the company reported the suspicious transactions suffered by CoinEx, as a possible cyber attack.
Central Bank data leak | Brazil Agency
The Central Bank reported the leak of 238 Pix keys from Phi Payments customers in 2023 , being one of the main leaks since the launch of this transaction system (Pix). This leak was due to failures in the institution's systems.
After the incident, the Central Bank reported that greater damage was avoided due to the various network monitoring mechanisms used by the system, avoiding a greater impact. Currently, this system has more than 630 million keys duly registered on the platform, and a further leak could cause irreparable damage.
The leak was restricted to key data, without exposing the bank details of affected customers. Although it was a low-impact network security issue, the disclosure was made in favor of transparent communication with consumers.
Facebook data leak | Suno
Although the data leak from the Facebook platform is not relatively recent, this year the court ordered the company to compensate users who had their information exposed . The company was ordered to pay an individual payment of R$5,000 to the user who proves the loss and takes legal action.
The action filed by the Instituto Defesa Coletiva targets the leaks that occurred in 2018 and 2019, which resulted in the disclosure of data from more than 540 million users.
This information was made available on the internet and the Deep Web.
Cyber threats
Along with the approaches we mentioned earlier, other cyber threats have also emerged that have impacted the services of companies across all sectors. Check out the main news about cyber threats in 2023:
Phishing Attacks | Security Report
Phishing attacks continue to be one of the most used approaches by cybercriminals to collect personal data and encourage the application of other scams. Generally, these criminals use email services and other messaging platforms to send malicious links and deceive users who end up providing personal or confidential information to these cyber criminals.
One of the most imitated companies for carrying out phishing scams was Microsoft. According to data from Check Point Software's Brand Phishing Report , it accounts for around 29% of all phishing attempts using a brand.
Another widely used approach is ransomware attacks, which tend to victimize companies and organizations of all types around the world. According to the cybersecurity report released by Check Point Research , there has been an intensification of ransomware attacks targeting corporate software.
Compared to the first half of 2022, there was a 20% increase in the number of victims of ransomware attacks , with Brazil recording 1595 attacks of this type in the period studied.
Pix bypass malware | Exam
Pix is one of the most used banking transactions today, being used by thousands of Brazilians . Targeting the amounts that are transferred through this type of operation, cybercriminals have been developing strategies to obtain this money illegally.
For this reason, numerous viruses and malware have emerged that were developed to intercept the values that pass through this transaction . In most cases, these illegal platforms are developed to operate on Android devices.
The main programs used by criminals to carry out these scams are:
- PixStealer;
- PixBankBot;
- BrazKing;
- BrasDex;
- PixPirate;
- GoatRAT.
DDoS attack | Cloudflare
DDoS attacks can cause real disruption for organizations that depend on their digital resources to maintain the continuity of their activities. This type of cyber attack 's main objective is to harm legitimate users' access to a company's services or pages.
With the help of previously contaminated zombie computers, cybercriminals fire an absurd amount of requests to the page in question, causing a large volume of traffic. In this way, the attack ends up preventing real users from being able to access this content or service.
Depending on the size of the attack, the company's services may be unavailable for days or weeks, an immense financial loss for the business . In 2023 there were multiple DDoS offensives, mainly due to the conflict between Russia and Ukraine.
Data from the 2023 DDoS Threat Report demonstrated that there was a substantial increase in DDoS attacks in the second quarter of 2023, mainly due to the Ukraine Vs Russia conflict.
There have also been a large number of attacks against cryptocurrency companies, disrupting transactions and causing huge losses.
Relevant Cybersecurity Articles in 2023
To make you feel even more informed about cybernetics in the world, we have put together some very interesting articles that provide relevant information on this topic.
10 biggest data security breaches in 2023
In this informative article, the 10 biggest data security breaches that occurred in the world in the first half of 2023 are compiled. Considering that cyber attacks can victimize not only large corporations, but also smaller companies. It is impossible to predetermine the target group that may suffer from this type of threat.
Among the main attacks that affected the world this year we can mention the ransomware attack suffered by Ferrari, the major data leak from the GPT chat platform and the leak of confidential documents from PwC.
Network Security: The Secret to MSP Productivity
The growth of IT service outsourcing has placed MSPs at a highly competitive and exponentially growing level. To stand out in the market, these companies need to have resources and tools that help ensure greater productivity and achieve a competitive edge.
Network security is essential for MSPs to be able to provide safe and efficient services and guarantee their consumers better use of the tools offered. For this reason, it is necessary to have the right resource to deliver the expected results and prevent your consumers from suffering from any type of cyber threat.
To help your company prepare in the best way, this article provides very valuable tips. With the help of these recommendations, your MSP can increase substantially.
Digital security and DNS: protection against cyber threats
Through DNS it is possible to convert IP numbers into website addresses, facilitating navigation and access for all users to the developed pages. Without the help of this technology, it would be much more difficult to locate pages on the internet, since users would need to provide the IP number for this access.
Domain names facilitate this process and ensure that specific tools are developed to filter access and protect corporate networks and devices.
In this exclusive Lumiun article we talk about the subject, we bring you everything you need to know about the DNS filter and the benefits that this feature can bring to your business. In addition to providing greater cybersecurity for the information that is stored, it also directly contributes to increasing the productivity of your employees.
Recommended articles on cybersecurity
We have also put together some very interesting articles to enrich your knowledge about cybersecurity, see below.
How to identify that you are on a hacked website | Kaspersky
Identifying whether a website is secure is essential to ensuring data privacy. In this article, there are fundamental tips to prevent your information from being exposed to cybercriminals.
Some signs that can be found on this type of page can help you determine whether the content found is safe for your data. With more and more phishing strategies that can be implemented on the internet, it is necessary to maintain a preventive stance to avoid problems caused by this type of scam.
The problems caused by cyber threats and traps can cause your company to suffer from the unavailability of its services and a drop in revenue. For this reason, it is necessary to have strategies to identify possible malicious pages.
5 cybercrime trends that demand attention | WeLiveSecurity
Every day cybercriminals look for ways to cause problems and divert information illegitimately. Concomitantly with technological advances, malicious software has also been developed to apply extremely harmful cyber scams.
This article brings together drastically impact security One of the most important information on this topic is the possibility of recurrence of scams between users and companies that have already suffered from a threat.
Important information is that information leakage and theft is a strategy used by cybercriminals who have been financing fraud and scam applications . Cybercriminals have been using this information to develop traps and cause great financial losses.
It is extremely important to stay informed about the main threats to avoid losses caused by cybercriminals.
8 steps to assess a company's cybersecurity risks | WeLiveSecurity
Knowing how cyber security is going within your company is essential to be able to establish solutions and protocols that help the business stay protected. To determine the real need for security , it is very important to identify possible points of vulnerability.
Does this mean that your company is not safe? In fact, with the advancement of technology, the strategies used by cybercriminals to divert information and cause problems for companies have also advanced.
For this reason, it is necessary to remain aware of any security needs that your company may present. Based on the identification of these vulnerabilities, it is possible to implement changes and improvements to your business' cyber protection strategy.
