Front Page: NCSC-FI
Front Page: NCSC-FI
Menu

Late frost in March cyber weather

Information security now!

Cyber weather in March took a turn for the worse with major data breaches and active phishing campaigns. Even though solid network performance tried to chase the clouds away, the threat of DoS attacks during elections kept the sky dark. Documentary series Team Whack explaining the cyber world to viewers was a ray of light in the gloomy season.

""

Network performance improved but threat of DoS attacks darkened the sky

Incidents in network performance were fewer compared to January and February. Moreover, only few DoS attacks were detected in Finland. However, the Finnish parliamentary elections in early April required preparation, as several EU countries had reported DoS attacks before elections. 

Severe data breaches caused a lightning storm

Norwegian Norsk Hydro was hit by a type of data breach referred to as ‘big game hunting’. This type of operation involves targeting data breaches with ransom demands at large organisations. The clouds grew even darker as the Office 365 phishing campaign, which has been a subject of our alert for 10 months already, took a new twist: stolen credentials are used in new data breaches at an even faster pace. 

Critical vulnerabilities

March saw a vast number of new vulnerabilities. Many of them were critical, which means that exploits for them have already been found or they are easily exploited. This causes major problems to organisations. Another alarming phenomenon is the exploitation of old vulnerabilities, which shows that many organisations have left old vulnerabilities unpatched.

Snooping and spying

One method of cyber spying is supply chain attacks. They are quite common but as a new trend, these attacks involve device manufacturers. The computer manufacturer Asus, for example, fell victim of such attack.

Room for improvement in industrial automation

The possibilities of IoT in industrial automation are endless. However, it is critical to update the devices and ensure good IT hygiene. Up to 20% of vulnerabilities detected in automation devices are critical, which poses major risks to the industry. The National Cyber Security Centre Finland at the Transport and Communications Agency Traficom scan for open connected devices in Finland. The results will be published by summer. 

Read more about the cyber weather in March