In 2019, the Rostelecom Solar JSOC Monitoring and Response Center for Cyberthreats detected and repelled over 1.1 million external attacks on organizations’ information resources. At the same time, as always, more than 430 thousand cyberattacks were detected in Moscow. More than 128 thousand cyberattacks were recorded over the year in the North-Western Federal district.
The most common tool of hackers was the use of vulnerabilities in web applications (web portals, email, Internet banks, personal accounts). At the same time, according to Solar JSOC experts, it’s easy to hack every third application and gain access to the organization’s server. The number of such attacks increased by 13% in 2019.
“Such dynamics can be associated with the active development of corporate Internet resources, not only in traditional industries (banks, retail), but also in the fuel and energy sector, and the public sector. At the same time, most of these resources have critical vulnerabilities that allow hackers to get privileged access to the organization’s resources,” explained Vladimir Dryukov, director of the
Rostelecom Solar JSOC Monitoring and Response Center.
Also, in 28% of cases, cybercriminals used the introduction of malware (viruses, Trojans, spyware, etc.) into the information infrastructure of organizations in the region. Across the country, the number of such attacks increased by 11% in 2019. At the same time, hackers are constantly improving their tools, making malware less visible to security tools.
The method of selecting and compromising credentials (logins and passwords) from the Internet resources of organizations was in third place.
According to experts, among other types of cyberattacks, there are attempts to compromise logins and passwords of system administrators, DDoS, and exploitation of known vulnerabilities that were not timely eliminated by information security services of organizations.