Last year, the public sector accounted for at least 15% of all attacks. Most often, hackers used malicious software (MS): encryption viruses, remote access programs, and spyware. These malware were distributed mainly via email, hacked computers, servers, and network equipment.
We predict that in 2024 bahrain whatsapp number database the peak of attacks will be in the spring, and attacks on the Russian public sector will be even more frequent. First of all, this is due to the upcoming elections both in Russia and in other countries. The activity of various types of fraudsters in cyberspace increases when public attention is focused on important events for the country. As practice shows, such events often lead to an increase in the number of DDoS attacks, phishing, and social engineering.
Presidential elections are a particularly important event, for which hackers prepare carefully and in advance. In addition to standard methods, high-tech and modified malware may be used. Attackers conduct campaigns using software developed for global goals and specific organizations, and regularly develop it to bypass classic means of protection. Once in the victim's IT infrastructure, such programs can cause damage in the form of encryption and suspension of the company's activities, as well as more tangible damage - from financial and reputational losses to theft of know-how.
Private companies whose business processes are related to the public sector may also be at risk. Such organizations pay little attention to protecting endpoints, i.e. external devices and programs that connect to the computer network and exchange information with it. These include, for example, mail servers, directories and disks for storing files, corporate accounts in instant messengers.
Endpoints are one of the most popular places in IT infrastructure to compromise: they are conveniently used to deliver and distribute malware. Having penetrated companies’ systems, hackers can go further and conduct supply chain attacks. They can use the victim’s infrastructure to develop an attack and pose as a trusted counterparty with whom larger organizations have had long-term cooperation. At the same time, any company that conducts business relations can be at risk, from delivering drinking water to the office to exchanging documents over a secure communication channel.
Let's look at three vectors of attacks on endpoints. In our opinion, these are the methods that will be in demand among hackers.
Trust game
Many Russians use instant messengers not only for personal purposes, but also for work. Communication can take place in protected, according to the manufacturer, and in popular, but limited and prohibited for use in Russia applications. There are organizations that are directly prohibited by law from using some platforms. Nevertheless, employees of companies from different fields continue to exchange information through instant messengers, considering this channel for communication fast, trusted and reliable. They often use the web version and application of this messenger on their work computers. It is convenient for employees to perform work tasks and interact with colleagues through the same devices.