Even before the Russian attack on Ukraine became “physical”, according to several international sources such as the BBC, the invaded country had already suffered another type of massive attack: cyber attacks. The criminals, dubbed “hybrid warfare”, seek to steal data and shut down services, affecting thousands of people and creating havoc. Recently, the Americanas, Submarino and Shoptime websites were down for several days due to “security incidents”.
The problem began after the companies recorded “unauthorized access” to their servers. Last year, the pages of important media from around the world, such as New York Times, Financial Times, CNN and social networks like Twitch and Reddit are facing the same situation. In addition, due to the outage of the American provider Akamai, the PlayStation gaming network is inactive, as well as the houses of Steam, Airbnb, McDonald’s, Google, Amazon, iFood and Mercado Livre.
“In an increasingly interconnected online world, cybercriminal attacks are carried out not only by large institutions or governments, as is the case in Ukraine, but by any environment where connectivity and data are available,” says Rafael Scalia, cybersecurity expert and global operations manager with clients. at Run2Biz, a technology company that develops service management solutions for companies that want to survive in an evolving marketplace.
Regardless of the size, a successful cyberattack can cause a lot of headaches. When a company hires an information technology (IT) service, it often doesn’t know what security procedures the contractor has in place. However, the vulnerability is common to all instances. Therefore, it is very important that IT companies follow international security regulations, procedures and standards and, above all, have systems in place to reduce risks and maintain security protocols at an extraordinary level.
Scalia explains that Run2Biz, for example, has an international partnership with CIS, an institution that defines protocols and methodology for protecting against cyberattacks. Predicting when they will happen is a very difficult task, but there are ways to prevent and control car parks, increasing safety and reducing opportunities.
Monitoring and verification procedures
One of the keys to success is following the RMM (remote monitoring and control) mandates, especially with the implementation of artificial intelligence (AI) for activity monitoring (AIOP).
The expert points out that many vulnerabilities are due to the lack of diagnostics of the machine park. For this reason, one of Run2Biz’s solutions for IT companies is to have a system that scans and monitors all machines, generating a report on status each of them and create tickets when a problem is found to quickly resolve it.
Another solution is to update monitored and secure machines. Whenever the machine goes through the upgrade process, resets in some parts that interfere with safety. Therefore, this process must also be monitored and controlled by an artificial intelligence system.
“The idea is always to turn a chaotic process into a complex one, because there are so many parts in the machine park that any vulnerability can be exploited by criminals,” Scalia says.
Consequences of not caring about virtual protection
By betting on the AIOP system, a number of problems can be avoided, as well as possible intrusions can be minimized. First, to make sure that the system is “on the air” with greater assertiveness, that is, it does not stand aside and does not cause losses. Small and medium businesses can suffer huge losses if their system fails. That’s why it’s important to do some basic math: divide days of work by days of the week and then by hours of work, see the company’s profits, and calculate the cost per hour the system can call.
Another point is that since 2020, Brazil has the General Data Protection Law (LGPD), one of the main points of which is to make the company responsible for the security and confidentiality of its customers’ data. In the event of a successful cyberattack, the company will be audited, and by proving that it has security and monitoring systems that comply with market protocols, it is more likely not to receive fines or sanctions for a leak.
“Investing in cybersecurity is truly the responsibility of companies, and it is impossible to stop considering this issue as a priority,” the expert says. Talk to us in the comments and let us know if you liked this news and take the opportunity to read more news on our website.
Source : Married Games
