Cyber attacks are happening more often, insistence and sophistication. So not only has Brazil seen a large increase in cyber attacks, but the same scenario has happened globally, with an increase in the third quarter of this year of 75% compared to the same period last year, registering a record 1,876 cyber attacks per organization, according to the Check Point Research survey.
Computer scientist Michele Nogueira, Phd in Computer Science from Sorbonne University in France, explains that this increase is due to criminals using Artificial Intelligence (AI) to automate and sophisticated their attacks, making them more difficult to detect and combat. This includes the creation of adaptive malware, phishing with mass customization and more complex denial of service (DDoS) attacks.“A AI allows criminals to exploit system vulnerabilities at unprecedented scale and speed, requiring companies to respond with agile and equally sophisticated”, she warns.
Increased e-commerces and need for data protection
According to the survey “Profile of Brazilian E-Commerce”, by BigDataCorp, the e-commerce sector in Brazil surpassed the mark of 1.9 million virtual stores in 2023. As well as online stores increase, DDoS attacks have become increasingly common, with an increase of 106% in their volume. These attacks can cost up to R$ 33 thousand per minute for affected companies, highlighting the urgency of an effective response.
The study also pointed out that 73,5% of e-commerces are familiar and that 86% of them has less than 10 employees. It is small and medium-sized companies (SMEs), who face significant challenges when trying to protect themselves against cyber threats, especially those involving AI. But, Michele Nogueira states that there are effective strategies that can be implemented to increase security and minimize risks.“ Awareness is the first line of defense of companies. It is paramount to conduct frequent cybersecurity training for all employees, focusing on common threats such as phishing, weak passwords and the safe use of computing to test the attacks.
Also important to invest in security solutions that use AI to detect and respond to threats in real time, such as antivirus, firewalls and network monitoring systems. These tools can identify anomalous patterns and alert about possible incidents. In addition to using tools that monitor the behavior of users and systems to identify suspicious activities before they can cause damage. “It is essential to implement encryption to protect sensitive data, both at rest and in transit. This ensures that even if data is intercepted, they cannot be used. Also perform regular backups of critical data and ensure that they are stored securely, preferably outside the main environment, so that they can be recovered quickly in the event of a ransomware attack or another.
Other protective actions
To protect themselves from cyber attacks, it is necessary to establish continuous network monitoring to quickly identify and respond to suspicious activities. Small businesses can use managed security services (MSSP) for this function if they do not have internal resources. “SMEs can benefit from security solutions provided as a service, which offer tools and support at an affordable cost without the need for large upfront investments, Also hire specialized consultants to perform security assessments, identify vulnerabilities and suggest” improvements, advises the computer scientist.
Respostas aos ataques
Companies and should create an incident response plan that includes clear steps to identify, contain and mitigate the effects of a security breach. This plan should be tested regularly through simulations, ensuring that all employees know what to do in the event of a security incident, including who to report the problem to and what steps to take immediately.
To help mitigate recovery costs following a cyber incident, including reputational damage and business disruptions, companies may also consider hiring cybersecurity-specific insurance.
“By adopting these practices, small and medium-sized companies can significantly increase their resilience against cyber threats, especially those involving the use of AI by attackers.Even with limited resources, it is possible to implement an effective defense and minimize the risks associated with these threats”, concludes Michele Nogueira.
Computer scientist Michele Nogueira
Michele Nogueira is a computer network, network security and data privacy graduate of the Sorbonne University of Computer Science in France and a Postdoctoral fellow at Carnegie Mellon University (CMU), Pittsburgh, USA.
He is a senior fellow at the Association for Computing Machinery (ACM) and the Institute of Electrical and Electronics Engineers (IEEE) in recognition of his leadership and technical and professional contributions.
She is an associate professor in the Department of Computer Science at the Federal University of Minas Gerais (UFMG) and is a permanent member of the Postgraduate Program in Computer Science.
He is dedicated to research with the focus on creating cybersecurity intelligence based on artificial intelligence and data science techniques with applications in various sectors of society.
