The evolution of cybercrime is increasingly leaning towards the establishment of mafia-like connections and the utilization of technologically advanced solutions previously only seen in special services operations. Artificial intelligence (AI) is increasingly being used in this move, bringing with it a new series of threats. Even though tools for preventing attacks are progressing in line with the technological advancements of cybercriminals, the weakest link remains to be the human. Attractive targets for hackers include public entities, critical infrastructure, and local governments, especially smaller ones lacking financial and personnel resources necessary for sufficient protection.
“New threats mainly entail a brutalization and increasing scale of ransomware attacks, extortion, ransoms, progressively brutal and effective activities of criminal groups, and their professionalization. The most dynamically growing risk, escalating very quickly in importance and scale, is AI, which appears in the market area of device support and products, cybersecurity solutions. Regrettably, it also appears in the criminal activity. Cybercriminals use and expand their own AI engines,” says Krzysztof Dyki, President of the Management Board of ComCERT from Asseco Group, in an interview with Newseria Innovations Agency.
Cybersecurity is increasingly recognized in public debate due to the growing scale of the problem. Data from ComCERT from the Asseco Group shows that the number of attacks increased by an average of one-quarter last year. Despite the sophisticated tools utilized by cybercriminals and those used in protection against them, the human factor remains the weakest link.
“First and foremost is awareness. No technology can offer as much as an aware, responsible, and secure user who understands risk. Cybersecurity is awareness and capability to manage threats, it’s not about the absence of threats. Second, are the technologies and tools. If we’re talking about an individual, this means antivirus software, regularly renewed and updated. If we’re talking about a company, it’s about the right design and construction of a cybersecurity system,” Dyki explains.
One of the main trends in cybercrime is the professionalization of criminal groups. Experts have noticed that these groups are beginning to operate at a level of sophistication characteristic of special services. Evidence of this can be found in the development of proprietary communication systems by criminals to make unmasking more difficult. A trend toward consolidation, or the absorption of smaller groups into larger ones, is also observed. It’s no surprise, then, that the focus of attacks is increasingly on critical infrastructure. Common targets of cybercriminals have been organizations in the public sector, healthcare, finance, and tech companies.
“The main targets are data – its quantity and nature. It could be medical data, military data, technological data, financial data, which are of interest to cybercriminals. Local governments are also attractive to cybercriminals, not only for the data processed but unfortunately also for ransoms. Local governments fall victim to criminals threatening to release information or documents. Criminals usually target large local governments, but not only,” the expert observes.
In response to the escalating threat, the Rzeszów City Hall and Asseco Group established the first Centralized Cybersecurity Operations Center for local government administration in Poland. The center’s scope covers the Municipal Teleinformatics Network, which besides the City Hall also services the Municipal Road Administration, the Public Transport Authority, and the Municipal Marketplaces and Car Parks Administrations. The center will focus on monitoring, responding to and preventing cyber incidents.
“The Cybersecurity Operations Center in Rzeszów is a unique project because it integrates and manages the security of four different municipal units. In this sense, it’s a very good approach, a minimization of risks, and certainly a path that other local governments can follow,” emphasizes Krzysztof Dyki. “Cybersecurity for local governments is a big challenge due to the limiting work environment. The best specialists expect not only the best compensations, but also exceptional projects and a unique work environment. Local governments must launch exceptional projects that will attract cybersecurity specialists, offer exceptional compensations, and create a unique work environment. Without these three attributes, I find it hard to imagine local government units as an attractive employer for cybersecurity specialists.”
According to ENISA, almost 60% of organizations in the European Union may face a shortage of specialists in the market. The best talents find work in the private sector, which offers better salaries than the public sector. The public sector is mainly used to gain experience and acquire competencies valued by future employers. However, only one-quarter of candidates for cybersecurity expert positions meet the qualifications required by employers.
Trends in digital solutions and the role of AI in cybersecurity were the topics of a discussion panel at the Welconomy Forum in Toruń 2024.