Company information is worth its weight in gold. You like to keep that in safe hands. In the digital world in which we live, this is not so easy. This often requires more secure networks, well-thought-out processes, and cyber-aware employees.With preventive research into information security, Hoffmann provides insight into the crown jewels of a company and where the business risks lie. Together with the company, it is determined where immediate attention is needed and where less, looking at technology, processes, and people's behavior. Hoffmann has the specialists, technology, and tools in-house to optimize the information security of companies and to train employees in cyber-safe behavior. This reduces the chance of becoming a target of cybercrime or espionage. Should an incident nevertheless take place, experienced advisers are ready to take immediate action.
Challenges for Hoffmann
Cyber-attacks have been in the news again a lot lately. For example, the systems of the Hof van Twente municipality were encrypted and hackers could view information about the Pfizer vaccine at the European Medicines Agency (EMA) in Amsterdam. At Hoffmann, they have noticed for some time that the fear of cyber attacks with ransomware is on the increase.
This fear is justified because hackers are currently targeting (large) SMEs, governments, and large (international) companies. There they can demand large amounts of ransom. Also, hackers are increasingly professional. They nowadays think more carefully about how they approach their targets. Not long ago, they sent an email (often poorly worded) with an infected attachment to many different individuals and businesses. A shot with hail, as it were. Nowadays they opt for a very focused and personal approach, in which they research the organization and the people who work there in advance. This allows them to send a personalized and credible email, increasing the likelihood that the attachment will also be opened.
They still shoot with hail. But because they respond much more than before to current events and sentiments in society, these e-mails are much more effective. For example, many fraudulent emails this year had a subject related to corona (updates, the NOW scheme, or vaccines), the benefits affair at the Tax Authorities, and - most recently - Black Friday. The chance that a recipient of such an e-mail will click on the attachment is much bigger than with a less topical or sensitive subject.
Until recently, hackers allowed the malware to automatically spread across the network to encrypt files. Nowadays they provide themselves with access to the network and are very focused on looking for opportunities to penetrate and infect critical systems.They also look for backups and backup systems, to encrypt them and/or make them inaccessible. This makes it less easy for organizations to ignore a ransom demand because they can no longer use the backup systems.
Finally, we see that hackers not only encrypt data and then request a ransom, but also increasingly steal (sensitive) data. This allows them to reinforce their ransom demand and increase the pressure by threatening to make that information public.