Cyberattacks are happening more frequently, insistence and sophistication. That's why, not only Brazil recorded a significant increase in cyberattacks, but the same scenario happened globally, with an increase in the third quarter of this year of 75% compared to the same period last year, setting a record of 1.876 cyber attacks per organization, according to the research by Check Point Research
The computer scientist, Michele Nogueira, PhD in Computer Science from Sorbonne University, in France, explain that this increase is due to criminals using Artificial Intelligence (AI) to automate and sophisticate their attacks, making them harder to detect and combat. This includes the creation of adaptive malware, phishing with mass personalization and more complex denial of service (DDoS) attacks. AI allows criminals to exploit system vulnerabilities on an unprecedented scale and speed, demanding from companies a quick and equally sophisticated response, alert her
Increase of e- businesses and the need for data protection
According to the survey "Profile of Brazilian E-Commerce", from BigDataCorp, the e-commerce sector in Brazil surpassed the mark of 1,9 million virtual stores in 2023. Just as online stores are increasing, DDoS attacks have become increasingly common, with an increase of 106% in its volume. These attacks can cost up to R$ 33 thousand per minute for the affected companies, highlighting the urgency of an effective response.
The study also indicated that 73,5% of e-commerce businesses are family-owned and 86% of them have fewer than 10 employees. They are small and medium-sized enterprises (SMEs), that face significant challenges when trying to protect themselves against cyber threats, especially those that involve AI. But, Michele Nogueira states that there are effective strategies that can be implemented to increase security and minimize risks. Awareness is the first line of defense for companies. It is essential to conduct frequent cybersecurity training for all employees, focusing on common threats like phishing, weak passwords and the safe use of devices. In addition to implementing phishing attack simulations to test and improve employee readiness, informs the computer scientist
It is also important to invest in security solutions that use AI to detect and respond to threats in real time, as antivirus, firewalls and network monitoring systems. These tools can identify anomalous patterns and alert about possible incidents. In addition to using tools that monitor user and system behavior to identify suspicious activities before they can cause harm. It is essential to implement encryption to protect sensitive data, both at rest and in transit. This ensures that, even if the data is intercepted, they cannot be used. Also perform regular backups of critical data and ensure that they are stored securely, preferably outside the main environment, so that they can be quickly recovered in the event of a ransomware attack or other breach, alert Michele Nogueira
Other protective actions
To protect yourself from cyber attacks, it is necessary to establish continuous network monitoring to identify and respond quickly to suspicious activities. Small businesses can use managed security services (MSSP) for this function if they do not have internal resources. "SMEs can benefit from security solutions provided as a service", that offer tools and support at an affordable cost without the need for large initial investments, Also hire specialized consultancies to conduct security assessments, identify vulnerabilities and suggest improvements, guides the computer scientist
Responses to attacks
Companies must create an incident response plan that includes clear steps to identify, counter and mitigate the effects of a security breach. This plan should be regularly tested through simulations, ensuring that all employees know what to do in the event of a security incident, including whom to report the problem to and what measures to take immediately.
To help mitigate the recovery costs after a cyber incident, including damage to reputation and business interruptions, companies can also consider hiring specific cybersecurity insurance
"Adopting these practices, small and medium enterprises can significantly increase their resilience against cyber threats, especially those that involve the use of AI by attackers. Even with limited resources, it is possible to implement an effective defense and minimize the risks associated with these threats, finalizes Michele Nogueira
Computer scientist Michele Nogueira
Michele Nogueira works in the field of computer networks, network security and data privacy. She has a PhD in Computer Science from Sorbonne Université – France and Postdoctoral Research at Carnegie Mellon University (CMU), Pittsburgh, USA
He is a senior member of the Association for Computing Machinery (ACM) and the Institute of Electrical and Electronics Engineers (IEEE) in recognition of his leadership and technical and professional contributions
She is an associate professor in the Department of Computer Science at the Federal University of Minas Gerais (UFMG) and is a permanent member of the graduate program in Computer Science
It is dedicated to research focused on creating cybersecurity intelligence based on artificial intelligence techniques and data science with applications in various sectors of society
