ITS blog: cyber trends in the Czech Republic in 2024
2 min
text by František Kovařík
The year 2024 was marked by new threats, significant successes and warning signs in Czech cyber security . What did it bring us? Join us for a look at the most significant events that shaped the cyber space.
Availability under pressure: attacks on services
Attacks targeting service availability were the most common threat this year. DDoS attacks, including massive campaigns by the NoName057(16) group, regularly crippled the public and financial sectors. While some incidents did not cause widespread damage, their frequency shows that our resilience is being tested.
Ransomware: a corporate nightmare
Ransomware remains the number one threat. Groups like LockBit 3.0 and Akira have improved tactics this year and caused millions of dollars in damage. Most alarming is their focus on strategic targets, including healthcare and local governments, where they can paralyze key services. However, ransomware attacks have long since ceased to be a matter of targets in critical infrastructure; even we at ITS are increasingly seeing incidents and attacks on entities that were never considered interesting targets for potential attack in the past.
Social engineering: phising on the rise
Phishing and spear-phishing are increasingly popular among cybercriminals. Attacks are becoming more sophisticated, targeted and convincing. This summer's spear-phishing campaigns have demonstrated that financial manipulation and misuse of email systems can have serious consequences. A typical sign of phishing is precisely the increasingly sophisticated wording, with blatant grammatical errors beginning to be replaced by rhetoric not dissimilar to real corporate communications. Careful attention should be paid to e-mail addresses and domains - even minor nuances may be involved. The key to prevention is undoubtedly education - regular employee training and testing. The common denominator of attacks is often the stress factor, the desire to put the individual under pressure to make a quick decision or action. Typically, a panicked accountant might send a payment on a Friday afternoon to someone posing as an established customer or supplier, for example.
Technical errors: an unexpected enemy
Nor do all threats come from outside. For example, the CrowdStrike worm outage, caused by a faulty update, showed critical weaknesses even in reputable providers. While the damage was not severe in the country, the global impact was in the billions of dollars.
Young people as targets
Children and young users are becoming new targets. Fake apps full of malware massively exploited their inexperience over the summer. It is essential to raise awareness about cyber hygiene not only among parents but also in schools. We are glad that this fact does not go unnoticed from the point of view of the Ministry of Education, the NCIB and the educational institutions themselves. Every activity and prevention counts, and we would like to appeal especially to parents; we are growing up in a digital generation and we need to explain the context.
Critical threats according to NUCIB
In 2024, the National Cyber and Information Security Bureau (NCISB) warned of several serious cyber threats:
- In February, Russian group APT28 compromised Ubiquity Edge OS routers, creating a botnet network used for cyber espionage. In the same month, two critical vulnerabilities were discovered in the FortiOS operating system, allowing remote execution of malicious code on FortiGate firewalls.
- In June, the increased risk of DDoS attacks during the European Parliament elections, targeting political parties and electoral organisations, resonated in particular.
- In October , phishing campaigns were detected in which attackers exploited the identities of Amazon, Microsoft and Czech state institutions. Malicious .rdp files allowed remote access to victims' systems.
You can also read more in the summary Reports on the state of cyber security on the NCIS website.
What has 2024 shown us?
If we were to boil it down to the very simplest terms - cyber threats are becoming more sophisticated, more frequent, but our ability to respond is also improving. February's crackdown on the LockBit group proves that international cooperation can yield significant successes. Prevention, resilience and rapid response will be the key to a seamless operation in 2025.
For CIOs and IT managers: four key areas
As it follows from the above, if we were to summarize the key points that need to be consistently focused on and where we see trends for this year, we would highlight:
1. SERVICE AVAILABILITY - Invest in protection against DDoS attacks and test infrastructure resilience.
2. RANSOMWARE PROTECTION - Back up data, deploy modern security tools (EDR/XDR) and educate employees
3. MINIMIZE HUMAN FACTOR ERRORS - Implement two-factor authentication and train employees to recognize phishing and other fraudulent activities
4. MONITORING AND RESPONSIVENESS - Cybersecurity today is based on continuous monitoring, assessment and responsiveness to known and unknown types of threats. Use proactive tools such as MDR, SIEM or SOAR, or outsource these activities to specialized and proven partners
Are you ready for 2025?
Cybersecurity is a constant battle. Your determination and precautions will play a critical role in whether you can keep up with increasingly sophisticated threats. Continuous education, advanced technology and strategic collaborations with technologically advanced partners are your strongest weapons in the long term. If you want to advance your cybersecurity posture or just examine where it stands, don't hesitate to contact us.
About the author of the text
František Kovařík is in charge of foreign trade at ITS, specifically focusing on the Nordic countries. He brought his experience from companies such as IBM and TD Synnex, where he started as an IT specialist and later moved into the business consulting area. He is an enthusiast for new technologies and enjoys exploring them in detail. He focuses on finding real, practical solutions instead of marketing platitudes and tries to bring an often different angle to the issues at hand.
What else to read
See more news from the world of IT and ITS
