This opinion article was written by our CTO André Baptista, originally published on Expresso, and has been freely translated from European Portuguese.
In his global bestseller 'Annihilation,' a novel that also addresses the theme of invisible-face terrorism and its cyber aspect, Michel Houellebecq writes at one point:
"Offensive capabilities progress much faster than defensive measures; maintaining world order and security will become increasingly difficult in the future."
Considering that the book's action takes place in 2027, this warning leads me to say that the French writer's words are only understated. In fact, not only does this portrayal fit our current reality like a glove, but Portugal is also not an exception to this security threat.
Proof of this, in fact, was the news recently published by 'Expresso' stating that "Attempts at cyberattacks on public and private national entities are numerous and daily," quoting the Portuguese Secretary of State for Digitalization and Administrative Modernization, Mário Campolargo, and highlighting critical sectors such as health and education as preferred targets for attacks. According to the government and in the same news report, "There is strong growth in ransomware and denial-of-service (DDoS) attacks," with data from the Portuguese National Cybersecurity Center (CNCS) recording 2,023 cyberattacks last year, a 14% increase compared to 2021.
Unfortunately, these figures do not surprise us. As part of an analysis carried out by Ethiack, the most detected vulnerabilities were RCE (Remote code execution), a vulnerability that allows a hacker to take control of a machine/digital asset; XSS (Cross-site scripting) or vulnerability that allows "injecting" scripts into websites; and SQL injection, a vulnerability that allows altering databases. This is in addition to the detected Business logic errors, which are flaws/imperfections in programming that enable a hacker to take control of the application and, for example, change the rules, logic, or decision privileges of the app. Particularly relevant among the survey's findings was the fact that the response time of security and incident response teams (Blue Teams) was considered slow by respondents.
Between September 2022 and March 2023, we’ve also tested the security of about 7,500 "digital assets," i.e., servers exposed on the internet, with the proper authorizations, and identified more than 17,000 vulnerabilities of 400 different types, with over 60% of these considered impactful and 12% having a "critical" impact.
These figures show that it is still easy to access companies' information systems and that detecting cyberattacks is far from fast and effective, largely because many of these vulnerabilities lie in assets forgotten or dormant, as the projects they were created for have been discontinued, but the machines remain in place.
That is why vulnerability analysis is so important, especially for companies. First, because it allows identifying and effectively protecting all digital assets. Second, because it helps reduce costs and resources (human and financial) involved in effectively protecting their digital infrastructure, which has dozens of digital assets and therefore needs many resources to protect their digital infrastructure effectively.
Thus, despite this concerning diagnosis, and so that the future is not even more dramatic than Houellebecq describes it in his book, it is possible to act proactively, and in the state we find ourselves in, it is best to follow the old proverb, "If you want peace, prepare for war."