Increase in supply chain attacks
The National Cyber Security Center (NCSC) has published its semi-annual report. The headlines are dominated by attacks on IT supply chains of goods and services from different suppliers.
As the National Cyber Security Center (NCSC). in its half-year report writes, attacks on process-oriented control of goods and services are increasingly being carried out. Attacks on the so-called supply chain lead to serious errors such as a production stop. The NCSC cites an incident of a supply chain attack on the software company Kaseya in mid-2021, as a result of which websites of the city and canton of St. Gallen were unavailable for a longer period of time due to a DDoS attack on hosting providers.
More blackmail waves
The NCSC recorded more than 11,000 cyber incidents. According to the report, the most frequent reports were of various forms of fraud. Fraudulent emails were reported very often. Other scams include investment fraud, CEO fraud and classified ad tricks. According to the semi-annual report, there were again numerous attacks with encryption Trojans.
Patterns of double blackmail are increasingly emerging in this context. For example, data is increasingly being copied before it is encrypted in order to threaten the publication of such data in the event of ransomware.
In the case of classic phishing, an increasing number of attacks involving supposed parcel deliveries are being reported. Other reports concerned phishing attempts in connection with webmail and Office 365, and phishing e-mails concerning allegedly duplicate payments were also a constant source of concern.
Source: National Cyber Security Center NCSC
