Cybersecurity incidents up 14.5% in 2021
Ljubljana - A total of 3,177 cybersecurity incidents were recorded in Slovenia in 2021, a 14.5% rise over 2020, according to a report released by the the national Computer Emergency Response Team (SI-CERT). The year was marked by a large number of information disclosure vulnerabilities, with supply chain vulnerabilities at the forefront.
Phishing attacks again stood out among the reported incidents, increasing by 37% to 950. A large number of incidents were malicious code injections, at 306.
At the same time, the trend of cyber criminals targeting businesses from previous years continued.
The highest financial damage, just over EUR 123,000, was recorded in a case of intrusions into business communication.
Damage from cryptocurrency investment scams was also on the rise, with the highest damage at EUR 100,000 and the the average amount of money lost at around EUR 28,000.
Last year was especially marked by a large number of information disclosure vulnerabilities, particularly in the supply chain.
"We can already say that 2021 will be remembered in the cyber security response centre community for the high number of information disclosure vulnerabilities," SI-CERT head Gorazd Božič says in the report.
He noted the March 2020 intrusion into the network of US manufacturer SolarWinds and the information disclosure vulnerability of the Microsoft Exchange server last year.
The entire network of EU cybersecurity response centres ended 2021 in a heightened state of alert and amid a declared heightened threat to the security of networks and information systems due to the vulnerability of Log4j logging tool.
Although no internet Armageddon that some predicted occurred, 2021 was an eye-opener in terms of cybersecurity management during accelerated digitisation, Božič says.
SI-CERT was founded in 1995 to provide expertise in incident investigation and coordination, technical advice on various intrusions, and issue alerts to network managers and the general public on current threats in cyberspace. Its activities are funded by the Government Information Security Office, Slovenia's cybersecurity authority.