rvlsoft - Fotolia

The cyber threat to eastern European enterprises

Organisations in eastern Europe are targets for cyber criminals and although they are aware of it, they often fail to protect themselves against it

Cyber attacks pose a great threat to most eastern European countries, and although many companies pay close attention to cyber security issues their efforts often fall short.

In 2015, every other corporate computer in Russia, the region’s biggest market, experienced a cyber attack, according to software security company Kaspersky Lab.

For most countries in the region, the proportion of corporate users that suffered cyber attacks last year ranged between 30% and 60%, said Kaspersky.

Banking Trojans, encoders, ransom Trojans, botnets, phishing and DDoS attacks are considered the most common cyber threats in the region. Transport, logistics and financial companies are among the most common targets.

According to Yelena Vorobyova, vice president and deputy head of operations at Russian bank VTB24, failure to pay proper attention to cyber risks could lead to colossal losses for both financial organisations and customers.

“Perpetrators of fraudulent transactions are gradually moving from analogue transactions, such as withdrawal of large amounts of money from ATMs with counterfeit cards, to the digital environment, executing immediate transactions between dozens of e-wallets,” she said.

“Over the last two to three years, fraudulent activity has been on the rise [in the financial sector]. The most serious fraud is stealing data from millions of plastic cards from the processing centres of retailers.”

Read more about IT in eastern Europ


Jason Haward-Grau, CISO at oil and gas company MOL Group, said his company has seen a number of significant attacks in the past couple of months in the region, including targeted attacks in the industrial control environment in Ukraine and at a Hungarian oil and gas company.

“Regular DDoS attacks that are now becoming routine and the ever present threat of phishing attacks across the region indicate that the threat is increasing and here to stay,” he added.

According to Haward-Grau, because the reliance on IT is growing, cyber-attacks are becoming easier to launch, more numerous and continuously changing to exploit more and more IT systems.

“The overall number of malicious attacks is rapidly increasing in the industrial sector and it is very much true for the region as technology is more likely to be out of date, presenting a softer target,” he said.

Taken seriously

Major companies in the region stress that they are treating the cyber security issue very seriously, but avoid going into details.

“We use the most up-to-date control and monitoring solutions,” said VTB24’s Vorobyova.

According to Haward-Grau, MOL’s creation of a dedicated information security function outside IT demonstrates a proper focus on protecting the company and on managing the business’s critical cyber risks.

“As a priority we are raising the general cyber security awareness level throughout MOL Group further, and making sure that information security is part of our company’s culture and that information security is a natural part of all our projects,” added Haward-Grau.

Not even basic protection

Meanwhile, many companies in eastern Europe apparently fail to apply even basic protection against cyber risks.

According to data from a survey conducted last year by Kaspersky Lab, 63% of companies in the Czech Republic use antivirus software on employees’ workstations, but only 34% use any other protection than antivirus software and only 26% use anti-virus software on mobile devices.

“Historically we’ve seen eastern Europe’s technology markets reticent to adopt cutting-edge technologies, often favouring tried and tested solutions over less well known capabilities, regardless of how feature and function-rich those technologies may be,” said Richard Cassidy, technical director for Europe, the Middle East and Africa at Alert Logic.

According to Cassidy, other challenges include slower adoption of language customisation in the technology sector, and poor supplier presence in European markets.

Mobile the entry point

At the same time, an increased use of mobile devices also presents a cybersecurity threat.

“Users’ private devices, which could become an entry point into a corporate network for perpetrators, can really be a weak link in a company infrastructure,” said Pavel Shalin, an analyst at Russian anti-malware company Dr Web.

“On the mobility side, smartphone protection is not popular,” said Kalman Makay, a senior consultant with MiTech Systems Hungary, which sells Symantec products and services.

“Typically organisations from this region will deploy a very structured security architecture indeed, with silos looking after specific functions in terms of firewall front-end, mid-tier and backend, gateway-level content inspection,” said Cassidy. He added that reliance on these technologies working in isolation could lead to problems.

According to Cassidy, security information and event management solutions are too expensive for a region where small and medium-sized businesses play a major role.

But any spending on protection software is often wasted because many companies don’t have a consistent cyber security policy.

Read more on Web application security