Cyberspace vulnerabilities
More than 8.5 million computers running Windows software were affected by the world’s largest Internet outage in July this year. The figure makes the incident the largest cyber event ever, surpassing all previous attacks and events. It was a malfunction, a computer bug, which produced effects very similar to a cyber-attack. It caused the interruption of some services, the failure of functioning and start-up of some computers on the Windows operating system, and also severe disruptions of some servers operating in the virtual environment.
Corina Cristea, 13.09.2024, 14:00
Dan Cîmpean, the director general of the National Cyber Security Directorate is here with details: “This shows us, on the one hand, how dependent we have become, as an economy, as a society, as users, on the various software components that run on the devices which we are using in everyday life. So, it is becoming more and more complex, very sophisticated and we have to be prepared, as users, as professionals in the IT field, in the cyber security field, to be prepared for this kind of incidents, once again, IT incidents in this case, not a cyber-attack, incidents that may occur in the future as well.”
Dan Cîmpean draws attention to the fact that “The degree of complexity is increasing at an absolutely spectacular pace. We, as users or as cyber security managers, find it more and more difficult to understand the key data about those technologies, what their architecture is, what their components and vulnerabilities are. This means, in fact, an absolutely spectacular necessary effort or a sustained increase in our effort to be able to manage all the risks related to new technologies.” That’s why his recommendation to all organizations is to allocate budgets for cyber security, because, according to him “cyber security has a price that is not at all small, but it is anyway much smaller than the cost of fixing a cyber incident that impacts one organization or another” Dan Cîmpean also said.
Exploiting software vulnerabilities involves attackers using weaknesses or bugs in a program or operating system to gain unauthorized access to resources, to compromise data, or take control of a system. Attackers can take advantage of vulnerabilities to install malware, extract confidential data, or disrupt the normal operation of a system. There are risks even after a cyber incident occurs.
Here is again Dan Cîmpean, the director general of the National Cyber Security Directorate: “One of the risks is that malicious actors create sites, create locations that are apparently a credible source of solutions, therefore, they can be one company or another, through which it invites users to download some programs that would apparently solve the respective problem, but which, in reality, could implant malicious software, create entirely other problems. That is why it is very, very important for any user, any IT team to take their solutions and information only from the legitimate websites of the technology manufacturers involved.” Dan Cîmpean added.