Wednesday, April 3rd, Alexandre Dulaunoy from CIRCL gave a keynote speech at a conference organised by the “Association pour la Protection des Données au Luxembourg” (APDL). The presentation was titled, “the Luxembourg Cybersecurity threat landscape. Diving into real incidents, what can you expect from the attackers…”
Alexandre explained that in 2014, a total of 83610 events were processed and the CIRCL team conducted around 3209 technical investigations. The attacks are separated in 3 different categories: cybercriminals with a financial objective; government-supported attackers with an information objective and the cyberactivists who have a political or fun objective.
In the past months, in Luxembourg, attackers have been active in the following areas: - Data leakage. - Phishing attacks involving fraud with overwritten bank details. - Ransomware. The most recent one is the CT-Locker. In 50% of the cases, SMEs and companies discovered non-functional or incomplete backups. - VoIP and PBX systems, as attackers easily scan for vulnerable management interfaces in PBX or VoIP servers connected to the Internet.
A number of services developed and operated by CIRCL are available to: help detect malicious software and suspicious documents with the Dynamic Malware Analysis; share information about incidents thanks to the Malware information Sharing Platform (MISP); monitor leaks with PasteMining, and check the maliciousness of a link with the URL Abuse tool.