According to the annual report of the Cybersecurity Observatory, published this Friday, cybercrime in Portugal increased in 2023, with a focus on ransomware, although the number of incidents has stabilized.
The most significant cyber threats were “ransomware” (demands for ransom for computer data), “phishing” (attempts to obtain sensitive personal data via email) or “smishing” (phishing via text messages), online fraud and account compromise, according to the fifth edition of the “Cybersecurity in Portugal – Risks and Conflicts” report by the National Cybersecurity Centre (CNCS).
The report showed that in 2023, police authorities recorded 2,512 computer crimes under the Cybercrime Act, up 13% from 2022, with a focus on “illegal access/interception and computer fraud”, a phenomenon that rose by 33%.
While there were “fewer incidents of high public awareness” in cyberspace of national interest than in 2022, “malicious activity” in 2023 was “intense and had negative consequences,” and computer crime “continued to increase, even at a lesser rate than in 2022 last year,” the report said.
The ransomware attacks that had the greatest impact were those targeting local government administrations, although it is not clear which local governments or organizations were affected.
The report provides a month-by-month timeline of “high-impact” cyberattacks: ransomware on a healthcare facility in January, a DDoS (a denial-of-service attack that overloads servers and takes down “websites”) on a government agency in September, for example.
Once again, it is mentioned without details that there were “some instances of unavailability of services on a national scale.”
Local government administrations have been targeted with “high impact,” but the most common victims have been individuals and small and medium-sized enterprises (SMEs), who have been targeted by “phishing,” “smishing,” and other types of fraud.
In figures, the National IT Security Incident Response Team (CERT.PT) registered 2,025 cybersecurity incidents (two more than in 2022), with the number of individuals increasing.
The most reported incident types in 2023 were phishing and smishing (35% of total), login attempts (19%), and social engineering (10%).
The brands most targeted in phishing and smishing attacks were banking (37%), email and other services (31%), and transportation and logistics (20%).
Among computer crimes not included in the Cybercrime Act, “computer/communications fraud continues to stand out, with 20,159 records recorded by police in 2023, although down 4% on the previous year.”
According to a report based on data from the Ministry of Justice’s Directorate General of Judicial Policy (DGPJ), it is the computer-related crime with the highest number of records in recent years.
CNCS conducted a survey and found that 81% of cybersecurity professionals believe that the risk of a cybersecurity incident in cyberspace of national significance has increased in 2023, and 87% attribute this “perception to the war in Ukraine.”
Author: Lusa
Source: CM Jornal
I’m Tifany Hawkins, a professional journalist with years of experience in news reporting. I currently work for a prominent news website and write articles for 24NewsReporters as an author. My primary focus is on economy-related stories, though I am also experienced in several other areas of journalism.