The vast majority of Polish enterprises have been the target of cybercriminal attacks at least once in the past year.
In 2023, as many as two-thirds of companies in Poland recorded at least one cyberattack, according to the latest study by KPMG (an international network of auditing and consulting firms). Hackers primarily use phishing, i.e. they try to steal credentials.
KPMG specified that phishing is mainly carried out by sending fake emails or text messages with links or attachments. According to Michał Kurek, head of cybersecurity at KPMG in Poland and Central and Eastern Europe, due to the increased cyberattacks, companies should take care to educate employees in this area.
Even if we are protected by technology, if manipulated appropriately we can turn it off and click the OK button a few times in strange windows and let the attacker into our computer or network
– said Michał Kurek.
Companies themselves consider cyberattacks using malware (malware) to be the main threat, and they take DoS/DDoS attacks, which cut off access to the victim’s website or server, less seriously. According to Michał Kurek, the number of DoS/DDoS attacks is not decreasing, but companies are more resistant to them thanks to better security. Therefore, instead of attacking the websites themselves, hackers have turned their attention to VPNs used for remote work, which has become very popular after the pandemic.
The KPMG report also showed that more than half of enterprises in Poland have problems finding qualified employees in the field of cybersecurity, which is why most companies use the services of external entities.