Incident Hub

Welcome to the Statistics Area of Incident Hub

The statistics tab provides a report that is carried out every six months, providing a complete analysis of the data collected from Incident Hub and providing an overview of the highlights tabs.

TI Safe presents:

Incident Hub Cybersecurity Report – 2024.1

With a new, connected world, it was expected that the revolution would even reach attack methodologies, but how does this impact industrial control systems and critical infrastructures?

Upcoming analysis and statistics report: 13/11/2024

Marianna Ferreira Silva – TI Safe

13/05/2024

Overview of cybersecurity in critical infrastructures

Given Kevin Mitnick’s statement “Cybersecurity is about people, processes, and technology, and organizations need to strengthen the weakest link – which is invariably the human element,” a point of reflection is highlighted since society has become more connected.

This interconnection of systems and the implementation of automated industrial control systems, although beneficial for streamlining, improving, and increasing industrial productivity, has raised an issue that has not yet been fully addressed. Has the connection and technological migration in critical infrastructures made them more insecure regarding cybercrimes?

Cybercrimes are characterized as any criminal activity that uses a computer, computer network, or digital devices as an attack tool. And precisely this crime methodology, if applied to sectors of great social importance, can result in immeasurable damages. The shutdown of a thermal power plant entails environmental, physical, economic, and social damages of such a high level that it shows a need for risks and vulnerabilities in critical environments to be mitigated to the extreme level.

High-impact attacks occurring in – 2024

In the tab below, we provide a view of five (05) attacks that occurred in the year 2024, highlighting the most prominent ones.

[ 1 ] Attack on the National Cancer Institute of Rio – Brazil – 29/01/2024]

Summary: The National Cancer Institute of Rio (Inca) canceled appointments and exams due to a hacker attack on its system, with no return date set. The incident led to the shutdown of servers and is being investigated with the assistance of other institutions. Patients like Denise had their procedures postponed, and Inca is providing manual services while working to resolve the issue, which was reported to employees and is under investigation by the Federal Police.

[ 2 ] Geopolitical Attack Russia vs Ukraine – Ukraine – 25/02/2024

Summary: Russian hackers breached the Ukrainian TV channel “Priyamy,” broadcasting a false message during a political transmission. The message, in Russian, warned of destruction by the US and Zelensky, mentioning Avdiivka as just the beginning. The title was displayed during a speech by former President Petro Poroshenko and was quickly removed.

[ 3 ] California on alert after Ransomware attack – United States – 02/26/2024

Summary: The city of Oakley, California, declared a state of emergency due to a Ransomware attack, aiming to accelerate the city’s response. The attack occurred last week, affecting the city with around 43,000 inhabitants, while the city’s technology division worked with authorities to investigate the scope of the attack. Emergency services were not affected, but the city is taking measures to ensure the security and restoration of affected services. In another nearby city, Pleasant Hill, a cyber incident also occurred, but public services were not compromised. The connection between the two attacks in the region of Contra Costa County is still unclear.

[ 4 ] Attack against banking institutions – Canada – 06/03/2024

Summary: The Financial Transactions and Reports Analysis Centre of Canada (FINTRAC) was forced to shut down its corporate systems after a “cyber incident.” FINTRAC is a government agency that serves as the country’s financial intelligence unit, investigating money laundering and making thousands of disclosures about illegal money flows to the police. The incident did not involve the agency’s intelligence or classified systems, but as a precaution, its corporate systems were shut down to ensure information security. FINTRAC is collaborating with federal partners to restore operations and strengthen defenses against future incidents.

[ 5 ] Cyber attack in France – France – 11/03/2024
Summary: Several French government departments faced a series of intense cyber attacks, prompting the government to activate a crisis unit to handle the situation. Although the impact has been reduced and access to some government websites has been restored, the attacks are ongoing. Teams from DINUM and ANSSI are mobilized to defend against the attacks, but the identity of the perpetrators is still unclear. The hacker group Anonymous Sudan claimed responsibility for part of the attacks, using methods such as distributed denial-of-service (DDoS) attacks.

Incident Hub Data Analysis

Below, you will find a graphical analysis of Incident Hub data, including the number of occurrences per year in bar charts, the number of attacks per Score also in bar charts, as well as the main sectors and countries affected represented in pie charts.

Numbers of attacks per year

The graph points to a very large increase in cyber attacks, with one of the main reasons being the covid 19 pandemic in 2020 and the modernization of critical systems over the years.

The most sectors affected

The main sector affected is government institutions, followed by the transport and energy sectors.

Numbers of attack per TI Safe Score

According to the Incident Hub database, the main attacks recorded are Score 3, indicating high severity but medium or small impacts.

Main countries affected

The main countries with attacks recorded in our database are the United States, with the vast majority of records, Brazil and in third place Canada.

This data is fluctuating and is at risk of being changed. Remembering that they are based on records in our database.