Vodafone Portugal has suffered a massive cyberattack which has crippled vital services around the country. Reports began on February 7 when customers noticed the network appeared to be down. Vodafone’s Chief Executive later confirmed that the company had been the target of a “criminal act” which had left almost seven million people without phone signal. The attack caused downtime in the 4G and 5G, television services, voice calling and SMS capabilities of the network. It also caused many vital services that run over the network to stop, including some national ambulance and fire brigade services. Early security work aimed to restore 3G services to critical infrastructure and safeguard customer data.

Critical infrastructure is on red alert across the world as the severity of attacks increases. A panel of cybersecurity experts described how the past two years have changed the cybersecurity landscape forever, making protecting critical infrastructure the number one goal for governments. Attacks referenced included the SolarWinds attack in early 2020, which demonstrated how an attack on one system could go on to affect thousands of systems down the chain. Another was the Colonial Pipeline attack in May 2021, the first major attack that directly affected normal people’s lives through increased prices and panic to find critical fuel. The panel warned that these attacks proved that IT disruptions now directly affect operational technology and industrial control systems – and that critical infrastructure everywhere should be ready to protect itself.

A hacktivist group in Belarus launched a cyberattack on the Belarusian national railway service in late-January, as part of ongoing cyber incidents over the situation in Ukraine. The group, Belarusian Cyber Partisans (BCP), immediately claimed responsibility for the attack, which it said aimed to disrupt the movement of Russian troops and army equipment. Belarus is a close ally of Russia and shares a border with Ukraine. Railway services were disrupted as the attack encrypted servers, workstations and databases. However, it also took ticketing services offline – a consequence that BCP said it did not intend. The group aims to cause disruption to Belarus’s ruling party and any Russian military action.

More than 70 Ukrainian state websites were the subject of huge attacks in January, with several government websites going offline during the incident – including the Ukrainian Foreign Ministry and Ministry and Education and Science sites. State police accused hacker groups associated with Russia. The attacks led to long outages for crucial websites, as well as the defacement of many more. Cybersecurity investigators learned that wiper malware was behind the attack – which has now been named WhisperGate. Researchers said that stolen login credentials gave attackers the initial access to government systems.

Military tensions between Russia and Ukraine could have massive consequences in the cyber world, according to a report. Ukrainian government institutions suffered cyberattacks in late January – confirming that any conflict with Russia will also take place in the cyber world. This has been labelled as ‘hybrid warfare’. Cybersecurity experts are predicting that attacks of Russian origin will continue, and possibly increase in volume. They also warned other NATO countries will probably be the target in any subsequent attacks, with Russian hacker gangs all but encouraged to go after companies, institutions and critical infrastructure in western countries.

Companies are in the final stages of 2022 budget planning and cybersecurity is top of their priorities. While, traditionally, IT departments may have struggled to fight for their slice of the budget, the cybersecurity landscape is now different. Directors are well aware of the dangers of ransomware attacks, including huge financial losses and public reputational damage. CPO Magazine reports that the average cost of a ransomware attack more-than-doubled in 2021, from $761,000 to a hefty $1.8 million. It’s now more critical than ever to budget for cybersecurity, saving your company money in the long run.