The COVID-19 pandemic triggered cybercrime in Portugal, with dozens of companies and state organizations being attacked by hackers. Among the list of victims is the National Health Service, the Portal das Finanas, the Ministry of Health and Home Affairs, but also clubs such as SL Benfica, Sporting and Portimonense, Universities of Lisbon and the Azores, as well as banking entities such as Caixa Agrcola and BBVA. EDP and Altice Portugal are also listed as victims in the movement called Operao 25 de Abril, but there are more companies that were attacked, advances TSF.
Since the beginning of April, the group has already accessed data from 86 databases, and according to Bruno Castro, from the computer security company Visionware, a lot of money has already been stolen. The specialist said radio that in 15 years in the market has never had as much work as in the last two months, since the pandemic of COVID-19 began.
Cybersecurity agents will have noticed a three times higher rate of attack success in this period, and are concerned with increasing their effectiveness. Stresses that phishing attacks are being successful, with several requests for ransom and counterfeit fraud. According to Bruno Castro, over the course of weeks there were five and six transfers of half a million euros from small and medium-sized companies, which were only detected after the banks warned that there was no balance available in the account.
The security weaknesses of companies, due to teleworking, increased the attacks, with hackers simply having access to the email of one or two important people in the company to use their identities for hacking actions. The urgency in creating tools for teleworking will have left doors open in the security of the entities, which the hackers took advantage of.
The specialist says that companies should reassess the security of the telework services used, but also protect their workers, since home networks have been exposed to threats. It further advances that the websites of the attacked companies that are below are due to the ongoing investigations, which oblige to shut down the services, to detect and correct the security flaws.