December threat radar: ransomware, phishing and AI - SwissCybersecurity.net analyzes

SwissCybersecurity.net highlights the biggest IT threats of December. Simon Schneiter from Ensec explains which threats were particularly critical and what lessons Swiss companies should learn from them.

This image was created with the help of AI (DALL-E)

The monthly threat radar from SwissCybersecurity.net provides an overview of the biggest IT threats. In December, ransomware, phishing and serious software vulnerabilities were once again among the main dangers for Swiss companies.

Simon Schneiter, Head of IT Security and GRC Consulting at Ensec, explains: "Phishing emails are often used to distribute ransomware, and security managers have also had to deal with zero-day vulnerabilities in Windows and security gaps in well-known firewall products."

Effective protective measures such as rapid patch management, EDR/XDR systems, system hardening and secure backups remain essential. Smart network segmentation and raising employee awareness of cyber risks are other key points.

The lessons learned from December show that not only traditional computers, but also internet-enabled devices such as televisions and digital picture frames need to be kept up to date. Incidents such as the DDoS attacks on Japan Airlines and the cloud incident at Volkswagen underline the importance of well-secured infrastructures.

According to Schneiter, the threat landscape is increasingly characterized by generative AI: "The automation of attacks, the development of new malware and targeted attacks on critical infrastructures will continue to increase." Cyber risks in the areas of OT and the cloud remain a particular focus.

More articles on the topic