Cybersecurity in Portugal! After all, how are we?

Cybersecurity is today a very popular topic due to the constant attacks that our country has been subject to. Many of the companies realized that more and better processes and strategies are needed and it is also necessary to invest in this area.

The National CyberSecurity Center recently released a report that provides an X-ray of our country in terms of CyberSecurity. Discover the main themes of the 2022 edition of the CyberSecurity Report in Portugal – Risks and Conflicts.

The CyberSecurity Report in Portugal - Risks and Conflicts aims to analyze the main CyberSecurity incidents and cybercrime indicators, as well as the threat agents, in cyberspace of national interest and major national and international trends.
The conclusions that result from this study point to the persistence of some threats specific to the context of a pandemic, such as those linked to the exploitation of the weaknesses of the human factor, but also the reinforcement of others that have a great capacity for impact, such as ransomware or the exploitation of vulnerabilities. The number of incidents and cybercrimes continues to rise.
Cybersecurity: Radiograph of Portugal

The upward trend in the volume of cybersecurity incidents and cybercrimes in cyberspace of national interest continues in 2021 and 2022.
The dominant cyber threats in Portugal during the year 2021 were phishing/smishing/vishing, ransomware, online fraud/scam, account compromise or attempt and exploitation of vulnerabilities.
The most relevant threat actors in the cyberspace of national interest in 2021 with a tendency to persist in 2022 were cybercriminals and state actors, followed by negligent internal threat, cyber-offenders and hacktivists.


Perception of risks and trends
In terms of perception of risks and trends, the CyberSecurity Report in Portugal - Risks and Conflicts states that, according to the survey carried out by the CyberSecurity Observatory to the community of entities with a protocol of collaboration with the CNCS, the perception of risk in relation to the security of the cyberspace of national interest has worsened among the contact points of these entities.
In 2021, international trends with the potential to impact cyberspace of national interest were the increase in hybrid threats, attacks on supply chains, the exploitation of vulnerabilities and the proliferation of ransomware.
For 2022 and 2023, the main trends in Portugal are identified as the propensity for greater intervention by state actors, the persistence of the use of human factor weaknesses, ransomware attacks, data breaches related to access credentials, exploitation of vulnerabilities and technologies furniture to be increasingly used as attack surfaces.
The current international context, very marked by the conflict in Ukraine, has replaced the pandemic as a theme that creates dynamics of scale in cyberspace of national interest.
Cybersecurity: Some relevant numbers

CERT.PT recorded a 26% increase in the number of cybersecurity incidents in 2021 compared to 2020
The sectors most affected by the incidents recorded by CERT.PT in 2021 were Banking (13% of incidents), Digital Infrastructures (8%) and Internet Service Providers (6%)
Phishing/smishing (40% of incidents), social engineering (14%) and malware distribution (13%) were the types of incidents most recorded by CERT.PT in 2021
The most simulated brands in phishing/smishing attacks in 2021 are from Banking (48% of cases), Transport and Logistics (21%) and Email Platforms (19%)
The types of incidents most recorded by RNCSIRT members in 2021 were login attempts (16% of incidents), vulnerability exploitation (9%) and scanning (8%)
In 2021, there was a 6% increase in the number of notifications of personal data breaches reported to the CNPD compared to the previous year (CNPD).
The sectors and activities with the most notifications to the CNPD in 2021 are Commerce and Services (25% of notifications), Banking (13%) and Local Administration (8%) (CNPD).
Among the notifications sent to the CNPD in 2021, the most frequent source for the incidents in question is human error (24% of notifications), ransomware (22%) and fraudulent actions (13%).  The most compromised information principle is confidentiality (62%)
The number of computer-related crimes recorded by police authorities grew by 6% in 2021 compared to the previous year, although the number of strictly computer-related crimes decreased by 11% (DGPJ).
The percentage of computer-related crimes in relation to total crimes recorded in Portugal grew by 0.4 pp, from 7.4% in 2020 to 7.8% in 2021 (DGPJ).
Computer fraud/communications is the computer-related crime with the most records in 2021 (91% of the total), followed by illegitimate access/interception (with 3%) - the strictly computer crime with the most records in 2021 (DGPJ).
Computer/communications fraud is the type of computer-related crime with the most convictions in 2020 (75% of cases), followed by computer fraud (13%) (DGPJ).
There is a decrease in the number of people convicted of computer-related crimes (44% less) and of defendants (36% less) in 2020 compared to 2019 (DGPJ).
The number of reports to the PGR Cybercrime Office continues to increase with a rise to more than double in 2021 (113%) (PGR)
In 2021, phishing and various types of online scams continue to be the types of crime most reported to the PGR's Cybercrime Office (PGR).
There was a 40% increase in the number of service and support processes registered by the Linha Internet Segura in 2021 compared to the previous year (APAV).
Sextortion (30% of cases), fraud (12%) and identity theft (8%) were the crimes and other forms of violence most recorded in the Helpline dimension of Linha Internet Segura in 2021 (APAV).

Cybersecurity Report in Portugal - Risks and Conflicts.