October – Cyber Security Month
The Regulatory Authority for Electronic Communications and Postal Services (RATEL), as the National CERT of the Republic of Serbia, is celebrating October as an international cyber security month, with a campaign titled „Information Security – Joint Responsibility“. The aim of this year’s campaign is to get users acquainted with current online threats, as well as with each individual’s role in responding to cyber challenges. Raising awareness and knowledge of users reduces the possibility of cyber attacks against critical infrastructure of the Republic of Serbia and state institutions, businesses, SMEs and natural persons. Timely identification of a single phishing attack and adequate response to it can significantly reduce the incident’s impact and its further distribution, as well as the consequences on the society as a whole.
The European Union Agency for Cybersecurity (ENISA), as part of this year’s cyber security month campaign, has asserted that the most common type of threat is social engineering, by means of which the malicious attackers employ sophisticated manipulation tactics to breach both our personal and institutional security defenses. „Be Smarter Than A Hacker“ is the EU slogan for the month of October 2023.
Considering the growing number of various cyber threats and attacks, the National CERT, in cooperation with other bodies and organizations dealing with information security, has continuously promoted safe Internet use, in the aim of raising awareness and knowledge necessary to face challenges in the cyber space. In collaboration with the National Alliance for Local Economic Development (NALED), a technical training for the representatives of local self-governing units has been planned for October.
Based on the incidents reported to the National CERT, the most frequent types of attacks continue to be Phishing and Ransomware, as well as the unauthorized use of resources and other types of online frauds. The data show that 73% of the total cases reported to the National CERT represent various online frauds, most usually consisting in the use of fake Internet domains of financial institutions and postal service operators, as well as sophisticated phishing campaigns created using advanced technology tools such as ChatGPT.
Legal explanations of the draft regulation governing the area of information security will allow for improvements of cyber security in the Republic of Serbia, as a result of an alignment with up-to-date European regulatory solutions, re-definition of competencies and a more precise protocol in the event of incidents or cyber threats, as well as the strengthening of the institutional frame in responding to cyber threats. The proposed text is a legal basis for a more advanced cyber security development, similar to that in the EU countries, which will make it possible for the Republic of Serbia to improve its protective measures for ICT systems and networks, and adequately respond to ever-growing challenges in the area of information technologies and their use.
The national cyber conference will be held on October the 17th in the Crowne Plaza Hotel in Belgrade, in partnership with the Serbian National Internet Domain Registry Foundation (RNIDS), with the support of the Ministry of Information and Telecommunications and the Cybersecurity Network Foundation, with the aim to offer an extensive overview of the current activities in the area of cyber security – from new regulations, economic and academic activities, to the presentation of models and solutions to raise awareness in the area of information security.