Russian companies reported cases of fraud

In Russia, 34% of business representatives became victims of fraud. 7% have experienced this at least twice. This is stated in the results of the Bitrix24 online business management service study, which was reviewed by Izvestia on April 30.

Most often, individual entrepreneurs became victims — one in three was affected by hackers. At the same time, 27% of business representatives do not use two-factor authentication. Respondents most often use it for work communications — 49% of them.

Even less often, automatic password generation is used. Only 27% of the respondents regularly create complex passwords. Automatic generation tools are most often used by IT specialists working in sole proprietors. 12% change passwords every month, and another 37% do it once a year. However, 51% of the study participants do this less often or do not change at all.

Information security trainings are regularly conducted in large companies (52%), and least often in small and medium—sized businesses. Experts noted that the lack of control by management and corporate platforms leads to the fact that business representatives exchange commercial information in messengers in 56% of cases. 17% of the respondents often do this.

Confuse the Networks: software failures at the end of the year were most frequently recorded in retail and logistics

Difficulties arise from the departure of software vendors and increased attacks, experts say

Modern security tools help to identify security weaknesses and eliminate them proactively — before they are exploited by intruders. According to analysts, endpoint detection and response class solutions allow for accelerated and automated identification of possible vulnerabilities and configuration flaws in operating systems and software. If a company uses such solutions, it is much more difficult for attackers to carry out a cyberattack.

Roman Strelnikov, head of information security at Bitrix24, stressed that businesses make life easier for scammers on their own, without updating software, using unreliable passwords and exchanging secrets in messengers.

"The smaller the company, the easier it is to attack it. In large businesses, they teach the basics of security, but in small businesses, where there is no strict control over employees and data protection, this is often neglected. Due to one successful attack, a business can lose more than it would have spent on organizing basic information security processes," he added.

Earlier, on February 19, it was reported that in 2025, ransomware programs will remain among the significant cyber threats to Russian organizations. This is stated in the analytical report of the F6 company "Cyber threats in Russia and the CIS. Analytics and forecasts 2024/25". Personal data is one of the main goals of scammers: attackers first steal sensitive information and only then encrypt the victim's infrastructure.