The EU’s cybersecurity agency (ENISA) added to its long-lasting motto, #ThinkB4UClick, the more proactive #Choose2BeSafeOnline as the organization celebrates the 10-year anniversary of European Cybersecurity Month (ECSM).
This change, suggested by a contractor ENISA works with for the cyber awareness campaigns, is far from anecdotal, argued Marianna Kalenti from ENISA’s awareness-raising and education team.
“We wanted to show a shift in users’ mentality. We now consider them to be more mature than they were in the past, and we want to show that it is a choice to be safe online, that humans can become the shields against cyber threats, and that there are things out there that they can use to protect themselves,” she explained to Infosecurity.
October is #CyberSecMonth! The theme for 2022 is #Choose2BeSafeOnline.
— ENISA (@enisa_eu) September 30, 2022
Stay tuned for the whole month of October, follow @CyberSeCmonth & learn more about our activities and how to stay safe from phishing & ransomware.
For more visit: https://t.co/7pHXHTIuWw#ThinkB4Uclick pic.twitter.com/MYPBxkyxyT
“The COVID-19 pandemic, where everybody was forced to be online all the time, has increased the risk of us making mistakes but has also made some feel overwhelmed by cyber threats. At ENISA, we wanted to emphasize that while the threats are real and our increased digital presence is here to stay, you can prevent some of the risks by opening up your ears and eyes,” Kalenti added.
“To do so, you can start with the plethora of activities, including conferences, workshops, training sessions, webinars and quizzes, that ENISA, along with EU member states, are organizing throughout October, and even our more advanced European cybersecurity skills framework, launched ahead of 2023, which will be the European Year of Skills.”
Spotlight on Phishing and Ransomware
For the 2022 edition of ECSM, EU member states’ cybersecurity agencies focused their joint awareness campaigns on phishing and ransomware.
“From 2021 to this day, phishing has become the top threat in Europe and, more recently, we saw new forms of phishing being developed through SMS, voice calls, video, or social media, and so we thought it important to raise awareness on how to recognize a phishing attempt on any platform, how to react and what to do when you fall victim to one,” Kalenti says.
Tips include being extra careful on Mondays, as most attempts happen that day of the week, or watching out for the word ‘payment,’ as one-third of all phishing messages include it.
As for ransomware, which can very frequently derive from a phishing attack, “it was chosen because, although not so widespread, its impact can be severe. We wanted to put out there that it’s an important threat and that you should never pay the ransom.”
The ECSM anti-ransomware campaign can be seen as a back-to-the-basics awareness addition to the #NoMoreRansom initiative that ENISA started in 2016 and that Europol joined in 2021 to help victims of ransomware recover their encrypted data without having to pay the ransom amount to cyber criminals.
Reach Out to People Over 45
As EU member states and ENISA choose a specific target for their October cyber awareness campaigns, this edition’s material focuses on people over 45 years of age.
“We noticed that they were the target group that was the most threatened by our two areas of focus: they were the majority in the professional sphere, which is a prime target for attackers, and with COVID, their presence online has significantly increased,” Kalenti explained.
First, ENISA produced simple videos and infographics to show these generations that cyber-attacks can happen, both in their professional environments and at home, and guidebooks for organizations to distribute to their employees.
“We also prepared social media posts, but they were crafted to be published on platforms where these generations are more present, like Facebook and LinkedIn, and even radio ads in some countries.” Some European nations also used celebrities to promote ENISA’s cyber awareness content.
To celebrate the tenth anniversary of European Cybersecurity Month, ENISA also initiated the ECSM Awards, where member-states competed for the best infographics, video, and educational material – and the winning content was ultimately translated into all languages of the EU.
“From 184 activities taking place in 2014, this year’s edition of Cyber Month has reached over 500 activities throughout October,” Kalenti noted.
With the heightened threat and the escalating cyber warfare, one could assume that the event is still going to grow.