Cyberattacks can hit anyone
For example, a website can go offline, but the entire network can also be affected. Aside from financial losses, confidential information sometimes falls into the wrong hands, with devastating consequences: data loss, system failure, liability claims due to a data protection violation and reputational damage are just some examples.In order to penetrate IT systems, the perpetrators try to trick employees of the authority concerned into doing something without actually wanting to, e.g. opening an email attachment, clicking on a link, entering personal data such as passwords or making a payment.
Common method: social engineering
Attackers try to trick people into doing something they do not actually want to do. The scenario that they choose for this is intended to affect the potential victim emotionally or attract their interest. The aim is to establish a feeling of closeness and create a false sense of security. Perpetrators gather information in advance about a company's structure or the personal interests of a potential target. This is often done using freely available information (for example on a company's website or through social media). The target person is then confronted with a tailor-made scenario. This approach is called social engineering.