The number of phishing and ransomware attacks are growing. These types of attacks are also becoming more sophisticated, therefore presenting a threat to the functioning of and trust in the digital economy.
European Data Protection Supervisor, Wojciech Wiewiórowski, states that the General Data Protection Regulation has set the highest standards to safeguard individuals’ fundamental rights to privacy and data protection in the EU Member States. With this legislation, organisations operating in the EU must ensure an appropriate level of security of IT systems and embed data protection principles when developing and using technologies to process personal data. In fact, cyberattacks, such as phishing and ransomware, do not just concern big businesses and organisations, but can happen to anyone.
Phishing occurs when cyber-attackers trick you into sharing your personal data, by sometimes asking you to provide your usernames and passwords to access online platforms. Ransomware occurs when cyber-attackers take control of your IT systems by using malware or exploiting system vulnerabilities, and then asking you for a payment in exchange for you to be able to regain access to your IT systems, or to prevent the selling or publishing of your personal data.
Both types of cyberattacks often start with a simple email, phone call or private message. Cybercriminals aim to impersonate a real organisation that you may be in contact with regularly, such as your bank or your energy provider. (source: https://edps.europa.eu/ photo:freepik.com)
*For personalized legal advice on any subject of personal data protection law, contact us by email (firstname.lastname@example.org) or by phone (+357 22272360)