
How valuable is access to your internal data? What would be the consequence of a few days of system outage? What about your reputation if you’re hacked? If you believe your company isn’t on a hacker's radar, think again. Cybercriminals only need a sniff of value to target your business. Fortunately, there are ways to defend against these threats.
It’s rare to find a company today that doesn’t rely heavily on the internet. From communication and transactions to data sharing, the web is at the heart of most operations. Our computers have become essential tools for running and growing our businesses. While new technologies have undoubtedly made things easier, they’ve also introduced vulnerabilities. If you can access your data remotely, so can someone else. Hackers exploit security gaps every day to blackmail, disrupt business operations, or even take down entire organisations. In this environment, it’s simply too risky to neglect security and delay proper staff training.
In this article, we’ll examine real-life cases of recent cyberattacks on Polish companies, explore their root causes, and highlight the impact these incidents had. Our goal is to raise awareness among business leaders about the risks and consequences of cyberattacks, as many still underestimate the severity of the problem. It’s important to understand that protecting a company’s digital security isn’t just the IT department's responsibility — it’s everyone’s. Often, it’s not system flaws that lead to data breaches or encryption attacks, but a single human error.
At the end of this article, we’ll offer you a free training course covering the basics of cybersecurity. This training is designed for employees at all levels, teaching them how to spot hackers’ tactics. It’s part of the CYRUS project, which is co-funded by the European Union, allowing us to provide it free of charge!
Consequences
Let’s begin with the part that usually comes last — the consequences of cyberattacks. Understanding the aftermath can give a clearer picture of what businesses face when they fall victim to these crimes. According to 2021 statistics, up to 75% of cyber-attacks on Polish companies were ransomware incidents, where company data is encrypted and held hostage. This kind of attack can cause prolonged operational downtime and significant financial losses. Recent examples include attacks on Polska Grupa Dealerska in 2022 and Vindix S.A. in August 2024. However, the financial loss caused by system downtime is just one of the many headaches these incidents bring.
Ransomware is a type of malicious software that encrypts a victim’s data, making it inaccessible until a ransom is paid to the attacker. The goal is often to extort money from the victim, with the promise of restoring access to the data once payment is made, though there is no guarantee the data will be recovered.
When hit by an attack, companies often face a tough decision: pay the ransom to regain access to their data quickly or try to resolve the issue internally. The latter can be time-consuming and expensive, leading some businesses — albeit reluctantly — to pay the ransom as the lesser of two evils.
Unfortunately, the financial damage doesn’t stop there. If customer data has been compromised, the company is held responsible for data protection failures. Under existing regulations, businesses must ensure their data is properly secured, and breaches can lead to hefty fines. For instance, in 2021, hackers stole the personal details of around 21,000 individuals from the American Heart of Poland. As a result, the Data Protection Commissioner fined the company nearly PLN 1.5 million (about EUR 350,000) for failing to adequately protect the information. It’s critical, therefore, to not only follow regulations but also to have robust procedures in place for data protection before and after any breach.
Then there’s the matter of reputational damage. Cyberattacks are often reported in the media, industry-specific websites, or broader news outlets. This was the case with recent attacks on Naftor (PERN Group) and Agata Meble. This kind of negative publicity can severely impact a company’s image. Winning back the trust of investors and customers after such an event can be a significant challenge.
Motivations
To effectively protect your business from cyberattacks, it's crucial to understand the motives behind them. Entrepreneurs often believe their company doesn't hold valuable enough information to attract hackers. However, this is a misguided assumption. In reality, most hackers aren’t after sensitive information to resell. Instead, ransomware has become a far quicker and easier way for criminals to make money. Even in cases of data theft, cybercriminals often demand a hefty ransom for the return of the stolen data.
It's important to assess your company’s appeal to hackers not just in terms of the data you hold, but also the potential disruption they can cause. For hackers, the value lies in your company’s operations and the financial penalties that may arise. Their objectives may include locking down systems with ransomware, stealing data, or crippling a website with a DDoS attack. It could even extend to espionage or be part of a broader hybrid effort aimed at destabilising a region. For example, in July 2023, politically motivated hybrid attacks related to the war in Ukraine targeted institutions like the Academy of Military Arts in Warsaw, Chopin Cable Television, TTM TV, and Norda.FM radio.
DDoS (Distributed Denial of Service) to rodzaj ataku cybernetycznego, w którym wiele zainfekowanych systemów jest używanych do zalania docelowego serwera, strony internetowej lub sieci nadmiarem ruchu. Powoduje to spowolnienie działania usługi lub całkowite uniemożliwienie dostępu do niej dla legalnych użytkowników.
Weak spots
Once you realise that almost any company can be a target of cyberattacks, the next step is to understand why these crimes happen. While it might seem convenient to think that the IT department should handle all security aspects, the reality is more complex. In most cases, the weakest link isn’t the system itself — it’s the people using it.
Every employee with access to company devices and data poses a potential risk, from CEOs and owners to entry-level staff. It only takes one careless action from someone logged into the company’s system to trigger a chain of events that could lead to data leakage or encryption.
Cybercriminals often rely on social engineering tactics like phishing or whaling to trick individuals into unintentionally compromising their systems. These attacks can be highly targeted, with hackers going to great lengths to impersonate trusted sources. The best defence against this is awareness — knowing how these strategies work and being vigilant about verifying the legitimacy of the messages you receive. Developing a habit of cautious scepticism is essential for reducing the risk of falling victim to these attacks.
Phishing to rodzaj cyberataku polegający na podszywaniu się pod zaufaną instytucję lub osobę w celu wyłudzenia poufnych informacji, takich jak hasła, numery kart kredytowych czy dane logowania. Atak ten najczęściej odbywa się za pośrednictwem fałszywych wiadomości e-mail, stron internetowych lub wiadomości tekstowych.
Whaling to specyficzny rodzaj ataku phishingowego, który jest skierowany na osoby na wysokich stanowiskach, takie jak członkowie zarządu czy inni kluczowi pracownicy organizacji. Celem jest oszukanie tych "grubych ryb" w celu wyłudzenia poufnych informacji, takich jak dane finansowe lub dane dostępowe, często za pomocą bardzo spersonalizowanych i przekonujących wiadomości.
So, as you can see, it’s not enough for the IT department to do its job well. Proper training for all employees is equally important in safeguarding your company.
Free training
We understand that time is one of the most valuable resources in any company. That’s why we’re offering a solution that won’t disrupt your operations but will significantly enhance your security. Our ‘Introduction to Cybersecurity’ course, developed by the Polish Platform for Homeland Security in partnership with the CYRUS project, is designed to improve your team’s awareness of cybersecurity risks. Best of all, it’s completely free, thanks to co-financing from the European Union.
The course is delivered through e-learning, meaning your employees can access the lessons at any time that suits them. The training consists of engaging short video modules, and the entire course takes just three hours to complete, excluding the knowledge tests.
To receive a certificate of completion, participants simply need to pass the tests and fill out a short evaluation form. This feedback helps us continue improving the course for future users.
If you're interested, you can register here: Link.
Don’t wait until your company faces financial and reputational damage from a cyberattack. Training your employees is the first step toward safeguarding your business.