In the last year, 96% of Spanish companies suffered some type of cyber attack, 66% saw how their cybersecurity system increased the number of threats received and the incidence of ransonware grew 38% compared to 23% of the previous year. These are data from the latest Cyber ​​-Preparation Report 2024 of Hiscox, a report in which the intensification of cyber attacks to Spanish organizations is evidenced.

The truth is that, despite the fact that companies are working hard to improve their cybersecurity systems, cybercounts increasingly reinforce their attacks making them much more sophisticated and may violate all safety barriers or take advantage of the gaps that may remain between them. The hiring of tools that protect cybersecurity in companies has suffered a great increase; While in 2023 only 30% of companies claimed to have invested in insurance, in 2024 52% claim to have hired these services.

Even so, Phishing techniques such as the Whale Phishing or the QRSHing continue to put companies in check and occupying headlines. Focusing on Whale Phishing, or CEO fraud, it is a cyber attack modality that focuses on senior executives or people with decision -making power within an organization. Unlike traditional phishing, which is aimed at a wide audience, this is highly personalized and seeks to deceive key individuals to reveal confidential information, make fund transfers or execute actions that compromise the security of the company. Given this scenario, it is essential that the companies implement advanced safety solutions, such as email filters with identity supplant detection and artificial intelligence capabilities as well as advanced tools and solutions (MDR/XDR).

In addition, the awareness of employees and managers is key to avoiding vulnerability to cyberbellors; Regular training on cybersecurity and attack simulations can help detect fraud attempts. It is also advisable to establish strict verification protocols, such as confirmation by multiple channels before approving transfers or sharing confidential information. Promoting a security culture where employees feel motivated to report suspicious activities without fear of reprisals can make a difference in the prevention of these attacks.

WHOLE PHISHING, QRSHING … attacks

To implement this type of measures and that are profitable and effective, artificial intelligence can be taken as alidad. IA has revolutionized cybersecurity

business, acting as a key ally in data protection and threat detection. However, it has also become a dangerous weapon in the hands of cybercriminals that use it to design increasingly sophisticated and undetectable attacks. The duality of AI raises an urgent challenge for companies: how to take advantage of their potential without falling into their risks?

WHOLE PHISHING: Unlike traditional phishing, which goes to a wide audience, this is highly personalized and seeks to deceive key individuals to reveal confidential information

On the one hand, this technology allows companies to analyze huge volumes of real -time data, detecting suspicious behavior patterns and immediately blocking threats before they cause damage. Thanks to automatic learning algorithms, safety systems can continue and improve continuously, identifying vulnerabilities before they are exploited. Solutions such as anomalies -based detection or biometric authentication promoted by AI have strengthened the defense of companies against external attacks.

However, this same technology is being used by malicious actors to improve their attack strategies. With generative, cybercounts can create emails from hyperrealist phishing, imitating the language and style of managers of companies with alarming precision. In addition, the use of Deepfakes in financial fraud and the automation of attacks such as the Whale Phishing are putting in check to corporate security.

That is why companies should reinforce their cybersecurity strategies with a combination of advanced technology and human training. AI should be used not only to prevent attacks, but also to react to them. Implement multifactor authentication, continuous monitoring of networks and periodic simulations of attacks is essential to be one step forward. In turn, cybersecurity training must be a priority at all levels of the organization, since the human factor remains the greatest vulnerability.

Artificial intelligence is a powerful tool, but its impact depends on who uses it and for what purpose. In the field of cybersecurity, the battle between defenders and attackers intensifies with each technological advance. Spanish companies that understand this duality and adapt quickly will not only survive in this hostile digital environment, but can turn AI into their greatest strength.

Author: Miguel López, Barracuda Networks
Alex Chen
Alex Chen

Alex Chen serves as the chief editor of Asia Tech Journal, bringing over a decade of experience in technology journalism. Previously writing for several globally renowned publications, Alex is celebrated for his insightful analyses and in-depth reporting on tech trends across Asia. Passionate about innovation, Alex specializes in the dynamic technology ecosystem of China and its global impacts.