A thread of cyber attacks in Europe have heightened concerns about threats to public sector goals.
In the past week alone, there have been reports of hackers using the Denmark’s train networkcyber criminals aimed at various European ministersand commercial spyware surveillance of Greek politicians. While the different methods, targets and motivations suggest that the attacks are isolated events, they have further exposed the vulnerabilities of government targets.
The attacks are part of a growing trend. Between 2018 and 2021, the number of serious cybersecurity incidents at EU institutions is reported to have increased more than tenfold. Oliver Pinson-Roxburgh, CEO of Cybersecurity Platform Defense.comregards the recent incidents as part of a broader pattern.
Join AS in Valencia!
The heart of technology comes to the heart of the Mediterranean
“For a bad actor, the 21st century systems in the public sector are an attractive prospect,” he said. “This is because they can hold more sensitive data than commercial organizations, and there is generally a greater reliance on legacy legacy systems that pose a much greater security risk than modern systems.”
The government can be an easier target.
Last week, the EU cybersecurity agency ENISA reported that 24% of cyber-attacks surveyed in the previous year targeted public administration and governments. The attacks ranged from zero-day exploits of software vulnerabilities to AI-triggered disinformation attacks.
Ian McShane, VP of Strategy at Cyber Company Arctic Wolfwas affected by the variety of attacks exposed in the report.
“While ransomware remains a major risk to European governments and businesses, the wide range of threats being posed by ENISA demonstrates just how difficult the challenge remains for the hard-pressed security teams in businesses across Europe,” he said.
Changing Threats in a Changing World
The risks have been exacerbated by global events. In particular, the pandemic has accelerated our transition to digital government services, while the invasion of Ukraine has increased the threat of cyber espionage.
“The risk has not changed. It’s gotten worse,” said Jason Steer, CISO at Recorded futurea threat intelligence agency. “Governments, like businesses, are much more digitally dependent and the vectors to do this have shifted tremendously. This has increased the opportunities for online criminals where the attack surface has grown enormously.”
The public sector can also be attractive targets for attacks. Governments have long been accused of underinvesting in defense when the salaries it offers for cybersecurity jobs cannot compete with those in the private sector.
“Government can be seen as an easier target than the private sector as companies have invested heavily in security in recent years,” said Paul Baird, Chief Technical Security Office at Qualys and a colleague of the Chartered Institute for Information Security.
“If the private sector put that much money into it, it’s removed a lot of the low-hanging fruit that existed for malware gangs, so they’re looking for other targets.”
The sheer size and variety of obsolete technologies of the public sector creates even more vulnerabilities. The combination of these systems with modern IT has resulted in a vast array of digital assets that are difficult to understand and secure.
dr. Ilia Kolochenko, the founder of security company ImmuniWeb and member of Europol’s network of data protection expertsnotes that the range of shadow IT and non-interoperable legacy systems is difficult to secure.
“A growing number of compromised backdoor government systems are now for sale on the Dark Web and are occasionally bought by cyber gangs to be used as proxies in carefully planned cyber-attacks, which are difficult to investigate and attribute,” he said. .
How does Europe fight the cyber threat?
Experts have called for more funding to reduce attacks. They also want public sector organizations to develop more systematic defensive programs, proactively hunt for threats and collaborate closer to business.
McShane recommends a three-pronged approach to public sector organizations. First, adopt solutions that reduce the burden on security teams. Second, work with outside professionals to improve security. And finally, building on existing agreements for sharing information between governments — such as the EU Cyber Rapid Response Teams — and coordinating resources.
Governments must protect their data.
The growing number of attack vectors also requires specific forms of defense. Zac Warren, Chief Security Advisor at endpoint management firm Tanium, wants data protection to be a priority. This is especially important when it comes to national security issues, such as information about military applications.
“Governments must quickly assess whether they are able to protect their data,” he said. “They need early warning systems to quickly know if their IT environment has been compromised — and the ability to monitor and control malicious parties entering the system to ensure they’re not stealing data. I expect that the cyber aspect of the conflict will intensify and its impact will extend far beyond Ukraine.”
The attack on the Danish train operator further exposed the risks of complex supply chains. EThe incident came just months later another supply chain attack has brought down critical services in the UK’s National Health Service.
Pinson-Roxburgh warns that the increasing complexity of IT supply chains amplifies potential vulnerabilities.
“When vetting potential suppliers, procurement teams — especially at larger organizations — now view information security due diligence as a fundamental component,” he said. “Businesses should think twice before using a vendor that doesn’t follow cyber best practices and risk exposing the businesses to new vulnerabilities.”
Analysts have also pointed to the need for better education. This seems particularly urgent for European politicians, who are now often victim of hacks. The shame caused by these attacks will hopefully convince more lawmakers to step up their defenses.