Cyberattacks Inspired by Ukraine War, Geopolitics, EU’s ENISA Says
Politics such as Russia’s attack on Ukraine led to more damaging and widespread cybersecurity attacks in the year to July, the EU cybersecurity agency said in its annual report on Thursday.
ENISA’s research follows concerns about the role of state actors and increasing threats to governments, companies and key sectors such as energy, transport, banking and digital infrastructure.
The center said the country’s circumstances – particularly Russia’s invasion of Ukraine – were changing the game during the period under review.
Zero-day actions where hackers exploit software vulnerabilities before developers have a chance to fix errors, as well as knowledge of artificial intelligence-authorized disrespect, as well as deepfakes have led to malicious and widespread attacks with the most devastating impact, it said.
“Today’s global situation is inevitably making major changes in the cyber security threat landscape. A new paradigm is being created by the proliferation of threat actors,” ENISA Executive Director Juhan Lepassaar said in a statement.
About 24 percent of cybersecurity attacks targeted public and government officials and 13 percent targeted digital service providers, the report said.
The European Union in May agreed tougher cyber security rules for key sectors, with companies required to assess their risks, notify authorities and take measures to address risks or face fines of up to 2 percent of global turnover.
On Wednesday, Reuters reported that the US Treasury last month dismissed a cyberattack by a Russian-backed hacker group, to prevent disruptions and ensure the effectiveness of the department’s strong approach to financial system security, citing a US Treasury official.
The Treasury Department said the DDoS attack was distributed by Killnet, a Russian hacking group that claimed responsibility for disrupting the websites of several US states and airports in October, said Todd Conklin, cybersecurity adviser to Deputy Treasury Secretary Wally Adeyemo.
The incident, which has not been reported before, happened a few days before a similar attack from Killnet on American financial services companies, Conklin told the financial services industry and regulatory conference on Internet security.
© Thomson Reuters 2022