How big is the cyber threat from Russia

Berlin One year after the start of the Russian war of aggression against Ukraine, Federal Interior Minister Nancy Faeser (SPD) warns that Russia will continue to pose major cyber threats. The war also means “a turning point for internal security,” Faeser told the Handelsblatt.

“With the Russian aggression, the threat from espionage, disinformation campaigns and cyber attacks has taken on a different dimension.” Overall, according to Faeser, the cyber security situation has “further worsened” in the past year.

This assessment is no coincidence. Russia is not only waging the war in Ukraine with tanks, bombs and drones, it is also using offensive cyber weapons. According to the findings of the security authorities, attacks from the Internet affect almost all areas of life.

The Federal Office for Information Security (BSI) also warned in its most recent management report at the end of October: The already “tense situation” had recently come to a head. “The threat in cyberspace is higher than ever.”

Even before the Russian invaders fired the first shot on February 24, they used a complex cyber attack to paralyze the Ka-Sat satellite network, which is operated by the US company Viacom and was also used by the Ukrainian army. 5,800 wind turbines in Germany also lost their connection to the grid. The US blames the Russian military intelligence service GRU. In fact, cyber attacks are increasingly being traced back to Russia.

“Ransomware attacks are currently the greatest threat to Germany”

This is shown by a study that the digital association Bitkom presented last year together with the Federal Office for the Protection of the Constitution. “In most cases, it is not clear whether the cybercriminals are acting on their own account or on behalf of the state,” Bitkom President Achim Berg told Handelsblatt. “We assume that this trend will continue – and it cannot be ruled out that attacks in cyberspace will escalate drastically if the war in Ukraine escalates further.”

>> Read also: Russian cyber attacks on German companies are increasing by leaps and bounds

The President of the Federal Criminal Police Office (BKA), Holger Münch, recently stated that the Ukraine war is also being waged in digital space. The boundaries between criminal and possibly state-controlled cyber groups are blurring. There is a risk that the cyber attacks will also affect states that are not at war.

In Germany, for example, according to the BSI, an average of 34,000 emails with malware are intercepted every month in government networks alone. The security authorities are particularly concerned about criminals who have turned hacking into a business model. Faeser said: “The greatest threat to Germany at the moment is ransomware attacks by foreign criminals, which lead to billions in damage.”

Such attacks on computer systems with encryption Trojans have been considered a serious threat to cyber security for years. The malicious software that has been smuggled in blocks the company or paralyzes its infrastructure. As a result, victims can no longer access their data. The perpetrators demand a ransom for the decryption.

The most recent prominent example of a ransomware attack is Continental. Hackers from the Russian group Lockbit managed to penetrate the automotive supplier’s IT systems last summer. They stayed undetected in the Conti network for a month and captured 40 terabytes of data.

This is how Faeser wants to strengthen the cyber defense

In the Bitkom study, 92 percent of the companies surveyed describe ransomware attacks as “very threatening”. However, this form of ransom extortion accounts for only twelve percent of the total damage caused, which the IT association estimates at 203 billion euros annually.

According to Interior Minister Faeser, so-called DDoS attacks (“Distributed Denial of Service”) by pro-Russian hackers, in which the attackers try to paralyze servers with a flood of requests, have also increased. “Airports, administrations and aid organizations were affected,” explained the SPD politician.

>> Read also: Germany in a cyber dilemma – experts warn of a chaos of jurisdiction

The most recent attacks of this type were related to the delivery of Leopard main battle tanks to Ukraine and targeted German websites. The hacker group “Killnet” had confessed to this. Among other things, the online presence of the federal government and Hamburg Airport was affected.

graphic

As a consequence of the ongoing cyber threat, “forces have been pooled and protective measures have been ramped up,” said Faeser. Improving Germany’s cyber defense is one of the minister’s key projects. The Ministry of the Interior is currently working on the implementation of the cyber security agenda that Faeser presented last year.

“We are creating new instruments to investigate cyber attacks and to be able to influence IT infrastructures that are used for an attack,” said Faeser. “In this way, the security authorities can stop or at least mitigate serious cyber attacks.”

Bitkom appeals to companies and authorities: take the risk seriously

In the future, the federal and state governments should counteract cyber threats in a coordinated manner. For this reason, the federal cyber security authority, the Federal Office for Information Security (BSI), is to be expanded to become the central office for IT security. “This is another important step in strengthening our overall security architecture,” explained Faeser.

The economy should also be better protected against cyber attacks in the future. With the IT Security Act 2.0, “significant improvements” have already been achieved. But Faeser points out: “The state is in a constant race with changing attack methods and technologies.”

graphic

The EU has responded to this with the directive “on measures for a high common level of cybersecurity” (NIS 2 for short). It sets minimum requirements for companies to better arm themselves against hacker attacks. The new regulations came into force in mid-January. Now it is the EU member states’ turn. By implementing the new directive, “in particular, we will increase the cyber security of the economy in the coming months,” said Faeser.

This is urgently needed, says Bitkom President Berg. Companies and authorities must take their information security seriously and take appropriate defensive measures, make the necessary investments and draw up an emergency plan.

“In addition to purely digital attacks, the possibility of physical sabotage attacks, for example on cables or IT hardware, must also be taken into account,” said Berg. This applies in particular to the operators of critical infrastructures.

More: Strengthening cyber defenses in Europe – Brussels brings digital counterattacks into play

source site-12