The European “cyber” landscape is changing, and we are moving from a cyber war focused on Ukraine and Russia to a hybrid cyber war of high intensity, mainly targeting Poland, the Baltic states and the Scandinavian countries, according to a report by the company Thales.
More and more key sectors of civil society are being targeted, including aviation, energy, healthcare, banking and public services.
The Thales report examines a year of cyberattacks and attacks in Europe in the context of the war in Ukraine. At the beginning of the conflict, the majority of incidents affected only Ukraine (50.4% against 28.6% in the third quarter of 2022), but over the past six months, the number of incidents related to the conflict in European countries has increased sharply (46.5% of global attacks against 9.8% in the first half of 2022).
From targeted takedown campaigns to guerrilla cyberbullying, pro-Russian hackers use DDoS attacks to temporarily shut down servers and disrupt various services. These attacks are part of Russia’s strategy to engage in information warfare as a way to wear down public and private organizations.
Eastern and Northern Europe are at the forefront of cyber conflict
Over the past 12 months, a new geography of attacks has emerged. At the beginning of the conflict, the majority of incidents affected only Ukraine (50.4% against 28.6% in the third quarter of 2022), but over the past six months, the number of incidents related to the conflict in European countries has increased sharply (46.5% of global attacks against 9.8% in the first half of 2022).
In the summer of 2022, there were almost as many cyber incidents related to the Ukrainian conflict in European countries as in Ukraine (85 versus 86), and in the first quarter of 2023 – the vast majority of incidents (80.9%). took place within the framework of the European Union.
Candidate countries for European integration, such as Montenegro and the Republic of Moldova, are increasingly the targets of these attacks (2.7% at the end of 2022 compared to 0.7% in the first quarter of 2022), while Poland is subject to constant harassment. with a record 114 incidents during 2022.
Military hacktivists have particularly targeted the Baltic states (157 incidents in Estonia, Latvia and Lithuania) and Nordic countries (95 incidents in Sweden, Norway, Denmark and Finland). Germany saw 58 incidents last year, but other European countries were relatively spared, such as France (14 attacks), the UK (18 attacks), Italy (14 attacks) and Spain (4 attacks).
From military hacktivists to cyberbullying
Of all the cyberattacks registered in the world since the beginning of the conflict, 61% were carried out by pro-Russian hacktivist groups, including Anonymous Russia, KillNet and Russian Hackers Teams. These new groups are more structured and use the type of resources favored by organized cybercriminal groups, including botnet-as-a-service resources such as the Passion Botnet, to cyber-intimidate Western countries that support Ukraine.
These groups of independent civilian hacktivists have emerged as a new component of the conflict. They can be equated to a cybercriminal group with specific political goals and interests, acting out of conviction without being directly sponsored by any government. The members of such groups come from very different backgrounds, have different nationalities and a wide range of technical skills.
The third quarter of 2022 marked a transition to a wave of DDoS attacks, in contrast to the first quarter of 2022, which saw a number of different types of attacks, split more or less evenly between data breaches and theft, DDoS attacks, espionage, influence campaigns, intrusions, ransomware, phishing, deletion and information theft. In the second half of 2022, cyber attackers preferred DDoS attacks (75%) against companies and governments.
These systematic harassments often have little operational impact, but maintain an atmosphere of anxiety among security teams and decision makers. Their goal is not to have great operational influence, but to pursue targets and convince them to support Ukraine.
At the other end of the spectrum, data erasure attacks can take down an attacker’s systems, and persistent espionage can undermine the integrity of an attacker’s security apparatus, but these methods require more resources and more time to prepare. Destructive cyber military operations together with espionage make up only 2% of the total number of incidents and are aimed mainly at Ukrainian public organizations.
Russian authorities regularly use cyber attacks to harass their opponents without engaging in direct confrontation.
A growing number of civilian sectors in Europe are under pressure
If in the first quarter of 2022 the most cyberattacks were directed at the Ukrainian defense and industrial base and the country’s public administration bodies, the focus gradually shifted to European public administration bodies (30 incidents), the financial sector (162), the transport sector (132), telecommunications ( 90), mass media (89) and the energy sector (66).
Although relatively unscathed at the start of the conflict, healthcare, industry, IT services, the aviation sector and governments in Europe have increasingly come under attack to pressure Western civil society.
Acts of cyberwarfare still occur in Ukraine, as was the case with the ATK256 (UAC-0056) attack against several Ukrainian government institutions on February 23, 2023, the anniversary of the conflict, but they are kept away from Western eyes thanks to constant cyber. .
Photo source: Dreamstime.com
Source: Hot News
Lori Barajas is an accomplished journalist, known for her insightful and thought-provoking writing on economy. She currently works as a writer at 247 news reel. With a passion for understanding the economy, Lori’s writing delves deep into the financial issues that matter most, providing readers with a unique perspective on current events.