Austria's Foreign Ministry Hit By A Big Attack

The Austrian government has been hit by a cyber attack that is believed to be the work of another country. It hit the country's Foreign Ministry and began overnight on Saturday 4th January.  A spokesperson for the ministry described the incident as "serious" and said that experts had warned it could continue for several days and that they believe it was carried out by a foreign country.

On the same day the attack was launched, at a congress held in the city of Salzburg, Austria's Green Party said that it was in favor of forming a coalition with the conservative People's Party.

The ministry said that the attack had been caught early and countermeasures had immediately been put in place. The signatures and the pattern of the attack suggest that it could be the work of a state-sponsored threat actor. "Despite all intensive security measures, there is never 100 percent protection against cyber-attacks," the ministry said, adding that other European countries had been affected by similar incidents in the past. 

Hugo van den Toorn, manager of offensive security at Outpost24, said: "It is true that despite the precautions taken and all the controls in place, a motivated attacker can always find a way through an organisation’s defenses....Although we see an increase in politically motivated attacks over the past few years, we should remain vigilant in blaming certain threat actors or nation-states. 

This latest incident in Austria follows the serious cyber-attack on the German government's IT network, which was launched in March 2018. A group of Russian-backed threat actors known as APT28 or Fancy Bear was suspected to be behind not only that attack, but also an earlier cyber-hit on the German parliament carried out in 2015. 

APT28 are similarly suspected of waging cyber-warfare on entities in Eastern Europe and in the United States.
Last year the EU adopted powers to punish those outside the bloc who launch cyber-attacks that cripple hospitals and banks, sway elections and steal company secrets or funds.

CISO:           Infosecurity:        BBC

You Might Also Read: 

Meet The Fancy Bears:

 

« British National Cyber Security Chief Steps Down
Cyber Security’s New Workforce »

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Cyber Security Service Supplier Directory

Cyber Security Service Supplier Directory

Free Access: Cyber Security Service Supplier Directory listing 4,000+ specialist service providers.

Go Cyber

Go Cyber

Go Cyber is a new, highly innovative cyber security training app that uses action based learning to significantly improve the online behaviour of all employees in less than a month.

DigitalStakeout

DigitalStakeout

A simple and cost-effective solution to monitor, investigate and analyze data from the web, social media and cyber sources to identify threats and make better security decisions.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Allen & Overy

Allen & Overy

Allen & Overy is an international law firm. Practice areas include Telecommunications, Media and Technology.

Core DataCloud

Core DataCloud

Core DataCloud specialise in cloud data storage backup and disaster recovery solutions.

Cyber Security For Critical Assets (CS4CA)

Cyber Security For Critical Assets (CS4CA)

Cyber Security For Critical Assets is a global series of summits focusing on cyber security for critical infrastructure.

Blue Lights Digital

Blue Lights Digital

Blue Lights Digital have developed a range of platforms to support digital investigations, as well as providing continued support and education for investigations professionals.

Cyber Educators International (CEI)

Cyber Educators International (CEI)

CEI is an Industry driven initiative supporting a global community of educators with key cybersecurity resources they need to bring cybersecurity education into the classroom.