Over 100 cyber attacks from the war in Ukraine impacted Europe
Enisa's number one explained that for one event out of three of those surveyed there was a spillover from the theater of the conflict to the countries of the Union. Except in the case of Viasat, the US satellite communications company that was targeted by Moscow in the first days of the invasion of Ukraine, with "about 27 thousand users among the states of the Union being affected by the accident", as it had estimated in previously Lepassaar, the impacts were overall "moderate", say from Enisa's headquarters in Athens.
Risk factors However, the alert remains high, in particular on two aspects. On the one hand, “supply chain security,” says Lepassaar. If a service or technology provider falls victim to a cyber attack, the risk is that it will infect other connected realities, with a domino effect. Secondly, the war has given new impetus “to cyber vigilantes or hacktivists - observes the director of Enisa -. We still have to understand how "this front will evolve, which has seen Anonymous take sides against the Kremlin and the cyber group Killnet against Ukraine's allies, so far with results that are not decisive for the progress of the conflict." It is good to remember that o Every attack perpetrated from the territory of the European Union is a crime, according to European rules, even if the aim is understandable ”, comments Lepassaar, in reference to the actions directed against Moscow.
More than ever in recent weeks, Enisa is in contact with the IT security authorities of the 27 to collect information on the threats detected, share them and prevent them. The goal is to avoid spillovers. Nobody wants to relive the script of NotPetya, a ransomware attack directed against Ukraine that in 2017 then spread like wildfire all over the world and of which cyber technicians employed by the Russian secret services are accused. According to a research conducted in April by Idc, a market analysis company, on a sample of European IT security managers in companies, 20% of respondents attribute an increase in incidents to a probable consequence of the conflict, while 35% said that the war has caused a
change in corporate security and privacy strategies.
Enisa in particular is monitoring the risks associated with ransomware (security company Ivanti has estimated an increase of 7.6 % of the number of vulnerabilities associated with ransomware in the first quarter of 2022) but also with the manipulation and distortion of information on the web.
From the index of defenses to certification schemes To establish the resistance of EU countries to cyber threats, Enisa will produce an IT security level index of 27. This year "a pilot will be run, while the official release will take place next year", explains Lepassaar. The index responds to one of the requests of Nis2, the update of the European directive on cybersecurity which in mid-May received the go-ahead. free of EU institutions. The aim is to provide an all-encompassing view of the scenario of threats and challenges. "Various elements will be part of the index - the director of Enisa goes into detail -, from the capacity of the various industrial sectors to that of the Member States, from the of the effects of community policies at reliability levels ".
Enisa has also concluded the work on the certification scheme to validate the security of software and hardware." A team of experts from the world of industry, politics and of service providers have reached a consensus on the technical and legal requirements, "says Lepassaar. At this point the draft will be scrutinized by the European Certification Group. one of IT security, appointed by the Commission, which will then have the last word. Depending on the type of technology and the sensitivity, there will be three levels of certification: basic, substantial and high, with more stringent analyzes and greater commitments in terms of transparency, security and external control.
