German energy sector attacked by Russian Hackers
Large-scale cyberattacks on the German energy industry became public in June last month: criminal hackers tried to break into the networks of more than one hundred businesses. The German Federal Office for Information Security (BSI) describes the incidents as an extensive, global cybercrime campaign, which apparently has been planned and strategically conducted for a while already. Using a variety of methods, such as drive-by downloads or spear phishing, the attackers were able to hack into the office networks of several energy providers and their suppliers. Security authorities hold the Russian hacker groups Berserk Bear and Sandworm responsible for the cyberattacks.
Energy supply is not at risk until now
The energy industry’s supply network counts as critical infrastructure (CI), as the common good is dependent on its fluent operation. So far, the attackers couldn’t obtain access to the CI. However, the BSI warns of possible attacks that may follow as authorities assume the current threat situation will persist. Now that the attacks became public, the criminals will presumably change their strategy and might possibly proceed more aggressively. Due to the high level of digitalization as well as its political state, Germany is known to be a popular target for cybercrime.
Critical infrastructures under constant threat
Cyberattacks against electricity grids are not unusual: the Hamburg electricity grid, for example, speaks of over 1,000 attacks that must be fended every single day. Last year already, the BSI advised electricity producers to increase their protection and cybercrime defending systems. If critical infrastructures fail or get damaged, the malfunction will have dangerous impacts on everyday life. During past attacks, medical centres were shut down, surveillance systems disabled, and entire cities cut of off the electricity grid.
How will CI be protected in the future?
Generally, in Germany there is a high level of IT security thanks to stringent laws and legislations. Latest attacks, however, show that IT infrastructure is vulnerable and present security measures are not sufficient. The EU now aims to strengthen international cooperation in the field of cybersecurity to improve its abilities in detecting and fighting cybercrime. Experts criticise security budgets that are too little for proper protection against digital threats. Although companies are aware of the increasing risk potential, they do not fully use the available security solutions. There still is a strong need for action on the level of the individual institutions.