The Austrian government announced on Saturday that the state department’s IT systems were the targets of a “serious cyber attack” carried out by state actors but did not disclose if the attack resulted in the loss of sensitive information or state secrets.
The targeting of the Austrian government’s IT systems by state actors was disclosed by the government’s Foreign Ministry and its Interior Ministry in a joint statement published on Saturday. The ministries said that the cyber attack was still underway and that the government was doing all it could to stop the attacks.
“The State Department’s IT systems are currently the target of a serious cyber attack. The problem was recognized very quickly and countermeasures were taken immediately. A coordination committee has been set up on the basis of the Network and Information System Security Act, and all relevant federal agencies are already active.
“Due to the severity and the nature of the attack, it cannot be ruled out that it is a targeted attack by a state actor. In the past, some European countries have been targeted for similar attacks. Despite all the intensive security measures, there is no 100% protection against cyber attacks. The state protection mechanisms provided for this are active at all levels,” the joint statement read.
The targeting of the Austrian government’s digital assets by state actors is consistent with the near-unanimous view of information security professionals that nation-state attacks will continue to rise in the future.
State actors also targeted hundreds of German politicians last year
In January last year, researchers at security firm Proofpoint found that a Russian hacker group named Turla was responsible for the leak of personal information of hundreds of German politicians and public figures including Chancellor Angela Merkel on Twitter.
“While actor attribution is notoriously difficult, early indications suggest that the Russian APT group Turla (a.k.a. Snake, Venomous Bear, Waterbug, and Uroboros) is behind the German data breaches reported earlier today,” said Chris Dawson, Threat Intelligence Lead at Proofpoint.
“Proofpoint researchers have seen Turla targeting German interests before, particularly leveraging a G20 summit on the Digital Economy that took place in Hamburg in October 2017; other activity associated with this group has been well-documented and stretch back to at least 2008.
“Even as additional details about the German cyber-attacks continue to emerge, organizations and agencies worldwide should look at their defenses against a variety of attacks, whether state-sponsored or financially motivated.
“Layered defenses at the network edge and email gateway can prevent exposure to a range of threats or alert administrators to exfiltration of data while up-to-date endpoint protection and rigorous patching regimens can help prevent exploitation of device vulnerabilities. Finally, user education is critical to enabling users to be last lines of defense, spotting potential attacks via email, the web, and other vectors,” he added.