Critical infrastructure will continue to be targeted by cybercriminals in the coming years, posing significant risks, a European Union SOCTA report said. Cybercrime causes significant financial loss to businesses, private citizens, and the public sector each year through payments for ransomware, incident recovery costs, and charges for enhanced cybersecurity measures.
Attacks to critical infrastructure have a significant impact and can potentially entail severe consequences, including loss of life, according to the report released Monday by the European Union Serious and Organised Crime Threat Assessment (EU SOCTA) 2021.
Developments such as the expansion of the Internet of Things (IoT), increased use of artificial intelligence (AI), applications for biometrics data, and availability of autonomous vehicles will have a significant impact, as cybercriminals will launch sophisticated and large-scale attacks against critical infrastructure to access and steal sensitive data, the report added.
The SOCTA report provides an overview of the current state of knowledge on criminal networks and their operations based on data provided to Europol by member states and partners, and data collected specifically for the report. Businesses are increasingly emerging as the targets of cyberattacks, while public institutions, including critical infrastructures such as health services, continue to be targeted by cybercriminals. A potential leak of data or service disruptions in these sectors could result in very high financial and social costs, it added.
Citing a report from European Union Agency for Cybersecurity (ENISA), the EU’s cybersecurity agency, which detected 230,000 new strains of malware every day, the SOCTA report identifies malware used by cybercriminals to build up their reputation in the hacking community. A widely used cybercrime tool, malware uses malicious code to infiltrate and take over a computer, network or mobile device, to steal data and carry out identity theft, cause service disruptions and support espionage.
The threat from cybercrimes is set to further increase in volume and sophistication over the coming years, the SOCTA report added. DDoS attacks are a well-known and persistent threat that is designed to disrupt or shut down a service/network by overwhelming it. Cybercriminals orchestrate persistent attacks, which might be followed by ransom requests offering to cease the attack in exchange for a payment. Cybercriminals now increasingly target smaller organizations with lower security standards. However, they continue to attack public institutions and critical infrastructures as well.
While the EU is set on a path of increased digitalization with significant impact on society, public administration, transport and trade, such advancements will increase the volume of digital personal data, which is mostly held by private companies, the SOCTA report highlighted. There is a risk that the exponential increase in data will overwhelm governments who are unable to manage, safeguard and effectively use this information, it added.
Recent incidents have confirmed that cyber and physical worlds are colliding with potentially disastrous consequences, through cyberattacks against critical infrastructure, according to recent findings of a study from HP, on the ‘Nation States, Cyberconflict and the Web of Profit.’ These suspicions and recent HP data showed that cyberattacks on infrastructure now constitute at least 10 percent of nation-state incidents.
In a 2019 survey of security staff in the utility, energy, health and transport sectors, it emerged that 90 percent reported at least one successful attack on their installations between 2017 and 2019, HP added.
Intrusions in 2014 on US energy utilities that were, for instance, infected with the Black Energy malware, appear to have been a dress rehearsal for attacks in 2018 by the Sandworm or Voodoo Bear APT, on various Ukrainian energy infrastructures using the same malware, HP said. The Ukraine railway ticketing system was also compromised by the same group. Cyberattacks on meteorology systems that supply climate information to shipping and airline companies have also been reported.
“As critical infrastructure is targeted, we risk the merging of the cyber and physical worlds, with potentially catastrophic consequences that could result in loss of life,” the HP report added.