Network-assessment

Two massive cyber attacks in May and April 2017, the Wannacry virus and the NoPetya attack on Ukraine, tested Europe’s cyber defenses and showed the EU sorely needs to upgrade its threat response. Both viruses exposed various loopholes in security protocols and the lack of countermeasures against the malicious applications.

The WannaCry ransomware virus infected 400,000 computers worldwide. After performing cyber risk modeling tests, experts peg the damage to amount to 4 billion USD. It is by far the most damaging cyber attack in recent history. The cyber criminals behind the ransomware used an exploit created by the NSA called EternalBlue as a backdoor into Windows computers. Their creation netted them around 120,000 USD worth of value in Bitcoin ransoms.

A month later, unknown hackers carried out the NoPetya attack against banking institutions in Ukraine by creating a backdoor through an accounting software called M.E.Doc. Although the concentration of the attack focused on the former Soviet country, the ransomware spilled over to neighboring Estonia as well. Specialists report the damage reached around 1.2 billion USD.

Both viruses hijack the operating systems, disable the hard drives from booting, and show notices asking for a specific sum if they want their computers working again.

WannaCry’s attack would have gone unabated if it not had been for the timely solution discovered by a British security researcher. In order to halt the rise in new activity of NoPetya, Ukrainian authorities seized M.E.Doc servers to prevent the software from providing the malware entry to more computers.

Insights from the attack showed that although updates addressing vulnerabilities that the malware use for entry have been available for months before the outbreak, individuals and businesses failed to install them to protect their computers. In the same vein, the hackers behind the NoPetya attack were able to install their virus because M.E.Doc failed to update their servers against these threats.

After a failing to counter these threats, the EU has started taking measures in order to properly address cyber attacks and give the threats their due attention. The EU worked on updating their cyber security strategy. They have also formulated a framework to punish cyber attacks with measures like economic sanctions and diplomatic demarches. Aside from these non-confrontational actions, the EU will also enable its recently established military alliance Permanent Structured Defence Cooperation or PESCO to work as a platform for cyber defense aside from military defense.

In relation to these developments, former Estonian Prime Minister Mart Laar, in an op-ed piece for EUObserver, said that the European Union should embrace the unknowns of cyberspace and take these recent events as an opportunity to improve.

Post a comment