Earlier January, Austria’s foreign ministry announced it was facing a “serious
“Due to the gravity and nature of the attack, it cannot be ruled out that this is a targeted attack by a state actor,” the foreign ministry said at the time in a joint statement with the interior ministry.
“Despite all the intensive security measures, there is no 100-percent protection against cyberattacks.”
The attack took place on the evening of Saturday 4 January evening and it was quickly detected. Local reports revealed that the attack aimed at the ministry’s IT infrastructure.
Authorities immediately adopted the defensive measures to protect their infrastructure, it also set up a special committee to respond to the incident. It is not clear if the hackers gained access to sensitive data.
This week, the Austrian foreign ministry announced that the cyber attack against its systems has ended.
“After really intensive work and excellent cooperation between all the departments involved, last weekend we managed to clean up our IT systems and end the cyber attack on the Foreign Ministry,” said Foreign Minister Alexander Schallenberg. “The highest possible data security at the Foreign Ministry is guaranteed and no damage to the IT equipment could be detected.”
“According to current knowledge, this was a targeted attack against the Foreign Ministry with the intention of gathering information. However, due to the dimension and the high complexity, it cannot yet be said beyond doubt who is behind the attack.”
The authorities are still investigating the attack, the government experts have no doubt about the fact that it was a targeted cyber-espionage attack against the Foreign Ministry.
“Espionage is a serious
Intelligence experts speculated the involvement of Russian or Chinese cyber
“The entire course of this
The Turla APT group (aka Snake, Uroburos, Waterbug, Venomous Bear and KRYPTON) has been active since at least 2007 targeting diplomatic and government organizations and private businesses in the Middle East, Asia, Europe, North and South America and former Soviet bloc nations.
The list of previously known victims is long and includes also the Swiss defense firm RUAG, US Department of State, and the US Central Command.
Major cyber attacks are a rarity in Austria, only a few large-scale attacks were observed in the past years. In September 2019, before the National Council election, the ÖVP was hit by a “very targeted hacker attack” on the party headquarters.
In 2018, the websites of the parliament and various ministries in Austria were targeted by DDoS attacks (Distributed Denial of Service).
Other European countries suffered similar attacks in the past, in 2015 more than 20,000 computers belonging to the German Bundestag were infected with malware. Experts and media reported a possible involvement of Russian state-sponsored hackers.