Filenews 6 March 2022- by Theano Thiopoulou
European banks, including Cypriot banks, are in increased readiness for the risk of cyberattacks due to the war in Ukraine to repel any malicious action. They are constantly checking security systems and are vigilant in their defence in case they are subjected to "cyberattacks", as Russia's invasion of Ukraine creates a rift with the West.
The European Central Bank had already warned on 10 February of the possibility of cyberattacks in response to the sanctions triggered by the West against Moscow.
The issue is on the agenda of the Central Bank, as well as of the national supervisory authorities and the ECB. As mentioned in "F", from the central side "due to the rapid developments, the analysis of the possible impact is continuous and in this context all possible risks that may arise in case of further escalation (cybersecurity risks, as well as indirect impacts due to a weaker economic environment, influence on energy prices, etc.) are examined".
Cypriot readiness
Banks in Cyprus are ready for any eventuality, although for the time being bank of Cyprus sources pointed out to "F" that "as the Bank of Cyprus, our systems and safeguards follow best practices and fully comply with the ECB and CBC directives on cybersecurity. For this period, due to geopolitical developments, we have implemented an increased level of monitoring and preparedness to deal with possible cyber-attacks. So far, nothing alarming has been identified, nor unusual attacks on the bank's systems related to the events."
George Sklavos, Head of Corporate Communication & Identity of Hellenic Bank, told "F" that "we are closely monitoring the developments and we are in direct communication with the competent authorities. We are taking all appropriate measures to deal with a possible increased risk."
Signal for excellent alertness
A few days ago, the European Central Bank and the European Banking Authority sent a signal to all banks in the Eurozone, asking them to be extremely vigilant due to geopolitical tension. The European Banking Authority's badge called on banks to check the readiness and resilience of their systems and drew attention as there is an increased risk of a "digital war" breaking out. Banks in the Eurozone are being urged to increase their cyber defences, with the region's regulator saying the issue should be a top priority amid heightened geopolitical tensions.
Attacks are of two kinds. Either hackers are trying to bring down a bank's software systems, such as by sending millions of e-mails to e-banking in bulk, so that the system falls and they cannot serve their customers. And the second attack has to do with customer data theft. Although the major banks of the Eurozone have competent mechanisms, as experience has shown, many of their systems have vulnerabilities that have been underestimated, while the digital transition has increased the interconnection with other organizations and data flows, increasing the entry points of malware and thus the risk of infections.
"We ask the banks to strengthen their cybersecurity measures so that they are ready for a possible increase in attacks," Andrea Enria, chair of the European Central Bank's supervisory board, said at a news conference last week. "We will also note the attention of banks in relation to the possible worsening of global tensions that could actually trigger more attacks," he underlined.
He said the ECB, the central bank of the 19 EU countries that have adopted the euro, is paying "increasing attention to the ability of banks to ensure their security". Now, the European Central Bank is on the lookout for the threat of cyber-attacks on banks from Russia.
Concern globally
The concern, however, is also pervasive at the global level. New York's Department of Financial Services issued, even before the invasion, a warning to financial institutions in late January, warning of cyber retaliation if Russia invaded Ukraine and U.S. sanctions followed, according to Thomson Reuters' Regulatory Intelligence. Russian-related hackers have been blamed for several major cyber attacks in the past, including the infamous SolarWinds piracy in the US in 2020, but the country has not claimed any responsibility.
Continuous actions
Europe is constantly developing action to address cybersecurity challenges. Critical sectors such as transport, energy, health and finance are increasingly dependent on digital technologies to carry out their core activities. While digitalisation offers huge opportunities and provides solutions to many of the challenges facing Europe, including during the COVID-19 crisis, it also exposes the economy and society to cyber threats. Cyber-attacks and cybercrime are multiplying across Europe, and the methods used in these actions are constantly evolving. This trend is set to be further reinforced in the future, as it is expected that 22.3 million devices worldwide will be connected to the Internet of Things by 2024. Developing stronger action in the field of cybersecurity, with the aim of building an open and secure cyberspace, can increase citizens' trust in digital tools and services.
Malicious moves before the war in Ukraine
A digital attack can have serious consequences. In the context of the crisis in Ukraine, how to react to such a situation was even discussed at the recent cybersecurity conference in Munich. The cyberattacks began before the ground invasion and deployment of Russian troops in Ukraine erupted. The cyberattack on the Ukrainian Ministry of Defence and two major state-owned banks was the worst Ukraine had ever experienced, the Kiev government announced, and cited Russia as a potential perpetrator. Several Ukrainian government websites had already been massively attacked in January. The websites of the Ministries of Foreign Affairs, Disasters and Research could not operate, temporarily. The Foreign Ministry's website wrote in Ukrainian, Russian and Polish: "We are afraid and we expect the worst." The cyberattack also caused concern in Western states, which promised Kiev increased cooperation on Internet security.
Hackers place malware in a targeted manner. According to reports in the foreign press, the day before the invasion of Ukraine, the critical infrastructure in Kiev had become the target of the attacks: the websites of the parliament, the government and the Ministry of Foreign Affairs were temporarily paralysed. At the same time, the hackers released the so-called "wipers". A particularly destructive piece of malware that remotely formats hard drives and deletes data on hundreds of computers.
The suspicion is that behind the attack were Russian hackers. "This can only be proven if you conduct extensive research," says Manuel Atug, an IT security expert and member of the Chaos Computer Club, who advises companies and authorities on IT security. It also assumes that these are hackers paid for by the Russian government. A conflict in the digital environment, which has been active for years, of course, since the Russian invasion of Crimea in 2014.
"Silent battles are fought in the digital environment, without shootings or deaths, but they are capable of leaving thousands of people without heating, as happened in Ukraine in 2015, eliminating sensitive government data or collapsing companies' computer systems, as seen in 2017 with the NotPetya virus," Writes Spain's El Pais. This computer virus, one of the most destructive in history, first started in Ukraine to torpedo institutions of this country and ended up spreading throughout the world.
In May 2014, a month after Russia annexed Crimea, the Voodoo Bear group torpedoed the Ukrainian energy and transport infrastructure. In the winter of 2015, malware shut down many power plants, leaving more than 80,000 people without power (and no option for heating). Ukraine has accused Russia of being behind the attack. Moscow has denied that it has anything to do with it.
Similar attacks followed for the next two years, and in 2017 with the release of highly sophisticated malware. In addition to NotPetya, other viruses, such as FakeCry or BadRabbit, were identified with the aim of undermining the country's communications networks. "With these attacks, it was the first time we found that they tried to imitate someone else: an alleged group of hacktivists called FSociety, a name that comes from the TV series Mr Robot," says Adam Meyers, head of information at CrowdStrike, who has been monitoring the activity of some of the main groups of Russian hackers for years.
