A Look Back at Novembers Top Cybersecurity News

Welcome to our monthly round-up of “Cyber Security News of the Month”.

This month’s round-up is centred around the European Union regarding new cyber defence policies and legislation to assist in cyber resilience across the member states.

We also dive into a €10 million ransomware demand on the department of Seine-et-Marne and an €800,000 fine issued to Discord by The CNIL.

 

Latest Cybersecurity News

 

Europe Commission propose cyber defence policy in response to the increase in cyber attacks

In mid-November, the European Commission proposed a cyber defence policy in response to the increase in cybersecurity attacks affecting Europe since the Russian invasion of Ukraine.

Citing the recent cyber attacks on EU energy networks, transportation infrastructure and space assets, the Commission called on all member states to increase their investment in their cybersecurity capabilities in addition to boosting their defensive partnerships, threat-intel sharing and cooperation between the military, law enforcement and private information security professionals.

There has also been an abundance of DDoS (distributed denial of service) attacks against European nations since the war in Ukraine began. This includes the largest ever publicly known DDoS flood against an Eastern European organisation that went beyond 700 million packets per second.

The document further outlined that the government needs to set up various structures to coordinate the cyber defence policies including the addition of the EU Cyber Defence Coordination Centre, an EU Commanders Conference, a network of military Computer Emergency Response Teams and joint exercises under the banner of a CyDef-X project.

Commenting on the cyber defence policy, European Commission VP Josep Borrell stated, “Cyber is the new domain in warfare. To be up to the challenges and threats ahead of us, we need modern and interoperable European armed forces equipped with the latest cyber defence capabilities."

The cyber defence policy is part of a broader four-year plan to assist in improving Europe’s military mobility.

 

Malicious actors demand $10 million from the Department of Seine-et-Marne

In early November, malicious actors shut down systems at the Department Of Seine-Et-Marne in France and demanded a ransom of 10 million dollars to reactivate them.

The Paris Prosecutor’s Office’s Cyber ​​Crimes Unit opened an investigation into the ransomware attack. As of yet, there has been no indication of the user’s personal data being leaked but the department's online services were rendered unavailable.

Speaking on the attack, Jean-François Parigi, president (Les Républicains) of the departmental council of Seine-et-Marne stated that at this stage, “we are not aware of any personal data leak. Social benefits and salaries of departmental agents ” are paid “ by virtue of “continuity of services”. “All the agents continue to work but on paper or with mobile phones”, he continued, without giving a deadline for a return to normal.

Cybersecurity attacks on administrative internet sources in France have become more frequent over the past several months. In early October, the Seine-Maritime department was the victim of a similar cyberattack, and in September, the resources of the city of Caen in the Normandy region of France were subjected to an information attack. In August, hackers attacked the Sud-Francilienne Medical Center (CHSF) in Corbeil-Essonnes, near Paris. The attackers also demanded a $10 million ransom and, failing to receive it, began releasing patients’ personal data and information from their medical records.

 

Discord fined €800,000 by French Data Protection Agency

Voice, video and text chat app, Discord, has been fined €800,000 by French Data Protection Agency, The CNIL (Commission Nationale Informatique & Libertés).

The fine was a result of an investigation by the CNIL in which they found the organisation had failed to comply with several obligations under the GDPR (General Data Protection Regulation).

The cost of the fine was determined by the breaches identified, the number of people it concerned, and the efforts made by the company to reach compliance throughout the investigation period.

The breaches in GDPR identified by the CNIL included:

• Failure to define and respect a data retention period appropriate to the purpose (Article 5.1.e of the GDPR)
• Failure to comply with the obligation to provide information (Article 13 of the GDPR)
• Failure to ensure data protection by default (Article 25.2 of the GDPR)
• Failure to ensure the security of personal data (Article 32 of the GDPR)
• Failure to carry out a data protection impact assessment (Article 35 of the GDPR)

 

Flood of cybersecurity attacks on public sector cause growing concern

A number of cyberattacks across Europe have caused increased concerns about cybersecurity threats to targets in the public sector.

The attacks are part of a growing trend of serious cyber incidents over the past three years which have reportedly increased tenfold. 

In total, 24% of attacks studied were directed at public administration and governments. Although the variety of methods, targets and motivations suggest the attacks reported were isolated events, they have exposed vulnerabilities within the targeted government establishments.

To combat the threats, experts have called to increase funding to mitigate attacks. In addition, they have called for organisations within the public sector to develop a more systematic approach to their defensive programmes, proactively hunt for any threats and to collaborate closely with businesses.

Analysts have also noted the need for better education surrounding cybersecurity. They have stated that it is an urgent consideration for European politicians who have frequently fallen victim to a variety of attacks.

 

Latest Data Breaches

• HSE begin notifying those affected by data breach
• Meta hit with GDPR fine over Facebook data scraping breach
• Whoosh confirms data breach after hackers sell 7.2m user records
• Hackers attempt to sell Continental data for $50m after cybersecurity attack
• Malicious actors threaten to release data of 9.7m Medibank customers
• Hive claims ransomware attack on Tata Power

 

Hot Topic of the Month

 

EU Council adopts new legislation to strengthen cybersecurity and resilience across the European Union

November saw the EU Council adopt legislation to enable the improvement of the resilience and incident response capabilities of the EU as a whole, in addition to public and private sector organisations.

The directive, titled NIS2, replaces the current NIS directive and will form a baseline to assist in providing a high common level of cybersecurity across the European Union. The new obligations for cyber risk management measures and reporting obligations cover sectors including energy, transport, health and digital infrastructure.

Commenting on the new directive, Czech Deputy Prime Minister for Digitalization and Minister of Regional Development, Ivan Bartoš stated, “There is no doubt that cybersecurity will remain a key challenge for the years to come. The stakes for our economies and our citizens are enormous. Today, we took another step to improve our capacity to counter this threat.”

The NIS2 Directive sets out minimum rules for a regulatory framework and lays down the mechanisms for effective cooperation among the relevant authorities in each European member state with the aim of harmonising the cybersecurity requirements and implementation measurements.

The full directive has been published in the Official Journal of the European Union. Each member state will have 21 months from the entry into force of the directive in which to incorporate the provisions into national law.

 

How our experts can help

Identifying cybersecurity vulnerabilities without the input of an expert can be a difficult task.

At Secora Consulting, our experts provide a range of services that can help you to assess the security of your organisation. Our cybersecurity assessment focuses on gaining an insight into weaknesses in your organisation's current security posture which may make you vulnerable to the most common cyber-attacks.

Our baseline assessments focus on quickly bringing your systems in line with best practices by identifying missing patches and known issues in your systems. If you are interested in a more in-depth assessment of your infrastructure, ask us about our penetration testing services, where we will identify and exploit vulnerabilities in your network, showing just how far an attacker could get.

Get in touch with us today to discuss your specific requirements.