Die Russen kommen!
Sorge vor russischem Angriff auf Europawahlen
Das Haus enthebt seinen IT-Sicherheitschef des Amtes. Er habe zu wenig gegen Cyberangriffe getan. Parallel dazu mehren sich nach dem Auffliegen einer lettischen Abgeordneten Berichte über interne russische Spitzel.
Brüssel. Vier Monate vor den Europawahlen tauscht das Europaparlament seinen zuständigen Beamten für Cybersicherheit aus. Der Leiter der IT-Abteilung des Hauses, Pascal Paridans, werde demnächst zurücktreten, habe das Präsidium des Parlaments beschlossen, berichtet das Nachrichtenmagazin „Politico“ am Montag. Schon im Dezember hatte es über einen internen Bericht des Parlaments berichtet, demzufolge die Cybersicherheit des Hauses „noch nicht branchenübliche Standards erfüllt“ und „nicht völlig auf der Höhe des Bedrohungsniveaus“ ist, das von staatlich unterstützten Hackern und anderen feindselig gesinnten Gruppierungen ausgehe.
src: click (Die Presse)
Was, der hat nur gepatcht und keine neuen Antivirenlösungen reputabler US Partner eingekauft? Was nur nen false sense of security vorgaukelt, denn bei targeted attacks meist nutzlos.
Was, der hat nur gepatcht und kein Echtzeittrafficmonitoring eingesetzt, das nen false sense of security vortäuscht - weil mia ham ja eh keine Warn-SMS kriegt?
Was der hat nicht gepatcht?
Was denn jetzt?
Hm… lesen wir mal den Originalartikel…
Also - berichtet Politico am Montag… Hmm, komisch, kein Artikel vom Montag in dem Politico das berichtet, aber wir sind hier beim österreichischen Qualitätsjournalismus - also wars wohl mehr der Freitag vorm Montag…
FEBRUARY 2, 2024 1:00 PM CET
BY ANTOANETA ROUSSIThe European Parliament’s chief cybersecurity official will leave his post early, just months before the June elections, amid criticism that the assembly is struggling to cope with increasing cyberthreats.
src: click
Grund:
POLITICO reported in December that an internal review showed that the European Parliament’s cybersecurity “has not yet met industry standards” and is “not fully in-line with the threat level” posed by state-sponsored hackers and other threat groups.
Original Report:
The European Parliament’s IT department presented a report to a group of key members of the European Parliament (MEPs) earlier this month, warning that state-sponsored attacks on the Parliament have become more numerous and more sophisticated since its last election in 2019.
The number of cyberattacks on EU institutions “is increasing sharply,” said the report, dated November 29, and the EU should prepare “to face similar threats” as politicians, parliaments and governments across Europe have faced in recent years.
The institution is also more vulnerable due to its shift to more remote work during the pandemic, it added.
Several officials and elected members involved in Parliament’s preparations against cyberattacks targeting next year’s election warned in separate conversations that the institution’s defenses were weak and could break.
“We’re standing with our bare bottoms out and if anyone wants to hack us, like any Chinese threat actor or any state actor, they can,” said a staff member at the European Parliament administration, granted anonymity due to the sensitivity of the topic.
Pro-Russian hacktivist groups like Killnet have also plagued European governments with constant annoyances, mostly through distributed denial-of-service attacks (DDoS) bringing down online services. Last year, the European Parliament website faced a “sophisticated” attack disrupting its services moments after members voted to declare Russia a state sponsor of terrorism. Similar incidents have hit national institutions too.
With six months to go before the European Parliament election, the fear is a repeat of earlier election hacks.
Uniquely vulnerable
The EU election — in which voters across 27 countries elect new European Parliament members — are uniquely vulnerable to attacks. In effect, the election is 27 parallel voting processes taking place at once, all with different infrastructure and protections. It could take just one successful disruption of a national electoral system to cast doubt on the entire new parliament.
Parliament’s report highlighted a range of risks: influencing public opinion on specific candidates through disinformation; cyberattacks on national voting systems; cyberattacks targeting the major political debates at EU and national level; and attacks targeting the EU Parliament’s own election night process itself.
At risk are internal accounts, data and correspondence of members of parliament, which can be used to pressure politicians or disrupt election campaigns. Hackers could also seek to compromise the voting, counting and information systems used in the elections to discredit or dupe results.
Compromising accounts could also help gain access to national political systems or to data on other EU institutions. “In the last two years we’ve introduced two-factor authentication between institutions,” a parliamentary assistant said. “Before you were just able to log into one institution and you could enter all others.”
One issue Parliament is grappling with is the institution’s scattered cybersecurity structures. Each political group is a little island that handles its own IT infrastructure and support. During election campaigns, national and pan-European political parties also take a more central role in coordinating the process, further complicating control and administration.
Another stumbling block is hiring cybersecurity staff. “You get roughly one staff [IT] member for every three members of the European Parliament, so smaller groups are less protected,” one Parliament official said.
Ramping up to stop the hacks
Inside Parliament, officials are in a race against time to shore up cyber defenses quickly.The European Parliament in its report said it will hire 40 new cybersecurity experts and increase the budget of the cybersecurity directorate to €7 million in 2024 from €5 million this year, and up to €8.5 million in 2025. So far, 20 have been either recruited or offered the job.
Ehmm..
Ehm unique risk profile!
- DDOS!
- Hacking remote access VPNs! (working from home increased the attack vector)
- Hacking the Vote Counting Mechanism!
- Two factor solved the institutions account separation issue!
It did what?!
- Hacking sensitive data!
- Gaining database access!
- Manipulating elections!
- Undermining voter trust!
- Voter manipulation!
- Account hacking!
- Defacing EU Parliament websites!
Ok, I’m sorry I asked - aber gehts ein wenig genauer als “ALL THE THREATS!?”
This year, the consultant firm PriceWaterhouseCoopers (PWC) performed at least one external technical penetration test on the Parliament: i.e. a security assessment of the organization’s digital perimeter. The results are strictly protected even to DG ITEC staff, with only few officials having access to them.
Ah, nein, gehts nicht - weil der report ist ja confidential.
Bart Groothuis, a Dutch Liberal lawmaker and cybersecurity expert, said he’d asked for a “fully fledged third party assessment” including incident response and incident handling. “Third parties make sure that you do the right things because if you do it yourself, then politics come into play,” said Groothuis. “A third party which has no interest whatsoever has the ability to look really freely and assess what is really necessary.”
Meanwhile, the EU’s Agency for Cybersecurity (ENISA) and the Commission held an electoral training exercise in Parliament’s premises in November. That exercise gathered more than 100 participants largely from national cyber and electoral authorities, with the idea to improve countries’ responses to cyber attacks.
Parliament’s cybersecurity services plan to exercise “their highest vigilance” during the week of the European election, which will run from June 6-9 next year, the report said, and services will remain on high alert until a new EU Commission is installed, it said.
The institution already rolled out a spyware detection tool that allows members to scan their phones for known traces of intrusive software. It made the service available to all MEPs and staff, the report said.
Aber fürchtet euch nicht, sie haben Virenscanner für die Handies eingekauft! Die die MEPs selbst bedienen dürfen!
Und sie haben geplant ein Trend monitoring einzuführen!
The institution also plans to circulate “election hacking memos,” which will warn about new methods and trends which could threaten election security, and EU politicians can also rely on the CERT-EU unit for a tool that spots and flags disinformation attempts like fake social media accounts and malicious social media activity, the report added.
Hey du, meine Wahl wurde gerade gehackt, sei vorsichtig, da geht dieser Trend um!
Gut, also Problem identifiziert - wie lösen wirs?
Another stumbling block is hiring cybersecurity staff. “You get roughly one staff [IT] member for every three members of the European Parliament, so smaller groups are less protected,” one Parliament official said.
Ah, zu wenig Geld alloziert (8000 staff, 200 IT staff, also one per 40, while - the average ratio across all sectors and company sizes is one IT worker for every 27 employees), wie können wir denn da - ah ich weiß was!
Das Haus enthebt seinen IT-Sicherheitschef des Amtes. Er habe zu wenig gegen Cyberangriffe getan.
Gut, gehen wir mal davon aus dass das alle EU Institutionen komplett kompromittiert sind, aber keine staatliche Hackerbude Interesse daran hat die EU Wahlen über einen direkten Hack zu manipulieren und dabei erwischt zu werden - wie sieht denn das risk profile abgesehen von den EU Wahlen so aus?
EU capitals fear Russian retaliation and cyberattacks after asset freezes
src: click
I’m sorry I asked.
