top of page

Austria's Foreign Ministry Hit by Cyber-Attack

Austria's Foreign Ministry Hit by Cyber-Attack

The Austrian government has been hit by a cyber-attack that could be the work of a rival foreign power.

The attack, which was leveled against the country's Foreign Ministry, began late on Saturday night. A spokesperson for the ministry described the incident as "serious" and said that experts had warned it could continue for several days.

On the same day the attack was launched, at a congress held in the city of Salzburg, Austria's Green Party said that it was in favor of forming a coalition with the conservative People's Party.

The ministry said that the attack had been caught early and countermeasures had immediately been put in place. The signatures and the pattern of the attack suggest that it could be the work of a state-sponsored threat actor.

"Despite all intensive security measures, there is never 100 percent protection against cyber-attacks," the ministry said, before adding that other European countries had been affected by similar incidents in the past.

By Sunday, the ministry's official website was once again accessible.

Commenting on the news, Hugo van den Toorn, manager of offensive security at Outpost24, said: "It is true that despite the precautions taken and all the controls in place, a motivated attacker can always find a way through an organization’s defenses. Although we see an increase in politically motivated attacks over the past few years, we should remain vigilant in blaming certain threat actors or nation-states.

"As we also see that attribution remains difficult with cyber-attacks, past attacks have taught us that adversaries will attempt to make their attacks look like other actors in an attempt to avoid taking the blame or to provoke conflicting parties."

This latest incident in Austria follows the serious cyber-attack on the German government's IT network, which was launched in March 2018. A group of Russian-backed threat actors known as APT28 or Fancy Bear was suspected to be behind not only that attack, but also an earlier cyber-hit on the German parliament carried out in 2015.

APT28 are similarly suspected of waging cyber-warfare on entities in Eastern Europe and in the United States. Source: Information Security Magazine


bottom of page