It does not pay to underestimate security. GAMO research shows that more than half of companies admit to having experienced a cyber incident. However, the actual number may be much higher, as companies don’t like to “brag” about such information. The damage they cause in international companies is calculated in the tens to hundreds of millions of dollars.
How are the Czech Republic and Slovakia doing with cyber attacks? They have more in common.
Hospital collapses in the Czech Republic
A year ago, the hospital in Brno was not only attacked by the COVID-19 pandemic. Just as Czech doctors were treating the first patients in serious condition, a cyber-attack paralysed the hospital’s operations. It came at about 2 a.m. and the information system was attacked so much that computers had to be disconnected from the network and doctors could not operate. Acute patients had to be transported elsewhere by the Czech Republic’s second-largest medical facility.
The hospital is still recovering from this incident today. It lost valuable data of scientific importance, a complete internal information system, some legal documents and contracts. The total damage amounted to CZK 150 million (EUR 5.8 million).
A year earlier, hackers managed to attack the hospital in Benešov with malware. And although the damage was estimated at “only” 59 million crowns (2.2 million euros), the hospital’s operations were paralysed for about two weeks. The hospital had to cancel all planned operations and transfer patients from the ICU and ARO to other hospitals. The biggest losses were due to the reduction in medical procedures, but the blood transfusion station and the sale of blood derivatives were also restricted.
As in one of the few attacks, the police managed to track down the perpetrators. The group behind it is the same one responsible for the attack on OKD’s computer network in the same year. For security reasons, coal mining in all mines in the Karviná region had to be suspended at that time.
The attraction is also the transport infrastructure or municipalities
In March this year, the Czech Republic was not spared from a cyber-attack. Hackers attacked the computer systems of Czech Railways and the Railway Administration. In this case, fortunately, there was no security threat.
The Prague City Hall servers survived, only a shutdown was performed, and thanks to the retention of copies of the data, the attack did not have fatal consequences. Worse was the Olomouc City Hall, where the data networks had to be shut down, paralysing the entire operation of the office. Those who had, for example, made an appointment to visit the office via the reservation system could not take care of the necessary business. The municipality had to arrange for a complete restoration of the system, including all hardware elements.
The beginnings of security in SK and the password nbusr123
As confirmed by the National Security Office (NSA), in the last period cyber-attacks have affected the information technology sectors in public administration, telecommunications, energy and smart industry. However, in the past, even the authorities themselves, universities and hospitals have not escaped them.
In December, it will be 10 years since the court finally closed the National Security Bureau hacking case and acquitted the defendants who used the nicknames Br and Tuxo.
In April 2006, the perpetrators exploited security holes and penetrated the public zone of the NSA servers. As a consequence, in addition to the data leak, the name and position of the Office, which was protected by a simple password nbusr123, was damaged. Someone simply “forgot” to change it and subsequently changed it in accordance with the security policy. Hackers accessed emails, archives, downloaded tens of GB of data. But even after the incident, no one had to change the password for several more months before another attack occurred and cut the office off from the Internet.
Ľubomír Kopáček, a specialist at GAMO, remembers the case as a cybernetic neolith. “I would sum it up by saying that someone was in the right place at the right time and was lucky. It was a different time.” That the NSA didn’t change its password even after the attack was more dangerous than the breach itself. “Today, in large companies, regular password changing is one of the pillars of cyber hygiene policy.”
Symbolic “spanking” as a warning finger
Similarly to the Czech Republic, Slovakia was not spared an incident in the healthcare sector. A hospital in Nitra was the victim of a ransomware attack. The virus encrypted data on unprotected computers and demanded a ransom of 270 euros to decrypt it.
Fortunately, the impacts have not been as great as those of our neighbours. Patients’ healthcare has not been compromised, nor has there been any leakage of information. However, it did complicate the handling of patients, as doctors had to deal with everything in writing and by telephone, as well as using paper medical records. And, of course, remediation was also complicated. Technicians had to check all 450 computers in the medical complex.
The Nitra hospital was one of hundreds of thousands of victims of ransomware that infected computers in 150 countries around the world. Hackers have been confirmed to have exploited a security hole in older versions of Microsoft’s Windows to create the WannaCry virus.
Classified facts – a goldmine for hackers
The Slovak diplomatic department did not escape the attack. The major cyber attack of 2018 was directed from abroad and was detected by experts from the Military Intelligence. The aim of the attackers was to filter sensitive data and then move it to foreign servers. And although there was no leak of classified information, according to then-Minister Miroslav Lajcak, it is a sobering example of how state institutions are highly vulnerable to attacks. In the event of a more massive leak, the consequences would be catastrophic on a global scale.
Recall the latest massive wave of ransomware attacks in April this year, which intensified across Central Europe. The National Security Authority has issued a warning, highlighting the high risk of incidents against Slovak targets. Although details are not known, attackers have attacked several organisations, encrypting important data and limiting the functioning of the companies themselves. Whether spam, malware, ransomware…they all have in common that they are dangerous. Not only in terms of business downtime, financial damage, data leakage or spoiled reputation. The aforementioned attacks directly threaten the health of the population and the security of the state.
