Danish universities easy targets for hacker attacks and cyber spying from abroad
The Centre for Cyber Security (CFCS) under the Danish Defence Intelligence Service assesses that there is a high-level threat of cyber spying against Danish research institutions. Danish research is also assessed as being an easy target. Head of Information Security at AU, Ole Boulund Knudsen, agrees with the assessment and says that AU is targeted by various types of cyber-attacks on a daily basis.
It was recently reported that Sweden was subjected to up to 100,000 hacker attacks from abroad last year. These were aimed at the Swedish government agencies and institutions, state-owned companies, the defence industry and research institutions, among others.
Danish research and Danish universities are also in the hackers’ spotlight. In a report from last November, the Centre for Cyber Security (CFCS) under the Danish Defence Intelligence Service assessed that the threat of cyber spying against Danish universities and research institutions was high.
"There is a threat of cyber spying from foreign states, as well as of utilisation of IT infrastructure, while Danish universities and public research environments are easy targets,” according to the report.
The tradition for openness and knowledge sharing within the world of research is mentioned as one factor that makes universities vulnerable to attack.
AU faces daily attacks
Ways to beat the hackers
Good behaviour in cyberspace is named as one means against cyber-attacks. Ole Boulund Knudsen has the following to say to students and staff at the university:
- Keep track of your data and make sure that it is stored in a secure and responsible manner.
- Think about whether any of your data is sensitive or confidential and therefore requires additional security.
- Make sure that you are protected by antivirus programs and keep your systems updated.
- Stay updated about threats etc. at driftstatus.au.dk and informationsecurity.au.dk
- Be critical and use your common sense.
Ole Boulund Knudsen, head of information security at AU, agrees with the conclusion of the report, which states that the threat to Danish research institutions is high and that because the universities are open organisations, they are also easy targets.
He explains that AU faces different types of cyber-attacks on a daily basis. These include attempts at phishing, attempts to install malware (software that can be used to spread viruses or for espionage, ed.), attempts to install ransomware (programs that criminals use to encrypt or lock-up data, after which they demand a form of ransom as payment for returning the data, ed.) and attempts to take over servers.
READ MORE: Phishing attempt almost costs AU DKK 170,000
However, he explains that AU cannot actually know whether foreign powers are behind these attacks:
"We can often trace the attacks to foreign countries. In one of the most recent examples, the trail we were following ended in North Africa, but we can’t see whether foreign states are behind the attacks. On the other hand, neither can we rule it out."
Commercial and political interest behind cyber-attacks
According to the Centre for Cyber Security (CFCS) there may be commercial and political interests behind cyber spying directed at research institutions. These attacks can be attempts to gain insight into the research that forms the basis for important decisions made by politicians. They can also be carried out with the aim of getting a competitive advantage by having knowledge of specific research results, for example within the development of medicinal products. And they can also be aimed at gaining large volumes of data, for example personnel records or medical and statistical registers.
The report names specific fields of research that are of particular interest for foreign states – and thereby also hackers. These include Arctic research, defence and security policy and technological research.
Knudsen will not point to specific fields of research fields or research environments at AU as particularly at risk.
"We’ve got a very good idea about where we really need to be careful and watch out, and where we don’t. Our risk assessment is based on the classification of data, such as sensitive or confidential data. But we use wide-ranging measures and take a holistic approach, because there’s no point in having a high-level of security in one corner of the organisation, if there are gaps elsewhere."
If they want to break in, they will
Knudsen thinks that AU has an appropriate security level, and the report from the Centre for Cyber Security (CFCS) has not provided grounds for introducing additional measures. But that does not mean that hackers will not be able to penetrate the safety net, because that already happens today – and will also happen in the future.
"If hackers are dedicated enough and have the resources, they will break in. So it’s also a question of how good we are at discovering this once the damage has been done. That’s an area that we can certainly do better in."
Translated by Peter Lambourne