Threats in Luxembourg: Cyberattacks: hypervigilance is required
Published
Threats in LuxembourgCyberattacks: hypervigilance is essential
LUXEMBOURG – Authorities and companies are on the alert in terms of cybersecurity, especially since the invasion of Ukraine by Russia.
“In terms of cybersecurity, zero risk cannot be achieved,” Prime Minister Xavier Bettel said in a designated parliamentary response to CSV MPs Octavie Modert and Marc Spautz, who questioned the government on the cyberattack was not victim Encevo, at the end of July. But the authorities always sharpen their weapons against these powerful threats, said the Prime Minister. And this, with even more intensity since the invasion of Ukraine by Russia.
Thus, he indicated that the High Commission for National Protection (HCPN) had, as of March 2 – i.e. less than a week after the start of the conflict – drafted a note warning operators of critical infrastructures and statements of the entities he reiterated on April 19.
For its part, the Luxembourg Regulatory Institute (ILR) “has decided to step up enhanced monitoring of the sector” and, from the beginning of March, invited operators of essential services to “provide it with reports on the current state of the security of networks and information systems” and “to inform him of what measures are in place or have been taken”.
A security plan
With regard to the specific case of Encevo, Xavier Bettel indicated that it had been attacked by “controlled controlled software designed, which was not detectable by an antivirus”. The group was able to “detect the attack early” and “react quickly” thanks to “advanced security systems and processes, complemented by a 24/7 security operations center”. A security plan that all “owners or operators of critical infrastructure are required to develop”. Plans that they are invited “to update (…) according to the state of the threat and the evolution of the risk” (Grand-Ducal regulation of February 21, 2018).
The HCPN and the ILR also warned the other European countries and sent them “the indicators of compromise (Editor’s note: evidence of the intrusion) made available by Encevo. 180,000 data stolen, the National Commission for Data Protection (CNPD) may look into the file but will only be able to decide on a possible fault after a complete analysis of the incident, which “may take time”, explained the Prime Minister.
Xavier Bettel confirmed that the hackers had requested a ransom but will not disclose the amount for confidentiality reasons. A sum that Encevo did not pay. “This is also the general opinion of the competent authorities in this type of situation”, concluded Xavier Bettel.