May, 2017 - Cyberattacks

Olivier Markowitch, Research Group on the Quality and Security of Information Systems (QualSec)

Olivier Markowitch, what was the impact of the WannaCry cyberattack?

We are living in an increasingly connected world, where an attack like WannaCry can be deployed very quickly at a large scale. Still, the disaster some were predicting hasn't happened, and the consequences of the attack were less dire than expected. Belgium, for instance, did not suffer much from the attack.

Should we expect similar attacks in the future?

Yes, certainly. Cybercriminals want to extort money, whether they achieve this through ransoms, selling stolen data, attacking a company's reputation, or other means. They will keep doing this, with similar effects to this year's attacks: their goal is to take advantage of the system, not destroy it altogether. Cyberactivism -e.g. the actions of ‘Anonymous’- remains relatively marginal: it involves hackers going after a specific target in order to defend a cause. A much more serious danger is cyberwarfare, where states or groups use another state's digital vulnerabilities to further their own political goals. France, the United States, China, and Russia already engage in these activities for espionage or to shape public opinion: for instance, Russia's alleged influence over the latest presidential elections in the US. A much more serious risk is the potential to disrupt energy or water distribution networks, nuclear power plants, or the banking system.

What are the motivations behind cyberattacks? Read graphics on the left.

Is Belgium a target? Is it protected?

Belgium is indeed a target, especially because it is home to the EU's institutions as well as NATO. This was brought to public attention when Belgacom was targeted by a cyberattack in 2013. In the wake of the attack, a number of entities were created, such as Computer Crime Units, the federal cyberemergency team (part of the global ‘CERT’ network), and the Centre for Cybersecurity Belgium (CCB). However, SMEs remain vulnerable to certain types of cyberattacks: their limited resources do not allow them to keep their IT systems up to date or to have a specific person in charge of information security, which has become an essential task. The government has released funds this year that could help SMEs in this area.

And what is done at the EU level?

In May of 2018, the new EU regulation on privacy will require companies to inform the authorities of any data breach: this will improve the overall awareness of cyberattacks and allow information to be shared. The European Union also intends to require companies to take computer security into account when designing software or information systems, which should improve the overall state of cybersecurity in Europe. Lastly, there seems to be a push towards strengthening the mission of ENISA (the EU's agency for network and information security) to turn it into a center of expertise, certification and standardization in cybersecurity. In the meantime, it is essential to gather and share experience from past attacks: this is the purpose of the CERT network, but companies do not always think to contact it.

Are there practical solutions to prevent cyberattacks or limit their impact?

As I mentioned, keeping up-to-date software is a crucial step that can fix potential software vulnerabilities. Also important are public awareness and education on risks and good practices. Lastly, cryptography is fundamental for data protection: here at ULB, we are conducting research on the analysis and development of new cryptography protocols in order to protect the information transmitted over a network. This is an important issue, and one that students are interested in, as evidenced by enrolments to the inter-university master in cybersecurity, which we have launched in September of 2016.