On the morning of 16th of July, 2023, the Norwegian company, TOMRA, discovered it had been subjected to a cyber-attack that affected one of the company’s data systems. To stop the attack, the systems were shut down. An IT team made of both inside and outside experts worked ceaselessly to find alternative solutions and to restore the daily function of the network. The affected systems remained offline until they could be safely operated. The initial investigation uncovered that it had been an ongoing cyber-attack that infiltrated the systems through TOMRA’s user accounts, which were eventually compromised. TOMRA Security Operations identified a series of tools and methods that were used to deliver the attack.
On the eve of the 18th of July, 2023, ORTIVUS systems with over 30 years of activity in the field of cardiology and medical technology, one of the leaders on the e-health market that supplies products in various countries were the victim of a cyber-attack that affected the systems of their clients in Britain and Sweden. Patient electronic records were becoming available offline, and managed manually. No patient was directly affected. No other system was attacked and no other client, besides those in the above-mentioned system was affected. ORTIVUS has been working closely with the clients whose data was stolen, to restore the system and recover it. The affected customers are those who use MobiMed and ePR, electronic patient registration systems. At this time, the author of the cyber-attack is unknown. The incident was reported to the authorities.
On the 18th July, 2023, Estée Lauder Companies Inc. (NYSE: EL), the USA branch, discovered a cyberattack that involved a third unauthorised party that accessed some of the company’s systems. Once it became aware of the incident, it deactivated some of its systems and quickly started an investigation, under the close supervision of top cyber-security experts. Following the investigation, the company believes that the unauthorised party stole some of the company’s data and is working on figuring out what the data will be used for.
On the 19th July 2023 the British airports were targeted by several Russian hacker groups. The London airport website was affected before 15:00. Shortly after Anonymous Russia claimed they had launched a similar attack on the airport in Birmingham, even though it remained functional. An airport spokesperson stated that “several people reported that our website was running slow this afternoon. We are currently investigating the matter”.
On the 19th July, 2023, a group of Russian hackers claimed responsibility for a DDoS attack against the website of the New Zeeland Parliament, saying it was meant as a punishment for the support the Parliament gave the Ukrainian government.
On the 24th July, 2023, the Norwegian government let the media know that 12 of its ministries had been the target of a cyber-attack. It was the most recent attack that hit the public sector of the largest gas supplier in Europe and a NATO member state. This attack was discovered on the 12th July and is currently being investigated by the police.
Erik Hope, the head of the government agency in charge of delivering electronic services to the ministries, stated during a press conference that “we have identified a vulnerability in the platform of one of our suppliers. That vulnerability was eliminated.”
Furthermore, the cyber-attack was identified because of the unusual traffic on the platform of our supplier, as E. Hope highlighted, but provided no further details. Nevertheless, the agency specified that it was too early to point out who was behind the attack, its size and the damage it caused.
However, it is very important to mention that the Prime Minister’s Office and the ministries of foreign affairs, defence and justice were not affected, because they use a different IT platform, as E. Hope later added.
In this context, we must highlight that Norway is not only the largest gas supplier in Europe – once the Russian gas supply diminished significantly – but also the largest oil exporter in Western Europe.
Norway’s state sector was the subjected to cyber-attacks several times, including in June 2022, when a so called DDoS attack took place, that was attributed to a “pro-Russian criminal group”.
On a different note, we must not forget the fact that Norway, a NATO member, shares a border with Russia, in the Arctic and supplies Ukraine with weapons, humanitarian aid, and financial resources.
The most recent risk evaluation report, published by the cyber-security agency in this country, in February 2023 shows that during 2019 and 2021 the number of cyber-attacks tripled, and in 2022, the number of major incidents was similar to the one in 2021.
For example, during the first semester of 2023, there was an increase in the number and intensity of DDoS cyber-attacks, as compared to the past two years:
In 2021, the capacity of the DDoS attacks went up to 300 GB/s.
In 2022, the capacity of the DDoS attacks went up to 650 GB/s.
In the first semester of 2023, the capacity of the DDoS attacks went up to 800 BG/s.
The alarming increase of 50-100% of the volume of DDoS attacks highlights the ever-changing complexity of the cyber-attackers, and the tools they use, which are more powerful and more sophisticated.
The data shows that companies need to invest in strategies and solutions to diminish DDoS attacks, to protect their networks, systems and client data. Ignoring these evolving threats can cause costly losses, physical and psychological damage, distrust among the clients and security breaches.
Hence, we must highlight that the European Union reaches a joint agreement to adopt a cyber-resilience act, that is the EU member states agreed on implementing a solution that meets the security needs for digital products.
To make sure that the products which contain digital components – products such as video cameras, smart refrigerators, TVs, toys – are risk free before they reach the market, the representatives of the EU member states have found common ground and drew up the piece of legislation that deals with the cyber security needs for the products that have digital components (a cyber-resilience act).
In this context, Carme Artigas Brugal,[1] State Secretary for Digitalisation and artificial Intelligence highlighted that “we must celebrate the agreement the Council reached. An agreement that promotes the EU’s commitment towards a single, safe and secure digital market. The IoT[2] and other interconnected objects must come with a series of cyber-protection elements when they are sold in the EU, making sure that businesses and consumers are effectively protected against cyber threats. This is an essential cornerstone for the Spanish Presidency to the EU Council (01.07-31.12.2023) and we hope to move forward and start negotiating with the EU Parliament.” We must not leave out the fact that Spain holds the Presidency of the EU Council for the fifth time.
As a conclusion, we must highlight that the draft act includes mandatory cyber-security requirements, pertaining to the design, development, production and release of the hardware and software products on the market, in order to avoid overlapping with the requirements included in the domestic pieces of legislation from the EU member states.
The agreement reached by the Council (“negotiation mandate”) will allow the Spanish Presidency to start negotiations with the European Parliament regarding the final version of the proposed piece of legislation.
[1] Carme Artigas Brugal is a Spanish businesswoman, a well-known expert on Big Data, AI and technological advancement. She was appointed State Secretary for Digitalisation and artificial Intelligence in January 2020. In 2006 she co-founded and managed Synergic Parnters, a pioneer European company specialised in Big Data and AI. The company was later purchased by Telefonica, in 2015, but she kept on managing it. She is the member of the data innovation network for the Data Science Institute of Columbia University in New York, and was named by Stanford University in California the Madrid ambassador for the Conference “Women in Data Science”.
[2] The Internet of All Things is the network that includes all physical objects that contain sensors, software and other technologies, used for connections and data exchange with other devices that are connected to the internet.