The first quarter of 2013 saw an increase of cyber-attacks in Denmark while a number of Danish websites have also involuntarily functioned as platforms for other virtual assaults, according to a new report.
The report (read it here, in Danish), from the military intelligence service Forsvarets Efterretningstjeneste's Centre for Cyber Safety, evaluates the current online security situation in Denmark. It showed, in particular, a marked increase of so-called DDoS (Distributed Denial of Service) attacks on websites in Denmark. In short, DDoS attacks send a massive amount of queries to a website at the same time in order to flood the system and render it unavailable to genuine users.
DDoS attacks in Denmark have been aimed at media companies, private businesses and public institutions, as was the case recently when a 15-year-old boy shut down local government association KL’s website. The NemID system was shut down in a similar attack at around the same time.
Thomas Lund-Sørensen, the head of the Centre for Cyber Safety, said in a press release that the rising number of attacks underlines the importance of Danish authorities and businesses being aware of their security.
“A cyber-attack can have huge consequences for a company, and technological advances allow attackers who don’t even have great technical expertise to paralyse a company’s website or mail system,” Lund-Sørensen said.
But it’s not just DDoS attacks. The report also details the problem known as Advanced Persistent Threats (APT), groups that engage in persistent and targeted attacks.
According to a report from American-based consultants Mandiant, APTs primarily stem from hacker groups based in China, but the Centre for Cyber Safety has discovered some Danish IP-addresses that have been used for spreading malware and as temporary storage depots for stolen data.
“It is worrying that Denmark is being used as an attack platform for cyber-attacks. We have seen before that infected computers are utilised for massive overload attacks on American banks, but now we’re also seeing signs that cyber spies are using infected Danish servers for the intermediate storage of stolen data,” Lund-Sørensen said.