The war in Ukraine has raised the number of cyberattacks to unprecedented heights – the world has entered a new era of hybrid warfare. Hackers assisting hostile states are twice as likely to target critical infrastructure, and Lithuania is one of the front targets. Panayiotis Ioannou, Regional Director for Public Sector at Multi-Country CEE, Microsoft, notes that in some places, institutions still maintain their servers and take risks.
How would you assess the current cyber security situation in Lithuania? Is the risk profile of Lithuania different from other countries?
The war in Ukraine and heightened geopolitical tensions in Central and Eastern Europe, it has re-drawn the threat landscape. Cyberattacks from criminals and nation-state actors are rising in frequency and sophistication. In 2021 – 80% of nation state attacks were directed against governance agencies, think tanks and non-government organizations. Since the cloud provides the best physical and logical security against cyberattacks, Lithuanian government decided to allow using public cloud for governmental needs. Safe in term of physical destruction. A week before the Russian invasion, the Ukrainian government was running entirely on servers located within government buildings. Just days before Russian troops invaded, Ukraine’s Parliament took action to amend its data protection law to allow government data to move off existing on-premises servers and into the public cloud. This in effect enabled it to “evacuate” critical government data outside the country and into data centers across Europe. At Microsoft, we witnessed and supported the speed required for this transition. Digital transformation is widely perceived as the key to business resilience, and cybersecurity is crucial. Microsoft research Digital Futures Index is detecting level of digitalization of 16 European countries with Estonia being one of the leaders in eGovernance, Slovenia being ahead of CEE average in education, Croatia having highest level of digital skills among young in EU, while Serbia is among best countries when share of women in ICT is observed. Exchange of experiences and best practices with neighbours and other European countries can also help Lithuania to accelerate its digital journey and increase level of cybersecurity.
How would you rate overall cybersecurity standing of the Baltic states in the world context?
In the last year alone, the number of estimated password attacks per second increased by 74%. We’ve observed Russian-aligned actors conduct operations against organizations in the Baltics and Turkey – all NATO member states actively providing political, humanitarian or military support to Ukraine. Russian targeting has prioritized governments, especially among NATO members. We remain the most concerned about government computers that are running “on premise” rather than in the cloud. Our commitments to our clients include giving them control of their data, protecting that data, ensuring privacy by design, and fighting for stronger privacy laws and protections. Being an EU member state, Lithuania and Lithuanian companies can use resources from Recovery and Resilience Fund for digitalization and cybersecurity.
How are the numbers of cyber security incidents changing? Are they increasing or decreasing? How is the profile of the incidents changing?
The scale and intensity of cybercriminal activity is increasing. Microsoft processes 43 trillion security signals data every day using AI for predictions and human analyst expertise – 34.7b ID threats blocked, 37b email threats blocked. One in eight European businesses have been affected by cyberattacks and 2 in 5 European internet users have experienced security-related problems. Cybercrime, nation-state sponsored or not, is a threat to national security. The European Union Agency for Cybersecurity – registered a doubling of serious cyberattacks over the year prior, including a 47% rise in attacks on hospitals and health care networks.
What are the main risks we should be aware of?
Hackers don’t break in, they log in. ‘Phishing’ is responsible for almost 70% of data breaches. Cybercriminals are increasingly using automated ransomware to indiscriminately attack organizations of all sizes, in addition to more time-intensive bespoke ‘human’ efforts to target individual companies. Since the onset of the Covid-19 pandemic there has been a six-fold increase in cyberattacks against small and medium-sized businesses (SMBs) – more than half of whom say a successful attack would likely lead to bankruptcy. Security measures that were sufficient a few years ago are no longer enough. Companies need to have a comprehensive and dynamic security strategy. With the right solutions in place, cybersecurity both protects and empowers the business.
Are you observing an increased threat of specific APT groups from Russia, China or other countries? Have they increased recently considering the events in the world?
The cybersecurity world entered a new age, the age of the hybrid war. During the past year, cyberattacks targeting critical infrastructure jumped from comprising 20% of all nation-state attacks Microsoft detected to 40%. Russia was not alone in pairing political and physical aggression with cyberattacks. Iranian actors launched destructive attacks targeting Israel. As North Korea embarked on its most aggressive period of missile testing in the first half of 2022, one of its actors launched a series of attacks to steal technology from aerospace companies and researchers around the world. China increased its espionage and information stealing cyberattacks. Good cyber hygiene practices remain the best defence while the cloud provides the best physical and logical security against cyberattacks
How prepared our government and other organizations are? What could be done to protect ourselves?
Every organization needs to install a culture of security. Basic security hygiene still protects against 98% of attacks. Strong prevention and rapid response limit the potential damage an attacker can inflict before detection, and reduces recovery time. Microsoft’s approach brings every aspect of modern cybersecurity – technology, threat intelligence and human expertise. Additionally, all our products and services are built from the ground up with security-by-design, which helps deliver defence in depth. With increasing threats and an accelerating shift to a digital-first economy, the need for skilled cybersecurity professionals has never been higher. LinkedIn data shows demand for cyber-skills in Europe has grown by an average of 22% over the last year alone But while the demand is on the rise, cyber-skilling has not been keeping pace. Europe has a shortage of 199,000 skilled cybersecurity professionals. To close this gap, public and private organizations must work together to rapidly train the next cohort of cybersecurity professionals. Microsoft recently launched a new service to give customers direct access to our specialists to augment their own teams working on security, compliance, identity, management, and privacy. And our 35,000 partners and independent software vendors (ISVs) in CEE bring additional deep industry-specific know-how.
How does Microsoft itself solve the vulnerabilities in its platforms? Windows RDP and SMB protocols were one of the main vulnerabilities that threat actors have used in the past – how those are being addressed?
Microsoft is the world’s leading cybersecurity company, serving billions of customers globally. We employ more than 8,500 security experts and are investing $20 billion in security innovation and product development over next four years Our cloud-based services enable security teams able to stay ahead of threats, rather than playing catch up. Productivity goes up as employees can focus on their work rather than worrying about security. Microsoft’s modern cybersecurity approach is built around three pillars: Security-by-design, Zero Trust, Threat intelligence. We formed the Digital Crimes Unit (DCU) in 2008 – an international team of thousands of technical, legal and business experts tasked with fighting cybercrime and safeguarding the integrity of Microsoft services. Our expertise and unique insights into online criminal networks enable us to uncover evidence used in our criminal referrals to law enforcement. Microsoft offers a comprehensive portfolio of security skills training, which is designed to help customers accelerate their security adoption (from Identity & Access Management and Threat Protection to Compliance and Cloud Security).
What cyber security related things have surprised you the most in recent years? What surprises should we expect and prepare for in the future?
Digital technologies help the public sector gain agility to increase productivity, reduce costs, and deliver services more efficiently (Cloud); and make real-time, data-driven decisions to meet community needs (Big Data and AI). Digital transformation enables the public sector to shift from anticipating citizen and business needs (citizen-centric approaches) to empowering people to determine their own needs and meet them in partnership with their government (citizen-driven approaches). Cybersecurity is the foundation for digital progress. It gives business leaders confidence to embrace the shift to the digital economy. With the world going online – the “sphere of crime becomes bigger”, and cybercrimes are getting more sophisticated, and will continue to do so. Microsoft’s experience driven by more than 40 years of public sector partnership is helping Lithuanian institutions now, and we aim to continue to do so.
For business to be sustainable and prosper the communities it serves must also prosper. Sustainability and accessibility are only few areas in which tech can unlock solutions that empower every person on to do more.