Year in review: Cybersecurity in 2023

The year 2023 has been extremely eventful, especially when it comes to cybersecurity. Rather than diminishing, the cyber threat has only grown, but fortunately, we can learn valuable lessons from looking back at the events that have unfolded during the year.

This blog post will provide an overview of selected cyber attacks, threats and data breaches from the past year. At the same time, we will reflect on how we can learn from them and apply this knowledge to the challenges of the coming year.

Major cyber attack against several educational institutions

Over Easter, several educational institutions in Denmark's regions of Central and North Jutland were hit by cyberattacks, causing them to shut down their systems and even cancel classes.

The ransomware group Vice Society was seemingly behind the extensive attack, which fortunately was detected and averted before it could do much damage.

Energy sector hit by the largest attack to date

In early May 2023, Denmark was hit by an extensive and coordinated cyber attack that, in the worst case scenario, could have affected the power and heat supply of over 100,000 Danes.

Several factors indicate that Russian state hackers, possibly from the Sandworm group, may have been behind the attack, which, according to a report from SektorCERT, is described as the largest cyber attack in the country's history. Fortunately, the attack was detected in time, the security holes were closed, and none of the companies' customers were affected.

However, affected organizations had to disconnect their systems from the internet to prevent potential damage, which could have led to loss of control of infrastructure, loss of heat and power, and extensive damage.

Although there are indications of Russian involvement, SektorCERT emphasizes in the report that there is no evidence for direct accusations against Russia. However, the report concludes that Danish critical infrastructure is in the spotlight and that cyber weapons are being used against the country's infrastructure.

Despite this increased threat level against critical infrastructure, the Center for Cyber Security has maintained in a recent threat assessment that the threat of destructive cyber attacks against Danish targets is low. At the same time, they warn of the likelihood that hacker groups from foreign states, especially Russia, will continue to attempt to penetrate Danish networks, emphasizing the need for high awareness and measures against cyber threats.

Denmark wins bronze at the European Cybersecurity Challenge

After last year's historic first place, the Danish national cyber team made it to the podium for the second year in a row. This time it was in third place at the European Cybersecurity Challenge (ECSC) in October.

Denmark competed against 29 other countries in the three-day competition in domains including web security, mobile security, crypto puzzles and reverse engineering.

EDC hit by serious ransomware attack

In November, real estate chain EDC had personal and confidential information stolen by the pro-Russian hacker network Black Basta. The hacker group demanded a ransom of 6 million dollars, equivalent to approximately 41 million Danish kroner, which EDC refused to pay.

As a result, Black Basta leaked the stolen information, which included copies of 1,300 people's passports, driver's licenses and health insurance cards, onto the internet. At the same time, information such as phone numbers, email addresses and secret addresses were made public. And so are 100,000 social security numbers.

The attack was the result of human error, as the hackers got hold of a back-up file that had been created by mistake. EDC has subsequently strengthened security to avoid future attacks.

Power hit by DDoS attack on Black Friday

On Black Friday, the biggest shopping day of the year, the electronics chain Power was hit by a DDoS attack. The attack brought down the company's websites across the Nordics as no less than 628 million purchase requests were sent to Power within 40 seconds. DDoS attacks, also known as denial of service attacks, disable systems due to external overload.

The attack is unlikely to be the last of its kind we will see in the near future.

What 2024 are we looking at?

The cyber threat is constantly evolving, and the proliferation of AI in particular has made cyber attacks more advanced, harder to detect and easier for hackers to execute.

In 2023, DDoS and ransomware attacks continued to trend. The threat is aimed at virtually everyone: countries, governments, companies and organizations in the public and private sectors, as well as educational institutions and, not least, individuals are at risk of being exposed to a cyber attack.

However, there are many indications that cybersecurity has also become a major focus area. This is partly a result of increased media coverage and awareness of cyber attacks.

Awareness training and safe behavior is the alpha and omega of workplace security. Because just like in the case of EDC, the vast majority of cyber attacks are still caused by human error. And that can only be avoided by training employees and creating a secure culture. Remember, just as large corporations can be targets for hackers, so can any workplace.

The year 2024 will most likely see much of the same things we've seen this year. Businesses and individuals need to prepare to be more aware of the threat of AI-generated attacks, which are only likely to become a bigger challenge than ever before.