Vienna/Austria (6/1). The Austrian government security structure, or lack thereof, once more is in the news. Following the coup against the Conservative-Right government which experts say is a new gold standard for how to bring down an elected government without firing a shot, in a bizzare plot intersecting the criminal and the intelligence world, the discovery of Russia recruiting an army officer in charge for strategic infrastructure projects since 1983, the scandal of the Office for the Protection of the Constitution and Counterterrorism (BVT) being used for party-line intelligence, and the raids and counter allegations, reports of obvious and blatant flaws in rudimentary IT security within the internal intelligence department, the next on the list the cyber attack against the Foreign ministry.
Trust eroded or Intelligence at work?
In May 2019 the German security service warned the Austrians intelligence services can not be trusted. The Telegraph wrote, Austria has been excluded from the Club de Berne, Europe’s intelligence sharing forum, for the best part of a year, the head of the country’s domestic intelligence service admitted in April 2019. But the German parliaments president did not rule out some intelligence services machinations in the works.
Concerns among Austria’s allies are believed to centre on the close relationship between Russia and the Freedom Party, Mr Kurz’s coalition partner, which had oversight of the intelligence services as it controls the interior and defence ministries.
A short history of cyber attacks in the Alpine republic
The attack followed a cyber attack against a construction company in March 2019. Porr detected a cyber attack on its communication infrastructure on Thursday and its telephone lines and emails were disrupted. Porr is an expert for the tunnel industry, tunnelling, foundation engineering, railway construction (national and international), pipeline construction, civil engineering, power plant construction and major civil engineering projects. Project includes Turkey, Qatar and Saudi Arabia. Expert now do not rule out the possibility of this was a test run.
In 2017 a Turkish hacker group attacked the parliament. Aslan Neferler Tim (ANT), or Lion Soldiers Team, whose website says it defends the homeland, Islam, the nation and flag, without any party political links, claimed the attack, a Reuters report claimed.
Hackers were in 2016 responsible for a loss of 42 million Euro loss to a Austrian aerospace company. A Chinese citizen residing in Hong Kong was arrested at the time. FACC fired its chief executive and chief financial officer after the attack, which involved hoax emails asking an employee to transfer money for a fake acquisition project – a kind of scam known as a “fake president incident”.
Weaponization of the digital & Reforms are needed
This is largely due to the lack of security awareness. The Austrians blase attitude towards security is based on a public ignorance and the leftist agenda by society ingrained in the halls of power in Vienna.
The cafe house, Balkan like attitudes by the Austrians having returned to a leftist government with the conservatives to regain total power with the leftist greens is leaving many wondering if the popular boyish chancellor of the Alpine republic is up for the job.
His political flip-flopping from left wing to right wing is unsettling many view the Green another extension of leftist politics. Reports suggests the cyber attack commenced once the Blackish-Greenish coalition was announced.
The Austrian and foreign intelligence community is at a loss. Many argue that domestic intelligence service is in urgent need for reform. “The ghosts of the Rennweg kaserne need a serious overhaul. It seems it can not shake the ghosts of Dostal”, naming a infamous criminal which escaped from the police barracks that houses today the counter terrorism agency, said a British security experts with a grin.
A former Foreign Service officer remembers the prevailing attitudes in the diplomatic service, “Anyone who suggested in the ranks to improve security in protecting the secrets of the state was dismissed as suffering from a “007”-complex.”, he said, “Many shut up or left the diplomatic service in disgust.”.
He added that the attitude ‘we don’t have any secrets’ was often heard in the rather naive approach to protecting the Alpine republic.
The latest cyber attack some reporters commented the “website of the ministry was working”. A US-based cyber security specialist laughed, “It is amazing the lack of concern by elected officials”, she said, “State actors do not bother about hacking a website. This is child’s play. The interests are geopolitical and domestic.”, he added.
“If the recent Strache affair is not a lesson the popular chancellor Kurz needs to bear in mind what happened to Strache can be easily replicated against the Kurz administration.” Time will tell.
Diplomats, Spies & Global interests
The lax attitude of the cyberattack against the Alpine republic poses the question what is the damage, what is the economic loss to the government and what will be done to protect society. Which is the ultimate question to be posed.
Attacks against the Austrian diplomatic service is an indication the foreign state actor given the Alpine republic the attention it does not think it deserve.
“Many voices on the left ranted against the intelligence restructuring but they forget that Najim Laachraoui, one of the Paris airport bombers was stopped on the Austrian-Hungarian in September 2015 and let go.”, one expert noted. “Detaining the suspect and interviewing would perhaps provided clues of the Paris attacks even preventing the horrific terror attacks in Paris. But we never know.”
“Like the Belgium security services the political elites in the Alpine republic are displaying naivety and shoulder shrugging over the incidents. They view in Vienna is as long as it is not our problem we don’t need to bother.”, is frustrating many in the national security circles.
“Western intelligence services often forget the Austrians are bound by the Constitution of 1955. This is maybe today uncomfortable to U.S. or other western interests. But regardless of what their views are, we must uphold the protection of our citizen, lifestyle and our interests.”, an informed insider in Viennese politics said.
The economic loss to Austria following the Strache scandal is going in the billions of Euros. The Russian penetration of the Army shows the strategic orientation of foreign intelligence collection efforts targeting the Army.
The modernized version of the M-109 howitzer sold by the Austrian to an Baltic state was of interest. Besides the economic loss the understanding of technology in particularly in counter-battery fire is of interests of the Russians. Spying does kill. So is the legere attitude to prosecution of the officer being released leaving many in the intelligence community in shock. The local court ruling was overturned and the officer incarcerated.
“Great”, said an Chinese diplomat interviewed, “if an agent is not prosecuted by his or her country for spying against the interest of his state we only will continue to recruit more of his kind”, he said. The lack of strong political response in both the Army scandal and the Strache black bag job and now the cyber attack against Austrian diplomacy is posing the question are we at war in the shadows?
Many cyber expert think we are.
Cyber war, No child’s play
The attack against the Austrian foreign ministry is not unique but likely a consequence of a series of actions. But reviewing the long list of cyber attacks shows the cyber attack is not unique. And usually bolting when the horse fled is seldom the fix to a deep, rooted problem.
- Tennessee-based hospice notifies patients and next of kin of cyber attack (unknown)
- ‘Silence’ hackers steal more than $3 million from banks in Bangladesh, Sri Lanka and Kyrgyzstan (unknown)
- Hackers steal names and Social Security numbers from Maryland Department of Labour (78,000)
- Croatian government targeted by mysterious hackers (unknown)
- Philadelphia Federal Credit Union confirms security breach (unknown)
- State-sponsored hackers breach Greece’s top-level domain registrar (unknown)
- Chinese job recruiting site hacked, with CVs for sale on dark web (160,000)
- Los Angeles Co. Department of Health Services email hacked exposing patient data (14,591)
- ME-based Penobscot Community Health Center says it was affected by AMCA hack (13,000)
- Japanese cryptocurrency exchange Bitpoint loses $32m in cyber attack (unknown)
- Crooks steal Bulgarians personal details and email them to local media (5 million)
- US telecoms company Sprint says it was breached via vulnerability in Samsung website (unknown)
- University of Alabama discovers 10-year-old account breach (1,400)
- Pennsylvania-based software firm and healthcare provider accuse each other of data theft (unknown)
- TX-based Wise Health reports data breach caused by phishing attack (35,899)
- OH-based Edgepark Medical Supplies notifies patients after a ‘password spray attack’ (6,572)
- Computer files at Bahamas’ Ministry of Tourism corrupted by virus (unknown)
- Taiwan’s 1111 Job Bank says online customers details were hacked by “tomholland” (20,000)
- South Carolina’s Midlands Technical College breached by virus (unknown)
- Hackers publish list of Discord credentials they accessed in phishing scam (2,500)
- Hackers breach SyTech, a contractor for Russia’s national intelligence service (unknown)
- Henry Co., GA, networks offline for five days after malware attack (unknown)
- Lancaster University students caught out in phishing attack (unknown)
- Alabama-based school says its systems have been wiped out, but won’t confirm whether ransomware is to blame (unknown)
- Hackers target the City of Concord Anson County and Lincoln County Sheriff’s office in overnight attacks (unknown)
- LAPD officers and applicants stolen by hacker (20,000)
- What’s been taken from your wallet? Capital One says credit card applicants’ data stolen (100 million)
In Singapore, the armed forces data was breached, so was the SingHealth data breach. According to a government report, the key technology “risk man” at IHiS – cluster information security officer Wee Jia Huo – displayed “an alarming lack of concern” when it was clear that a critical system had been potentially breached.
Loke Kok Fai of the Channel News Asia wrote, “..According to MINDEF, the attack originated online and not from an SAF camp, and the aim was to gain access to official secrets.”
“The attacks were targeted and well-planned. Based on our investigations, they are not the work of casual hackers or criminal gangs,” said MINDEF’s deputy secretary for technology, David Koh.
Google – in 2009, the Chinese hackers breached Google’s corporate servers gained access to a database containing classified information about suspected spies, agents, and terrorists under surveillance by the US government.
A quick Wiki search listing data breaches shows the reach and depth of cyber attacks as result of poor security, insider jobs, and hacking.
It perhaps it is time the Austrians get their act together. So far the Alpine Republic descends to the level of a leftist Banana republic.