2 minutes agoMinistry of Internal Affairs cyberattacks
Periskopi(4 years ago)
(4 years ago)State institutions in the country have recently been the target of cyberattacks, which had many of these warnings of bomb blasts. But ministries in Kosovo currently seem to be calm as regards cyber attacks of dangerous species, but cyber attacks on these state institutions have taken place, and [...]
But ministries in Kosovo, currently appear to be calm in terms of cyber attacks of dangerous species, but cyber attacks on these state institutions have taken place, namely, their goal has been the Ministry of Internal Affairs.
For Infocus Journal from MPBs, they have confirmed that there have been several cases of such attacks of type “Phisting”, but that there was no serious damage to their system from these attacks.
We're informing you that we've had cyberattacks of the type halving, but we haven't had any cyberattacks that have endangered infrastructure and we haven't had any damage to those attacks, even though phishing-type attacks are frequent. We inform you that we use some cyber security systems for cyberattack protection”, says the Ministry's response.
While from the Ministry of Education, Science, Technology and Innovation, they have declared that they have not been victims of any such attacks on the government's mandate.
We didn't have any cyberattack in August, it was briefly their answer, not giving any more details.
Also, the Ministry of Foreign Affairs has denied having been the target of cyber attacks on their systems. This ministry has also told of protective forms applying for these dangers.
There was no system that was managed by the Ministry of Foreign Affairs and Diasporas. The MPJD consistently applies cyber security policies, ranging from access to systems to auditing services with relevant cyber security tools.
Nor, the Ministry of Health, has been the target of these attacks in the last year. At least that's what they have stated from the Information Office, where they point out there have been problems of various technical issues, but are not described as cyber attacks.
We have no cyberattack data on our site in the last year. There have been problems of technical nature from time to time, but we have no reports of cyberattacks. We have a website hosted in ASHI and whatever the problem is, we look for help and security. S.H.I.S. ”, have stated by this minister.
The newspaper Infocus has been trying to get answers from other ministries in the country for months and the state of these institutions with cyber attacks, but despite many insistences, not all have expressed readiness to speak in this regard.
Cyber security in state institutions, what should be done in this regard?
Cyber-related acquaintance Halil Berisha has told Infocus Gazette that such attacks, taking into account the political situation in the world, are on the rise.
As for security in Kosovo institutions, according to him, there must be training, as well as cyber security education, and especially in systems used by public institutions should be more advanced in order for hackers to have more difficulty attacking or punishing sites.
More specifically, he said there should be national strategies for protection from such attacks.
So far we've lacked a real strategy for this job, public institutions have worked and continue to function with non-safe systems, until cyber security training on staff takes a long time. Mostly, senior staff training, and with no detailed training”, Berisha has said.
He has also shown from which groups such attacks usually come?
According to him, certain groups of hackers engage or even create unofficially from these countries.
“Such cases are largely made by countries like Russia, China and Iran. The attack on public institutions and especially ministries usually has two goals, the theft of information on their servers, and the disruption of jobs and services offered by these institutions. The fresh case is the attack on the Ministry of Defence in Ukraine, shortly before the start of the war, where the possibility is that secret military and logistical information has been obtained”, Berisha declared for Infocus.
Why are institutions in Kosovo also at risk of increasing cyber attacks in the world?
Cybernetic Security expert Mentor Hoxhaj has raised the alarm that Kosovo too is threatened by increasing cyber attacks in the world. That's because our country shares the same cyberspace.
The community's recent cyber security reports indicate continuing attacks on state institutions by Russian hackers allegedly referred to the group “K ILNET” At the European and international level, in principle, state institutions are the target of hacker attacks. We share the same cyberspace with other parts of the world, sharing and the same risk”, has been expressed for Infofocus. According to him, these are the institutions in the country that need to be more concerned with these issues.
“Government; The Ministry of Internal Affairs (in which is the National Council for Cybernetic Security), M. The economy (as policy map for ICT) and ARKEP (in the framework of which CERT is) are key carriers”, Hoxhaj has indicated.
What is the “Phisting” attack the institutions in the country are facing, namely, the MPB?
The two cyber security field connoisseurs have indicated about Infocus of the type of attack known as “Phsing), aimed at accessing the system and accessing data.
The first issue hackers target is to get access to the system. This is mostly done through Phishing or Scomming, which are part of “Social Engineering”, which uses the actual non-edification of staff. Through these, credentials are also obtained and access to the system, or various mares are installed, which continue to stand within the system and communicate quietly with hacker groups. Another often used attack is DDOS (Distributed Denial of Service) which indefinitely puts it out of the function webzon”, Berisha has declared.
According to him, this type of attack “is part of “Social Engineering”, aimed at getting credentials. So this is from the first steps to get access to the system. It's mostly done through emails, where an email is professionally modified and sent to officials working at a certain institution. These emails seem very innocent, as if they were sent to a friend, a state official, a public institution, banks, etc. So reliable institutions. Mainly on these e-mails is one or more of the established links or some document that looks secure but that the aim is to steal credentials, which the attacker then uses to break into the system”, he added.
While Hoxhaj type of attack “Phisting” explains it this way.
“Simple type of attack, where the victim “is enabled” to provide his/Sare credentials. The victim thinks it's on the legitimate page, but it's actually a cheating site, that's where it's recorded. Giving emajli and password, but in this case he gave the enamel and the password to cheats / revengers. Phishing is usually combined with social engineering, since the attack becomes more dangerous and more successful”, Hoxhaj explained for Infofocus.
We remember that during this week in our country, cyberattacks had two institutions of middle and higher education.
One of these attacks took place at Pristina University “Hasan Pristina”, as well as the other has occurred at the school “Germany Doda” in Pristina, where through an email it has been warned of the possibility of an explosion of a bomb in these two institutions.
And both cases according to Kosovo Police research have resulted in false announcements.
