SK@UT: Increased number of APT cyber-attacks on Croatian infrastructure

As in the world, the danger of cyberattacks on state bodies is growing in Croatia as well.

“The largest number,” as HRT journalist Šime Vičević said for Croatian Television, “refers to the ministries of defense and foreign affairs.”

“The Security Intelligence Agency detected 14 attacks in 2021, in 2022 this number increased to 19, and in the first five months of this year, 15 attacks were recorded. The key protection system is SK@UT, which was developed by the agency in 2019, and it is the largest project for the protection of Croatian cyber space that covers more than 60 state bodies,” said Vičević.

The conference organized by the Security Intelligence Agency is intended for institutions and companies dealing with cyber security and the academic community, and the director of the Security Intelligence Agency emphasized that the meeting shows "the strategic importance that the Croatian state leadership recognizes in cyber security".

Recalling that in 2019 the Government gave support to the agency to, in cooperation with other bodies of the security-intelligence system, begin the construction of the Cybersecurity Center of the Security intelligence Agency, Daniel Markić said that its construction was only the first step, because the protection of cyberspace requires an active and constant cooperation of numerous government bodies, as well as the academic community and the private sector.

“The center is an exemplary decision of building national capabilities through the synergy of several bodies of the security-intelligence system, and the most visible project for the protection of the national cyberspace,” Markić emphasized, “is represented by SK@UT - a "cybernetic umbrella" that currently protects more than 60 state bodies and legal entities, and it was built by the Security intelligence Agency and the Institute for Information Systems Security.

The Government's decision from April 2021 enabled its expansion beyond the state sector, and today SK@UT also protects operators of key services in the energy and transport sectors and continues to expand towards other sectors of critical infrastructure and towards "those entities whose operations are sensitive for society and the economy".

A good number of APT attacks come from Russia or from groups linked to that country

It primarily deals with protection against state-sponsored cyber-attacks (APT campaigns), but also against blackmail cyber-attacks (Ransomware).

“We manage to detect attacks at the earliest stage,” said Markić, “and in a smaller number of attacks that result in the compromise of information systems, an effective response process to a computer incident is carried out and help provided to the attacked body.”

“SK@UT detected 14 state-sponsored cyberattacks in 2021, 19 were detected a year later, and in the first six months of this year we have already detected 15 state-sponsored cyberattacks. This means that the number of attackers and the number of attacks, but also the number of targets in Croatia, is increasing,” he warned.

In a statement to journalists, he said that the attackers were interested in "all the data available to the state".

“They are particularly interested in NATO and EU members, information from various ministries, such as the Ministry of Foreign and European Affairs, the Ministry of Defense and others,” he said and confirmed that a good part of threats and attacks come from Russia or from groups connected to Russia.

“The key to success in the fight against this is in the sharing of information among the involved stakeholders,” Markić emphasized at the conference, and in this context he also emphasized good cooperation with international organizations.

As a good example of cooperation, he cited the pilot project of the European Commission for the management of cyber crises and major cyber incidents, which the Security intelligence Agency coordinates with the EU Agency for Cyber Security (ENISA).

Through the project, which is 100% financed by the EU, a withdrawal of 1.5 million euros has been secured for building the resilience of the SK@UT community, and the activities are carried out by private Croatian companies selected in the EU tender.

“Croatia is among the three most successful EU countries in the above-mentioned project,” Markić pointed out.

He also announced the transformation of the Cyber Security Center of the Security intelligence Agency into the National Center for Cyber Security, which requires the adoption of a law on cyber security.

In his address to the participants of the conference, Prime Minister Andrej Plenković said that the drafting of the law is in the final stage and expressed his full support for the Security intelligence Agency and security system plans for the development of capabilities and protection of cyberspace.

“After the Russian aggression against Ukraine, all European countries faced increased activity and threats in cyberspace. And this is a serious challenge that we as a country must respond to effectively,” said Plenković.

He added that cyberspace is not only a space for warfare, but also for business and the daily functioning of digital society, and therefore "the role of the state, its security institutions that protect and ensure resistance to threats" is irreplaceable in that space.

Source: HRT