Phase of Uncertainty Declared for Cyber Security in Iceland
For the first time ever, CERT-IS, Iceland’s computer emergency response team, declared a phase of uncertainty for cyber security in Iceland yesterday, mbl.is reports. The reason for doing so is that an Icelandic company, involved in colocation hosting, recently was the victim of a DDoS attack, followed by a blackmail email.
DDoS stands for distributed denial-of-service, meaning that an attempt is made to disrupt the normal traffic of a targeted network by overwhelming it with a flood of Internet traffic. As a result, service to clients is cut.
A statement from the Icelandic Post and Telecom Administration, under which CERT-IS operates, explains that blackmail emails invariably follow such attacks, along with threats of a larger attack if the amount is not paid.
Such threats are not new, but until now, the ones CERT-IS has dealt with have proven baseless. Indications from foreign collaborators of CERT-IS do, however, suggest that the group behind this particular attack has the capacity for attacks of the magnitude it threatens.
For this reason, the uncertainty phase of the cyber industry has been activated. As a result, CERT-IS will contact the country’s main telecommunications- and colocation hosting services on a regular basis to share information related to cyberattacks.
CERT-IS advises companies and institutions to report threats right away to email@example.com. Should a blackmail email be received, it is not recommended that a ransom be paid.
In an interview with Morgunblaðið today, Hrafnkell Viðar Gíslason, director of the Icelandic Post and Telecom Administration, states that the number of cyberattacks has increased tremendously in recent years and that the problem continues to increase. He estimates that more than ISK 10 billion (USD 72 million; EUR 61 million) is lost to cybercrime in Iceland a year.