Raise the alert level due to cyber attacks
Harpa Concerthall where the European Council Summit is held for the 4th time since the Council was founded in 1949. mbl.is/Arnþór
The National Police Commissioner in coordination with the CERT-IS and the Directorate of Communications have declared an uncertainty level of civil protection over cyber attacks that can be linked to the European Council summit currently taking place in Reykjavík. This is reflected in an announcement from the Department of Civil Protection and Emergency Management, which earlier reported that the websites of public institutions were down because of the attacks.
The announcement states that in the lead-up to the European Council Summit, there has been an increase in cyber attacks on Icelandic hosting parties, companies and institutions. The Directorate of Public Security and the cyber security team CERT-IS have cooperated closely in the lead-up to the summit and have been monitoring the situation, but at noon today it was decided to move the work to a level of uncertainty in accordance with the response plan of the Department of Civil Protection and CERT-IS for the protection of the indispensable information infrastructure.
The stress attacks that have taken place earlier today caused a temporary disruption of Internet contacts at a limited number of parties, including the website of the parliament, the Council of Directors and the CERT-IS team. A defence update has been carried out and the relevant websites are being brought to full operational use. The Department of Civil Protection and Emergency Management has stated that the scale and nature of these attacks are in line with what was expected in the run-up to the summit.
At the same time, the continuation of the stress attacks against Icelandic networks and computer systems in connection with the summit is expected to continue. The Russian group NoName057(16) has claimed responsibility for the stress attack and called for reinforcements in order to continue further attacks on Icelandic infrastructure.
It is noted that CERT-IS representatives and Policy authorities have recently met with key actors in network and computer systems management and with those in charge on the ground of sectoral responsibility in the protection of indispensable information infrastructure. Measures have been taken to strengthen the defences to prevent service interruptions, while the need to ensure a high level of security in digital communication continues to be encouraged. In addition, operators and service providers are particularly urged to maintain a high level of security and report suspected attacks or security breaches to CERT-IS as soon as possible.