About the project
In the past few years, newspapers have increasingly reported that computers from organisations and governments are being attacked.
The attacks on computers are called “cyber attacks.” This website contains lots of information about different types of cyber attacks and who attacks whom.
This page will answer these questions:
– What are cyber attacks?
– How do these attacks work?
– What are the opinions about them?
– When do cyber attacks stop? When do they become less or more dangerous?
– What do the people who work for the project do?
Attacks on computers are special attacks: they use the exchange of data via the Internet. They are called cyber attacks because they take place in cyberspace, an artificial space created by the connection between many computers. This means that attacks in cyberspace only occur when a person, a company, or a state uses the Internet.
More and more people, businesses, and countries use the Internet. The more the Internet is used – for example, to get directions to the movies – the easier it is to break the connection between users.
With many computers, it is possible to block access to a website if many people go to the same website at the same time. It is like a traffic jam, but on the Internet. These attacks that block the use of a website are called DDoS attacks.
It is also possible to gain access to a computer in order to steal data. This is called data theft. Often, no one notices the intrusion, or it is not noticed until much later.
When states steal data from other states, it is called cyber espionage because the data is not only stolen, but used against the victim.
If the stolen data is embarrassing to the victim, it is called “doxxing,” an English word. Many words in computer language are in English.
Often, the attackers send e-mails to their victims that are fake. The victims open an attachment to the e-mail or a link in it, and the attacker can then find a loophole to enter the computer.
Once the attacker is in, then they can open many other paths in the computer and use the computer for themself. To do this, different small programmes can be used that cause damage. These programmes are called malware. The victim might not even notice the programmes or damage.
The attacker can not only block access or steal data and publish embarrassing data. They can also destroy data on the computer.
If the computer is important, for example, to control a power plant or air traffic, then an attack can be very dangerous. These attacks are called critical infrastructure attacks because many people, businesses, police, and governments depend on them.
Many people and states are against cyber attacks. They are afraid that data could be stolen from them or destroyed forever. Because more and more people and machines are connected to the Internet, it is easy for criminals to find new victims.
These people and countries want safe exchange of data between computers: this is called cybersecurity.
People and machines need to be better at protecting themselves against malware. They can do this by maintaining the computer’s programmes, for example by using small backup programmes (“patches”).
Many companies are afraid that their competitors will steal data to gain an advantage. For example, attackers might use customers’ information to withdraw money from banks.
That is why many people and companies are calling for the state to do more to combat cyber attacks. Police and intelligence agencies should have more rights to track down attackers’ computers. Sometimes they might also have the right to attack the criminals’ computers.
When it comes to cyber attacks with major consequences, such as against nuclear power plants or water supplies, the police or military can have the right to destroy the attackers’ computers.
Some countries, including China and Russia, think cyber attacks are not the biggest problem. They fear that the information that enters their societies through the Internet is more dangerous. They therefore call for restrictions on certain information. They have also already built large filters on the Internet so they can control information flow in their states. They call for information security, not cybersecurity.
States that want cybersecurity and states that want information security argue in the United Nations over what the rules should be.
These debates are also about people who know a lot about computers, and use that knowledge against other people’s computers. These people are called hackers.
Some states hire hackers to attack other states’ computers. The victims often don’t know that they were actually attacked by another state.
In general, cyber attacks are very hard to detect. A victim might not immediately know who did or commissioned the attack. If you don’t know who the attacker was, it is difficult to find the person responsible and punish them. Many cyber attacks are therefore not prosecuted or reported.
Since very few attackers are found and punished, more people with computer knowledge dare to make cyber attacks. So governments, companies, and people need to get better at detecting cyber attacks, because only then might these attacks be better prevented.
What is interesting is that, while there are quite a few attempted attacks between states, not all of them are successful. Of the successful attacks, most are not very severe. Researchers have different explanations for this: one is that people, companies, and states have become better at defending themselves from attacks. One example is Ukraine in the war with Russia: many experts say Ukraine has good cyber defences.
Other researchers say that governments that want to attack other states are afraid of the consequences if their attack is discovered. If the attackers are discovered, then the victim could attack back. However, if the attacker is not well-protected from counterattacks, then it will not attack as strongly.
Also, many experts believe that cyber attacks are not so dangerous because states could shut down the Internet if they become very dangerous.
The people who work for this project sit in front of computers in Innsbruck (Austria), Tallinn (Estonia), Berlin (Germany), and Heidelberg (Germany) and observe how many cyber attacks there are every day.
They investigate the attacks: what malware was used, or who could the attacker be? Which companies dealing with cybersecurity report about what new malware, or which experts say what on Twitter about cyber attacks? Which governments, companies, or even individuals say they were attacked? Who do they hold responsible?
People want to find out if the attacks are becoming more frequent, if they are getting worse, and how Europe can better protect itself. So the people working for the project work with many other researchers in European countries.
They publish their results on this website: through graphs and tables showing the number and type of attacks (theft, destruction, access blocking, etc.). They also write about suggestions for improvement or explain which rules apply.
The project is financially supported by the German and Danish governments. However, the researchers decide for themselves what they want to research. They also freely give their reasoned opinions as to why there are more or fewer attacks.
They want others to know more about cyber attacks so they can help people, businesses, governments, and the media deal with them. The project is called the European Repository of Cyber Incidents, EuRepoC for short (pronounced Yurehpock).