After years of crippling ransomware attacks across the globe, Finland has decided to prepare for the future by rehearsing a massive cyber attack against 235 critical systems across the country.
Preparing for the future of cyber-warfare
Finnish news outlet Yle is reporting that the Finnish Population Register Centre (FPRC) is coordinating an innovative new wargame aimed at thwarting potential hackers by simulating a coordinated ransomware attack against 235 cities and organizations.
Called Taisto19, or (Fight 19), the FPRC simulation features a shadowy group of hackers who demand that organizations and city governments pay bitcoin ransoms or else be subjected to a rash of cyber attacks that lock up systems critical to the organizations' operations.
The exercise began on October 10 after 235 public organizations received a demand from a hacktivist group calling itself #Tietovuoto321 (Data Breach 321) that threatened to carry out a wave of cyber-attacks if the organizations didn't pay a ransom in bitcoin by a designated date.
Since then, the scenario has developed ahead of the so-called "practice days," where the agencies and organizations will see their websites and data servers come under a coordinated attack. So far, there have already been two practice days, with a third day set for next week.
Too many have found out the hard way that the future is already here
Ransomware attacks are on the rise and have quickly become the go-to cyber-attack in a hacker's arsenal. According to Europol's latest Internet Organized Crime Threat Assessment report, published in October [PDF]: "Ransomware maintains its reign as the most widespread and financially damaging form of cyber-attack, while criminals continue to defraud e-commerce and attack the financial sector."
At a cost of more than $1 billion, the cost of ransomware attacks cannot be understated, and the continued vulnerability of many organizations presents a serious risk to organizations around the world.
According to cybersecurity firm McAfee Labs, ransomware attacks saw an increase of 118% in the first quarter of 2019. Fortunately, the greatest vulnerability of our systems is rarely the system, but the people who use them.
"Even with all the sophisticated attack techniques being developed, attackers are still highly dependent on human interaction and social engineering."
Finland seems to have taken that knowledge to heart and is preparing the employees of those organizations most likely to be targeted how to defend the country's most critical data infrastructure against the efforts of malicious actors in the future.