In the Parliamentary Control Committee, the Deputy Minister of Innovation, the Auditor General, representatives from the Ministries of Finance, Land Registry, Commissioner of Communications, Digital Security Authority, University of Cyprus, and Open University of Cyprus are gathering to discuss the economic consequences of recent cyber attacks that have paralyzed state services.

Essentially, as Brief reports, the Parliamentary Control Committee seeks to be informed by relevant authorities about the impact of the recent cyber attacks on the economy. However, at the same time, the Land Registry, which faced the greatest problem and affected a large number of businesses and citizens, does not yet have the data that demonstrates the actual economic repercussions.

It is worth noting that the Land Registry, the University of Cyprus, and the Open University all experienced significant attacks in the recent past.

According to a reliable source from the Land Registry Department, the data analysis for the first semester of 2023 has not been completed, making it impossible to compare it with the corresponding period in 2022 to draw accurate conclusions. The same source mentioned that individuals and businesses were certainly affected by the cyber attack that crippled the Land Registry Gateway for several days in March and April. However, even this data cannot be accurately calculated.

Meanwhile, according to a reliable source from the Digital Security Authority, the cyber attacks observed in Cyprus did not suddenly emerge in the recent period, nor do they occur with significantly higher frequency than in the past. However, the result of some cyber attacks has become more apparent now. Generally, there is a gradual upward trend, but numerous attacks occur daily, as described by the source.

The same source noted that there is no specific government agency targeted. Any agency can be attacked, which is why it is of utmost importance to provide appropriate protection and fortification of infrastructure and services, prevention measures, and strengthening the ability to respond to incidents, as outlined in the cyber security framework established by the Digital Security Authority through secondary legislation.

Furthermore, it should be mentioned that the most severe attacks in recent times are primarily those that have come to light because of their significant impact economically and socially.

The Digital Security Authority reveals that attacks manifest in various forms, including the well-known ransomware as mentioned above, as well as others aimed at information exfiltration, information and service access restrictions, and even data manipulation. To address these threats, the Digital Security Authority has introduced a robust cybersecurity framework, designed to empower critical entities, as well as any other entities seeking protection and adopting a holistic approach in recognizing and safeguarding their infrastructures, information, and services. Its objective is twofold: to prevent attacks and to mitigate the impact of any successful breaches by facilitating swift recovery and restoring normal operational functionality.

Concerning the involvement of private companies in responding to severe cyber incidents, the Digital Security Authority emphasizes that such collaboration is a fundamental aspect of crisis management. Private entities play a crucial role in fortifying relevant infrastructures and services prior to, during, and after incidents happen. These entities may encompass external partners, suppliers, or providers of specialized services, among others. Moreover, to ensure a prompt national response, the Digital Security Authority has established the National CSIRT (Computer Security Incident Response Team) as an integral component of its operations. Operating around the clock, the National CSIRT offers incident response and management services to critical entities. Collaborating closely with public and private sector entities, the National CSIRT strengthens security measures and upholds a high level of national cybersecurity.