A number of European Union institutions — among them the European Commission — were the target of a “significant” cyberattack last week, Bloomberg reported on Tuesday (April 6). A commission spokesperson told the news organization that several EU bodies were attacked in an “IT security incident,” although the investigation is still too new to offer up any conclusive information on the nature of the attack.
“We are working closely with CERT-EU, the Computer Emergency Response Team for all EU institutions, bodies and agencies and the vendor of the affected IT solution,” the spokesperson said. “Thus far, no major information breach was detected.”
However, the attack was larger than the typical attacks that hit the EU, and large enough to alert senior officials for the commission. A source told Bloomberg that the EU had recently gotten a warning about possible phishing attempts. Phishing scams more than doubled last year in the U.S., according to data from the FBI, from 114,702 in 2019 to 241,342 in 2020.
The news of the EU attack follows reports of two other recent cyberattacks. In March, the European Banking Authority said its systems might have been compromised in an attack on Microsoft email software that came out of China and exposed tens of thousands of organizations. Last year, the U.S. government was targeted by suspected Russian cyberattackers during a breach at the SolarWinds Corp.
The COVID-19 pandemic has exacerbated conditions that leave organizations vulnerable to cybercrime. PYMNTS reported last year on a talk by former NSA head Michael Rogers, who said that the increase in the number of remote workers has given cybercrooks a much larger victim pool. “Remote access is being executed on a level that is nowhere near the historic norms of the past, and that’s pretty much across all business sectors,” he said, adding that the fact that employees use the same devices for personal and work use only makes things worse.