Enjoying our content? Subscribe:
Top 10 Cybersecurity Breaches in Denmark
Learn about the state of cybersecurity in Denmark and the 10 biggest breaches in this country.
Denmark is one of the most digital countries in the world: technologies are actively used by both companies and regular citizens. As a result, they often become targets of various cyberattacks.
According to The Danish Government's National Strategy for Cyber and Information Security 2022-2024, the risk of cybercrime and cyber espionage are the highest in the country.
However, they are ready for those. Denmark has become the most cyber-secure country in 2021. After a significant incident in 2015 and 2016, the country has started creating strategies and plans to secure its governmental structures, businesses, and individuals from cyber threats.
Notably, they created an app 'Mit digitale selvforsvar' ('My digital self-protection') which notifies individuals when they are about to open fishy emails or websites or perform other acts that threaten their cybersecurity.
The country continues and multiplies its cybersecurity efforts every year. For the years 2022-2024, the country invested a total of DKK 270 million (EUR 36 million) in cyber security initiatives.
Let's discover which case made the country so involved in its security and what other significant breaches happened in Denmark.
According to The Danish Government's National Strategy for Cyber and Information Security 2022-2024, the risk of cybercrime and cyber espionage are the highest in the country.
However, they are ready for those. Denmark has become the most cyber-secure country in 2021. After a significant incident in 2015 and 2016, the country has started creating strategies and plans to secure its governmental structures, businesses, and individuals from cyber threats.
Notably, they created an app 'Mit digitale selvforsvar' ('My digital self-protection') which notifies individuals when they are about to open fishy emails or websites or perform other acts that threaten their cybersecurity.
The country continues and multiplies its cybersecurity efforts every year. For the years 2022-2024, the country invested a total of DKK 270 million (EUR 36 million) in cyber security initiatives.
Let's discover which case made the country so involved in its security and what other significant breaches happened in Denmark.
#1 Breaches of the Danish Defense Ministry in 2015 and 2016 Represented a Serious Threat to the Government's Security
In 2015 and 2016, a Danish defense ministry was breached, revealing employees' emails with non-classified documents. As a Danish minister described the attack, it was a serious threat to the government's security. "The information could be abused in attempts to recruit, blackmail, or plan further espionage", the report of the Danish ministry said.
The attack has become possible since the usage of emails went up but the cybersecurity measures were not intact to protect them. Since then, the government has made a lot of effort to protect all its communication channels.
The group APT28, also known as Fancy Bear, was responsible for the attack. They were the ones to hack U.S. democrats' emails back in 2016. They allegedly have ties to Vladimir Putin's administration, meaning Russian authorities.
This exact cybersecurity breach has become the reason why the Danish government decided to invest a lot in their cybersecurity, supporting cybersecurity initiatives and spreading information about individual and business security online.
The attack has become possible since the usage of emails went up but the cybersecurity measures were not intact to protect them. Since then, the government has made a lot of effort to protect all its communication channels.
The group APT28, also known as Fancy Bear, was responsible for the attack. They were the ones to hack U.S. democrats' emails back in 2016. They allegedly have ties to Vladimir Putin's administration, meaning Russian authorities.
This exact cybersecurity breach has become the reason why the Danish government decided to invest a lot in their cybersecurity, supporting cybersecurity initiatives and spreading information about individual and business security online.
#2 Data of 1.26 Million Danish Citizens Exposed Due in the Danish Tax Portal Breach
The Danish tax portal is self-service software where Danish citizens can file and pay their taxes. It is widely used within the country, especially among middle-aged and young citizens.
The software leaked the personal identification (CPR) numbers of 1.26 million Danish citizens. The scale of the breach is huge since it is a fifth of the country's total population. CPR numbers are also used to open bank accounts, get phone numbers, or perform other essential operations. It also contains information about a citizen such as their birth date and gender.
The reason for the leak was a software error. After a user updated their tax information, their CPR number was added to the link and passed down to Adobe and Google. It is most likely that only these two companies got the numbers and they did not commit any fraudulent operations with them.
As soon as the leak was discovered, the developers of the portal fixed the mistake.
The software leaked the personal identification (CPR) numbers of 1.26 million Danish citizens. The scale of the breach is huge since it is a fifth of the country's total population. CPR numbers are also used to open bank accounts, get phone numbers, or perform other essential operations. It also contains information about a citizen such as their birth date and gender.
The reason for the leak was a software error. After a user updated their tax information, their CPR number was added to the link and passed down to Adobe and Google. It is most likely that only these two companies got the numbers and they did not commit any fraudulent operations with them.
As soon as the leak was discovered, the developers of the portal fixed the mistake.
#3 The National Bank of Denmark Hit By a SolarWind Attack
The National Bank of Denmark is one of the most important and biggest banks in Denmark, it issues the national currency, the krone, and keeps it stable. It also has full responsibility for monetary policies.
They were hit by a SolarWind attack in 2020, just like thousands of other institutions and businesses around the globe. Attackers had a backdoor for The National Bank for seven months, until the breach was discovered by an American company.
However, there were no real bad consequences to the breach. It is concluded that the Bank was not a target for the hacker group, unlike institutions in the US. The government responded to the breach rapidly after the breach became known.
They were hit by a SolarWind attack in 2020, just like thousands of other institutions and businesses around the globe. Attackers had a backdoor for The National Bank for seven months, until the breach was discovered by an American company.
However, there were no real bad consequences to the breach. It is concluded that the Bank was not a target for the hacker group, unlike institutions in the US. The government responded to the breach rapidly after the breach became known.
#4 Danish Shipping Giant Maers Suffered a Major Petya Cyberattack
Maersk is the Danish biggest shipping company that transports goods by land and in the ocean. It is also one of the biggest and oldest shipping companies in the world that handle every seventh container worldwide.
In 2017, it suffered a ransomware attack by NotPetya malware. Company staff received messages about the repair of the file system and encryption of important files. The malware demanded $300 in bitcoin. Their entry systems and phone networks shut down and by the end of the day, the company stopped all of its operations.
Russians who created the malware could not control the virus themselves which resulted in random attacks on major and small businesses around the world, even in Russia itself. The cost of damage was estimated to be $10 billion. For Maersk, it started through a single computer in a Ukrainian port city and spread out to the entire system.
The company immediately shut everything down and brought new computers to the response team to get everything back up. It took the company two weeks to go back to normal. The attack has cost the company between $250 million and $300 million.
In 2017, it suffered a ransomware attack by NotPetya malware. Company staff received messages about the repair of the file system and encryption of important files. The malware demanded $300 in bitcoin. Their entry systems and phone networks shut down and by the end of the day, the company stopped all of its operations.
Russians who created the malware could not control the virus themselves which resulted in random attacks on major and small businesses around the world, even in Russia itself. The cost of damage was estimated to be $10 billion. For Maersk, it started through a single computer in a Ukrainian port city and spread out to the entire system.
The company immediately shut everything down and brought new computers to the response team to get everything back up. It took the company two weeks to go back to normal. The attack has cost the company between $250 million and $300 million.
#5 Cyberattack Disrupted the Manufacturing Process of Danish Hearing Aid Firm Demant
Demant is a hearing aid company that was founded in Denmark but has since become a respectable international company that offers hearing aids, diagnostic instruments, and personal communication.
In 2019, the company was hit by a cyber attack. They did not share much but the Danish media thinks it was ransomware that caused the trouble. The company had to shut down all its systems immediately, outside Denmark as well.
Demant noted that their infrastructure was severely impacted and it shows. They have taken not days but a month and a half to come back to their normal operations. The company delayed its shipping and did not receive orders. As a result, it expects to lose somewhere between $80 million and $95 million, plus $14.6 million in a cyber insurance policy. The IT infrastructure alone cost around $7.3 million.
In 2019, the company was hit by a cyber attack. They did not share much but the Danish media thinks it was ransomware that caused the trouble. The company had to shut down all its systems immediately, outside Denmark as well.
Demant noted that their infrastructure was severely impacted and it shows. They have taken not days but a month and a half to come back to their normal operations. The company delayed its shipping and did not receive orders. As a result, it expects to lose somewhere between $80 million and $95 million, plus $14.6 million in a cyber insurance policy. The IT infrastructure alone cost around $7.3 million.
#6 A Danish Payment Solution Provider Nets Compromised Data of 100K Credit Cards
Nets is a Danish payment solution that is widely used in the whole of Europe. It is used by financial institutions, banks, and individuals.
In 2016, they suffered a massive leak: around 100 thousand credit cards were compromised. All of it is linked to the use of a single foreign-based internet service provider. The company suspected something, decided to look closer into it and found out about the stolen cards.
The company urged banks to block and replace the compromised cards, even though there were no traces of actually using the cards in a harmful way. Nets said that they can not guarantee further safety and that such measures can save millions in the long run.
In 2016, they suffered a massive leak: around 100 thousand credit cards were compromised. All of it is linked to the use of a single foreign-based internet service provider. The company suspected something, decided to look closer into it and found out about the stolen cards.
The company urged banks to block and replace the compromised cards, even though there were no traces of actually using the cards in a harmful way. Nets said that they can not guarantee further safety and that such measures can save millions in the long run.
#7 The Data of Danish Wind Power Giant Vestas Compromised by Hackers
Vestas is the world's largest wind turbine maker. Their production is used by governments and individual users to create renewable energy.
In 2021, they fell victims to a massive cyberattack: they had to shut down internal systems which also triggered delays in customer systems. Employees and business partners were affected the most. The hackers took away their personal data such as names, contact details, addresses, emails, phone numbers, country of residence, education, training and professional skills, pictures, and information related to job applications and CVs.
The company gradually reopened the system and asked employees and partners to be cautious about their data but the incident cost its reputation and stock value. The latter dropped by 6%. Hackers tried to sell the information to a third party but finally just made it public a month after the attack.
In 2021, they fell victims to a massive cyberattack: they had to shut down internal systems which also triggered delays in customer systems. Employees and business partners were affected the most. The hackers took away their personal data such as names, contact details, addresses, emails, phone numbers, country of residence, education, training and professional skills, pictures, and information related to job applications and CVs.
The company gradually reopened the system and asked employees and partners to be cautious about their data but the incident cost its reputation and stock value. The latter dropped by 6%. Hackers tried to sell the information to a third party but finally just made it public a month after the attack.
#8 Danish Pump Manufacturer Desmi Became Victim of Ransomware Attack
DESMI offers pump solutions and clean-up systems and is the oldest company in Denmark. They are now working with more than 150 countries worldwide.
They were attacked by ransomware in 2020. The company refused to pay the ransom and their response plan to the incident was fantastic so far. They shut down all the systems to avoid further compromise and quickly updated their customers on what was happening.
Some of the systems went back up in a couple of days and others were fully functioning within a couple of weeks. They also invited external experts to investigate the situation.
They were attacked by ransomware in 2020. The company refused to pay the ransom and their response plan to the incident was fantastic so far. They shut down all the systems to avoid further compromise and quickly updated their customers on what was happening.
Some of the systems went back up in a couple of days and others were fully functioning within a couple of weeks. They also invited external experts to investigate the situation.
#9 Cyberattack on Danish News Agency Ritzau Shut Down Its Editorial System
Ritzau is Denmark's largest news agency. They collaborate with three more agencies to deliver Nordic News in English. It has 10 million radio listeners, 8 million TV viewers, 3 million newspaper readers, and 15 million readers.
A quarter of their servers were hit by a ransomware attack back in 2020 which resulted in a complete editorial system shut down. They refused to pay the ransom, they were advised to not even open the message with it.
The reporting went to live blogs while the internal IT department and external experts tried to bring everything back up. They first introduced a version with text only and recovered fully in two days.
A quarter of their servers were hit by a ransomware attack back in 2020 which resulted in a complete editorial system shut down. They refused to pay the ransom, they were advised to not even open the message with it.
The reporting went to live blogs while the internal IT department and external experts tried to bring everything back up. They first introduced a version with text only and recovered fully in two days.
#10 Facility-Management Company ISS World Hit With a Major Cyber Attack
ISS World is based in Denmark and provides facility management services globally. It reached countries across Europe, Asia, North America, Latin America, and the Pacific.
The company was attacked by ransomware that locked their databases. They had to shut down all the IT systems to not let the software encrypt more parts of the infrastructure. Some of the systems were back up early while others needed some time for restoration.
Even though no data was breached, around 43,000 employees in the UK alone did not have the access to the system and, consequently, work for some time. The company had 500,000 employees globally.
The company was attacked by ransomware that locked their databases. They had to shut down all the IT systems to not let the software encrypt more parts of the infrastructure. Some of the systems were back up early while others needed some time for restoration.
Even though no data was breached, around 43,000 employees in the UK alone did not have the access to the system and, consequently, work for some time. The company had 500,000 employees globally.
Conclusion
Cyberattacks are happening every day, and you need to be ready to both fight them off and quickly recover in case the security fails. Denmark shows a great example in both. They offer cybersecurity support on the governmental level, and companies have a quick response in place as well.
Do you want to secure your business and prepare a reliable backup? Then do not hesitate to reach out to CyberLands and get your cybersecurity carefully sorted by our experts.
Do you want to secure your business and prepare a reliable backup? Then do not hesitate to reach out to CyberLands and get your cybersecurity carefully sorted by our experts.
Cyberlands.io Team