Skip links

Collaboration needed to put up barriers against low-cost mass cyber bomb threats

Recent examples of mass cyber bomb threats have once again revealed systemic vulnerabilities in the response from states to low-cost, coordinated cyberattacks. The impact has already disrupted daily life and essential services for many states in 2023, Tomas Okmanas, Co-Founder of London-based cybersecurity firm Nord Security, writes in an article for World Economic Forum’s annual meeting. A potential defence strategy lies in putting up barriers to these low-cost, low-effort attacks so that they become more resource-intensive and challenging to execute, he argues.

A collaborative approach, particularly between email service providers, state governments, cybersecurity experts, or involved NGOs, he writes.

“Back in the autumn of 2023, a wave of cyber bomb threats across the Baltic states – Lithuania, Latvia, and Estonia – illustrated criminals’ ability to disrupt societal functions and strain law enforcement resources in a low-effort way.”

Read Also:  Cyber risks and inflation top concerns for businesses

In Lithuania, the situation escalated with an overwhelming number of threatening emails targeting schools. Estonia faced a wave of spam emails containing bomb threats, many of which targeted Tartu, the nation’s second-largest city. Most schools in the area closed as a precautionary measure. In Latvia, around 300 schools received similar threat emails, causing a range of reactions from evacuation to continued operation under heightened alert. 

“Similar tactics have been observed in other parts of Europe, suggesting a broader pattern of digital intimidation and disruption. In France, authorities took note of a series of fake bomb threats that tapped into prevailing social anxieties with targets including schools, airports and museums.”

“In the case of Ukraine, these cyber tactics took on a more ominous tone, especially in the period leading up to the Russian invasion. Ukraine reported a combination of bomb threats and cyberattacks, which were seen as part of a broader hybrid warfare strategy.”

Okmanas says that the alarming efficiency of mass cyber bomb threats in recent years can be attributed primarily to two factors: their scalability and the significant psychological and operational impact they exert on public targets.

Read Also:  Seven in ten companies to use GenAI for cyber defence

“Attackers can easily generate large volumes of threatening emails or messages with little cost or effort from a required network infrastructure. This scalability allows bad actors to target a wide array of institutions simultaneously, from schools and childcare facilities to other public organisations.”

“The second factor contributing to the effectiveness of these threats is the high psychological and operational impact they have, especially on sensitive targets like educational and childcare facilities.”

He writes that security officials and decision-makers are often compelled to respond with maximum capacity, even in low-risk instances. 

“Email providers play a crucial role in the dissemination of these threats. Focused dialogue with these providers could lead to more effective strategies to identify and block mass threat emails.” 

“These strategies could involve advanced filtering algorithms or enhanced monitoring of suspicious email patterns through automated processes and utilisation of machine learning algorithms. A discussion could be held about more non-invasive approaches that could potentially minimise the impact of mass cyber bomb threats.”

Okmanas argues that the dialogue between governments, cybersecurity experts, email providers and internet rights NGOs is vital in this fight. 

“By working together, these entities could introduce new guidelines and legislation to make it more challenging for bad actors to mass distribute anonymous threatening communications, which potentially include threats made with tools other than email, like voice over internet protocol (VoIP), or could even limit social media’s ability to disseminate such threats.”

Read Also:  Cyber attacks to increase with criminals using new technology

Moonshot News is an independent European news website for all IT, Media and Advertising professionals, powered by women and with a focus on driving the narrative for diversity, inclusion and gender equality in the industry.

Our mission is to provide top and unbiased information for all professionals and to make sure that women get their fair share of voice in the news and in the spotlight!

We produce original content, news articles, a curated calendar of industry events and a database of women IT, Media and Advertising associations.

    Do you want an experienced opinion on a job issue?
    Moonshot Manager is here to answer!

      Moonshot community sharing thoughts and ideas, in a anonymous, safe environment.