The Hungarian government confirmed that the IT systems of Hungary’s defence procurement agency were hacked by a hostile foreign, non-state hacker group, but assured that no sensitive data that could harm the country’s national security was accessed. Prime Minister Viktor Orban’s chief of staff, Gergely Gulyas, stated that the most sensitive information that could have been compromised was related to military procurement, but nothing that could impact Hungary’s national security was made public. The incident, which involved a group called INC Ransomware, led to the encryption of all files from the agency’s servers, including details about Hungary’s military capabilities, procurement data, and personal information of army staff. The hackers reportedly demanded $5 million to unblock the data and prevent its release.
It is uncertain whether any of the information obtained by hackers could potentially compromise NATO, of which Hungary is a member. The hack comes amidst a significant increase in disruptive cyberattacks following Russia’s invasion of Ukraine, with ransomware attacks and those targeting public institutions being of particular concern. The EU’s top cybersecurity official, Juhan Lepassaar, noted that many incidents were initially tried out in Ukraine before expanding to EU countries. The Hungarian government is currently investigating the breach to determine the extent of the data compromised and the potential implications for national security.
Hungary, which shares a border with Ukraine, has been focused on modernizing its military since 2017 through the procurement of equipment ranging from tanks to air defense systems, as well as the development of a domestic defense industry. The country has made significant investments in strengthening its armed forces to ensure its security and sovereignty, particularly in light of the ongoing conflict in neighboring Ukraine. The hack on the Defence Procurement Agency’s IT systems highlights the growing threat of cyberattacks on critical infrastructure and government institutions, underscoring the need for enhanced cybersecurity measures and vigilance in safeguarding sensitive data.
The Hungarian government has not disclosed the exact timing of the hack or the identity of the hacker group responsible for the breach, but has emphasized that no information compromising national security has been released to the public. The incident underscores the importance of strengthening cybersecurity defenses to protect sensitive information and critical infrastructure from malicious actors seeking to exploit vulnerabilities for financial gain or political motives. The EU has been actively working to address the growing threat of cyberattacks through partnerships with member states and international organizations to enhance coordination and information sharing in response to emerging cyber threats.
As the investigation into the hack continues, Hungarian authorities are working to assess the impact of the breach on national security and determine the best course of action to mitigate any potential risks. The government’s response to the cyberattack will likely involve implementing additional security measures to prevent future incidents and enhance resilience against evolving cyber threats. The incident serves as a reminder of the importance of maintaining robust cybersecurity practices and investing in technologies to protect against advanced cyber threats that pose a risk to national security and critical infrastructure.
