The recent cyber-attacks on government institutions have left a spotlight on the Luxembourg government's IT centre (CTIE) and their vital work in cybersecurity.

Last Thursday, Luxembourg government websites fell victim to a so-call DDOS (distributed denial-of-service) attack, which left numerous websites out of action after servers became overwhelmed.

Géigesteiere géint d'DDOS-Attack / Dany Rasqué

Although the rapidly-assembled crisis cell of experts responded to the attack and swiftly brought it under control, the issue remains in the sense that the IT centre is still working day and night to ensure as few disturbances as possible.

Attacks vary in severity

CTIE director Patrick Houtsch said that attacks tend to come in waves, as he described one from Wednesday to Thursday, which intensified at 5pm on Wednesday and continued until 3am in the morning. Although it is controlled, Houtsch said he did not think it was finished. "Our teams are on alert and ready. We've learned a lot from last week's attack, but every attack is a little different. Now we know what we have to do if it happens again."

As a rule, DDOS attacks tend to be over quickly, lasting anything from several minutes to a few hours. In 2017, there was a more prolonged attack, Houtsch explained, which lasted around a day. However, it resulted in Luxembourg stepping up its cyber defence protocols.

The most recent attack was an extraordinary situation, Houtsch said, as he described their provisional assessment. "Our inventory showed that 67 sites were affected by the attack, the majority of which belonged to the government or to local authorities."

However, the hackers also targeted some private companies. Houtsch explained there was a starting point for private businesses to obtain support in cybersecurity

"We have Circl (Circl.lu). There are two Computer Emergency Response Teams in Luxembourg. One is Govcert, which looks after government data, and the other is Circl, which is designed to support the private sector. Some of the bigger companies will have their own response teams."

In addition, private companies can seek out help from their internet providers in the event of an attack. DDOS attacks do not destroy or take down a website permanently; instead, they render a website temporarily inaccessible, which can have severe economic repercussions on businesses which rely on online commerce, for example.