EN 
SE 
During the month of May, the American city of Baltimore was hit by an extensive cyber attack. Since the attack began, the city's most important computers have been down and critical societal functions have been down. Neither wages nor bills have been paid. The housing market in the city has also come to a standstill as the hackers have locked down access to property documents.
Today, just over a month later, the damage after the attack, which was spread via so-called ransomware, has been estimated at a staggering 18 million dollars. However, most functions are reported to be working again.
We asked cyber expert Rolf Rosenvinge, CEO of the consulting company Cyber Insights which, among other things, acts as support for company management in cyber security matters, how common this type of attack is and how imminent the risk is that Sweden will be affected in a similar way.
Rolf Rosenvinge – CEO Cyberinsights
"It happens every day"
"Cyber attacks of this kind happen more or less daily and what is reported by the media is unfortunately only the tip of an iceberg. It can be anything from teenagers who want to play a prank on organizations to more organized crime that does this professionally," says Rosenvinge.
"What is clear is that many large organizations are not prepared. They have difficulty detecting the attacks and once they do occur, they have problems isolating any damage and difficulties in restoring their IT environment, he continues.
According to Rosenvinge, it is not far-fetched to believe that a cyber attack could affect, for example, a Swedish municipality in the same way as Baltimore.
"The sensitive thing in cases like this is that it affects functions critical to society, which means that the damage becomes very tangible. It can involve everything from water supply to elderly care and healthcare.”
Sweden is alarmingly underdeveloped
"In Sweden, we live in the belief that we are very far ahead when it comes to cyber security, but that is not true. I think we are unhappily far behind when compared to countries like the US and the UK. Even smaller countries like Israel and Estonia, I would say, are ahead of us and have worked systematically on these issues for a long time."
"The fact that Sweden is lagging behind is serious as we are at the same time one of the world's most digitized countries, but saying that you are a small country is no excuse. It's about deciding to tackle the issue.”
Difficult to demand ransom
In connection with major cyber attacks, the perpetrators often demand a ransom in bitcoin to restore the affected systems. This was also the case in Baltimore. However, Rosenvinge does not believe that the development of cryptocurrencies is necessarily the explanation for organized cyber attacks becoming more common.
"What you have to remember is that it is very difficult for a municipality or a company to pay out bitcoins. A municipal director cannot just cash out a hundred thousand kroner and buy bitcoins. The auditors would strike back. There are examples where the ransom has gone down the drain precisely because of issues like this.”
"At the same time, the big cost is not the ransom. It is the cost of systems being down. We recently had a case where Norsk Hydro suffered a similar attack. The final bill in that case was approximately NOK 500 million."
Digitization before security
According to Rosenvinge, the big challenge for Swedish companies is that they rushed into digitization, without thinking about the security of these investments. At the same time, it has been difficult to quantify this type of risk, which has created great frustration among many company managers and boards.
"I think it has been difficult to put cyber risks in relation to other risks such as currency risks or credit risks, which may also be an explanation for why Swedish companies have not invested enough in cyber security either," reasons Rosenvinge.
At the same time, he says that insurance linked to cyber risk is a rapidly growing market, but that it is difficult to insure against the entire damage and in some cases difficult to obtain the insurance.
"The problem with cyber insurance is that you can only insure the risk of downtime costs, but costs related to other more subtle values such as brand reputation are not included."
"There is a case where a Spanish company sued its insurance company that refused to pay out money linked to damages caused by a global cyber breach. The reasoning is that the attack was part of the Russian state's cyber warfare and therefore does not fall under the definition of a cyber attack but is considered force majeure.”
"In other words, it is uncertain what you can actually get out of your insurance on the day you are affected. The best insurance is to invest in good protection against attacks. There, Swedish organizations still have a long way to go."
Rolf Rosenvinge discusses recurring cyber security issues in the Cybertalks podcast. You can find the podcast here.
Read about how the GDS Fund invests in cyber security: Cyber attacks create investment opportunities