Information Warfare on the Internet: Data Security Monitoring in Austria

The reliable execution of governmental, economic, and societal processes demands available and secure information and communication technology (ICT). Cyber attacks on the national IT infrastructure of countries (e.g., Estonia 2007 and on governmental and military computer systems of South Korea and the USA 2009) clearly showed the vulnerability of highly-connected nations. The attacks utilized an enormous network of infected computers (bot net) to conduct a Distributed Denial-of-Service (DDoS) attack on the national critical infrastructure. The biggest part of bot nets consists of infected computers of individual users which integrate their computer into the bot net by accidentally executing malware such as infected e-mail attachments. Therefore and besides technological issues the human factor is crucial in order to conduct such cyber attacks successfully.

To prevent comparable cyber attacks on the Austrian ICT infrastructure this project aims at (i) measuring the IT awareness and already implemented IT security measures of Austrian citizens, companies, and governmental institutions, (ii) developing a catalog of measures to raise the national IT awareness level and enforce national IT security measures, and (iii) evaluating the catalog of measures regarding the Austrian data protection legislation.

The project results enable political decision makers to implement specific and Austrian data protection legislation compliant measures (e.g., national ICT security awareness raising programs, additional funding of relevant research programs or implementation of concrete technological countermeasures) to protect the Austrian ICT infrastructure and the connected economic, governmental, and societal development.