EU will take a year to set up full cybersecurity agency

The plan comes in the wake of recent attacks on government websites

Security experts have criticized the European Commission's plans to set up a team to look at how to combat cyberattacks as too little, too late, saying that more coordination between member states is needed.

The so-called "pre-configuration" Computer Emergency Response Team (CERT) of IT security experts will spend the next 12 months assessing how a full-scale CERT should be set up for European Union institutions. But experts have warned that the threat of cyberattacks is current and real.

"Most individual member states already have their own CERTs, so I think the primary aim of the E.U. CERT should be one of coordination," said Rik Ferguson, director of security and research at Trend Micro. "Twelve months is not an unreasonable length of time to prepare, but it should also include best practice so that all the different member states can work together."

"Some action is better than no action. Also, an effective CERT should be well designed, and that takes planning and review," added Ulla Toivanen from F-Secure

In recent years, CERTs have been developed in both private and public organizations to quickly and efficiently respond to information security incidents and cyber threats, and the Commission has called for member states to establish their own national CERTs.

"Over recent years, cyberattacks have risen to an unprecedented level of sophistication. It is essential that the European institutions make a joint effort in order to respond to the threat of massive cyberattacks," said Maroš Šefčovič, Commission vice president for Inter-Institutional Relations and Administration.

But given the sensitivity of the information held by the European Institutions, security experts have warned that effective security is essential immediately. In March, an attack on the European Commission disrupted e-mail systems, while an attack on the E.U.'s Emissions Trading Scheme recently saw at least €30 million (US$44 million) of emissions allowances stolen from national registries.

The plan to set up a single agency to manage all large-scale IT systems could also prove a target for cyber criminals. The proposed agency would bring together databases such as the Schengen Information System (a common database which facilitates the exchange of information on individuals between national law enforcement authorities), the Visa Information System (a database that will allow member states to enter, update and consult visa data, including biometric data, electronically) and EURODAC (an IT system for comparing the fingerprints of asylum seekers and illegal immigrants). The goal is for the agency to start working in summer 2012 in Tallin, Estonia.

"Obviously aggregated data creates a target," said Ferguson. "We have seen a sharp increase in the last 12 months of this sort of theft. We have entered the era of 'steal everything.' Criminals are no longer going after a single server. But hopefully lessons will be learned from incidents such as the Sony hack."

Meanwhile, E.U. justice ministers agreed on Friday to draft rules setting out minimum sentences for cyber criminals. However security experts argue that trying to convict criminals who cannot be caught is a waste of time. "The emphasis should be on catching them in the first place. And for this there needs to be much more coordination because these criminals inevitably work across borders," said Ferguson.

A proposed Directive on Attacks against Information Systems is also in the pipeline. The draft law lists crimes such as illegal access to IT systems, interference with these systems, stealing or deleting data and the interception of non-public data transfers.

Europol, the E.U.'s police force, currently manages information-sharing on cybercrime between police in different E.U. countries. But the Commission plans to set up a dedicated European Cyber Crime Centre by 2013 to coordinate operations across borders and provide training to law enforcement authorities.

The CERT pre-configuration team will comprise 10 members of staff from the European Commission, the European Parliament, the Council, the Committee of the Regions and Economic and Social Committee and ENISA.

Join the Good Gear Guide newsletter!

Error: Please check your email address.

Tags Government use of ITeuropean commissionsecuritygovernment

Our Back to Business guide highlights the best products for you to boost your productivity at home, on the road, at the office, or in the classroom.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Jennifer Baker

IDG News Service
Show Comments

Essentials

Microsoft L5V-00027 Sculpt Ergonomic Keyboard Desktop

Learn more >

Lexar® JumpDrive® S57 USB 3.0 flash drive

Learn more >

Mobile

Lexar® JumpDrive® S45 USB 3.0 flash drive 

Learn more >

Exec

HD Pan/Tilt Wi-Fi Camera with Night Vision NC450

Learn more >

Lexar® Professional 1800x microSDHC™/microSDXC™ UHS-II cards 

Learn more >

Audio-Technica ATH-ANC70 Noise Cancelling Headphones

Learn more >

Lexar® JumpDrive® C20c USB Type-C flash drive 

Learn more >

Budget

Back To Business Guide

Click for more ›

Most Popular Reviews

Latest News Articles

Resources

PCW Evaluation Team

Azadeh Williams

HP OfficeJet Pro 8730

A smarter way to print for busy small business owners, combining speedy printing with scanning and copying, making it easier to produce high quality documents and images at a touch of a button.

Andrew Grant

HP OfficeJet Pro 8730

I've had a multifunction printer in the office going on 10 years now. It was a neat bit of kit back in the day -- print, copy, scan, fax -- when printing over WiFi felt a bit like magic. It’s seen better days though and an upgrade’s well overdue. This HP OfficeJet Pro 8730 looks like it ticks all the same boxes: print, copy, scan, and fax. (Really? Does anyone fax anything any more? I guess it's good to know the facility’s there, just in case.) Printing over WiFi is more-or- less standard these days.

Ed Dawson

HP OfficeJet Pro 8730

As a freelance writer who is always on the go, I like my technology to be both efficient and effective so I can do my job well. The HP OfficeJet Pro 8730 Inkjet Printer ticks all the boxes in terms of form factor, performance and user interface.

Michael Hargreaves

Windows 10 for Business / Dell XPS 13

I’d happily recommend this touchscreen laptop and Windows 10 as a great way to get serious work done at a desk or on the road.

Aysha Strobbe

Windows 10 / HP Spectre x360

Ultimately, I think the Windows 10 environment is excellent for me as it caters for so many different uses. The inclusion of the Xbox app is also great for when you need some downtime too!

Mark Escubio

Windows 10 / Lenovo Yoga 910

For me, the Xbox Play Anywhere is a great new feature as it allows you to play your current Xbox games with higher resolutions and better graphics without forking out extra cash for another copy. Although available titles are still scarce, but I’m sure it will grow in time.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?