Friday

29th Sep 2023

EU and US officials simulate cyber attack response

EU and US cyber experts on Thursday (3 November) sat together and brainstormed on how they would deal with attacks aimed at extracting government secrets or taking control of nuclear plants.

The exercise - a first - was organised by the EU's cyber security agency (Enisa) and the US department of homeland security and brought together government experts from Washington, 16 EU capitals and the European Commission.

Read and decide

Join EUobserver today

Become an expert on Europe

Get instant access to all articles — and 20 years of archives. 14-day free trial.

... or subscribe as a group

  • Kilometres of code. Viruses often exploit one badly written line in a programme like Microsoft Word. (Photo: *n3wjack's world in pixels)

"The involvement of the Commission, EU member states and, of course, the US, in today’s exercise shows the high level of commitment we have to ensuring that we protect our digital infrastructures for the benefit of all citizens," Enisa chief Udo Helmbrecht said in a statement.

The simulation comes after the bloc's diplomatic service lost sensitive documents in a large-scale attack in spring this year. The EU then set up computer emergency teams (Certs) for its own institutions - cyber security experts tasked with detecting, managing the damage and preventing attacks on the networks. Certs exist in most member states and in the US, where there is also a dedicated team for attacks on critical infrastructure, such as nuclear plants.

"It's funny it took the EU almost ten years to come up with something it had been pressing member states all the time," one Cert official from a member state told this website on condition of anonymity.

The exercise, while not naming which country would try to extract confidential data via cyber attacks, was carried out on the day a US intelligence report singled out China and Russia as being most active in cyber espionage against US companies.

China and Russia

The report says both private firms and cyber security experts have reported an "onslaught" of computer attacks targeting trade secrets, intellectual property and technology. Attacks from Russia are a "distant second" to those from China, but were "extensive" and "sophisticated".

This other type of attack simulated Thursday reflects a growing concern in the cyber security community that computer programmes (Scada) managing, for instance, water cleaning facilities, are not designed to fend off worms which could hijack the chemical composition and poison an entire city.

Stuxnet, the worm that damaged Iranian nuclear centrifuges and believed to be the work of the US government, has already some offsprings.

Just as the Enisa exercise was developing, a Stuxnet-inspired worm called Duqu was detected in Belgium's largest web-hosting company after having been shut down of an Indian network. Spread through a vulnerability in Microsoft's Word text editing programme, the virus contains code similar to Stuxnet, but its ultimate target is not yet known.

'There's a computer worm in your nuclear centrifuge'

With the discovery of Stuxnet, a computer worm believed to have been developed by the US government to shut down a nuclear plant in Iran, European companies like Siemens are coming under increased pressure to secure software operating 'critical infrastructure' such as power plants or water treatment facilities.

EU struggling to fight cyber crime

Faced with increasing cyber attacks, the EU is looking at a new law criminalising the use of 'zombie' computers and is setting up a 'cyber crime' agency and special teams of IT firefighters. But specialists and data privacy defenders remain unconvinced.

Tech industry now spends €113m a year lobbying Brussels

Tech companies have increased their lobbying power and are now spending some €113m a year to influence EU decision-making, up more than 16 percent since 2021, according to a report from NGOs Corporate Europe Observatory and LobbyFacts.

EU lists six tech giants as 'gatekeepers' under new law

A total of 22 "core platform services" provided by these six tech gatekeepers now have until March 2024 to comply with strict new EU rules — aimeed to promote fair competition and give users more power over their devices.

AI will destroy more female jobs than male, study finds

About four percent of global female employment is subject to potential automation through generative AI technologies, compared to only 1.4 percent of male employment. The trend is even more pronounced in high-income countries, a new study reveals.

AI will destroy more female jobs than male, study finds

About four percent of global female employment is subject to potential automation through generative AI technologies, compared to only 1.4 percent of male employment. The trend is even more pronounced in high-income countries, a new study reveals.

Column

EU lobbying clean-up — what happened to that?

Six months after Qatargate, as institutional inertia and parliamentary privileges weigh in, the sense of gravity and collective resolve have all but disappeared. MEPs show little enthusiasm for reform of the rules that today allow them significant outside paid activities.

Latest News

  1. Added-value for Russia diamond ban, as G7 and EU prepare sanctions
  2. EU states to agree on asylum crisis bill, say EU officials
  3. Poland's culture of fear after three years of abortion 'ban'
  4. Time for a reset: EU regional funding needs overhauling
  5. Germany tightens police checks on Czech and Polish border
  6. EU Ombudsman warns of 'new normal' of crisis decision-making
  7. How do you make embarrassing EU documents 'disappear'?
  8. Resurgent Fico hopes for Slovak comeback at Saturday's election

Stakeholders' Highlights

  1. International Medical Devices Regulators Forum (IMDRF)Join regulators, industry & healthcare experts at the 24th IMDRF session, September 25-26, Berlin. Register by 20 Sept to join in person or online.
  2. UNOPSUNOPS begins works under EU-funded project to repair schools in Ukraine
  3. Georgia Ministry of Foreign AffairsGeorgia effectively prevents sanctions evasion against Russia – confirm EU, UK, USA
  4. International Medical Devices Regulators Forum (IMDRF)Join regulators & industry experts at the 24th IMDRF session- Berlin September 25-26. Register early for discounted hotel rates
  5. Nordic Council of MinistersGlobal interest in the new Nordic Nutrition Recommendations – here are the speakers for the launch
  6. Nordic Council of Ministers20 June: Launch of the new Nordic Nutrition Recommendations

Join EUobserver

Support quality EU news

Join us