Thursday

9th Jul 2020

Exclusive

State-level espionage on EU tagged as 'Very High Threat'

The most successful attempts of espionage at a top EU institution are state sponsored, according to an internal document.

The restricted document presents an analysis of threats to the security of information at the General Secretariat of the Council (GSC).

Read and decide

Join EUobserver today

Support quality EU news

Get instant access to all articles — and 20 years of archives. 14-day free trial.

... or subscribe as a group

The GSC administers over the Council, representing member states, as well as the more politically-oriented European Council.

"The majority of discovered, successful compromises of information in the GSC are from threat source level VERY HIGH (e.g. state sponsored attacks)," notes the document, dated 26 May and obtained by this website.

The GSC is a prime target because it deals with the negotiation and adoption of EU laws, coordinates member state policies, and develops the EU's common foreign and security policy.

It also helps negotiations on international agreements.

"Any country with a conflict between their national and EU interests or which may have an interest in EU information only, may try to undertake an attack on the security of information handled in GSC," it says.

The 28-page document was drafted by the Council's security committee.

It does not provide specific examples.

But it does highlight China, noting the country had in 2016 led the world in espionage malware, followed by Russia and the rest of Europe.

"The GSC can also be attacked via systems located in EU member states," it adds.

The most common attacks include phishing emails, enticing people to either click on a link or open an attachment.

One such attack took place in late November 2018 when a phishing campaign hacked into a network at the Cypriot ministry of foreign affairs.

The network was ultra-sensitive because the European Union uses it to facilitate cooperation on foreign policy issues.

Known as COREU, the network operates between the EU states, the Council of the European Union, the EU's foreign policy branch (EEAS) and the European Commission.

Experts says the campaign had been led by the Chinese government via its Strategic Support Force of the People's Liberation Army.

State-sponsored espionage is not the only threat.

Four threat-levels

The document spells out four levels of threat.

It classifies as low amateur hackers and open source researchers. Medium is reserved for insiders who do not have privileged access to systems.

High level is for "hactivists", privileged insiders, and any organisation carrying out cyber crime.

"The insider threat (deliberate actions by GSC staff against the security of information) is rare as evidenced by past incidents (only one case)," it notes.

Very high is for those carrying out government orders to hack systems.

The Council internal document's findings was compiled by the EU's intelligence centre (Intcen), US government sources, the Computer Emergency Response Team for the EU Institutions known as CERT-EU, Kaspersky Lab, Microsoft, among others.

The probe took place throughout 2017 and was updated in November last year.

Investigation

China suspected of bio-espionage in 'heart of EU'

Chinese spies have targeted Belgian biological warfare experts, vaccine-maker GSK, and other high-tech firms in the country, Belgium's intelligence service suspects.

Commission chief under fire for Croatia campaign video

EU Commission president Ursula von der Leyen recorded a video in support of Croatia's ruling party, which the EU executive said was in her "personal capacity" - and admits it was a "mistake" that this was not made clear.

Parliament vaping booths 'too confidential' to discuss

The European Parliament is refusing to disclose documents on an internal debate on whether to set up e-cigarette smoking booths at its premises in Strasbourg and Brussels, posing questions on how it handles transparency on relatively minor issues.

EU parliament chairs explain missing lobbyist meetings

MEPs in January 2019 agreed to a rule change in a bid for greater transparency. The rules included requiring committee chairs to publish their meetings with registered lobbyists. EUobserver spoke to six chairs, who haven't done so yet.

News in Brief

  1. Rushdie, Fukuyama, Rowling warn against 'intolerance'
  2. Clashes in Belgrade after new lockdown measures
  3. US passes milestone of 3m coronavirus infections
  4. France wary of any future lockdowns
  5. Lithuania bans Kremlin-linked Russia Today programmes
  6. UK nominates Liam Fox for WTO top job
  7. Italy supports Spain's Calviño for Eurogroup job
  8. France and Germany warn Israel on annexation 'consequences'

Commission chief under fire for Croatia campaign video

EU Commission president Ursula von der Leyen recorded a video in support of Croatia's ruling party, which the EU executive said was in her "personal capacity" - and admits it was a "mistake" that this was not made clear.

Parliament vaping booths 'too confidential' to discuss

The European Parliament is refusing to disclose documents on an internal debate on whether to set up e-cigarette smoking booths at its premises in Strasbourg and Brussels, posing questions on how it handles transparency on relatively minor issues.

Stakeholders' Highlights

  1. UNESDANext generation Europe should be green and circular
  2. Nordic Council of MinistersNEW REPORT: Eight in ten people are concerned about climate change
  3. UNESDAHow reducing sugar and calories in soft drinks makes the healthier choice the easy choice
  4. Nordic Council of MinistersGreen energy to power Nordic start after Covid-19
  5. European Sustainable Energy WeekThis year’s EU Sustainable Energy Week (EUSEW) will be held digitally!
  6. Nordic Council of MinistersNordic states are fighting to protect gender equality during corona crisis

Latest News

  1. Five ideas to reshape 'Conference on Future of Europe'
  2. EU boosts pledges to relocate minors from Greece
  3. Hydrogen strategy criticised for relying on fossil fuel gas
  4. Merkel urges EU unity to hold off economic fallout and populism
  5. The opportunistic peace
  6. EU mulls new system to check illegal pushbacks of migrants
  7. EU forecasts deeper recession, amid recovery funds row
  8. Revealed: fossil-fuel lobbying behind EU hydrogen strategy

Join EUobserver

Support quality EU news

Join us