Wednesday

26th Jul 2017

Customers still 'in the dark' on cyber crime, warns EU agency

Cyber crime worth billions of euros is going unreported because companies are failing to admit to security breaches, according to a paper released Tuesday (28 August) by the EU's internet security agency.

In "Cyber incident reporting in the EU" the European Network and Information Security Agency (ENISA) highlighted a series of regulatory gaps in EU cyber laws. In its conclusions, ENISA admitted that although "large outages and large data breaches receive extensive media coverage.... many breaches, however, remain undetected and if detected, are not reported to authorities and not known to the public."

Thank you for reading EUobserver!

Subscribe now and get 40% off for an annual subscription. Sale ends soon.

  1. €90 per year. Use discount code EUOBS40%
  2. or €15 per month
  3. Cancel anytime

EUobserver is an independent, not-for-profit news organization that publishes daily news reports, analysis, and investigations from Brussels and the EU member states. We are an indispensable news source for anyone who wants to know what is going on in the EU.

We are mainly funded by advertising and subscription revenues. As advertising revenues are falling fast, we depend on subscription revenues to support our journalism.

For group, corporate or student subscriptions, please contact us. See also our full Terms of Use.

If you already have an account click here to login.

  • Cyber-crime worth billions is going unreported, says the EU's internet agency (Photo: *n3wjack's world in pixels)

The report highlighted five major cyber incidents which all went unreported, including an 'IP hijacking' case in April 2010 where China Telecom fed incorrect routing information instructing US and other international Internet traffic to feed through Chinese servers, swallowing 15% of global Internet use in less than 20 minutes.

In a press statement accompanying the report, co-authors Dr Marnix Dekker and Chris Karsberg admitted that “cyber incidents are most commonly kept secret when discovered, leaving customers and policymakers in the dark about frequency, impact and root causes.”

Commenting that the "lack of transparency and lack of information about incidents makes it difficult for policy makers to understand the overall impact", the report added that this, in turn, "complicates the effort in the industry to understand and address cyber security incidents."

Under the EU Telecoms directive adopted in 2009, service providers are required to report "all significant security breaches" to ENISA and national data supervisors. Meanwhile, provisions of the recently adopted e-privacy directive requires service providers to report all security lapses compromising personal data.

ENISA revealed that it had received 51 incident reports for 2011-2012, the first year of mandatory reporting requirements, saying that it would publish an overview of cyber-security breaches in September and annual reports from spring 2013 onwards.

However, the data was incomplete, with a number of member states yet to implement the directive in to national law, it said. ENISA executive director, Professor Udo Helmbrecht insisted that EU cyber policy should extend the reporting provisions for companies describing it as "essential to obtain a true cyber security picture."

A Eurobarometer in July revealed that one in ten Europeans had been victims of data theft, while online security firm McAfee estimated that cyber-crime cost businesses $750bn (€600bn) in lost income across the world in 2011.

EU Digital Agenda Commissioner Neelie Kroes has repeatedly promised plans for a detailed cyber security strategy, including a European Cyber-Crime Centre based in Europol's Dutch headquarters which will start work in 2013. Speaking in January at the World Economic Forum, Kroes called for concerted action on cyber-crime claiming that there was a 10% chance of a major break-down of the worldwide computer network.

Focus

Kroes demands internet security strategy

EU Digital Agenda Commissioner Neelie Kroes Tuesday reiterated her call for an EU-wide internet security strategy, arguing that EU authorities have not done enough to establish defence mechanisms to prevent cyber attacks.

EU to set up anti-cyber-crime centre

Last year, worldwide profits generated from cybercrime outstripped the global trade in marijuana, cocaine and heroin - combined.

EU cyber directive 'nearly finished'

The EU executive will release a draft directive on cyber security in 2013, in the latest indication that the bloc is moving towards a harmonised online rulebook.

EU Commission unmoved by Polish president's veto

Andrzej Duda decided to veto two of the controversial draft laws, which would put the judiciary under political control, but the EU executive is awaiting details before deciding on whether to launch legal probes on Wednesday.

Investigation

Mafia money pollutes the EU economy

Huge amounts of money from criminal activities are funnelled into the legitimate European economy. But little is being done about it at EU or national level.

Stakeholders' Highlights

  1. EU2017EELocal Leaders Push for Local and Regional Targets to Address Climate Change
  2. European Healthy Lifestyle AllianceMore Women Than Men Have Died From Heart Disease in Past 30 Years
  3. European Jewish CongressJean-Marie Le Pen Faces Trial for Oven Comments About Jewish Singer
  4. ACCAAnnounces Belt & Road Research at Shanghai Conference
  5. ECPAFood waste in the field can double without crop protection. #WithOrWithout #pesticides
  6. EU2017EEEstonia Allocates €1 Million to Alleviate Migratory Pressure From Libya in Italy
  7. Dialogue PlatformFethullah Gulen's Message on the Anniversary of the Coup Attempt in Turkey
  8. Martens CentreWeeding out Fake News: An Approach to Social Media Regulation
  9. European Jewish CongressEJC Concerned by Normalisation of Antisemitic Tropes in Hungary
  10. Counter BalanceOut for Summer Episode 1: How the EIB Sweeps a Development Fiasco Under the Rug
  11. CESICESI to Participate in Sectoral Social Dialogue Committee on Postal Services
  12. ILGA-EuropeMalta Keeps on Rocking: Marriage Equality on Its Way

Latest News

  1. EU and Turkey fail to defuse tensions
  2. European law will apply 'for years' in the UK, says EU judge
  3. US votes to sanction EU firms in Russia project
  4. Journalists on trial highlight Turkey crackdown
  5. EU to give research tips on dual food quality
  6. Polish president's veto leaves uncertainties over next move
  7. EU Commission unmoved by Polish president's veto
  8. UK presses the Brexit pause button