Tuesday

13th Apr 2021

EU agency to fight election hacking

  • Empty ballot boxes: Hackers "can target our democratic institutions," warned the EU Commission (Photo: Harry Metcalfe)

A more robust EU cyber agency could help member states defend their elections against "hybrid attacks", the European Commission has said.

Speaking at the launch of new cybersecurity proposals in Brussels on Tuesday (19 September), Julian King, the Commission's security chief, said some hacker attacks had "political objectives".

Read and decide

Join EUobserver today

Become an expert on Europe

Get instant access to all articles — and 20 years of archives. 14-day free trial.

... or subscribe as a group

"They can target our democratic institutions and can be used with other tools, such as propaganda and fake news, in hybrid attacks," he said.

"We need to be as serious about security online as we are offline," he said.

He also hailed Finland's new "centre of excellence" on hybrid warfare, which is designed to help EU countries fight novel assaults.

King did not name Russia, but Russian hackers and media recently attacked the French and US elections.

With Germany preparing to vote on Sunday, German authorities have also warned that Russia could leak MP's secrets after it stole data from the Bundestag in 2015.

An EU source said he was "surprised" Russia had not acted yet.

The source said one risk was that it could leak lots of dull real files and insert scandalous fake ones in the cache to try to create viral stories.

The new-model EU cyber agency was one of several Commission proposals on Tuesday that mainly targeted hacking for economic gain, crypto-currencies, and single market reforms.

Wake-up call

The Commission said the EU's existing cyber agency, Enisa in Greece, should boost staff from 84 to 125 and more than double its budget to €23 million a year.

Enisa currently drafts policy recommendations, but in future it should be able to give EU states "operational … assistance" in the event of a cyber attack.

It should conduct pan-EU cyber drills and create new protocols for member states' cyber-crisis management.

The Commission also proposed creating a Cybersecurity Emergency Response Fund to help victim states and a €50 million European Cybersecurity Research and Competence Centre to train and recruit specialists.

On the economic side, King said the Wannacry attack in May, in which hackers tried to blackmail hundreds of EU companies, was a wake-up call.

The Commission proposed pan-EU norms of jailing people for two to five years if they perpetrated fraud using virtual currencies, such as Bitcoin.

It said there should be a new EU labelling scheme, governed by Enisa, that certified which consumer and industrial cyber-connected products were safe to use.

It also proposed a law to enable firms to share "non-personal" data across borders to help companies expand in the single market.

Non-personal data could be, for instance, company financial records, or data on when machines, such as a car-wash machine, needed maintenance.

King presented the measures flanked by two commissioners in charge of digital matters, Andrus Ansip and Mariya Gabriel.

They came with a list of startling numbers.

The Commission said ransomware attacks had tripled since 2015 to hit more than 4,000 a day worldwide.

Six billion devices

They said cybercrime cost €265 billion a year and could quadruple in size by 2019.

"There are two types of company. Those who know they were attacked and those who don't yet know. With people, it's probably the same story," Ansip said.

The Commission also said there would be 6 billion cyber-connected devices in EU households by 2020.

It said unlocking the flow of non-personal data could be worth €370 billion a year for the single market in the next three years.

An EU official said the bloc's main institutions - the Commission, the European Parliament, and the EU Council - have about 30 staff each dealing with cybersecurity in Brussels.

The EU foreign service also has a special unit of 12 people dealing with Russian propaganda.

Enisa, which is located in two sites in Greece - in Athens and on the island of Crete - has struggled to attract top people and to liaise with EU states' officials due to its remote location.

But Gabriel said there was little the Commission could do about it.

"It's not the Commission that decides on that. It's only member states, with the Greek government, who can make the decision [on moving it]," she said.

Interview

Greece keen to keep EU cybersecurity agency

Greek official welcomed proposal to give the agency a bigger role, downplayed its kitchen sink problems, and said he was himself the victim of a computer virus.

EU to beef up cybersecurity agency

The Commission's president proposed to set up a European Cybersecurity Agency. The EU already has an agency for Network and Information Security.

EU countries cool on Juncker's ideas

There was not much enthusiasm voiced in EU countries after Juncker unveiled his grand ideas about a single EU president and a larger eurozone. Dutch PM Rutte suggested seeing an eye doctor.

Germany tells EU to slow down on new cyber rules

'First comes first', said a German government agency official, meaning that previously agreed rules on cybersecurity should be implemented before discussing the EU commission's new proposal.

News in Brief

  1. US officials call for J&J vaccine pause over blood clots
  2. Putin refuses to talk about military build-up, Ukraine says
  3. EU bank to help Greece manage corona-recovery funds
  4. Johnson & Johnson vaccine deliveries to EU begin
  5. EU sanctions commander of Iran's Revolutionary Guard
  6. UK opens investigation into ex-PM Cameron lobbying
  7. 'Significant differences' in EU-UK talks on Northern Ireland
  8. Bulgarian PM reveals price rise in new EU-BioNTech deal

Feature

Covid-hit homeless find Xmas relief at Brussels food centre

The Kamiano food distribution centre in Brussels is expecting 20 people every half hour on Christmas Day. For many, Kamiano is also more than that - a support system for those made homeless or impoverished.

Top court finds Hungary and Poland broke EU rules

EU tribunal said Hungary's legislation made it "virtually impossible" to make an asylum application. Restricting access to international protection procedure is a violation of EU rules.

Stakeholders' Highlights

  1. Nordic Council of MinistersDigitalisation can help us pick up the green pace
  2. Nordic Council of MinistersCOVID19 is a wake-up call in the fight against antibiotic resistance
  3. Nordic Council of MinistersThe Nordic Region can and should play a leading role in Europe’s digital development
  4. Nordic Council of MinistersNordic Council to host EU webinars on energy, digitalisation and antibiotic resistance
  5. UNESDAEU Code of Conduct can showcase PPPs delivering healthier more sustainable society
  6. Nordic Council of MinistersWomen benefit in the digitalised labour market

Latest News

  1. How the pandemic became an EU goldmine for crime
  2. China responds to 'low-efficacy' vaccine fears
  3. Merkel party chiefs support Laschet's chancellor bid
  4. EU refuses to bail out Montenegro's China loan
  5. Industry lobby to 'co-decide' on nearly €10bn EU public money
  6. Why Ursula von der Leyen won't go
  7. Incorporating gender in trade policy to benefit all
  8. Does Italian regionalism actually work?

Join EUobserver

Support quality EU news

Join us