Saturday

31st Oct 2020

EU responds to threat of 'zombie' computers

  • The Ignalina nuclear power station in Lithuania. Malmstrom said she does not want to 'terrify' people but noted that Stuxnet could be used to sabotage a nuclear plant (Photo: Wikipedia)

The EU's anti-cyber-crime agency Enisa will in future work with Europol to help track down hackers and the creation of botnets or "zombie computers" is to be made illegal under new proposals from the European Commission.

"I don't want you to walk out of here totally terrified, but just to give you an idea that there is a threat," home affairs commissioner Cecila Malmstrom said at a press briefing to launch the measures in the EU capital, Brussels, on Thursday (30 October).

Read and decide

Join EUobserver today

Become an expert on Europe

Get instant access to all articles — and 20 years of archives. 14-day free trial.

... or subscribe as a group

"To anyone thinking that cyber-attacks are an abstract concept, I would say that for millions of people each year there are already direct practical consequences. When your money is quietly stolen from your bank account or your country is shut down - as happened to Estonia in 2007 - the threat suddenly becomes very real," the EU's information society commissioner Neelie Kroes said at the same media event.

Citing internal alerts from British, French and Germany military intelligence, the commissioners highlighted the creation of two large-scale cyber weapons in the past two years as examples of the increasingly dangerous environment on the Internet.

The so-called Conficker botnet has since 2008 installed malicious software on an estimated 12 million personal computers worldwide turning them into "zombies" capable of collectively sending 10 billion spam emails a day without the owners' knowledge. The spam can be used to steal money, blackmail banks or other firms with the threat of a shutdown or to get hold of classified information. Conficker in January and February 2009 prevented French fighter planes from taking off and shut down British and German army websites.

The Stuxnet botnet is designed to take over the control systems of industrial plants, including nuclear installations, in order to sabotage operations. It has reportedly affected facilities in China and Iran prompting speculation on the involvement of Israeli and US secret services.

A former US National Security Agency officer, Charlie Miller, in an interview with EUobserver in August estimated that a hostile foreign power could, given just €86 million and a team of 750 spies and hackers, launch a devastating cyber strike on the EU.

In the Miller scenario, the EU 27 countries would wake up one day to find electricity power stations shut down; communication by phone and Internet disabled; air, rail and road transport impossible; stock exchanges and day-to-day bank transactions frozen; crucial data in government and financial institutions scrambled and military units at home and abroad cut off from central command or sent fake orders.

The Malmstrom-Kroes package envisages new powers for the EU's Crete-based European Network and Information Security Agency (Enisa) as well as new anti-cyber-crime legislation that could see people put in jail for years.

Ms Kroes wants Enisa to work with Europol (an EU organ based in The Hague which helps national police forces to share intelligence on organised crime) and Frontex (the EU's Warsaw-situated border security agency) in forensic operations to track down the people behind cyber attacks.

Enisa is also to set up an EU-wide "alert system" on the cyber attack threat level and a Computer Emergency Response Team inside the EU institutions. The agency's mandate was previously limited to research on the security of ecommerce.

The Malstrom draft directive, approved by the commission on Thursday, is to oblige EU countries to criminalise the creation of botnets and to collect and share cybercrime data. It will also oblige member states to punish cyber criminals and the "instigation, aiding, abetting and attempt" of cyber crimes with up to five years in prison.

Ms Kroes said she hopes the new measures will be in place by 2012 and reported that she is "rather hopeful" of success after "first contacts" with MEPs and member states, who will need to give the developments the green light.

Coronavirus

Europe is back in (partial) lockdown

The burden on healthcare systems all across the bloc, as a result of the autumn surge in coronavirus infections, is triggering new nationwide lockdowns and restrictive measures in nearly every EU member state.

Gender equality still 60 years away, warns study

A new report on gender equality in the EU makes it clear: improved gender equality in decision-making is the main driver of progress in the EU. And most progress so far is due to outliers Sweden, Denmark and France.

Opinion

I'm an 'election observer' - but what do we actually do?

There is a persistent problem of 'fake observers.' Often the government of the country they are observing, or even the election management body itself, pays for these observers, holds fancy dinners, and puts them in five-star hotels.

Deal in reach on linking EU funds to rule of law

Much still depends on if the German EU presidency is willing to sign up to a strict time limit for member states to decide on possible sanctions in the new rule-of-law conditionality.

Coronavirus

EU Commission's Covid-19 expert offers bleak outlook

Belgian microbiologist Peter Piot offered a bleak assessment of available options to rid the world of the pandemic caused by Covid-19. Aside from wishful thinking, millions of possible deaths, and crushing poverty, a vaccine appears to be the only solution.

News in Brief

  1. Polish government rows back on abortion ruling
  2. EU threatens legal action against Poland on rule of law
  3. 'Several dead' after earthquake hits Greece and Turkey
  4. Hungary faces EU court over asylum restrictions
  5. Polish PM urges end to abortion protests to 'protect elderly'
  6. EU to fund cross-border hospital transfers
  7. Some 140 migrants drown on way to Spanish islands
  8. EU central bank preparing new rescue measures

EU Commission unveils 'adequate minimum wage' plan

The European Commission proposed minimum standards to ensure adequate minimum wages all across the EU. But the proposal does not oblige member states to harmonise their systems, nor does it set a common minimum wage level.

Stakeholders' Highlights

  1. UNESDAMaking healthier diets the easy choice
  2. Nordic Council of MinistersUN Secretary General to meet with Nordic Council on COVID-19
  3. UNESDAWell-designed Deposit Return Schemes can help reach Single-Use Plastics Directive targets
  4. Nordic Council of MinistersNordic Council meets Belarusian opposition leader Svetlana Tichanovskaja
  5. Nordic Council of MinistersNordic Region to invest DKK 250 million in green digitalised business sector
  6. UNESDAReducing packaging waste – a huge opportunity for circularity

Latest News

  1. Nice attack: EU urges world leaders to stop hate speech
  2. Europe is back in (partial) lockdown
  3. Gender equality still 60 years away, warns study
  4. I'm an 'election observer' - but what do we actually do?
  5. Deal in reach on linking EU funds to rule of law
  6. EU Commission's Covid-19 expert offers bleak outlook
  7. Belgium's collaboration with Sudan's secret service: my story
  8. What do ordinary Belarusians want from the EU?

Join EUobserver

Support quality EU news

Join us