Monday

23rd Apr 2018

Opinion

Cyber threats are inevitable, paralysing impact is not

  • Ransomware works by infecting a machine, encrypting its hard drive and then displaying a message that promises functionality will be returned to normal upon payment of a fee. (Photo: Pixabay)

Ten years ago, almost to the day, Estonia came under sustained cyberattacks, which targeted our banks, media and government.

While the attacks themselves ultimately proved merely a nuisance, they raised global awareness of the vulnerabilities networked societies face and put a new, fundamental security challenge on the global agenda.

Thank you for reading EUobserver!

Subscribe now for a 30 day free trial.

  1. €150 per year
  2. or €15 per month
  3. Cancel anytime

EUobserver is an independent, not-for-profit news organization that publishes daily news reports, analysis, and investigations from Brussels and the EU member states. We are an indispensable news source for anyone who wants to know what is going on in the EU.

We are mainly funded by advertising and subscription revenues. As advertising revenues are falling fast, we depend on subscription revenues to support our journalism.

For group, corporate or student subscriptions, please contact us. See also our full Terms of Use.

If you already have an account click here to login.

Over 200,000 victims in more than 150 countries across the globe have recently been hit by perhaps the most significant global cyberattack to date. Among them were hospitals in the UK, which had to cancel medical procedures, and large corporations such as Telefonica and Renault-Nissan.

Ransomware attacks like the WannaCry campaign have been a growing problem for several years.

They work by infecting a machine, encrypting its hard drive and then displaying a message that promises functionality will be returned to normal upon payment of a fee – in this case 300-600 dollars per system.

When it hits unprepared organisations, a cyberattack can bring mission-critical operations to a standstill.

While ransomware can sometimes be removed, the only solution is often to wipe the affected machines and revert to a backup, if one exists.

Otherwise, data could be lost forever, as there are still no reliable reports of data recovery from systems encrypted with the WannaCry ransomware.

The events over the past two weeks have highlighted our collective reliance on the digital domain, but they have also shown its vulnerabilities.

In general, a digital way of life does not necessarily carry with it greater risks, but it is different from paper-based bureaucracies.

No victims in Estonia

Yet vulnerability does not inevitably mean compromise. This particular attack could easily have been avoided by basic security practices, such as replacing out-dated software and installing critical updates.

Indeed, some countries were not seriously impacted. In fact, no Estonian computer or system fell victim to this attack. And part of the reason was preparedness.

Estonian authorities have been working for several years to raise awareness of the risks of ransomware – by not updating systems, addressing vulnerabilities and implementing baseline security standards.

The healthcare sector, in particular, has been a focus of improving IT management routines.

Furthermore, the risks and vulnerabilities – and ways of avoiding or mitigating them – must be driven home to anyone who owns or manages an information system or computer network, however small.

The Estonian example is encouraging.

For instance, when Windows XP – the no-longer-supported Microsoft operating system, at the heart of the ransomware attacks – was about to become obsolete in 2013, a well-targeted public awareness campaign almost halved the number of Estonians using it.

Nevertheless, there are still no grounds for complacency. Further cyberattack campaigns may exploit different vulnerabilities, and there is no silver bullet to prevent them.

Any comprehensive approach must address the full range of activities from prevention and awareness to response and recovery, while also ensuring that the malicious actors (“bad guys”) behind a cyberattack are discovered, apprehended and deterred in the future.

Cyber security, simply put, is too fundamental to everyday life to be left up to technology experts or particular national authorities.

A sustainable solution is possible, but only through intense international cooperation: no nation can be truly isolated in cyberspace, therefore going it alone is not an option.

Potential for Europe

We see a major European role in every step along the way.

First of all, Europe can contribute to preventing such attacks from occurring in the future.

Currently being transposed into domestic law, the EU directive on Network and Information Security (NIS) requires providers of essential services – including healthcare and transport – to follow certain best practices and implement baseline security standards on their systems.

A cooperation group of national authorities responsible for cyber security will coordinate national cyber standards and rules, and focus, in particular, on cross-border vulnerabilities and dependencies in vital services.

While awareness about cybercrimes has increased as a result of recent wide-impact incidents, a lack of basic check ups still enables crimes such as ransomware.

The EU agency for law enforcement training (Cepol) already provides education on ransomware for European law enforcement authorities. Awareness campaigns for law enforcement, businesses, and citizens more broadly, have also been quite effective.

When large-scale attacks do occur, the response from public authorities must be swift and coordinated. Timely international and cross-sector sharing of alerts and operational information can slow the spread of such attacks. Joint campaigns and responses are even more effective.

In February of this year, the Maltese rotating EU Council presidency launched the work of the European Computer Security Incident Response Team (CSIRT) network, tasked with ensuring the seamless cooperation of national cyber incident response teams in the EU.

The CSIRT network will reach full operational readiness in 2018, and should facilitate the sharing of information between EU member states.

The WannaCry ransomware case is certainly accelerating the process and provides a first test to the partners.

Identify and capture

After an attack, we must identify and capture the cyber criminals behind it.

The EU's police agency, Europol, already coordinates active cooperation between European law enforcement with partners beyond Europe and, in particular, provides a suite of tools to help victims of ransomware to decrypt their files.

Furthermore, the European Commission is to propose EU-level action for better cooperation on the exchange of electronic evidence, which would reinforce the ability of law enforcement and prosecutors to identify and prosecute criminals.

To enable a smoother transfer of evidence in criminal investigations between the member states, it is also crucial that the European Investigation Order directive is efficiently transposed into national legislation by all countries involved. The deadline for implementing the directive was 22 May 2017.

While the WannaCry attack appears to be criminal in nature, state actors are often involved in the activities of cyber criminals. Where this is the case, the EU should respond appropriately.

Last year, the Dutch EU Council presidency began work on an EU joint-diplomatic response to state-sponsored malicious cyber activity, which could include sanctions.

The EU will also begin several new initiatives this year when Estonia assumes the EU Council presidency for second half of the year.

In the autumn, the EU Commission will update the 2013 EU Cyber Security strategy. The new document should consolidate the work done on European and national levels, and ensure that the whole activity adds up to more than just the sum of its parts.

We also expect a proposal on European cyber security labelling and certification, which should make it easier for consumers and companies to make cyber-aware purchases and put market pressure on businesses to produce and offer more secure services and products.

Along with the updated strategy, we will begin work on revising the mandate of The European Union Agency for Network and Information Security (Enisa) – Europe’s cybersecurity agency.

Playing a central role in the implementation of NIS Directive, the agency is to provide a common threat landscape, coordinate the activities of member states and enhance the platform for information exchange. These, altogether, foster an environment in which all nations are more ready to counter cyber threats.

No choice left

Cyber security is a question of a way of life. Europeans are used to the benefits and advantages of digital services and the availability of electronic networks.

Nations have no choice but to build up robust cyber security measures – reverting to a paper-based system would not be more secure, is as prohibitively expensive as it is impractical, and would rob us of the conveniences we currently enjoy.

The almost-crippling WannaCry campaign highlighted the immediacy of truly international and cross-sector solutions. Cyber security is not simply the prerogative of a narrow range of technical experts or particular agencies.

As said previously, Estonia will hold the rotating presidency of the Council of the EU in the second half of this year.

We believe that the Digital Single Market and the free movement of data within the EU are of existential importance for Europe – we must keep pace with technological chances, and growing markets in America and Asia.

We cannot allow the fear of cyber attacks to slow us down, but we also have to invest the political effort and necessary capital to make sure that Europe can keep its citizens safe and its businesses secure.

Taimar Peterkop is the director general of the Estonian Information System Authority

Investigation

French election faces high cyber threat

French president Francois Hollande has called for "all necessary means" to be used to fend off cyber attacks ahead of the presidential election in April and May. But political parties are still vulnerable.

US neo-Nazis linked to Macron hack

The spread of stolen emails designed to harm Emmanuel Macron was linked to US-based neo-Nazis, according to a French investigation.

Investigation

Lessons for Germany from the Macron hack

The way the Macron team defended itself against hackers contained lessons for other political parties in Europe, but experts do not agree whether Russia did it.

How to reset EU-Burma relations

Europe should go back to its pre-2012 policy, wipe away aid and trade benefits, and tie democratic efforts to the reinstatement of benefits.

News in Brief

  1. Audit office: Brexit 'divorce' bill could be billions higher
  2. MEPs urge better protection for journalists
  3. Dieselgate: MEPs back greater role for EU in car approvals
  4. European parliament adopts new organic farming rules
  5. EU granted protection to half million people in 2017
  6. Report: Facebook to carve 1.5bn users out of EU privacy law
  7. Greek court ruling permits migrants to travel to mainland
  8. Commonwealth summit hopes for trade boost after Brexit

Stakeholders' Highlights

  1. Nordic Council of MinistersWorld's Energy Ministers to Meet in Oresund in May to Discuss Green Energy
  2. ILGA EuropeParabéns! Portugal Votes to Respect the Rights of Trans and Intersex People
  3. Mission of China to the EUJobs, Energy, Steel: Government Work Report Sets China's Targets
  4. Martens CentreJoin Us at NET@WORK2018 Featuring Debates on Migration, Foreign Policy, Populism & Disinformation
  5. European Jewish CongressKantor Center Annual Report on Antisemitism Worldwide - The Year the Mask Came Off
  6. UNICEFCalls for the Protection of Children in the Gaza Strip
  7. Mission of China to the EUForeign Minister Wang Yi Highlights Importance of China-EU Relations
  8. Nordic Council of MinistersImmigration and Integration in the Nordic Region - Getting the Facts Straight
  9. Macedonian Human Rights MovementMacedonians in Bulgaria Demand to End the Anti-Macedonian Name Negotiations
  10. Counter BalanceThe EIB Needs to Lead by Example on Tax Justice
  11. ILGA EuropeTrans People in Sweden to be Paid Compensation for Forced Sterilisation
  12. International Partnership for Human RightsThe Danger of Standing Up for Justice and Rights in Central Asia

Latest News

  1. ECJ ruling set to end 10-year 'mouth tobacco' lobbying saga
  2. Whistleblowers, Syria and digital revolution This WEEK
  3. MEP friendship groups offer 'backdoor' for pariah regimes
  4. Macron and Merkel pledge euro reform
  5. Obscurity surrounds EU military fund's expert groups
  6. New EU party finance rules short circuit accountability
  7. Draghi to stay in secretive 'lobby' group
  8. Bulgaria offers lesson in tackling radical-right populists

Stakeholders' Highlights

  1. Mission of China to the EUChina and EU Must Work Together to Promote Global Steel Sector
  2. Swedish EnterprisesEU Tax Proposal on Digital Services Causes Concern for Small Exporting Economies
  3. Europea Jewish CongressCondemns the Horrific Murder of Holocaust Survivor Mireille Knoll in Paris
  4. Mission of China to the EUAn Open China Will Foster a World-Class Business Environment
  5. ECR GroupAn Opportunity to Help Shape a Better Future for Europe
  6. Counter BalanceControversial Turkish Azerbaijani Gas Pipeline Gets Major EU Loan
  7. World VisionSyria’s Children ‘At Risk of Never Fully Recovering', New Study Finds
  8. Macedonian Human Rights MovementMeets with US Congress Member to Denounce Anti-Macedonian Name Negotiations
  9. Martens CentreEuropean Defence Union: Time to Aim High?
  10. UNESDAWatch UNESDA’s President Toast Its 60th Anniversary Year
  11. AJC Transatlantic InstituteAJC Condemns MEP Ana Gomes’s Anti-Semitic Remark, Calls for Disciplinary Action
  12. EPSUEU Commissioners Deny 9.8 Million Workers Legal Minimum Standards on Information Rights

Stakeholders' Highlights

  1. ACCAAppropriate Risk Management is Crucial for Effective Strategic Leadership
  2. EPSUWill the Circular Economy be an Economy With no Workers?
  3. European Jewish CongressThe 2018 European Medal of Tolerance Goes to Prince Albert II of Monaco
  4. FiscalNoteGlobal Policy Trends: What to Watch in 2018
  5. Human Rights and Democracy NetworkPromoting Human Rights and Democracy in the Next Eu Multiannual Financial Framework
  6. Mission of China to the EUDigital Cooperation a Priority for China-EU Relations
  7. ECTACompetition must prevail in the quest for telecoms investment
  8. European Friends of ArmeniaTaking Stock of 30 Years of EU Policy on the Nagorno-Karabakh Conflict: How Can the EU Contribute to Peace?
  9. ILGA EuropeCongratulations Finland!
  10. UNICEFCyclone Season Looms Over 720,000 Rohingya Children in Myanmar & Bangladesh
  11. European Gaming & Betting AssociationEU Court: EU Commission Correct to Issue Guidelines for Online Gambling Services
  12. Mission of China to the EUChina Hopes for More Exchanges With Nordic, Baltic Countries