Saturday

26th May 2018

Opinion

Lessons for EU to protect against next cyber attack

As the latest ransomeware attack 'Bad Rabbit' spreads through Europe, it is again clear that there are few degrees of separation between malware targets and global information technology networks.

Initially aimed at Ukraine's Ministry of Infrastructure and Kiev's public transportation system, the current ransomware blitz has now spread to Turkey and Germany, compromising a growing list of international businesses, government interests and thousands of personal computers.

Dear EUobserver reader

Subscribe now for unrestricted access to EUobserver.

Sign up for 30 days' free trial, no obligation. Full subscription only 15 € / month or 150 € / year.

  1. Unlimited access on desktop and mobile
  2. All premium articles, analysis, commentary and investigations
  3. EUobserver archives

EUobserver is the only independent news media covering EU affairs in Brussels and all 28 member states.

♡ We value your support.

If you already have an account click here to login.

The explosive growth of cloud-based and on-demand data systems has pushed vital sectors such as business, banking, and healthcare into risky relationships with IT infrastructure that exposes them to unexpected threats. But governments have even more at stake. Their need to house sensitive citizen data and protect national security has made them ideal targets for cyber-attacks.

Many countries are actively developing e-governance strategies — digital initiatives centred on citizen needs that are meant to promote service efficiency, productivity, transparency, and technological innovation. But these actions have also introduced a range of potential security risks, which need to be met with coordinated cybersecurity frameworks.

High-profile government hacking incidents, such as the 2015 breach of more than 22 million employee profiles in the US Office of Personnel Management database (including extensive security clearance files and personal backgrounds) are alarming examples of the holes being exploited by cyber criminals and state-sponsored hackers.

What can governments do to safeguard their data systems and citizens, and to reduce the spread of global 'e-pidemics'?

Three steps

First, they must shift to holistic approaches that progress beyond suites of technical tools such as firewalls, intrusion detection systems and spam filters. They must embrace organisational and behavioural change. By integrating a 'prevention is better than cure' strategy, governments can create interagency knowledge networks and focus on training computer users to be aware of cyber risks, how to avoid them, and how to be first responders when attacks strike.

One such example is the Australian Cyber Security Centre (ACSC) — a government "hub for private and public sector collaboration and information-sharing to combat cyber security threats". The centre aggregates cybersecurity and cyberdefence capabilities from a wide range of government departments, police units, crime commissions, the private sector, academia, local government, and international partners.

ACSC plays a pivotal role in raising awareness of cybersecurity issues, reporting incidents, analysing and investigating attacks and threats, and coordinating national security operations to respond to cyber-attacks.

Second, governments must have a clear cybersecurity strategy and make a deliberate investment in building capacity to deal with cybercrime. This begins with a broad assessment of government organisations to fully understand all aspects of their operations in cyberspace (e.g. open doors, levels of data-sensitivity, user authentication, encryption of sensitive data, etc.). Only then can comprehensive security policies and best practice guidelines be developed to ensure that overarching cybersecurity defences are effectively scaled to protect critical information and infrastructure.

But strategies must also be built on a reliable foundation of focal points in relevant government agencies, authorities and civil society. These human resources are crucial links to wider detection of, and recovery from, cyber-attacks.

Third, while the responsibility to develop strong legislation that discourages cyber-attacks falls on the shoulders of governments, they should look to impartial advisors and international organisations such as the United Nations, who are dedicated to enhancing cybersecurity culture and building awareness at policy levels.

UN research centres, like those of the United Nations University, are well positioned to bring partners to the table to find solutions. For example, development of an internet governance model and an international treaty harmonising national laws against cybercrime such as copyright infringement, fraud, child pornography, hate crimes, and cybersecurity breaches with supervision of related UN agencies would be welcome by member states.

Effective cybersecurity is a complex transnational challenge that requires strategy and cooperation at all levels and among states. There is a long way to go to build a coordinated response to computer crimes, but with new exploits being developed every day, there is no time to wait. Our short-term solutions must be devised as building blocks of a collaborative effort to fight global cyber-attacks.

Nuno Lopes and Jose Faria are researchers at the United Nations University operating unit on policy-driven electronic governance.

EU unsure how to 'make most' of AI

Whoever controls AI, 'will become the ruler of the world', according to Russian president Vladimir Putin. EU leaders want to move quickly to harness the opportunities of the technology.

On cybersecurity, Europe must act now

Some governments have closed their eyes, hoping that the menace will go away. It will not - it will only become stronger, according to the former prime minister of Estonia, one of the EU's leading digital states.

The dangers of resurgent nationalism in Greece

Virulent nationalism in Greece has been stirred up in the context of austerity and renewed negotiations with Macedonia. Recent attempts by the government to address the inequalities suffered by LGBT persons have also been met with a reactionary backlash.

Integration of Syrian refugees in Europe needs scrutiny

Most refugee-related services are outsourced to the private sector and NGOs, which are not adequately monitored and evaluated. When governments and EU institutions provide funding for refugee projects, they should scrutinise the NGOs and private players they work with.

News in Brief

  1. Italy set to pick eurosceptic finance minister
  2. UK foreign minister fooled by Russian pranksters
  3. Rajoy ally gets 33 years in jail for corruption
  4. Close race as polls open in Irish abortion referendum
  5. Gazprom accepts EU conditions on gas supplies
  6. Facebook tells MEPs: non-users are not profiled
  7. Commission proposes ending France deficit procedure
  8. UK households hit with Brexit income loss

Stakeholders' Highlights

  1. Counter BalanceEuropean Ombudsman requests more lending transparency from European Investment Bank
  2. Nordic Council of MinistersOECD Report: Gender Equality Boosts GDP Growth in Nordic Region
  3. Centre Maurits Coppieters“Peace and reconciliation is a process that takes decades” Dr. Anthony Soares on #Brexit and Northern Ireland
  4. Mission of China to the EUMEPs Positive on China’s New Measures of Opening Up
  5. Macedonian Human Rights MovementOld White Men are Destroying Macedonia by Romanticizing Greece
  6. Counter BalanceControversial EIB-Backed Project Under Fire at European Parliament
  7. Nordic Council of MinistersIncome Inequality Increasing in Nordic Countries
  8. European Jewish CongressEU Leaders to Cease Contact with Mahmoud Abbas Until He Apologizes for Antisemitic Comments
  9. International Partnership for Human RightsAnnual Report celebrates organization’s tenth anniversary
  10. Nordic Council of MinistersNordic Cooperation Needed on Green Exports and Funding
  11. Mission of China to the EUPremier Li Confirms China Will Continue to Open Up
  12. European Jewish CongressCalls on Brussels University to Revoke Decision to Honour Ken Loach

Stakeholders' Highlights

  1. Sustainable Energy Week 2018"Lead the Clean Energy Transition"- Register and Join Us in Brussels from 5 to 7 May
  2. EU Green Week 2018Green Cities for a Greener Future. Join the Debate in Brussels from 22 to 24 May
  3. Nordic Council of Ministers12 Recommendations for Nordic Leadership on Climate and Environment
  4. Macedonian Human Rights MovementOxford Professor Calls for an End to the Anti-Macedonian Name Negotiations
  5. ACCAPeople Who Speak-Up Should Feel Safe to Do So
  6. Mission of China to the EUProgress on China-EU Cooperation
  7. Nordic Council of MinistersWorld's Energy Ministers to Meet in Oresund in May to Discuss Green Energy
  8. ILGA EuropeParabéns! Portugal Votes to Respect the Rights of Trans and Intersex People
  9. Mission of China to the EUJobs, Energy, Steel: Government Work Report Sets China's Targets
  10. European Jewish CongressKantor Center Annual Report on Antisemitism Worldwide - The Year the Mask Came Off
  11. UNICEFCalls for the Protection of Children in the Gaza Strip
  12. Mission of China to the EUForeign Minister Wang Yi Highlights Importance of China-EU Relations