Sunday

25th Feb 2018

Opinion

Lessons for EU to protect against next cyber attack

As the latest ransomeware attack 'Bad Rabbit' spreads through Europe, it is again clear that there are few degrees of separation between malware targets and global information technology networks.

Initially aimed at Ukraine's Ministry of Infrastructure and Kiev's public transportation system, the current ransomware blitz has now spread to Turkey and Germany, compromising a growing list of international businesses, government interests and thousands of personal computers.

Thank you for reading EUobserver!

Subscribe now for a 30 day free trial.

  1. €150 per year
  2. or €15 per month
  3. Cancel anytime

EUobserver is an independent, not-for-profit news organization that publishes daily news reports, analysis, and investigations from Brussels and the EU member states. We are an indispensable news source for anyone who wants to know what is going on in the EU.

We are mainly funded by advertising and subscription revenues. As advertising revenues are falling fast, we depend on subscription revenues to support our journalism.

For group, corporate or student subscriptions, please contact us. See also our full Terms of Use.

If you already have an account click here to login.

The explosive growth of cloud-based and on-demand data systems has pushed vital sectors such as business, banking, and healthcare into risky relationships with IT infrastructure that exposes them to unexpected threats. But governments have even more at stake. Their need to house sensitive citizen data and protect national security has made them ideal targets for cyber-attacks.

Many countries are actively developing e-governance strategies — digital initiatives centred on citizen needs that are meant to promote service efficiency, productivity, transparency, and technological innovation. But these actions have also introduced a range of potential security risks, which need to be met with coordinated cybersecurity frameworks.

High-profile government hacking incidents, such as the 2015 breach of more than 22 million employee profiles in the US Office of Personnel Management database (including extensive security clearance files and personal backgrounds) are alarming examples of the holes being exploited by cyber criminals and state-sponsored hackers.

What can governments do to safeguard their data systems and citizens, and to reduce the spread of global 'e-pidemics'?

Three steps

First, they must shift to holistic approaches that progress beyond suites of technical tools such as firewalls, intrusion detection systems and spam filters. They must embrace organisational and behavioural change. By integrating a 'prevention is better than cure' strategy, governments can create interagency knowledge networks and focus on training computer users to be aware of cyber risks, how to avoid them, and how to be first responders when attacks strike.

One such example is the Australian Cyber Security Centre (ACSC) — a government "hub for private and public sector collaboration and information-sharing to combat cyber security threats". The centre aggregates cybersecurity and cyberdefence capabilities from a wide range of government departments, police units, crime commissions, the private sector, academia, local government, and international partners.

ACSC plays a pivotal role in raising awareness of cybersecurity issues, reporting incidents, analysing and investigating attacks and threats, and coordinating national security operations to respond to cyber-attacks.

Second, governments must have a clear cybersecurity strategy and make a deliberate investment in building capacity to deal with cybercrime. This begins with a broad assessment of government organisations to fully understand all aspects of their operations in cyberspace (e.g. open doors, levels of data-sensitivity, user authentication, encryption of sensitive data, etc.). Only then can comprehensive security policies and best practice guidelines be developed to ensure that overarching cybersecurity defences are effectively scaled to protect critical information and infrastructure.

But strategies must also be built on a reliable foundation of focal points in relevant government agencies, authorities and civil society. These human resources are crucial links to wider detection of, and recovery from, cyber-attacks.

Third, while the responsibility to develop strong legislation that discourages cyber-attacks falls on the shoulders of governments, they should look to impartial advisors and international organisations such as the United Nations, who are dedicated to enhancing cybersecurity culture and building awareness at policy levels.

UN research centres, like those of the United Nations University, are well positioned to bring partners to the table to find solutions. For example, development of an internet governance model and an international treaty harmonising national laws against cybercrime such as copyright infringement, fraud, child pornography, hate crimes, and cybersecurity breaches with supervision of related UN agencies would be welcome by member states.

Effective cybersecurity is a complex transnational challenge that requires strategy and cooperation at all levels and among states. There is a long way to go to build a coordinated response to computer crimes, but with new exploits being developed every day, there is no time to wait. Our short-term solutions must be devised as building blocks of a collaborative effort to fight global cyber-attacks.

Nuno Lopes and Jose Faria are researchers at the United Nations University operating unit on policy-driven electronic governance.

EU unsure how to 'make most' of AI

Whoever controls AI, 'will become the ruler of the world', according to Russian president Vladimir Putin. EU leaders want to move quickly to harness the opportunities of the technology.

Greek government's steady steps to exit bailout programme

Growth predictions are positive, exports increasing, unemployment dropping and credit-ratings up, says the head of Greece's Syriza delegation to the European Parliament. Now the government in Athens is looking to design its own reform programme.

News in Brief

  1. EU calls for immediate ceasefire in Syria
  2. UK's post-Brexit vision is 'pure illusion', Tusk says
  3. EU leaders express solidarity with Cyprus in Turkey drill row
  4. EU to double funding for Sahel forces
  5. EU parliament president: 'The immigration problem is Africa'
  6. May to unveil EU departure strategy next week
  7. Pregnant workers may be dismissed, EU court rules
  8. Romanian minister demands anti-corruption prosecutor fired

Stakeholders' Highlights

  1. ILGA EuropeAnkara Ban on LGBTI Events Continues as Turkish Courts Reject NGO Appeals
  2. Aid & Trade LondonJoin Thousands of Stakeholders of the Global Aid Industry at Aid & Trade London
  3. Macedonian Human Rights Movement Int.European Free Alliance Joins MHRMI to End the Anti-Macedonian Name Negotiations
  4. Mission of China to the EUChina-EU Tourism Year to Promote Business and Mutual Ties
  5. European Jewish CongressAt “An End to Antisemitism!” Conference, Dr. Kantor Calls for Ambitious Solutions
  6. UNESDAA Year Ago UNESDA Members Pledged to Reduce Added Sugars in Soft Drinks by 10%
  7. International Partnership for Human RightsUzbekistan: Investigate Torture of Journalist
  8. CESICESI@Noon on ‘Digitalisation & Future of Work: Social Protection For All?’ - March 7
  9. UNICEFExecutive Director's Committment to Tackling Sexual Exploitation and Abuse of Children
  10. Nordic Council of MinistersState of the Nordic Region 2018: Facts, Figures and Rankings of the 74 Regions
  11. Mission of China to the EUDigital Economy Shaping China's Future, Over 30% of GDP
  12. Macedonian Human Rights Movement Int.Suing the Governments of Macedonia and Greece for Changing Macedonia's Name

Latest News

  1. EU agrees budget to focus on defence, security and migration
  2. EU leaders nix transnational lists, cool on 'Spitzenkandidat'
  3. Regions chief: calls for smaller EU budget are 'impossible'
  4. Election fever picks up This WEEK
  5. EU-Morocco fishing deal casts doubt on EU future foreign policy
  6. EU leaders put 'Spitzenkandidat' on summit menu
  7. European far-right political party risks collapse
  8. The key budget issues on EU leaders' table

Stakeholders' Highlights

  1. Swedish EnterprisesHarnessing Globalization- at What Cost? Keynote Speaker Commissioner Malmström
  2. European Friends of ArmeniaSave The Date 28/02: “Nagorno-Karabakh & the EU: 1988-2018”
  3. European Heart NetworkSmart CAP is Triple Win for Economy, Environment and Health
  4. European Free AlllianceEFA Joined the Protest in Aiacciu to Solicit a Dialogue After the Elections
  5. EPSUDrinking Water Directive Step Forward but Human Right to Water Not Recognized
  6. European Gaming & Betting AssociationGambling Operators File Data Protection Complaint Against Payment Block in Norway
  7. European Jewish CongressEJC Expresses Deep Concern Over Proposed Holocaust Law in Poland
  8. CECEConstruction Industry Gets Together to Discuss the Digital Revolution @ the EU Industry Days
  9. Mission of China to the EUChina-EU Relations in the New Era
  10. European Free AlllianceEnd Discrimination of European Minorities - Sign the Minority Safepack Initiative
  11. Centre Maurits Coppieters“Diversity Shouldn’t Be Only a Slogan” Lorant Vincze (Fuen) Warns European Commission
  12. Dialogue PlatformWhat Can Christians Learn from a Global Islamic Movement?