Tuesday

26th Sep 2023

EU agency to fight election hacking

  • Empty ballot boxes: Hackers "can target our democratic institutions," warned the EU Commission (Photo: Harry Metcalfe)

A more robust EU cyber agency could help member states defend their elections against "hybrid attacks", the European Commission has said.

Speaking at the launch of new cybersecurity proposals in Brussels on Tuesday (19 September), Julian King, the Commission's security chief, said some hacker attacks had "political objectives".

Read and decide

Join EUobserver today

Become an expert on Europe

Get instant access to all articles — and 20 years of archives. 14-day free trial.

... or subscribe as a group

"They can target our democratic institutions and can be used with other tools, such as propaganda and fake news, in hybrid attacks," he said.

"We need to be as serious about security online as we are offline," he said.

He also hailed Finland's new "centre of excellence" on hybrid warfare, which is designed to help EU countries fight novel assaults.

King did not name Russia, but Russian hackers and media recently attacked the French and US elections.

With Germany preparing to vote on Sunday, German authorities have also warned that Russia could leak MP's secrets after it stole data from the Bundestag in 2015.

An EU source said he was "surprised" Russia had not acted yet.

The source said one risk was that it could leak lots of dull real files and insert scandalous fake ones in the cache to try to create viral stories.

The new-model EU cyber agency was one of several Commission proposals on Tuesday that mainly targeted hacking for economic gain, crypto-currencies, and single market reforms.

Wake-up call

The Commission said the EU's existing cyber agency, Enisa in Greece, should boost staff from 84 to 125 and more than double its budget to €23 million a year.

Enisa currently drafts policy recommendations, but in future it should be able to give EU states "operational … assistance" in the event of a cyber attack.

It should conduct pan-EU cyber drills and create new protocols for member states' cyber-crisis management.

The Commission also proposed creating a Cybersecurity Emergency Response Fund to help victim states and a €50 million European Cybersecurity Research and Competence Centre to train and recruit specialists.

On the economic side, King said the Wannacry attack in May, in which hackers tried to blackmail hundreds of EU companies, was a wake-up call.

The Commission proposed pan-EU norms of jailing people for two to five years if they perpetrated fraud using virtual currencies, such as Bitcoin.

It said there should be a new EU labelling scheme, governed by Enisa, that certified which consumer and industrial cyber-connected products were safe to use.

It also proposed a law to enable firms to share "non-personal" data across borders to help companies expand in the single market.

Non-personal data could be, for instance, company financial records, or data on when machines, such as a car-wash machine, needed maintenance.

King presented the measures flanked by two commissioners in charge of digital matters, Andrus Ansip and Mariya Gabriel.

They came with a list of startling numbers.

The Commission said ransomware attacks had tripled since 2015 to hit more than 4,000 a day worldwide.

Six billion devices

They said cybercrime cost €265 billion a year and could quadruple in size by 2019.

"There are two types of company. Those who know they were attacked and those who don't yet know. With people, it's probably the same story," Ansip said.

The Commission also said there would be 6 billion cyber-connected devices in EU households by 2020.

It said unlocking the flow of non-personal data could be worth €370 billion a year for the single market in the next three years.

An EU official said the bloc's main institutions - the Commission, the European Parliament, and the EU Council - have about 30 staff each dealing with cybersecurity in Brussels.

The EU foreign service also has a special unit of 12 people dealing with Russian propaganda.

Enisa, which is located in two sites in Greece - in Athens and on the island of Crete - has struggled to attract top people and to liaise with EU states' officials due to its remote location.

But Gabriel said there was little the Commission could do about it.

"It's not the Commission that decides on that. It's only member states, with the Greek government, who can make the decision [on moving it]," she said.

Interview

Greece keen to keep EU cybersecurity agency

Greek official welcomed proposal to give the agency a bigger role, downplayed its kitchen sink problems, and said he was himself the victim of a computer virus.

EU to beef up cybersecurity agency

The Commission's president proposed to set up a European Cybersecurity Agency. The EU already has an agency for Network and Information Security.

EU countries cool on Juncker's ideas

There was not much enthusiasm voiced in EU countries after Juncker unveiled his grand ideas about a single EU president and a larger eurozone. Dutch PM Rutte suggested seeing an eye doctor.

Germany tells EU to slow down on new cyber rules

'First comes first', said a German government agency official, meaning that previously agreed rules on cybersecurity should be implemented before discussing the EU commission's new proposal.

Opinion

Orbán's 'revenge law' is an Orwellian crackdown on education

On Tuesday, the Hungarian parliament passed a troubling piece of legislation known by its critics as the 'revenge law', which aims to punish and intimidate teachers who dare to defy Viktor Orbán's regime. This law is a brutally oppressive tool.

Latest News

  1. EU trade chief in Beijing warns China of only 'two paths' forward
  2. Why should taxpayers pay for private fishing fleets in third countries?
  3. Women at risk from shoddy EU laws on domestic workers
  4. EU poised to agree on weakened emission rules
  5. China trade tension and migration deal This WEEK
  6. Europe's energy strategy: A tale of competing priorities
  7. Why Greek state workers are protesting new labour law
  8. Gloves off, as Polish ruling party fights for power

Stakeholders' Highlights

  1. International Medical Devices Regulators Forum (IMDRF)Join regulators, industry & healthcare experts at the 24th IMDRF session, September 25-26, Berlin. Register by 20 Sept to join in person or online.
  2. UNOPSUNOPS begins works under EU-funded project to repair schools in Ukraine
  3. Georgia Ministry of Foreign AffairsGeorgia effectively prevents sanctions evasion against Russia – confirm EU, UK, USA
  4. International Medical Devices Regulators Forum (IMDRF)Join regulators & industry experts at the 24th IMDRF session- Berlin September 25-26. Register early for discounted hotel rates
  5. Nordic Council of MinistersGlobal interest in the new Nordic Nutrition Recommendations – here are the speakers for the launch
  6. Nordic Council of Ministers20 June: Launch of the new Nordic Nutrition Recommendations

Stakeholders' Highlights

  1. International Sustainable Finance CentreJoin CEE Sustainable Finance Summit, 15 – 19 May 2023, high-level event for finance & business
  2. ICLEISeven actionable measures to make food procurement in Europe more sustainable
  3. World BankWorld Bank Report Highlights Role of Human Development for a Successful Green Transition in Europe
  4. Nordic Council of MinistersNordic summit to step up the fight against food loss and waste
  5. Nordic Council of MinistersThink-tank: Strengthen co-operation around tech giants’ influence in the Nordics
  6. EFBWWEFBWW calls for the EC to stop exploitation in subcontracting chains

Join EUobserver

Support quality EU news

Join us