Wednesday

28th Sep 2022

Cyberattacks loom as EU stiffens sanctions on Russia

  • Same malware attacking critical infrastructure in Ukraine has already been detected in Latvia and Lithuania (Photo: Markus Spiske)
Listen to article

Political and private sector experts are warning the EU to take more precautions against the kind of Russian cyber-attacks unleashed on Ukraine, amid concern Russia could use them in response to EU sanctions.

EU leaders on Thursday (24 February) called on Russia and Russian-backed hackers to stop the ongoing "disinformation campaign and cyber-attacks" on Ukraine that are being waged alongside Russia's military campaign to cut off and capture Kyiv.

Read and decide

Join EUobserver today

Become an expert on Europe

Get instant access to all articles — and 20 years of archives. 14-day free trial.

... or subscribe as a group

They did so amid an asset-freeze on Russian president Vladimir Putin and foreign minister Sergei Lavrov and the likelihood of further economic sanctions on Russia.

And Russian malware and ransomware attacks were likely to rise in Europe as a response to the new EU measures, according to lawmakers who have familiarised themselves with the kinds of strikes Ukraine is facing.

"This [cyberwar] will not stop with Ukraine," Dutch member of the European Parliament Bart Groothuis said Thursday.

Groothuis spoke to EUobserver after recently visiting the Baltic States to get first-hand information on cyber threats. He said the same malware attacking critical infrastructure in Ukraine has already been detected in Latvia and Lithuania.

Cyber-security should be an EU "foreign affairs issue," not a technical one, given the "strategic costs" of cyberattacks, Groothuis said.

Europe needed a common response to cyber threats, because all EU member states can become victims if a serious attack gets under way, he said.

The European Union Agency for Cybersecurity has issued guidelines to step up security of public and private organisations in Europe in response to the Ukraine war, amid similar moves in the US and UK.

Lithuania, The Netherlands, Poland, Estonia, Romania and Croatia were planning to send a team of cybersecurity experts to Ukraine this week — but that was before the Russian invasion.

Meanwhile, the EU foreign service and national cyber-response teams have also been gaming out a fictional scenario in which a cyber-attack by Blueland, a thinly-veiled Russia, prompts failures in hospitals and power plants across Europe.

The fictional attack causes casualties, triggering EU sanctions, and activation of a mutual defence clause in the EU treaty, which was last used when terrorists attacked Paris in 2015.

Nato has likewise adopted internal guidance on what type of cyber-attack could be considered an "armed attack", triggering its mutual defence clause.

"We will not speculate on how serious a cyber-attack would have to be in order to trigger a collective response," said a Nato official, who spoke on condition of anonymity. "Any response could include diplomatic and economic sanctions, cyber measures, or even conventional forces," the official said.

"Whatever the response, Nato will continue to follow the principle of restraint, and act in accordance with international law," the official said.

But cybersecurity is as much a private concern as a public one — and so tech associations also have been pressing the EU to get more involved.

Shares in cybersecurity companies have jumped in value, amid rising fears of escalating threats.

Tech associations from Romania, Moldova, Lithuania, Slovakia, Estonia, Hungary, Poland, and Finland on Thursday called on EU leaders to build up a "digital shield," increasing training and investing heavily in cybersecurity.

Cyberattacks against Ukraine grew in intensity in the weeks ahead of Russia's military invasion on Thursday, Aleksandr Valentij, an information security officer at cybersecurity company Surfshark, said.

The first major attacks on private companies and state institutions in Ukraine were recorded nearly a decade ago — and just ahead of a pro-EU uprising in Kyiv in 2014, Valentij said.

Significant internet disruptions had been reported in several cities for at least a couple of weeks — leaving citizens unable to call an ambulance, police, or even just to communicate with relatives.

"All of this is part of the Russian plan to destabilise the situation in Ukraine," Anton Gerashchenko, an adviser to the minister of the interior of Ukraine, wrote on Facebook last week.

Several government websites and banks in Ukraine were hit earlier this week, according to reports from NetBlocks, another cybersecurity company. Hackers also took aim at online media, according to the Kyiv Post newspaper.

Bur beyond the cybersecurity work of Nato and EU member states and private firms, there are, of course, other actors.

Take, for example, the hacker collective Anonymous: this week it declared a vigilante "cyber war" against Russia.

Russian banks, oil refineries to face EU freeze

Russian banks and oil refineries to be hobbled by new EU sanctions, as civilian deaths mount in Ukraine. US wanted to exclude Russia from SWIFT, but Germany and France favoured incremental approach.

Russia launches full-scale attack on Ukraine

EU leaders immediately condemned the invasion, with European Commission president Ursula von der Leyen calling on Russia to withdraw its forces and vowing further sanctions.

Analysis

What the Russia conflict might mean for gas prices

In the worst-case scenario gas suppliers wouldn't be able to rebuild their inventories over the summer, industries would have to shut down, and energy rationing may be inevitable.

Weapons to Ukraine? It may be too late

Weapons shipments may not be much of a quick fix for Ukraine in the face of an integrated and well equipped invasion force like Russia's.

EU reaches deal on flagship cybersecurity law

The European Parliament and EU member states have reached an agreement over new rules intended to protect Europe's public and private critical entities from cyberattacks.

Column

EU should admonish less, and listen more, to the Global South

Whether on Russia, or gas, or climate change, or food security, the EU's constant finger-wagging and moralising is becoming unbearably repetitive and self-defeating. Most countries in the Global South view it as eurocentric and neo-colonial.

News in Brief

  1. Drone sightings in the North Sea 'occurred over months'
  2. Gazprom threatens to cut gas deliveries to Europe via Ukraine
  3. New compromise over EU energy emergency measures
  4. 15 states push for EU-wide gas price cap
  5. EU: Nord Stream explosions 'result of a deliberate act'
  6. EU okays €21bn Covid-recovery funding for Italy amid concern
  7. Greece pitches new EU fund to tackle energy prices
  8. Hungary says sanctions 'harming Europe more than Russia'

Stakeholders' Highlights

  1. The European Association for Storage of EnergyRegister for the Energy Storage Global Conference, held in Brussels on 11-13 Oct.
  2. UNESDA - Soft Drinks EuropeCall for EU action – SMEs in the beverage industry call for fairer access to recycled material
  3. Nordic Council of MinistersNordic prime ministers: “We will deepen co-operation on defence”
  4. EFBWW – EFBH – FETBBConstruction workers can check wages and working conditions in 36 countries
  5. Nordic Council of MinistersNordic and Canadian ministers join forces to combat harmful content online
  6. European Centre for Press and Media FreedomEuropean Anti-SLAPP Conference 2022

Latest News

  1. Can King Charles III reset the broken Brexit relationship?
  2. Meloni's navy-blockade plan to stop Libya migrants 'unlikely'
  3. Underwater explosions were detected near Nord Stream leaks
  4. EU countries stall new pesticide rules, blame Ukraine war
  5. The UN's Uyghur report must push EU into China sanctions
  6. Russian diamonds ban 'would cost 10,000 jobs', Antwerp claims
  7. EU should admonish less, and listen more, to the Global South
  8. Foul play suspicions in Nord Stream leaks

Join EUobserver

Support quality EU news

Join us