EU will take a year to set up full cybersecurity agency

The plan comes in the wake of recent attacks on government websites

Security experts have criticized the European Commission's plans to set up a team to look at how to combat cyberattacks as too little, too late, saying that more coordination between member states is needed.

The so-called "pre-configuration" Computer Emergency Response Team (CERT) of IT security experts will spend the next 12 months assessing how a full-scale CERT should be set up for European Union institutions. But experts have warned that the threat of cyberattacks is current and real.

"Most individual member states already have their own CERTs, so I think the primary aim of the E.U. CERT should be one of coordination," said Rik Ferguson, director of security and research at Trend Micro. "Twelve months is not an unreasonable length of time to prepare, but it should also include best practice so that all the different member states can work together."

"Some action is better than no action. Also, an effective CERT should be well designed, and that takes planning and review," added Ulla Toivanen from F-Secure

In recent years, CERTs have been developed in both private and public organizations to quickly and efficiently respond to information security incidents and cyber threats, and the Commission has called for member states to establish their own national CERTs.

"Over recent years, cyberattacks have risen to an unprecedented level of sophistication. It is essential that the European institutions make a joint effort in order to respond to the threat of massive cyberattacks," said Maroš Šefčovič, Commission vice president for Inter-Institutional Relations and Administration.

But given the sensitivity of the information held by the European Institutions, security experts have warned that effective security is essential immediately. In March, an attack on the European Commission disrupted e-mail systems, while an attack on the E.U.'s Emissions Trading Scheme recently saw at least €30 million (US$44 million) of emissions allowances stolen from national registries.

The plan to set up a single agency to manage all large-scale IT systems could also prove a target for cyber criminals. The proposed agency would bring together databases such as the Schengen Information System (a common database which facilitates the exchange of information on individuals between national law enforcement authorities), the Visa Information System (a database that will allow member states to enter, update and consult visa data, including biometric data, electronically) and EURODAC (an IT system for comparing the fingerprints of asylum seekers and illegal immigrants). The goal is for the agency to start working in summer 2012 in Tallin, Estonia.

"Obviously aggregated data creates a target," said Ferguson. "We have seen a sharp increase in the last 12 months of this sort of theft. We have entered the era of 'steal everything.' Criminals are no longer going after a single server. But hopefully lessons will be learned from incidents such as the Sony hack."

Meanwhile, E.U. justice ministers agreed on Friday to draft rules setting out minimum sentences for cyber criminals. However security experts argue that trying to convict criminals who cannot be caught is a waste of time. "The emphasis should be on catching them in the first place. And for this there needs to be much more coordination because these criminals inevitably work across borders," said Ferguson.

A proposed Directive on Attacks against Information Systems is also in the pipeline. The draft law lists crimes such as illegal access to IT systems, interference with these systems, stealing or deleting data and the interception of non-public data transfers.

Europol, the E.U.'s police force, currently manages information-sharing on cybercrime between police in different E.U. countries. But the Commission plans to set up a dedicated European Cyber Crime Centre by 2013 to coordinate operations across borders and provide training to law enforcement authorities.

The CERT pre-configuration team will comprise 10 members of staff from the European Commission, the European Parliament, the Council, the Committee of the Regions and Economic and Social Committee and ENISA.

Join the CSO newsletter!

Error: Please check your email address.

Tags Government use of ITeuropean commissionsecuritygovernment

More about CERT AustraliaComputer Emergency Response TeamEUEuropean CommissionEuropean ParliamentEuropolF-SecureSonyTrend Micro AustraliaVisa

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Jennifer Baker

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place