The EU and the fight against cyber threats

Cybercrimes and the threats of cyber warfare are a type of modern threat in front of which the member states of the Union are standing unprepared. The sophistication of cyber threats and their number, with an estimated of 1 million viruses introduced into circulation each year, calls for action and for raising the level of protection and preparedness. Cybercrimes affect more than 1 million people a year, according to EU home affairs commissioner, Swedish Cecilia Malmström (she told reporters in Brussels), with nearly 75% of the European households having internet access and over a third of EU citizens were banking online in 2010. The borderless nature of the crimes makes it difficult for the national authorities to catch the criminals.

To deal with these problems there is a proposal from the European Commission to set up a cybercrime centre with around 30 full-time experts dealing with these issues. The centre will be operational in January 2013 and it will be housed in the buildings of Europol in The Hague.  This is one way in which the Union is acting to prevent cybercrimes, but there is also a need for the states to develop cyber security strategies to prevent threats that could affect the state. The centre’s task would be to address online child exploitation, attacks against government infrastructure and also to help member states to improve their abilities in cyber security. Heli Tiirmaa-Klaar, a cyber security adviser at the European External Action Service says “We are like in the 1940s when people had no idea about the power of the atom”. Only ten member states have put in place or are in the process of developing security strategies in the last four years, Estonia as the first in 2008.

Binding EU legislation aiming at helping the member states to solve their lack of cyber defence will be proposed by the European Commission at the end of this year. It is too early to find out what it will include but there has been talk about an obligation for private companies to notify authorities of any cyber security breaches or attacks. The Commission also intends to replace Framework Decision 2005/222/JHA with a new directive on attacks against information systems (see the proposal published in 2010) in order to widen its scope and to criminalise the use, production and sale of the tools which are used to commit attacks against information systems, the so-called botnets.

In today’s world, cyber attacks could do a massive amount of damage, since more and more is controlled by computers. In every state a lot of the infrastructure is computerised and this leaves the state vulnerable to hacking. If a state’s security systems are not sufficient then there might be a risk that a single person or an organisation may be able to take control over a state’s data systems to either get confidential information, or to cause harm to the state. This can take different forms, a hacker might cause irreparable harm by for instance wiping out a hospital’s journals or shutting down the system operating the local traffic.

This is a global problem and as said already, borderless. A person sitting in Sweden can hack systems located anywhere in the world and this makes it really difficult to catch the persons responsible for the crimes. Cybercrimes also costs the states a lot of money, the business costs approximately €388 billion a year worldwide and because of this a global cooperation is required, not only within the EU. If legislation helps to strengthen the states protection against cyber crimes by for example make it compulsory to report suspected attempts of hacking, and to have effective mechanism to be able to investigate these, hopefully it will make it easier to catch the persons responsible. The centre will also play an important role in preventing, informing about, and investigating cyber crimes. There is already an EU agency in Crete tasked with building-up information security (the European Network and Information Security Agency or ENISA), but it has no mandate to fight crime. That is why the new cybercrime centre will operate under the Europol (read more here).

The world is facing a new dilemma, which requires cooperation between states in order to prevent and put the cyber criminals before justice. Considering the huge interest in this area, the Union should continue to play a key role not only in Europe but also in the world by keeping up the cooperation with third states in general, and the USA in particular.

Lekmane Charti, Josefin Karlsson, Richard Muhire, and Sebastian Wetterberg

Advertisements

About eulaworebro

Örebro Universitet (Sweden)
This entry was posted in News and events and tagged , , . Bookmark the permalink.

3 Responses to The EU and the fight against cyber threats

  1. Amelie says:

    With the technical area rapidly developing and Internet as huge part of that, it is in a way expected for the increase of borderless crimes, among these, also the cybercrimes. It is a sensitive area if not dealt with properly. Online there is now a huge amount information, capital and other important things for the Member States within the European Union to protect. This is something that affects us all and of course while borderless, the European Union as such. It can be problematic to catch these criminals and therefore it is important to establish the best way of catching them.

    To set up a cybercrime centre, proposed by the Commission, with experts on these issues in the buildings of Europol in The Hague, would probably be a good idea.
    However it should also be a responsibility for the Member States to work on their own national strategies to improve and secure their national territory from cyber threats. Maybe the communication between the Member States within the Union should be improved for this cybercrime centre to work as wanted. Because the crimes are borderless it can affect several countries and the need for exchanging information and cooperation would play a significant role.

    One can wonder how the centre will be staffed, should it be only experts in the field or should it also be staff from the Member States and the Commission engaging in the cybercrime centre. Further the centre will be in the building of Europol, will their people also be engaged in this because of their knowledge in a wide range of international crime. They can most likely bring something useful to the table.

    In the end it feels like the security against cyber threats is mainly up to the Member States to build. Different countries need different approaches etc, even if a common approach and a common benchmark could be a very good idea to make the security and cooperation more successful at every stage.

  2. Lina Olsson says:

    Finally, it is time to start cooperation on the complex field of cybercrimes within the Union. As the discussion has risen it seems like it will be the Europol that will get jurisdiction on the field. It is my opinion that the Europol is the best institution to develop in order to create a body able to investigate cybercrimes. It is a better solution to develop a already existing body than to create a new one. With expertise from the USA, the Europol should get the knowledge and support it need to be efficient. Cybercrime is very complex and new, dealing with problems of prevention and cross boarder issues.

    My suggestion is to educate and train a special section within Europol, which only shall deal with cybercrimes. The next step should be harmonisation in order to unify the Member States work of prevention against cybercrimes. With even further cooperation EU will be more efficient and also more effective. The complexity with cybercrimes is that it often happens cross board, from where the crime is committed one cannot immediately say. It is crucial to have a functional cooperation between States to prevent cybercriminals to hide behind a foreign State board. The sanction system shall, off course, be up to the Member States to decide since it is beyond EU´s jurisdiction, but it is in my opinion that regulations on prevention is not. Not only due to the fact of cybercrimes complexity, but also with a reminder of the severe consequences such a crime can cause.

    A cooperation on the field of cybercrimes is of great need and right in time. This is a positive step for the development of EU, not only for cooperation and harmonisation within, but also for international cooperation.

  3. MD says:

    The cyber criminality is scaring because it is limited by anything, neither the frontiers, nor the language or even the fines. That explains it seems really useful to share the skills, on this topic, between all the member states to have more effectiveness. And it is in this sense that the EU wants to create an oversight agency which should warning against new threats and assisting in the identification of criminals. Indeed, to fight against this phenomenon, the EU proposes to establish a new European center fight against cyber crime, which will warn the member countries of the Union in case of major threats and draw their attention to the weaknesses of the defenses of their online facilities. It also traces the networks and cyber criminals the most important, and provide support during investigations. Then, this Center will works in parallel with Europol. The new center, which will have a European dimension, enable to quickly notify all member countries of the EU in case of threat. A link can be established without delay with any cyber crimes similar in Sweden, France, or elsewhere in Europe, and the center will immediately warn all EU countries against the threat.
    All of that seem to be really hard to implement, but it would be possible by a great collaboration between all the European governments and the police departments.

Your thoughts

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s