Cybercrimes and the threats of cyber warfare are a type of modern threat in front of which the member states of the Union are standing unprepared. The sophistication of cyber threats and their number, with an estimated of 1 million viruses introduced into circulation each year, calls for action and for raising the level of protection and preparedness. Cybercrimes affect more than 1 million people a year, according to EU home affairs commissioner, Swedish Cecilia Malmström (she told reporters in Brussels), with nearly 75% of the European households having internet access and over a third of EU citizens were banking online in 2010. The borderless nature of the crimes makes it difficult for the national authorities to catch the criminals.
To deal with these problems there is a proposal from the European Commission to set up a cybercrime centre with around 30 full-time experts dealing with these issues. The centre will be operational in January 2013 and it will be housed in the buildings of Europol in The Hague. This is one way in which the Union is acting to prevent cybercrimes, but there is also a need for the states to develop cyber security strategies to prevent threats that could affect the state. The centre’s task would be to address online child exploitation, attacks against government infrastructure and also to help member states to improve their abilities in cyber security. Heli Tiirmaa-Klaar, a cyber security adviser at the European External Action Service says “We are like in the 1940s when people had no idea about the power of the atom”. Only ten member states have put in place or are in the process of developing security strategies in the last four years, Estonia as the first in 2008.
Binding EU legislation aiming at helping the member states to solve their lack of cyber defence will be proposed by the European Commission at the end of this year. It is too early to find out what it will include but there has been talk about an obligation for private companies to notify authorities of any cyber security breaches or attacks. The Commission also intends to replace Framework Decision 2005/222/JHA with a new directive on attacks against information systems (see the proposal published in 2010) in order to widen its scope and to criminalise the use, production and sale of the tools which are used to commit attacks against information systems, the so-called botnets.
In today’s world, cyber attacks could do a massive amount of damage, since more and more is controlled by computers. In every state a lot of the infrastructure is computerised and this leaves the state vulnerable to hacking. If a state’s security systems are not sufficient then there might be a risk that a single person or an organisation may be able to take control over a state’s data systems to either get confidential information, or to cause harm to the state. This can take different forms, a hacker might cause irreparable harm by for instance wiping out a hospital’s journals or shutting down the system operating the local traffic.
This is a global problem and as said already, borderless. A person sitting in Sweden can hack systems located anywhere in the world and this makes it really difficult to catch the persons responsible for the crimes. Cybercrimes also costs the states a lot of money, the business costs approximately €388 billion a year worldwide and because of this a global cooperation is required, not only within the EU. If legislation helps to strengthen the states protection against cyber crimes by for example make it compulsory to report suspected attempts of hacking, and to have effective mechanism to be able to investigate these, hopefully it will make it easier to catch the persons responsible. The centre will also play an important role in preventing, informing about, and investigating cyber crimes. There is already an EU agency in Crete tasked with building-up information security (the European Network and Information Security Agency or ENISA), but it has no mandate to fight crime. That is why the new cybercrime centre will operate under the Europol (read more here).
The world is facing a new dilemma, which requires cooperation between states in order to prevent and put the cyber criminals before justice. Considering the huge interest in this area, the Union should continue to play a key role not only in Europe but also in the world by keeping up the cooperation with third states in general, and the USA in particular.
Lekmane Charti, Josefin Karlsson, Richard Muhire, and Sebastian Wetterberg