Europe vulnerable to cyberattack

A report from the House of Lords suggests that officials in Brussels have failed to boost the union’s internet defences — creating a yawning gap between Nato, the EU and member states that could leave the system prone.

European countries are increasingly reliant on the internet for a wide range of services — including information, communication and commerce — and the global nature of the online world means they are more closely linked to each other than ever before. Despite this, however, the report suggests that the drastic differences between security operations in each nation leaves the entire system vulnerable.

“The collapse of cybersystems in one country can overlap into others,” said Lord Jopling, who chairs the Lords European Union committee.

“The threat can come anywhere — including to individual businesses, financial services such as the City, critical infrastructure or the mechanics of government … and you never know quite who is responsible, which is part of the problem.”

Vulnerability

He said that while Britain had extensive and robust systems in place to defend against a cyberattack, not every country could make a similar boast. In particular he highlighted the case of Estonia, which was the target of an online attack in 2007 that took down the banking system, government and other important services.

The report highlights the increasing gap between the EU and Nato, which been giving higher priority to cyberdefence in recent years.

While Brussels struggles to improve the situation across the continent, Nato has stepped up its own efforts — suggesting that online warfare presents as serious a threat as missile attack and establishing a specialised online security centre in Estonia itself.

Political tensions have led the chasm between the two organisations to grow wider than ever, despite the pressing need to coordinate cybersecurity policies around the world.

The report offers a number of recommendations to improve the situation, including better training and setting up Computer Emergency Response Teams in some countries.

The report also suggests that greater funding should be given to Enisa, the European Network and Information Security Agency. The group, which has its headquarters in Greece, was given the task of helping to improve online security across the EU in 2004.

The Lords committee suggested that the agency should broaden its mandate to include working with police forces and courts around the continent to improve the enforcement of cybersecurity laws. It also criticises some aspects of the British government’s strategy, in particular calling its lacklustre call for more public-private partnerships ‘superficial’.

While it is unclear what physical damage a successful cyberattack could cause, senior experts have suggested that the economic threat is very real, with countries and criminal organisations increasingly using the internet as a way to launch attacks on their targets.

High-profile incidents in countries such as Georgia and Iran have shown that strikes can be used to take down important pieces of infrastructure, while incidents linked to China have cast a shadow over relations between Beijing and the West.

Three years ago it was revealed that a hacking operation known as Titan Rain — which experts believe is linked to the Chinese military — had been successfully running raids on governments in countries including the US, Britain and Germany. Infiltrating computer networks inside the Houses of Parliament, Foreign Office and the Pentagon, the hackers were able to steal information and cause chaos for up to four years.

Earlier this year, Google revealed that it had also been targeted by similar strikes originating inside China. That attack, known as Operation Aurora, saw raids against dozens of high-profile American companies .

DH Newsletter Privacy Policy Get the top news in your inbox
GET IT
Comments (+)