Three months after the European Commission was hacked in a bid to get sensitive data on external relations and monetary issues, EU institutions are setting up a joint team of internet security experts. Brussels is also setting up a new Computer Emergency Response Team (CERT) to stave off future attacks.
“It was probably espionage, but this is very difficult to prove. We don’t expect to ever know if it was the case or not.”
Senior EU official
The attack in March – just a few days ahead of an EU summit on military strikes in Libya and on the euro zone debt crisis – saw commission systems attacked “in a very well-organised and targeted way, focusing on three or four keywords on external relations and monetary issues,” according to a senior EU official.
“It was probably espionage, but this is very difficult to prove. We don’t expect to ever know if it was the case or not,” the source added.
The contact did not reveal if any data was actually stolen.
The commission has not launched a criminal investigation at this stage and is still assessing the level of damage.
It has in the past three months beefed-up its email security, the EUobserver writes.
Up until the attacks email accounts could be accessed remotely by typing in a password. But now users have a special “security token” – a small device which generates a secondary password required to log on.
Brussels is also setting up a new Computer Emergency Response Team (CERT) to stave off future attacks.
The unit will pull together existing IT security departments from the commission, the EU parliament and the EU Council to handle cyber attacks on all EU institutions and to share intelligence in real-time with CERTs in EU member states.
The new body is to run tests in June and to be fully operational by 1 October.
Otmar Lendl – the head of the Austrian CERT – says the new measure will not make EU systems impregnable.
“Prevention is very difficult. It’s like fire – even if you have a good fire brigade which sets up the best firewalls, you will still have fires. But CERTs certainly will help you deal with anything that happens and get a clearer response, as well as putting sensors in place and tools to monitor networks, so that you detect an attack early on.”
Detecting the fact that an attack is taking place is in itself not an easy thing.
The next step is to find out how the hacker got into the system, what documents have been accessed or changed and if any “time bombs” or “back doors” have been left behind to allow future access.
“At EU level, there are a lot of own little kingdoms, it’s not centralised like in a company – so it will be a difficult task,” Lendl explain.
National CERTs dealing with governments (GovCERTs) “also have to deal with various ministries, cities, local administrations and other stakeholders. So it’s not unusual,” he adds.
Related by the Econotwist’s:
- EU Institutions Hit By Major Cyber Attack
- Cyber Attack Against Norwegian Military, Massive and Targeted
- UK Treasury Under Constant Cyber Attacks
- Stuxnet Mutants All Over The Web
- Hackers Target The New York Stock Exchange
- Vatican: Hackers Do God’s Work
- Top 10 Cyber Threats of 2011 – Updated
Related articles:
- ‘Serious’ cyber attack on EU bodies before summit (europebiz.wordpress.com)
- EU officials and diplomats target of cyber attack (msnbc.msn.com)
- EU Commission Rocked by Cyber Attack (defensetech.org)
- EU probes cyber attack (theglobeandmail.com)