Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

EU Adopts Powers to Respond to Cyberattacks

The European Union on Friday adopted powers to punish those outside the bloc who launch cyberattacks that cripple hospitals and banks, sway elections and steal company secrets or funds.

The European Union on Friday adopted powers to punish those outside the bloc who launch cyberattacks that cripple hospitals and banks, sway elections and steal company secrets or funds.

EU ministers meeting in Brussels said the 28-nation group would now, for the first time, be able to impose asset freezes and travel bans on individuals, firms and state bodies implicated in such attacks.

“The Council (of EU countries) established a framework which allows the EU to impose targeted restrictive measures to deter and respond to cyberattacks,” it said in a statement.

It added that sanctions will be considered if a cyberattack is determined to have had a “significant impact” on its target.

The goal is to bolster the security of EU institutions, firms and individuals against what Britain called an increase in the “scale and severity” of cyberattacks globally.

“This is decisive action to deter future cyberattacks,” British Foreign Secretary Jeremy Hunt said after Britain and its EU partners drafted the measures.

“For too long now, hostile actors have been threatening the EU’s security through disrupting critical infrastructure, attempts to undermine democracy and stealing commercial secrets and money running to billions of euros,” Hunt said.

“Our message to governments, regimes and criminal gangs prepared to carry out cyberattacks is clear,” Britain’s top diplomat added.

Advertisement. Scroll to continue reading.

“Together, the international community will take all necessary steps to uphold the rule of law and the rules based international system which keeps our societies safe.”

The British government has pledged to continue close cooperation with the EU after it leaves the bloc in line with the 2016 referendum.

– ‘Big step forward’ –

Under the sanctions regime, diplomats said, the 28 EU countries would have to vote unanimously to impose sanctions after meeting a legal threshold of significant impact.

For example, countries would look at the scope and severity of disruption to economic and other activities, essential services, critical state functions, public order or public safety, diplomats said.

They would examine the number of people and EU countries affected and determine how much money, intellectual property and data have been stolen.

EU diplomats told reporters it could also cover the hacking of European elections by a third party or country. Elections for a new European Parliament take place May 23-26.

In line with US intelligence assessments, EU officials highlight in particular the threat of disinformation and election hacking from Russia.

EU countries would also study how much the perpetrator has gained through such action.

A Dutch diplomat told reporters that the powers amount to a “big step forward” toward building a more secure cyberspace.

European leaders in October had called for a regime to impose sanctions against cyberattacks.

US and European police said Thursday they have smashed a huge international cybercrime network that used Russian malware to steal 100 million dollars from tens of thousands of victims worldwide.

EU diplomats said the bloc will now start drawing up a blacklist for potential sanctions in cyberattack cases.

A number of powerful people close to Russian President Vladimir Putin appear on a blacklist of 164 Russians and Ukrainians that was established after Moscow’s annexation of the Crimean peninsula in 2014.

Those blacklisted are under travel bans and asset freezes just like those that would be imposed on those implicated in cyberattacks.

Written By

AFP 2023

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

Cybercrime

Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...