CybersecurityEstonia pushes for joint EU cyber response

Published 27 June 2011

European Union security officials recently met in Brussels for the European Security Round Table to discuss the creation of a unified approach to cybersecurity; the meeting’s organizers say the event was designed to promote “a comprehensive policy approach to cyber-security among EU institutions”; attendees included representatives from the European Parliament, the European Defense Agency, NATO, and private security organizations

European Union security officials recently met in Brussels for the European Security Round Table to discuss the creation of a unified approach to cybersecurity.

Estonian defense minister Mart Laar, who led the meeting, said, “If we are serious about the possible damage that bombs and bullets can cause, then we should also give serious consideration to the dangers that can be sent through global networks, because they can be used to strike at a country’s energy security, and damage its economy and intellectual property.”

The meeting’s organizers say the event was designed to promote “a comprehensive policy approach to cyber-security among EU institutions.” Attendees included representatives from the European Parliament, the European Defense Agency, NATO, and private security organizations.

Estonia is leading the push to create this unified policy as it suffered a three week barrage of cyberattacks in 2007 that brought down government websites as well as those of banks, newspapers, and critical infrastructure operators. The attacks caused an estimated $27.5 million to $40.5 million in damages.

It is notoriously difficult to confirm the origins of a cyberattack, but officials believe that the attacks were carried out by Russian hackers at the behest of the government in response to the relocation of a statue honoring Soviet soldiers in Estonia.

To more effectively defend against cyberattacks, Laar is advocating for a EU-wide approach where resources are shared. Before plans can move forward several critical issues must first be resolved.

Officials need to define what a cyberattack is compared to sabatoge. In addition, officials must decide how to respond to attacks and what level of retaliation is appropriate.

Currently the private sector is largely responsible for securing networks against hackers, and if the EU were to develop a joint security policy, the government would likely have to take control of some private assets.

The European Union is currently working to create a European Cybercrime Center.

Cecilia Malmstrom, a member of the European Commission responsible for Home Affairs, said the center “will become the focal point in the EU’s fight against cybercrime and it will also ensure faster reactions in the event of cyberattacks.”

At a cybercrime conference in Budapest, Malmstrom said she was working with European Commission Vice President NeelieKroes and EU foreign affairs and security chief Catherine Ashton in “coordinating a joint response to the challenges we are facing.”