The European Commission on Thursday proposed a cyber defense policy in response to Europe’s “deteriorating security environment” since Russia illegally invaded Ukraine earlier this year.
The Commission, citing recent cyber attacks on energy networks, transportation infrastructure and space assets, called on member states to “significantly increase” investments in cybersecurity capabilities. It also aims to boost defense partnerships, threat-intel sharing, and cooperation between military, law enforcement, and private-industry infosec professionals.
This will include establishing an EU Cyber Defence Coordination Centre, encouraging member states to more actively participate in Military Computer Emergency Response Teams (MICNET), while building a similar network for civilian cyber incident responders, according to a joint communication [PDF] to the European Parliament and Council.
The document also suggests governments develop a cyber defense exercise (CyDef-X) to serve as a framework for joint cyber defense exercises and “explore possibilities” to develop additional cyber rapid reaction teams, building on the PESCO CRRT project.
“Cyber is the new domain in warfare,” European Commission VP Josep Borrell said in a statement. “To be up to the challenges and threats ahead of us, we need modern and interoperable European armed forces equipped with the latest cyber defense capabilities.”
The cyber defense policy is part of a broader four-year plan to improve Europe’s military mobility.
“The return of a high intensity conflict obliges us to review our approach to Europe’s security,” Thierry Breton, commissioner for internal market, said in a statement. “It is time to enhance our cooperation on cyber defense.”
- Eastern European org hit by second record-smashing DDoS attack
- EU set to sign internet satellite deal, as UK frees up spectrum
- EU puts smart device manufacturers on the hook for cyber security
- As Russia wages disinfo war, Ukraine’s cyber chief calls for global anti-fake news fight
Even before Russia’s ground invasion Europe has also seen a number of cyber attacks spill over from Ukraine and affect EU member states.Perhaps most notably, this included the cyber attack that took Viasat customers’ satellite broadband modems offline an hour before Russia’s ground invasion began.
While the primary purpose of this attack was to disrupt Ukrainian communications during the invasion, by wiping the modems’ firmware remotely, it also disabled thousands of small aperture terminals in Ukraine and across Europe. It knocked out people’s satellite connectivity and the remote monitoring of 5,800 wind turbines in Germany.
There’s also been a slew of distributed denial of service (DDoS) attacks against European nations since the war began – including the largest ever publicly known DDoS flood against an unfortunate Eastern European organization that went beyond 700 million packets per second.
In May the EU Council tabled a proposal [PDF] for a cyber defense policy, which led to this week’s actions and call for member states to implement specific coordination actions outlined in the policy. ®