Connect with us


#EUCybersecurity - A newly formed stakeholders group will work on the cybersecurity certification framework



The Commission and the European Agency for Cybersecurity (ENISA) announced today the creation of the Stakeholders Cybersecurity Certification Group (SCCG), which will advise themon strategic issues regarding cybersecurity certification, while at the same time it will assist the Commission in the preparation of the Union rolling work programme.

Furthermore, its aim, as foreseen by the EU Cybersecurity Act that was adopted a year ago, is to create market driven certification schemes and help reduce fragmentation between various existing schemes in the EU member states.  The first meeting of the Group is taking place today. Internal Market Commissioner Thierry Breton said: “Not only will certification play a crucial role in increasing trust and security in ICT products, but it will also provide European companies with the necessary tools to demonstrate that their products and services have state of the art cybersecurity features. This will in turn allow them to better compete in the global market. The Stakeholder Cybersecurity Certification Group will help by bringing about the needed expertise and advice for the creation of a tailored and risk-based EU certification system.”

ENISA Executive Director Juhan Lepassaar added: “Cybersecurity certification aims to promote trust in ICT products, processes and services while at the same time tackling the fragmentation of the internal market, thus reducing the costs for those operating in the Digital Single Market. The Stakeholder Cybersecurity Certification Group will form part of the community that helps build and raise awareness of the EU schemes.”

The group consists of representatives from an array of organisations that include academic institutions, consumer organisations, conformity assessment bodies, standard developing organisations, companies, trade associations and many others. The EU is working in building the necessary cybersecurity capabilities to prevent and counter the ever-changing cyber threats and attacks.

More information on the EU's actions to strengthen cybersecurity capacities, including for 5G networks, is available in this brochure. The list of members of the Stakeholders Cybersecurity Certification Group can be found here and updated information on its work is in this webpage

Cyber Security

EU Cybersecurity: Commission proposes a Joint Cyber Unit to step up response to large-scale security incidents



The Commission is laying out a vision to build a new Joint Cyber Unit to tackle the rising number of serious cyber incidents impacting public services, as well as the life of businesses and citizens across the European Union. Advanced and coordinated responses in the field of cybersecurity have become increasingly necessary, as cyberattacks grow in number, scale and consequences, impacting heavily our security. All relevant actors in the EU need to be prepared to respond collectively and exchange relevant information on a ‘need to share', rather than only ‘need to know', basis.

First announced by President Ursula von der Leyen in her political guidelines, the Joint Cyber Unit proposed today aims at bringing together resources and expertise available to the EU and its Member States to effectively prevent, deter and respond to mass cyber incidents and crises. Cybersecurity communities, including civilian, law enforcement, diplomatic and cyber defence communities, as well as private sector partners, too often operate separately. With the Joint Cyber Unit, they will have a virtual and physical platform of co-operation: relevant EU institutions, bodies and agencies together with the member states will build progressively a European platform for solidarity and assistance to counter large-scale cyberattacks.

The Recommendation on the creation of the Joint Cyber Unit is an important step towards completing the European cybersecurity crisis management framework. It is a concrete deliverable of the EU Cybersecurity Strategy and the EU Security Union Strategy, contributing to a safe digital economy and society.

As part of this package, the Commission is reporting on progress made under the Security Union Strategy over the past months. Furthermore, the Commission and the High Representative of the Union for Foreign Affairs and Security Policy have presented the first implementation report under the Cybersecurity Strategy, as requested by the European Council, while at the same time they have published the Fifth Progress Report on the implementation of the 2016 Joint Framework on countering hybrid threats and the 2018 Joint Communication on increasing resilience and bolstering capabilities to address hybrid threats. Finally, the Commission has issued the decision on establishing the office of the European Union Agency for Cybersecurity (ENISA) in Brussels, in accordance with the Cybersecurity Act.

A new Joint Cyber Unit to prevent and respond to large-scale cyber incidents

The Joint Cyber Unit will act as a platform to ensure an EU co-ordinated response to large-scale cyber incidents and crises, as well as to offer assistance in recovering from these attacks. The EU and its member states have many entities involved in different fields and sectors. While the sectors may be specific, the threats are often common – hence, the need for coordination, sharing of knowledge and even advance warning.

The participants will be asked to provide operational resources for mutual assistance within the Joint Cyber Unit (see proposed participants here). The Joint Cyber Unit will allow them to share best practice, as well as information in real time on threats that could emerge in their respective areas. It will also work at an operational and at a technical level to deliver the EU Cybersecurity Incident and Crisis Response Plan, based on national plans; establish and mobilise EU Cybersecurity Rapid Reaction Teams; facilitate the adoption of protocols for mutual assistance among participants; establish national and cross-border monitoring and detection capabilities, including Security Operation Centres (SOCs); and more.

The EU cybersecurity ecosystem is wide and varied and through the Joint Cyber Unit, there will be a common space to work together across different communities and fields, which will enable the existing networks to tap their full potential. It builds on the work started in 2017, with the Recommendation on a coordinated response to incidents and crises - the so-called Blueprint.

The Commission is proposing to build the Joint Cyber Unit through a gradual and transparent process in four steps, in co-ownership with the member states and the different entities active in the field. The aim is to ensure that the Joint Cyber Unit will move to the operational phase by 30 June 2022 and that it will be fully established one year later, by 30 June 2023. The European Union Agency for Cybersecurity, ENISA, will serve as secretariat for the preparatory phase and the Unit will operate close to their Brussels offices and the office of CERT-EU, the Computer Emergency Response Team for the EU institutions, bodies and agencies.

The investments necessary for setting up the Joint Cyber Unit, will be provided by the Commission, primarily through the Digital Europe Programme. Funds will serve to build the physical and virtual platform, establish and maintain secure communication channels, as well as improve detection capabilities. Additional contributions, especially to develop member states' cyber-defence capabilities, may come from the European Defence Fund.

Keeping Europeans safe, online and offline

The Commission is reporting on the progress made under the EU Security Union Strategy, towards keeping Europeans safe. Together with the High Representative of the Union for Foreign Affairs and Security Policy, it is also presenting the first implementation report under the new EU Cybersecurity Strategy.

The Commission and the High Representative presented the EU Cybersecurity strategy in December 2020.  The report is taking stock of the progress made under each of the 26 initiatives set out in this strategy and refers to the recent approval by the European Parliament and the Council of the European Union of the regulation setting up the Cybersecurity Competence Centre and Network. Good progress has been made to strengthen the legal framework for ensuring resilience of essential services, through the proposed Directive on measures for high common level of cybersecurity across the Union (revised NIS Directive or ‘NIS 2'). Regarding the security of 5G communication networks, most member states are advancing in the implementation of the EU 5G Toolbox, having already in place, or close to readiness, frameworks for imposing appropriate restrictions on 5G suppliers. Requirements on mobile network operators are being reinforced through the transposition of the European Electronic Communications Code, while the European Union Agency for Cybersecurity, ENISA, is preparing a candidate EU cybersecurity certification scheme for 5G networks.

The report also highlights the progress made by the High Representative on the promotion of responsible state behaviour in cyberspace, notably by advancing on the establishment of a Programme of Action at United Nations level. In addition, the High Representative has started the review process of the Cyber Defence Policy Framework to improve cyber defence cooperation, and is conducting a ‘lessons learned exercise' with member states to improve the EU's cyber diplomacy toolbox and identify opportunities for further strengthening EU and international cooperation to this end. Moreover, the report on the progress made in countering hybrid threats, that the Commission and the High Representative have also published today, highlights that since the 2016 Joint Framework on countering hybrid threats – a European Union response was established, EU actions have supported increased situational awareness, resilience in critical sectors, adequate response and recovery from the ever increasing hybrid threats, including disinformation and cyberattacks, since the onset of the coronavirus pandemic.

Important steps were also taken over the last six months under the EU Security Union Strategy to ensure security in our physical and digital environment. Landmark EU rules are now in place that will oblige online platforms to remove terrorist content referred by Member States' authorities within one hour. The Commission also proposed the Digital Services Act, which puts forward harmonised rules for the removal of illegal goods, services or content online, as well as a new oversight structure for very large online platforms. The proposal also addresses platforms' vulnerabilities to amplifying harmful content or the spread of disinformation. The European Parliament and the Council of the European Union agreed on temporary legislation on the voluntary detection of child sexual abuse online by communications services. Work is also ongoing to better protect public spaces. This includes supporting member states in managing the threat represented by drones and enhancing the protection of places of worship and large sports venues against terrorist threats, with a €20m support programme underway. To better support member states in countering serious crime and terrorism, the Commission also proposed in December 2020 to upgrade the mandate of Europol, the EU Agency for law enforcement co-operation.

A Europe Fit for the Digital Age Executive Vice President Margrethe Vestager said: "Cybersecurity is a cornerstone of a digital and connected Europe. And in today's society, responding to threats in a coordinated manner is paramount. The Joint Cyber Unit will contribute to that goal. Together we can really make a difference.”

High Representative of the Union for Foreign Affairs and Security Policy Josep Borrell said: “The Joint Cyber Unit is a very important step for Europe to protect its governments, citizens and businesses from global cyber threats. When it comes to cyberattacks, we are all vulnerable and that is why cooperation at all levels is crucial. There is no big or small. We need to defend ourselves but we also need to serve as a beacon for others in promoting a global, open, stable and secure cyberspace.”

Promoting our European Way of Life Vice President Margaritis Schinas said: "The recent ransomware attacks should serve as a warning that we must protect ourselves against threats that could undermine our security and our European Way of Life. Today, we can no longer distinguish between online and offline threats. We need to pool all our resources to defeat cyber risks and enhance our operational capacity. Building a trusted and secure digital world, based on our values, requires commitment from all, including law enforcement.”

Internal Market Commissioner Thierry Breton said: "The Joint Cyber Unit is a building block to protect ourselves from growing and increasingly complex cyber threats. We have set clear milestones and timelines that will allow us - together with member states- to concretely improve crisis management cooperation in the EU, detect threats and react faster. It is the operational arm of the European Cyber Shield.”

Home Affairs Commissioner Ylva Johansson said: "Countering cyberattacks is a growing challenge. The Law Enforcement community across the EU can best face this new threat by coordinating together. The Joint Cyber Unit will help police officers in member states to share expertise. It will help build law enforcement capacity to counter these attacks.”


Cybersecurity is a top priority of the Commission and a cornerstone of the digital and connected Europe. The increase of cyberattacks during the coronavirus crisis has shown how important it is to protect health and care systems, research centres and other critical infrastructure. Strong action in the area is needed to future-proof the EU's economy and society.

The EU is committed to delivering on the EU Cybersecurity Strategy with an unprecedented level of investment in Europe's green and digital transition, through the long-term EU budget 2021-2027, notably through the Digital Europe Programme and Horizon Europe, as well as the Recovery Plan for Europe.

Moreover, when it comes to cybersecurity, we are as protected as our weakest link. Cyberattacks do not stop at the physical borders. Enhancing co-operation, including cross-border cooperation, in the cybersecurity field is therefore also an EU priority: in recent years, the Commission has been leading and facilitating several initiatives to improve collective preparedness, as EU joint structures have already supported member states, both at technical and at operational level. The recommendation on building a Joint Cyber Unit is another step towards greater cooperation and coordinated response to cyber threats.

At the same time, the Joint EU Diplomatic Response to Malicious Cyber Activities, known as the cyber diplomacy toolbox, encourages cooperation and promotes responsible state behaviour in cyberspace, allowing the EU and its Member States to use all Common Foreign and Security Policy measures, including, restrictive measures, to prevent, discourage, deter and respond to malicious cyber activities. 

To ensure security both in our physical and digital environments, the Commission presented in July 2020 the EU Security Union Strategy for the period 2020 to 2025. It focuses on priority areas where the EU can bring value to support member states in fostering security for all those living in Europe: combatting terrorism and organized crime; preventing and detecting hybrid threats and increasing the resilience of our critical infrastructure; and promoting cybersecurity and fostering research and innovation.

More information

Factsheet: Joint Cyber Unit

Infographic: EU Cybersecurity Ecosystem

Recommendation on building a Joint Cyber Unit

First implementation report on the EU Cybersecurity Strategy

Decision on establishing the office of the European Union Agency for Cybersecurity (ENISA) in Brussels

Second Progress Report under the EU Security Union Strategy (see also Annex 1 and Annex 2)

Fifth Progress Report on the implementation of the 2016 Joint Framework on countering hybrid threats

Press release: New EU Cybersecurity Strategy and new rules to make physical and digital critical entities more resilient

EU Security Union Strategy

Continue Reading


German cyber security chief fears hackers could target hospitals




German hospitals may be at increased risk from hackers, the head of the country's cyber security agency has said, following two high-profile digital attacks this month on the Irish health service and a US fuel pipeline.

Ireland's health service operator shut down its IT systems last Friday to protect them from a "significant" ransomware attack, crippling diagnostic services, disrupting COVID-19 testing and forcing the cancellation of many appointments. Read more

German clinics have been targeted by a series of cyber attacks over the last five years, and Arne Schoenbohm (pictured), president of the BSI federal cyber security agency, told Zeit Online newspaper he saw "a greater danger at hospitals".

Earlier in May, the 5,500-mile (8,850-km) US Colonial Pipeline Co system closed after one of the most disruptive cyber attacks on record, preventing millions of barrels of gasoline, diesel and jet fuel from flowing to the East Coast from the Gulf Coast. Read more

Schoenbohm said many German businesses were at increased risk of being targeted by hackers due to remote working during the COVID-19 pandemic.

"Many companies had to enable home offices within a short time," he said, adding that as a result, many of their IT systems were vulnerable to attack.

"Companies often close known security gaps too slowly."

Continue Reading


Computer hacking poses problems for Irish government



The Irish government has found itself facing a delicate dilemma as it prepares to open up its economy after the costly coronavirus pandemic. The recent hacking of computers that run its health service, by Russian criminals, has not only left it exposed to ransom demands but potential legal actions from irate Irish people as Ken Murray reports from Dublin.

On the morning of Friday 14 May last, Irish people switched on their radio devices to learn that the IT system of the Health Service Executive (HSE), the body that runs the country’s hospital system, had been hacked over night!

Cyber criminals, believed to be the Wizard Spider gang in St. Petersburg Russia, had hacked in to personal files on the entire national computer system and were issuing a ransom demand of €20 million to unlock codes!

At first the HSE played down the hack insisting that all files were copied in cloud computing storage, nothing had been stolen or compromised and that everything would be ok by Monday 17 May.

By Tuesday18 May, the crisis showed no signed of improving with the Government coming under attack from opposition politicians who themselves, were bombarded by worried constituents in the preceding days.

“This is escalating into a pretty serious national security crisis and I am not sure it is on the radar to the level it should be,” Labour Party Leader Alan Kelly told the Irish Parliament that day.

As the days rolled on, angry callers to radio phone-in programmes, some in tears, have been telling stories of cancelled radiotherapy and chemotherapy sessions for stage 4 cancer treatment with some calling on the Government, in desperation, to pay the ransom and get the service back to normal as quick as possible.

The Irish Government has stood firm in the passing days since the hack emerged insisting it will not pay the ransom for fear it could leave itself exposed to future hacks and demands.

However, the hackers sent a decryption computer key or code to the Irish Government prior to the weekend beginning 21 May prompting concerns that a ransom had been paid.

“No payment has been paid in relation to it at all. Security personnel don’t know the exact reason why the key was offered back,” the Taoiseach Micheál Martin insisted when he spoke to reporters on Friday 21 May.

With time moving on, there are now growing expectations in Irish government circles that the hackers will publish sensitive personal details on the so-called dark web in the coming days.

These details could include information on individuals who may have HIV/AIDS, advanced cancer, child abuse cases where individuals have not been named in the courts or for example, sexually transmitted infections but have opted to retain such information between themselves and their respective doctors.

Vulnerable people with medical conditions that could affect their jobs, reputations, personal lives, longevity and life insurance policies, remain at risk!

With the Government facing possible legal actions if such confidential information is allowed to be published, it moved in the Dublin High Court last week to secure legal injunctions prohibiting Irish media outlets, websites and digital platforms from making such information known to the wider public!

Junior Finance Minister Micheal McGrath pleaded with people at the weekend not to co-operate with any individuals or correspondence seeking payments in return for online confidential medical information.

Speaking to This Week on RTE Radio, he said, "The threat that we're facing here is real and the release of personal, confidential and sensitive data would be a despicable act but it is not one that we can rule out and the Gardaí [Irish police], working with our international law enforcement partners, are doing all that they can now to be in a position to respond to this.”

Ireland’s failure to honour its GDPR (General Data Protection Regulations) commitments could also see it facing serious fines in the European Court depending on how this all pans out!

Meanwhile with numerous health procedures in hospitals delayed by the hacking attack, questions are being asked as to how secure all Irish State computers systems are?

Paul Reid, the CEO of the HSE which is already working 24/7 to deal with the COVID pandemic, moved at the weekend to assure the public that his team are doing all they can to address the problem.

He told the This Week radio programme that the cost of fixing the problems could run in to tens of millions of euro.

He said work is now under way on "assessing each of those national [IT] systems we want to restore, which ones we have to rebuild, which ones we may have to remove and certainly the decryption process helps us in that."

He said good progress has been made "particularly in some of the national systems, like the imaging system which would support scans, MRIs and X-rays".

The hacking issue in Ireland is likely to see the entire State IT system overhauled in the coming weeks and months to ensure no such penetration by eastern European criminals ever happens again.

However, the crisis in Ireland serves as a reminder to the other 26 countries in the European Union that as long as Russian criminals continue to be a menace to western democracies, any one of those States could be next, particularly those with nuclear capabilities or sensitive military plans!

In the meantime, government officials in Dublin are keeping their fingers crossed that the threat of published sensitive material appearing on the dark web in the coming days remains just that, namely a threat!

Continue Reading