Connect with us

Cyber-espionage

Commission launches #Women4Cyber - A registry of talents in the field of cybersecurity

EU Reporter Correspondent

Published

on

On 7 July the Commission, together with the Women4Cyber initiative of the European Cybersecurity Organization (ECSO) launched the first online registry of European women in cybersecurity that will connect expert groups, businesses and policy makers to talents in the field.

The registry is an open, user-friendly database of women that have expertise in cybersecurity, aiming to address the growing demand for cybersecurity professionals in Europe and the related shortage of talents in the field. Its launch follows the European Skills Agenda for sustainable competitiveness, social fairness and resilience that the Commission presented on 1 July 2020.

A Europe Fit for the Digital Age Executive Vice President Margrethe Vestager said:  “Cybersecurity is everyone's business. Women bring experience, perspectives and values into the development of digital solutions. It is important to both enrich the discussion and make the cyberspace more secure.”

Promoting our European Way of Life Vice President Margaritis Schinas  said: “The cybersecurity field is suffering a massive skills shortage. This talent shortage is exacerbated by the lack of female representation in the field. The updated Skills Agenda adopted by the Commission last week aims to close such gaps. A diverse cybersecurity workforce will certainly contribute to more innovative and robust cybersecurity. The registry launched today will be a useful tool to promote women cybersecurity professionals and create a more diverse and inclusive cybersecurity ecosystem.”

Internal Market Commissioner Thierry Breton said: “Over the years we have been promoting various successful initiatives aimed at increasing training in digital skills, notably in the cybersecurity field. Every cyber team needs to combine various skills combining data science, analytics and communication. The registry is a tool aimed at achieving better gender balance in the cybersecurity workforce.”

The registry, which outlines diverse profiles and maps various areas of expertise, is accessible to everyone and will be updated regularly. More information about the Women4Cyber initiative is available here, about the Commission Cybersecurity strategy here and you can join the Women4Cyber registry by clicking here

Crime

European Audit Institutions pool their work on cybersecurity

EU Reporter Correspondent

Published

on

As the threat level for cybercrime and cyberattacks has been rising over recent years, auditors across the European Union have been paying increasing attention to the resilience of critical information systems and digital infrastructures. The Audit Compendium on cybersecurity, published today by the Contact Committee of EU supreme audit institutions (SAIs), provides an overview of their relevant audit work in this field.

Cyber incidents may be intentional or unintentional and range from the accidental disclosure of information to attacks on businesses and critical infrastructure, the theft of personal data, or even interference in democratic processes, including elections, and general disinformation campaigns to influence public debates. Cybersecurity was already critical for our societies before COVID-19 hit. But the consequences of the pandemic we are facing will further exacerbate cyber threats. Many business activities and public services have moved from physical offices to teleworking, while ‘fake news’ and conspiracy theories have spread more than ever.

Protecting critical information systems and digital infrastructures against cyberattacks has thus become an ever-growing strategic challenge for the EU and its member states. The question is no longer whether cyberattacks will occur, but how and when they will occur. This concerns us all: individuals, businesses and public authorities.

“The COVID-19 crisis has been testing the economic and social fabric of our societies. Given our dependence on information technology, a ‘cyber crisis’ could well turn out to be the next pandemic“, said European Court of Auditors (ECA) President Klaus-Heiner Lehne. “Seeking digital autonomy and facing challenges posed by cyber threats and external disinformation campaigns will undoubtedly continue to be part of our daily lives and will remain on the political agenda in the next decade. It is therefore essential to raise awareness of recent audit findings on cybersecurity across the EU member states.”

European SAIs have therefore geared up their audit work on cybersecurity recently, with a particular focus on data protection, system readiness for cyberattacks, and the protection of essential public utilities systems. This has to be set in a context in which the EU is aiming to become the world’s safest digital environment. The European Commission and the Union’s High Representative for Foreign Affairs and Security Policy, in fact, have just presented a new EU Cybersecurity Strategy, which aims to bolster Europe's collective resilience against cyber threats.

The Compendium published on 17 December provides background information on cybersecurity, main strategic initiatives and relevant legal bases in the EU. It also illustrates the main challenges the EU and its member states are facing, such as threats to individual EU citizens´ rights through misuse of personal data, the risk for institutions of not being able to deliver essential public services or facing limited performance following cyberattacks.

The Compendium draws on the results of audits carried out by the ECA and the SAIs of twelve EU member states: Denmark, Estonia, Ireland, France, Latvia, Lithuania, Hungary, the Netherlands, Poland, Portugal, Finland and Sweden.

Background

This audit Compendium is a product of co-operation between the SAIs of the EU and its member states within the framework of the EU Contact Committee. It is designed to be a source of information for everyone interested in this important policy field. It is currently available in English on the EU Contact Committee website, and will later be available in other EU languages.

This is the third edition of the Contact Committee’s Audit Compendium. The first edition on Youth unemployment and the integration of young people into the labour market was published in June 2018. The second on Public health in the EU was issued in December 2019.

The Contact Committee is an autonomous, independent and non-political assembly of the heads of SAIs of the EU and its member states. It provides a forum for discussing and addressing matters of common interest relating to the EU. By strengthening dialogue and co-operation between its members, the Contact Committee contributes to an effective and independent external audit of EU policies and programmes

Continue Reading

coronavirus

Taiwan is crucial to the global fight against cybercrime

Guest contributor

Published

on

Since emerging in late 2019, COVID-19 has evolved into a global pandemic. According to World Health Organization statistics, as of September 30, 2020, there were more than 33.2 million confirmed COVID-19 cases and more than 1 million related deaths worldwide. Having experienced and fought the SARS epidemic in 2003, Taiwan made advance preparations in the face of COVID-19, conducting early onboard screening of inbound travelers, taking stock of antipandemic supply inventories, and forming a national mask production team, writes Criminal Investigation Bureau Ministry of the Interior Republic of China (Taiwan) Commissioner  Huang Ming-chao. 

The government’s swift response and the Taiwanese people’s cooperation helped effectively contain the spread of the disease. The international community has been putting its resources into fighting COVID-19 in the physical world, yet the cyberworld has also been under attack, and faces major challenges.

The Cyber Attack Trends: 2020 MidYear Report published in August 2020 by Check Point Software Technologies Ltd., a well-known IT security company, pointed out that COVID-19 related phishing and malware attacks increased dramatically from below 5,000 per week in February to over 200,000 in late April. At the same time as COVID-19 has seriously affected people’s lives and safety, cybercrime is undermining national security, business operations, and the security of personal information and property, causing significant damage and losses. Taiwan’s success in containing COVID-19 has won worldwide acclaim.

Faced with cyberthreats and related challenges, Taiwan has actively promoted policies built around the concept that information security is national security. It has bolstered efforts to train IT security specialists and develop the IT security industry and innovative technologies. Taiwan’s national teams are ever present when it comes to disease or cybercrime prevention.

Cybercrime knows no borders; Taiwan seeks cross-border cooperation Nations around the globe are fighting the widely condemned dissemination of child pornography, infringements on intellectual property rights, and the theft of trade secrets. Business email fraud and ransomware have also generated heavy financial losses among enterprises, while cryptocurrencies have become an avenue for criminal transactions and money laundering. Since anyone with online access can connect to any internetenabled device in the world, crime syndicates are exploiting the anonymity and freedom this provides to conceal their identities and engage in illegal activities.

The Taiwanese police force has a special unit for investigating technology crimes comprising professional cybercrime investigators. It has also established a digital forensics laboratory meeting ISO 17025 requirements. Cybercrime knows no borders, so Taiwan hopes to work with the rest of the world in jointly fighting the problem. With state-sponsored hacking rampant, intelligence sharing is essential to Taiwan. In August 2020, the US Department of Homeland Security, Federal Bureau of Investigation, and Department of Defense released the Malware Analysis Report, identifying a state-sponsored hacking organization that has recently been using a 2008 malware variant known as TAIDOOR to launch attacks.

Numerous Taiwanese government agencies and businesses have previously been subject to such attacks. In a 2012 report on this malware, Trend Micro Inc. observed that all of the victims were from Taiwan, and that the majority were government organizations. Every month, Taiwan’s public sector experiences an extremely high number of cyberattacks from beyond Taiwan’s borders—between 20 and 40 million instances. Being the priority target of state-sponsored attacks, Taiwan has been able to track their sources and methods and the malware used. By sharing intelligence, Taiwan could help other countries avert potential threats and facilitate the establishment of a joint security mechanism to counter state cyberthreat actors. Additionally, given that hackers often use command-and-control servers to set breakpoints and thus evade investigation, international cooperation is essential for piecing together a comprehensive picture of chains of attack. In the fight against cybercrime, Taiwan can help.

In July 2016, an unprecedented hacking infringement occurred in Taiwan when NT$83.27 million was illegally withdrawn from First Commercial Bank ATMs. Within a week, the police had recovered NT$77.48 million of the stolen funds and arrested three members of a hacking syndicate— Andrejs Peregudovs, a Latvian; Mihail Colibaba, a Romanian; and Niklae Penkov, a Moldovan—that had until then remained untouched by the law. The incident drew international attention. In September that same year, a similar ATM heist occurred in Romania. A suspect Babii was believed to be involved in both cases, leading investigators to conclude that the thefts had been committed by the same syndicate. At the invitation of the European Union Agency for Law Enforcement Cooperation (Europol), Taiwan’s Criminal Investigation Bureau (CIB) visited its office three times to exchange intelligence and evidence. Subsequently, the two entities established Operation TAIEX.

Under this plan, the CIB provided key evidence retrieved from suspects’ mobile phones to Europol, which sieved through the evidence and identified the suspected mastermind, known as Dennys, who was then based in Spain. This led to his arrest by Europol and the Spanish police, putting an end to the hacking syndicate.

To crack down on hacking syndicates, Europol invited Taiwan’s CIB to jointly form Operation TAIEX. The fight against cybercrime requires international cooperation, and Taiwan must work together with other countries. Taiwan can help these other countries, and is willing to share its experiences so as to make cyberspace safer and realize a truly borderless internet. I ask that you support Taiwan’s participation in the annual INTERPOL General Assembly as an Observer, as well as INTERPOL meetings, mechanisms, and training activities. By voicing your backing for Taiwan in international forums, you can play a critical role in advancing Taiwan’s objective of taking part in international organizations in a pragmatic and meaningful manner. In the fight against cybercrime, Taiwan can help!

Continue Reading

Cyber-espionage

EU Threat Landscape Report: Cyber attacks are becoming more sophisticated, targeted and widespread

EU Reporter Correspondent

Published

on

On 20 October, the European Union Agency for Cybersecurity (ENISA) published its yearly report summarizing the main cyber threats encountered between 2019 and 2020. The report reveals that the attacks are continuously expanding by becoming more sophisticated, targeted, widespread and often undetected, while for the majority of them the motivation is financial. There is also an increase of phishing, spam and targeted attacks in the social media platforms. During the coronavirus pandemic, the cybersecurity of health services was challenged, while the adoption of teleworking regimes, distance learning, interpersonal communication, and teleconferencing also changed the cyberspace.

The EU is taking strong action to strengthen cybersecurity capacities: It will update legislation in the area of cybersecurity, with a new Cybersecurity Strategy coming up by the end of 2020, and is investing in cybersecurity research and capacity building, as well as in raising awareness about new cyber threats and trends, such as through the annual Cybersecurity Month campaign. The ENISA Threat Landscape Report is available here and a press release is available here.

Continue Reading

Twitter

Facebook

Trending