Moves to firm up the Commission's cyber protection will come in the next weeks in response to a “war of attrition” in cyber space rather than any specific attack, a Commission spokesman has told EurActiv.
But Brussels will not point the finger at China – EurActiv has learned separately – following the recent disclosure of a serious attack against the EU Council last June, which a Bloomberg investigation pinned to China, alleging links to the nascent superpower’s People's Liberation Army.
“We were not informed of any targeted attack,” Antony Gravili, the spokesman for Maroš Šefčovič – the commissioner responsible for inter-institutional relations – told EurActiv in reference to the reported attack against the Council.
It’s a war of attrition – an arms race
“There is no such thing as a big single, one-off attack out of the blue, that catches us by surprise. We are not sitting around and then, wham! An incident happens,” Gravili said, adding: “The reality is that this is a war of attrition, it is an arms race.”
He said that the Commission is set to put its new Computer Emergency Response Team (CERT) programme onto a permanent footing in the next few weeks, after a year of trials.
Under the CERTs regime, EU member state governments and regions respond to information security incidents and discuss threats. The Commission is planning to create new CERTs designed to bridge the gap between the private and public sector, in addition to its own dedicated EU CERT.
Brussels is also preparing a comprehensive strategy for cyber security – to be published this autumn – tackling the issue from a variety of perspectives including the effect on mafia activity, how far on-line identity theft affects commercial activity, and attempting to link the European strategy with international efforts.
Not all suspicions may be as they seem
Based on US private security research, Bloomberg's report claimed that a large Chinese hacking group – dubbed “Byzantine Candor” by US intelligence – targeted the office of EU Council president Herman Van Rompuy last June.
“Byzantine Candor is linked to China’s military, the People’s Liberation Army, according to a 2008 diplomatic cable released by WikiLeaks,” the report said, having recourse to verification by former US intelligence operatives.
A source with knowledge of Europe’s security agenda said on condition of anonymity: “There is a reluctance [in Brussels] to point the finger at China.”
“It is also possible that the source of the attacks could be different countries. For example it is possible that agents could be operating through hijacked IP addresses in China and using these stolen IP addresses as the basis of another attack, to confuse targets as to the true identity of the hackers,” the source said.
The recent reports come on top of an acknowledgment last spring (28 March) that the Commission itself came under attack. Gravili confirmed then that hackers targeted the information of some Commission officials, in particular at the External Action Service, the body's foreign diplomatic arm.
“Hackers are finding new ways to operate and so – though we have a massive infrastructure in place to fight hacking – we are also working on new approaches all the time, the levels of hacking come in waves rather than spikes, with constant attempts to attack,” according to Antony Gravili the spokesman for Maroš Šefčovič – the commissioner responsible for inter-institutional relations.