EU Proposes Joint Cybersecurity UnitAgency Would Help Member States Respond to Cyberattacks
The European Commission has proposed creating a Joint Cyber Unit to help EU member states respond to and prevent cyberattacks, especially those involving ransomware.
See Also: Automating Security Operations
Under the proposal, the EU would create a rapid response team to mitigate threats from hackers and establish national and cross-border monitoring and detection capabilities. The new unit also would work with member nations' law enforcement and cyber agencies, security firms, diplomats and military services to coordinate cybersecurity operations and threat intelligence sharing, the European Commission says.
Ensuring Coordinated Responses
The Joint Cyber Unit, which would be headed by the European Union Agency for Cybersecurity, also known as ENISA, would be based in Brussels.
"The Joint Cyber Unit will act as a platform to ensure an EU coordinated response to large-scale cyber incidents and crises, as well as to offer assistance in recovering from these attacks," according to the European Commission.
By Dec. 31, the commission plans to assess the organizational aspects of the proposed unit and identify EU operational capabilities. By June 30, 2022, the commission will draft a report on the roles and responsibilities of participants within the Joint Cyber Unit, and the Council of the European Union will vote on whether to endorse the unit's formation. If approved, the unit would become operational by Dec. 31, 2022, including mobilizing EU "rapid reaction" teams. Private sector partners would then be involved by June 2023.
A Timely Move
Some security experts say improving multinational collaboration to battle against cyberthreats is essential.
"When we look at the current cyberthreat landscape, it is genuinely borderless and a global challenge," says Jens Monrad, director, EMEA, Mandiant Threat Intelligence. "There is certainly a need for more political involvement to address the fact that some of the most impactful cyberthreats, like ransomware, still seem to operate with impunity from countries that appear to offer a degree of safe harboring as long as the cybercriminals do not target their own country or region."
Steve Forbes, a government cybersecurity expert at domain company Nominet, says the new unit could help pave the way for enhanced cyber defenses.
"The new cyber unit will set a powerful precedent for international collaboration as central to our future global cyber defense," he says. "With similar threats faced across the European Union, particularly against critical infrastructure - often with the same adversaries - pulling together will allow the bloc to make changes in its cyber defense."
The proposal to establish the new unit comes as ransomware and other cyberattacks continue to surge in Europe.
For example, ransomware attacks recently targeted Irelands' healthcare agencies. A spear-phishing campaign targeted members of the German Parliament. And hackers attacked the European Banking Authority.
The Council of the European Union in March announced that it would adopt a new cybersecurity strategy and create security operation centers across the EU to monitor attacks on networks (see: EU Council Adopts New Cybersecurity Strategy).
At the recently concluded G-7 Summit, European leaders announced measures to counter ransomware attacks. And at the NATO Summit last week, allies agreed that that the organization's Article 5 provision - which states that an attack on one member nation is an attack on all - could now be applied to cyberthreats (see: NATO Endorses Cybersecurity Defense Policy).