EurActiv.com

EU news and policy debates across languages

01/10/2016

Industry: ‘Do not use cyber threat as trade barrier’

Digital

Industry: ‘Do not use cyber threat as trade barrier’

cyber attack.jpg

Governments could be using cyber attacks as a proxy to introduce trade protection measures, industry sources warned EurActiv, as the EU prepares to set up a new anti-cybercrime centre in the Hague.

John Suffolk, the global cyber security officer at Huawei, told EurActiv: “There is a danger that cyber could be used as a proxy for a trade barrier. I think every one of us should be very cautious that that accelerates. It’s a view I gave in government and in the private sector and it’s my private view, but I think it’s a dangerous road.”

Suffolk was formerly an adviser and chief information officer to the UK government.

Vinton Cerf, one of the early internet pioneers who works as Google’s chief internet evangelist concurs, stressing that there is an “attempt to create rules of operation which have the effect becoming trade barriers.”

New cybercrime centre ahead

The warnings came as the Home Affairs Commissioner Cecilia Malmström called on the private sector to help out in efforts to counter cybercrime at a Microsoft-backed forum last week (31 May), which underlined the increased threat from on-line criminality.

In March, Malmström proposed the establishment of a European Cybercrime Centre within Europol to become the Union's focal point in the fight against cybercrime.

The centre will pool European cybercrime expertise and warn EU countries of major threats, new ways to commit online crimes and identify organised networks and prominent offenders in cyberspace.

Scott Charney, a vice president responsible for Microsoft’s Trustworthy Computing Group, told the forum: “15 years ago cybercrime threats consisted of opportunistic malware and spam, but advanced persistent threats have increased we have to shift security strategy.”

Trade defence not on EU agenda

Governments currently adopt a “prevent and respond” strategy to cybercrime; they now need to add “detection and containment” to those elements, Charney said.

He said that cybercrime was now “at a huge inflection point” as a result of the shift to cloud computing and the emergence of the “internet of things”.

Speaking at the same forum, Malmström said that a forthcoming eurobarometer poll will show that three-quarters of Europeans believe that there is an increased risk from cybercrime.

“There are a number of ways in which the private sector can contribute sharing information on risks and create a network identifying risks and sharing information,” said Malmström.

Asked by EurActiv about fears that measures to counter cyber crime could be used as proxy for trade defence measures, Malmström said: “It’s absolutely not on our agenda.”

Positions

“We must utilise information to benefit mankind and adopt a positive attitude towards data floods—not merely look at the ills or complexities that they create,” said Huawei founder and CEO Ren Zhengfei.

“What we can do is leverage the full potential of data. As data flooding increases far faster than prevention technology develops, the whole industry faces information security challenges. Cyber security is a common issue that the whole industry has to face. We must join hands to proactively address this issue,” Ren added.

“There is a serious disconnect in how people view the threat of cyber crime,” said Adam Palmer, cyber security advisor at Norton. “Cybercrime is much more prevalent than people realise. Over the past 12 months, three times as many adults surveyed have suffered from online crime versus offline crime, yet less than a third of respondents think they are more likely to become a victim of cybercrime than physical world crime in the next year. And while 89% of respondents agree that more needs to be done to bring cybercriminals to justice, fighting cyber crime is a shared responsibility. It requires us all to be more alert and to invest in our online smarts and safety.”

Background

EU and NATO authorities started to rethink their common approach to telecommunications network protection after a massive cyber attack carried out against Estonian public and private strategic infrastructure in 2007.

In March 2009, the European Commission published a new communication aimed at "protecting Europe from large scale cyber-attacks".

In April 2008, NATO leaders assembled at a summit in Bucharest agreed upon a common policy for cyber defence. They committed themselves to establishing a new authority with the primary task of coordinating NATO's "political and technical" reactions to cyber attacks.

In 2010 the European Commission proposed a new legislative text aimed at countering cyber attacks. The directive is to be voted by the plenary of the European Parliament and by members of the EU Council.

Timeline

  • 2012: Commission plans to present “comprehensive strategy for European cybersecurity”
  • Summer 2012: Possible agreement among EU institutions on final text of directive on attacks against information systems
  • Jan. 2013: EU cybercrime centre expected to start operations

Further Reading

European Union

Business & Industry

Norton:Report on cost of global cybercrime (7 Sept. 2011)

Press articles