The European Commission, including the body's diplomatic arm, has been an easy target for cyber criminals for a long time now but it has only recently been hit by what stunned officials said was a serious cyberattack.
The attack was first detected on Tuesday and Commission sources have said that it was sustained and targeted. The Commission was caught with it's firewalls down and started to leak like a broken seive. The attackers had complete run of the systems for several hours and will have left re-entry points everywhere possible.
External access to the Commission's e-mail and intranet has been suspended. Staff have been provided with minimal information on what damage has been done and simply told to change their passwords to prevent the "disclosure of unauthorised information." Very belatedly, staff at the Commission, the European Union's executive and regulatory body, have also been told to send sensitive information via secure e-mail.
This may surprise them somewhat because they thought their email was secure! Is this a classic example of puting in appropriate security measures only after a serious incident has been discovered. it also begs the question as to how often cybercriminals have been able to test and penetrate the systems previously.
This recent event comes just days ahead of the European Council summit. The summit brings together the leaders of E.U. member states and crucial decisions will be made on economic strategy, the war in Libya and the future structure of the E.U. The seriousness of this breach cannot be underestimated and a complete security overhaul is urgently required.
Initial speculation believed that the attacks may be directed or sponsored by Libya, but surprisingly, the Commission was quick to rule this out. They believe that the attack is 'similar' to the cyberattack on the French government in the run up to the G20 Summit in February 2010. That assault involved malware and targeted e-mail, with some of the related stolen information redirected to China, a close ally of Libya and a potential harvester of Libyan oil and mineral wealth.
The lunbering administration machine of the Commission are already 'taking urgent measures' to close the door after the horse has bolted. A number of sub-committee meetings are being called and an admin inquiry is been launched. The Commission admitted that it is frequently targeted, but added that there was no concrete evidence that the attack was linked to the E.U. summit. Probably by next week they will have convinced themselves that it was just a bad dream and nothing had really happened at all.
Sunday, April 17, 2011
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment