The European Union (EU) has proposed creating a Joint Cyber Unit to improve the ability to respond to rising cyber-attacks on member states.
The ambition is for the unit to enable a coordinated EU response to large-scale cyber incidents and crises by pooling together nation-state resources and improving knowledge sharing among the relevant bodies.
To implement this vision, the EU Commission has proposed developing a physical and a virtual platform for the unit. The physical platform will provide “a physical space where cybersecurity experts can, in case of need, come together to conduct joint operations, share knowledge and work together.” The virtual platform will be used “for collaboration and secure information sharing, leveraging the wealth of information gathered through monitoring and detection capabilities.”
With the creation and maintenance of secure communication channels and improved detection capabilities, the platforms will be primarily funded through the EU’s Digital Europe Programme.
The commission has suggested that the Joint Cyber Unit is built in four stages, with a completion date of June 2023.
- Assess (by December 31 2021) – to establish how the unit will be organized and understand EU operational capabilities.
- Prepare (by June 30 2022) – Roll out joint preparedness activities alongside national incident and crisis response plans, with a view to outline the roles and responsibilities of participants in the unit.
- Operationalize the Joint Cyber Unit by mobilizing EU rapid reaction teams (by December 31 2022)
- Involve private sector partners (by June 2023) – in particular, increasing information sharing with users and providers of cybersecurity solutions and services.
The main parties involved in the unit fall under four categories: Resilience, Law enforcement, Diplomacy and Defense.
The proposal has come amid a growing number of serious cyber incidents, which are impacting critical services in the EU and other parts of the world. Recent examples include a ransomware attack on Ireland’s health service and the theft of official COVID-19 vaccine data from the European Medicines Agency.
Security experts have been quick to welcome the proposal but cautioned that it requires the cooperation of member states in areas such as intelligence sharing to work effectively. Matt Lock, technical director at Varonis, commented: “Any new initiative to tackle cybercrime is to be welcomed, so the launch of the Joint Cyber Unit is good news and shows the EU is taking the problem seriously.
“However, organizations should not think that they can take their eyes off the road. Once a ransomware attack or another breach has taken place, it’s often too late - the damage has already been done.
“Organizations need to take responsibility for their own cybersecurity and securely lock down their data to avoid falling victim to hackers.
“It’s important also to note that the EU views this reactive force as a ‘recommendation’ to governments and institutions. The launch of this initiative should therefore be a message to every business, both large and small. Prepare for the worst and raise your defenses, because cyber-criminals won’t be giving up.”
Steve Forbes, government cybersecurity expert at Nominet, said: “The new effort includes rapid response teams ready to be deployed in the instance of an attack, as well as a game-changing platform for collaboration across the EU, including intelligence, resources and expertise. This is exactly what’s needed to stem the tide against attacks that are only becoming more brazen and sophisticated.
“Until now, it has been reported that countries were hesitant to give away any control of their national security, and that is completely understandable when you consider that cyber is increasingly being seen alongside traditional methods of defence such as the army, navy and air force. There is a middle ground, however, where countries can benefit from centralized intelligence, overarching strategies and broad-reaching tactics. With similar threats faced across the EU – particularly against critical infrastructure – often with the same adversaries, pulling together will allow the bloc to make step changes in its cyber defense.
“The new cyber unit will set a powerful precedent for international collaboration as central to our future global cyber defense.”
Today, the EU has also published a progress report on its EU Security Union Strategy, which emphasizes combatting cybercrime and other malicious activity online.