Before the next WannaCry or NotPetya cyber-attack strikes, potentially resulting in widespread damage for which few are actually prepared, law enforcement in the EU have established an incident response protocol, according to a Europol press release.
“To prepare for major cross-border cyber-attacks, an EU Law Enforcement Emergency Response Protocol has been adopted by the Council of the European Union. The Protocol gives a central role to Europol’s European Cybercrime Centre (EC3) and is part of the EU Blueprint for Coordinated Response to Large-Scale Cross-Border Cybersecurity Incidents and Crises,” Europol wrote.
“It serves as a tool to support the EU law enforcement authorities in providing immediate response to major cross-border cyber-attacks through rapid assessment, the secure and timely sharing of critical information and effective coordination of the international aspects of their investigations.”
Driven by the reality that "incident-driven and reactive response" are insufficient security strategies, the EU Law Enforcement Emergency Response Protocol established a multi-stakeholder process identifying the key players and their roles and responsibilities for responding to cybersecurity events.
Serving as a compliment to the existing EU crisis management mechanisms, the new protocol begins with early detection of a major attack, and then classifies the threat before coordinating with emergency response and issuing early warning notifications and initiating the law enforcement operational action plan.
The final stages of the protocol include an investigation and multilayered analysis and emergency response protocol closure.
“It is of critical importance that we increase cyber preparedness in order to protect the EU and its citizens from large scale cyber-attacks,” said Wil van Gemert, deputy executive director of operations at Europol.
“Law enforcement plays a vital role in the emergency response to reduce the number of victims affected and to preserve the necessary evidence to bring to justice the ones who are responsible for the attack.”