The Council of the European Union has adopted a new EU Law Enforcement Emergency Response Protocol to prepare for a major cross-border cyber-attack that could take place ahead of EU parliamentary elections in May this year.
Part of the EU Blueprint for Coordinated Response to Large-Scale Cross-Border Cybersecurity Incidents and Crises, the new protocol will allow Europol’s European Cybercrime Centre (EC3) to coordinate with law enforcement authorities across Europe to provide immediate response in the aftermath of major cross-border cyber-attacks.
Thanks to the new protocol, EC3 will be able to carry out rapid assessments of attacks, share critical information with other agencies, and coordinate the international aspects of their investigations.
"Only cyber-security events of a malicious and suspected criminal nature fall within the scope of this Protocol.To establish the criminal nature of the attack, it is fundamental that the first responders perform all required measures in a way to preserve the electronic evidence that could be found within the IT systems affected by the attack, which are essential for any criminal investigation or judicial procedure," Europol said in a press release.
"It is of critical importance that we increase cyber-preparedness in order to protect the EU and its citizens from large scale cyber-attacks. Law enforcement plays a vital role in the emergency response to reduce the number of victims affected and to preserve the necessary evidence to bring to justice the ones who are responsible for the attack," said Wil van Gemert, deputy executive director of Operations at Europol.
To neutralise or mitigate major cross-border cyber-attacks, Europol's EC3 and other law enforcement agencies have been empowered by the Protocol to set up secure communication channels, 24/7 contact points for the exchange of critical information, and a mechanism for overall coordination and de-confliction.
Law enforcement agencies across Europe will also be able to collaborate with the network and information security community and relevant private sector partners to gain maximum information and intelligence related to major cross-border cyber-attacks.
Aside from taking steps to prevent or to effectively respond to major cyber-attacks, the European Parliament has also signalled its concern over concerted disinformation campaigns sponsored by hostile countries. Recently, the European Parliament strongly condemned Russia, China, Iran and North Korea for indulging in aggressive actions "which seek to undermine the foundations and principles of European democracies as well as the sovereignty of all Eastern Partnership countries".
In a resolution that gained 489 votes in favour and 148 against, MEPs also took a stand against "Russia’s disinformation campaigns" that constituted the main source of disinformation in Europe and also urged the EU to expand its East StratCom Task Force into a fully-fledged structure within the European External Action Service to address Russia’s hostile propaganda.
"MEPs strongly condemn third parties interfering in elections and referenda. Member states are invited to amend electoral laws that would enable them to proactively counteract threats stemming from disinformation campaigns, cyber-attacks, cyber-crimes and violation of freedom of expression when voting," the resolution read.
"Disinformation poisons hearts and minds. We can no longer deny the fact that our institutions and societies are targeted by the Kremlin's hostile propaganda, which is part of a broader strategy. Fortunately, we are more experienced, determined and united to counter such activities," said rapporteur Anna Elzbieta Fotyga.