EU consults on strategic union-wide response to cyber threat

EU member states, with the support of the EC and the EU Agency for Cybersecurity (Enisa), have presented a report on cybersecurity and resilience among EU communications infrastructures and networks, which calls for a stronger and more united response to the cyber threat, notably on critical infrastructure, involving all stakeholders in society.

The report identifies threats to communication networks and infrastructure that exploit vulnerabilities and can pose significant risks to the security and resilience of connectivity infrastructure.

The findings on identified threats include, among others, wipers, which can delete or corrupt data on targeted systems, ransomware attacks, supply chain attacks and physical attacks.

Based on these findings and, in addition to the risk scenarios already identified in the EU Coordinated risk assessment of 5G networks, the report develops ten strategic risk scenarios. These include a supply chain attack to gain access to infrastructure or a coordinated physical sabotage attack on digital infrastructure.

“As immediate follow-ups to mitigate these risks, the report puts forward strategic and technical recommendations for member states, the Commission and ENISA, which should be implemented as soon as possible,” stressed the EU.

These recommendations include cyber exercises and stress testing critical infrastructure. In addition, the report recommends assessing resilience and redundancy of core internet infrastructure, including submarine cables.

“Recent geopolitical developments highlighted the importance of security and resilience of infrastructures against both human-made and natural hazards, as well as the complementary role of terrestrial, satellite and submarine connectivity solutions, for uninterrupted availability of service under all circumstances,” says the report.

“In a rapidly changing security landscape, a strategic union-wide approach to security and resilience of critical digital infrastructures is essential for the EU’s economic security, building on the solid existing legislative framework, notably the NIS2 Directive, the directive on the resilience of critical entities and the council recommendation on a union-wide coordinated approach to strengthen the resilience of critical infrastructure,” it adds.

Back to top button