Europe will equip itself with a “cyber shield” and a “cyber reserve”, announces Thierry Breton
European Commissioner Thierry Breton announced on Wednesday that Europe intends to equip itself with a “cyber shield”including a “reserve cyber army” , in order to be able to withstand major cyberattacks such as those suffered by Ukraine. These devices will be provided for by a new regulation, the Cyber Solidarity Act, which he will present on April 18.
“Our ambition is to create a “European cyber shield” which will make it possible to better detect attacks upstream. Today, an average of 190 days elapses between the start of the distribution of malware [logiciel malveillant] and when it is detected”underlined Mr. Breton, in charge of the internal market and digital, before the International Cybersecurity Forum. “We want to drastically reduce this time, to a few hours”he launched.
“With the war in Ukraine, cyberattacks jumped 140% in Europe last year. In this context, the pooling and coordination of our forces at European level become more necessary than ever because the threat will spread.said Thierry Breton to the newspaper THE Echos. “As by chance”these activities increase on the countries which send weapons to Ukraine, he added during an interview on LCI on Wednesday morning.
The detection of attacks will be entrusted to a European network of six or seven SOCs (cybersecurity operational centers), also provided for by the Cyber Solidarity Act. Equipped with supercomputers and artificial intelligence systems, they will operate on the model of the Galileo satellite system, he added.
Three first major SOCs will be deployed this year, without waiting for the vote on this new regulation.
Another novelty: the establishment of a “cyber reserve, made up of several thousand participants, public and private service providers, on a voluntary basis, to support the defense effort in the event of an attack”said Thierry Breton. “This cyber reserve will be ready to intervene at the request of any Member State”he specified.
The new regulation also provides for a partnership between Member States to strengthen the resilience of critical infrastructures in the European Union (airports, power stations, gas pipelines, electricity networks, Internet cables, etc.) with attack scenarios and penetration tests to detect vulnerabilities.
In the event of a major attack, a “cyber emergency mechanism” : immediate exchange of information, joint crisis management and mutual assistance. The investment will amount to “more than 1 billion euros, two-thirds financed by Europe”he told the Echos.
Finally, the EU must equip itself “a doctrine that provides for a deterrent capability and a policy of active and direct sanctions”. The new regulation will thus encourage the countries concerned to carry out offensive actions as soon as an attack has been attributed.
The European Union has already equipped itself with a legislative arsenal, such as the Cyber Resilience Act announced at the end of last year, which sets common rules concerning connected objects, or the NIS2 directive, scheduled for 2024, imposing new security obligations on companies.