On the eve of an EU summit set to discuss the ongoing military action in Libya, the European nuclear program and the debt crisis, key systems have been shut down and warning issued to staff as a result of what a spokesperson called “a serious cyber attack“.
Details on the nature, extent and consequences of the attack are currently very few but the timing and targeting are highly reminiscent of the attack against the French finance ministry two weeks ago which reportedly targeted information relating to the G20 summit.
A spokesperson for the European Commission stated that the commission is often “targeted” by cyber attacks, but that the extent of this one was far larger than those more regular events. Staff have been asked to change their passwords, external access to email and to the Commission’s intranet was temporarily suspended, in order to “prevent the disclosure of unauthorised information”. EUObserver reports having seen an internal mail that warned all staff
“We have found evidence that both the commission and EEAS [European External Action Service] are the subject of an ongoing widespread cyber attack.“
According to the AFP report, EU spokesperson Antony Gravili blamed the attack on malware, “rather than any attempt to unearth secret documents relating to summit issues”. Given the nature of contemporary attacks on commercial and government institutions, in reality it’s very difficult to draw the line between those two eventualities. Malware is simply one of the tools in the criminal and international espionage bag of tricks and making such a clear distinction before a thorough investigation has been completed may be counter-productive to say the least.
International cyber-espionage and criminal theft of information for commercial advantage has been going on for several years now but only really caught the public imagination with the furore surrounding the Aurora attacks in 2009/2010. Since that time, the mood for public disclosure of these attacks has rapidly changed and may contribute somewhat to the impression that they are increasing in frequency.
Nevertheless, Aurora, Night Dragon, Stuxnet and the attacks on the G20 and EU summits graphically illustrate the new reality. Cyberespionage, just like cybercrime is more simple to perpetrate, more difficult to spot and carries much less risk than the more traditional methods. This is the new front line.