EU Australia Online - News & information from the capital of Europe direct to Australian businesses
«
»

Scourge Of Cyber Crime

  • March 18th, 2013
  • Posted by EUEditor

cyber-crime-11.jpgLawmakers in Europe are moving towards requiring enterprises under cyber attack to tell the authorities, as a chance for containing it and averting destruction of social and economic fabric.

A report on the problem this month by the German broadcaster, Deutsche Welle, quotes a study from the  federal German Economics Ministry, showing 99.7% of the country’s small and medium enterprises used information technology to conduct business, and 93% had experienced security problems.

Every fifth company reported that security issues disrupted their business activities for one day or longer.

It quotes also last year’s survey by the Hewlett-Packard company which found a German company losing €4.8-million (A$5.98-bilion; xe.com, 18.3.13) a year because of attacks on their computers, and nationally, companies were reporting over 1.1 successful cyber attacks each week.

The broadcaster’s report cites local intelligence backing American findings that cyber attacks come mostly from China, (with disturbing suspicion of state backing for it, disclaimed in Beijing), and also Russia; by no means the main sources.

It provides case studies:

  • An engineering firm setting up complex, computer controlled equipment brought in from  Asia, found it carrying malware that transmitted their operations off-shore;
  • A computer game that updated itself periodically, used by a group of federal employees, which was covertly set up as a conduit for getting government information to which they had access.

Concern about small and medium-sized businesses is that they cannot afford customised software now recommended for fending off penetrations, and that they are shy of reporting crimes for obvious reasons: possible extra costs and further divulgence of their private commercial information.

The problem is far from new, being discussed widely when the European Union, in 2007, set up a comprehensive state-to-state agreement among its member countries, with industry engagement.

It had to remain strictly voluntary; a new drive for stiffening such processes by making protection, including  disclosures by companies, legally enforceable, needed to wait until now, as the crime trend matured and became thoroughly urgent.

“Cyber hacking has become so easy, pervasive and lucrative that it appears impossible to root it out, concede the experts. Therefore, they say, the best option is to make it harder for cyber attacks to be successful and to mitigate the damage done by them”, concludes Deutsche Welle in its survey of the problem.

enisa-logo.pngNo less than the EU agency, ENISA (European Network and Information Security Agency) has affirmed all such concerns in its latest warning document, a “Flash Note” titled ‘Cyber attacks – a new edge for old weapons’, analysing and tracking recent cyber attacks, launched last week (13.3.13).

It calls for urgent action by businesses and government agencies:

enisa-document.jpg“The latest targeted cyber-attacks on government organisations and high-profile companies show the need for greater awareness and know-how in network and information security.

“The Agency highlights several issues such as cyber space’s lack of borders, failing security measures and the security issues of email. It also makes several recommendations, for instance to focus more on prevention and to look at more secure communication solutions.”

Its Executive Director, Professor Udo Helmbrecht said:  “Well known cyber-attack methods, such as spear-phishing, are still very effective. However, much can be done to counter these attacks – by making users aware of traps, and by ensuring that better security measures are in place.”

“In cyberspace, it is difficult to be sure where attacks originate, so the focus should be on preventing and mitigating attacks, regardless of where the attackers are based”, he said.

See also, EUAustralia Online: “New Deal against computer crime”, 23.5.07;“Asia-Europe meeting to address ‘non-traditional’ security threats”, 30.5.11; “Hackers from Romania …”, 29.11.12

Reference

.

ENISA, Heraklion, “Urgent action is needed in order to combat emerging cyber-attack trends ”, 13.3.13. http://www.enisa.europa.eu/media/press-releases/urgent-action-is-needed-in-order-to-combat-emerging-cyber-attack-trends, (18.3.13).

Michael Knigge, Rob Mudge,  “German jitters over cyber attacks”, Deutsche Welle, Bonn, 8.3.13. http://www.dw.de/german-jitters-over-cyber-attacks/a-16658040, (18.3.13).