BRUSSELS (Reuters) - European Union policymakers said on Thursday they want to combat large-scale cyber attacks that could paralyze modern, industrialized nations that rely on computer networks.
Proposals put forward by the European Commission include criminalizing the use and creation of malicious software or possession of tools such as passwords for breaking into computer systems. According to the European Commission, cyber attacks in the last two years have grounded French fighter planes, blocked access to German military systems and interrupted e-mail traffic within the British defense ministry.
A computer virus that attacks widely used industrial systems and appears to have been targeting Iran has drawn attention in recent weeks to how cyber crime can be used as a weapon.
The EU executive also wants to increase penalties for cyber crime and to oblige the bloc’s 27 governments to share more information about cyber attacks.
EU Commissioner for home affairs Cecilia Malmstrom said Europe needed a unified approach to cyber crime because national legal systems often failed to envisage crimes such as large-scale attacks and were too lenient toward perpetrators.
“This makes prosecution more difficult,” she said. “The proposed legislation introduces new elements to address prevention and the fight against (cyber) attacks.”
Several EU member states, including Cyprus, Germany, Latvia, Malta, Portugal and Romania, also fell prey to an attack aimed at extracting classified government documents in 2009.
The new proposals would need approval by EU states and the European Parliament.
Malmstrom said the EU also needed a long-term strategy to protect its vital infrastructure from cyber crime, which is on the rise in Europe.
“We are not totally defenseless,” Malmstrom said.
“We have some tools ... and we are looking at it in our security strategy but this is something long term where we need bigger capacity. This is not something we can construct overnight.”
Malmstrom said the EU, which doesn’t have a common military force, would be unlikely to follow in the footsteps of the United States if it expands the military’s role in defending commercial infrastructure as suggested by the head of the U.S. military’s Cyber Command recently.
“Different member states have different rules ... and I don’t foresee a general military role,” she said.
Reporting by Justyna Pawlak; Editing by David Brunnstrom and Matthew Jones
Our Standards: The Thomson Reuters Trust Principles.