LONDON (Reuters) - Britain pressed the European Commission on Wednesday to introduce tighter and uniform security features for national emissions registries to prevent fraud after almost 3.4 million carbon permits were stolen.
Emissions registries administer and transfer EU carbon permits under the bloc’s emissions trading scheme. A coordinated cyber attack on some registries last month resulted in the theft of 50 million euros’ ($67.5 million) worth of permits.
“The registries are in many ways akin to bank accounts, and we believe that similar security features should be standard across EU registries,” Greg Barker, the UK’s minister for climate change, wrote in a letter to EU Climate Commissioner Connie Hedegaard.
“These include universal adoption of ‘two-factor authentication’, where access to the registry needs more than just a password, but also an additional confirmation of identity similar to the card-readers increasingly used by banks.”
The Commission shut down registries for over two weeks while they increased security measures. So far, seven national registries have reopened, and the UK registry was one of the first.
Opening an account has been relatively easy at some registries, and security measures have not been uniform across the bloc.
“We would like to see more regular and frequent testing of the vulnerabilities of registries and updating of the software used to protect these registries,” Barker added. (Reporting by Nina Chestney, editing by Jane Baird)