Brussels, 27/05/2008 (Agence Europe) - Europe has to take cyber-terrorism more seriously and invest more in the fight against this kind of crime. This was the message delivered on Tuesday 27 May by Andrea Pirotti, the executive director of the European Network and Information Security Agency (ENISA) who had come to Brussels to present ENISA's work on junk-mail, massive cyber attacks and social networking. Mr Pirotti used this event to criticise the amount spent on the annual ENISA budget (€8 million) and the lack of staff (50 people), which prevents it from carrying out its supervisory task and platform role for exchanges between member states.
Around 6 billion computers are current infected worldwide, often unbeknown to the user. A problem that is just as serious is the constantly increasing number of online exchanges: 30% of world trade is dependent on the digital world and the amount of spam is growing in proportion. The fight against this spam cost around €64.5bn in 2007, twice as much as spent in 2005, explained an ENISA official. Thanks to efforts by member states, only 6% of spam is reaching its destination but this is “just the tip of the iceberg” and the public is unaware of the real threats to email and firewalls carried out upstream to get rid of cyber attack messages as much as possible, underlined the official. The online social networking sites, which have encouraged internet users to share information, without worrying about confidentiality, have increased this phenomenon. Once this data is sent out on the net, it is very difficult to withdraw, ENISA warned. The latter is encouraging the European Union to formulate recommendations for informing users of these dangers.
ENISA is strongly encouraging efforts at a national level because it believes a coordinated response is needed for fighting more effectively against this new kind of crime. More and more member states are setting up Computer Emergency Response Teams (CERT), a kind of fire fighting service that is able to provide a more rapid and efficient response to cyber attacks. In 2005, eight agencies were set up and there are now 14. The European agency was pleased to announce that 16 more agencies are just about to be set up over the next two years. ENISA stressed that some member states were more advanced than others in fighting cyber crime, and it is encouraging them to work together in an effort to implement codes of good practice and help less developed countries benefit from the experience of others. On an economic level, SMEs account for 99% of companies in the European Union and two thirds of jobs in the private sector. They are aware of the problems but do not know how to solve them, and do not have the means for massively investing in this sector. ENISA experts are helping these companies tackle the problem by providing them with the results of studies and the tools for helping them respond. ENISA has subsequently produced a feasibility study on information sharing and alarm systems for citizens and small companies (EUROPE 9622). Mr Pirotti explained that “we must prevent attacks becoming a digital 9/11”.
The meeting of senior ENISA officials in Brussels with the press was significant, given the threat of the agency disappearing to the benefit of a pan-European telecoms authority, whose implementation was mooted by the European Commission in its draft “telecoms package” proposal last autumn. Set up in 2004, ENISA's decease has ultimately been planned for 2009 from the beginning and the Commission's proposal has in fact since confirmed this deadline. However, through the voice of one of its spokesmen, Martin Selmaryr, the European Commission has “recognised the important work” carried out by this agency and stresses that, on the contrary, we move towards the development of its functions with an extension of its mandate until 2011. The Commission is being pushed in the back by the European Parliament and Council, which, at this stage are rather cool about creating a single authority. On the contrary, the Parliament is calling for a reinforcement of ENISA and rapporteur Pilar del Catillo (EPP-ED, Spain) is therefore proposing to set up an independent advisory body instead, called the European telecoms regulators body (BERT) which will not replace ENISA but work alongside it (EUROPE 9658). Mr Pirotti is calling on the European authorities to extend the mandates for serving agency officials and increase staff numbers. He claims that this agency should, in the long term, become permanent and keep its centre in Crete. (I.L.)