The European Commission has announced plans to build a Joint Cyber Unit to tackle large scale cyber-attacks.
Recent ransomware incidents on critical services in Ireland and the US has “focused minds”, the commission said.
It argued cyber-attacks were a national security threat, as incidents in Europe rose from 432 in 2019 to 756 in 2020.
A dedicated team of multi-national cyber-experts will be rapidly deployed to European countries during serious attacks, it said.
Launching the proposals, European Commission vice-president Margaritis Schinas said last month’s hack on US fuel supplies was ‘the “nightmare scenario that we have to prepare against”.
Last month, a cyber-criminal gang called Darkside forced the Colonial Pipeline offline for nearly a week, causing panic buying and fuel shortages.
Ransomware hackers use malicious software to scramble and steal an organisation’s computer data – charging victims money to return services back to normal.
The US government has also recently formed a Ransomware Task Force, while the UK’s National Cyber Security Centre warns that ransomware is the biggest cyber-threat to UK.
The European Commission said that the ongoing ransomware attack on Ireland’s health service is another sign that cyber-attacks are a national security issue.
- The ransomware surge ruining lives
- US recovers most of Colonial Pipeline ransom
- Why cyber gangs won’t worry about US-Russia talks
- JBS pays $11m in ransom to resolve cyber-attack
The Health Service Executive (HSE) in Ireland was hit by a ransomware group called Conti which scrambled IT systems, causing major disruption to many hospitals.
HSE chief Paul Reid told the Oireachtas health committee on Wednesday that it will take months to fix the system.
He said it will cost as much as €100m (£85m) to recover, and will also have large “human costs”.
Thierry Breton, EU commissioner for the internal market, told reporters that the Joint Cyber Unit’s rapid reaction teams could have helped Ireland recover from the crisis.
He said the unit would help in similar scenarios by “deploying very quickly a dedicated team which we don’t have the capacity to do now. We know that the longer you wait the worse it is, so faster and more solidarity is what you can expect”.
Mr Breton insisted that the new unit will not compete with national cyber-entities or duplicate work.
He promised to build a team to provide support virtually and physically, using resources “from one country to another” to deliver operational and technical assistance.
The aim is to ensure that the Joint Cyber Unit will be operational by June next year, and that it will be fully established one year later, by 30 June 2023.
