Faced with the growing number of cyber attacks, the European Union plans to deploy a common cyber shield in order to detect and prevent attacks upstream. An ambitious project whose effectiveness remains to be proven.
Since the start of the war in Ukraine, the number of cyberattacks against companies or public bodies has increased by 140% in Europe, making France fifth most targeted country for ransomware in the world – some see a correlation between the increase in attacks and the supply of arms to the government in kyiv. Also, it is becoming urgent for the members of the European Union to join forces in order to better protect themselves against these new threats. AT On the occasion of the International Cybersecurity Forum (FIC), which began in Lille on April 5, Thierry Breton, the European Commissioner for the Internal Market, announced in an interview to Echoes the creation of a “European cyber shield”. Estimated at one billion euros, this measure, which will take place within the Cyber Solidarity Act, will make it possible to detect and prevent attacks upstream: a protection device which illustrates the adage “prevention is better than cure”.
European cyber shield: combat-ready experts
The Cyber Solidarity Act, which will be officially presented on April 18, aims to prevent cyberattacks and identify malware before it causes too much damage. “Our ambition is to create a ‘European cyber shield’ which will make it possible to detect attacks much better upstream. There can now be a delay of up to 190 days between the start of the distribution of malware and triggering an attack, explains Thierry Bret. The European Union plans to raise one billion euros for this, two-thirds of which will be financed by Europe and the rest will have to be provided in European capitals – according to the Commissioner, seventeen Member States have already responded to the call.
Thus, the Cyber Solidarity Act provides for the construction, from 2024, of 5 to 6 security operations centers (Security Operations Centers or SOCs) to strengthen the cybersecurity of the Member States. Based on supercomputers and artificial intelligence technologies, they must make it possible to detect malicious behavior in just a few hours. Moreover, their effectiveness has already been tested in the form of pilot projects. A European cyber reserve will also be set up, which will be made up of thousands of volunteers and professionals who will be available and mobilized in the event of attacks.
Cyber Solidarity Act: a logic of mutual assistance
To deal with the shortage of talent affecting the sector – which is hampering the reactions of States and companies, a Cyber Skill Academy will train future specialists. All of these provisions will serve to improve information sharing and collaboration between European Union countries. “In the same logic as European Civil Protection in the event of disasters, we must now adopt a logic of mutual assistance”explains Thierry Bret, before adding that “Europe must protect its cyberspace for obvious reasons of sovereignty”.
The Cyber Solidarity Act will complement the Cyber Resilience Act, unveiled last September and currently being discussed in the European Parliament. Its goal is to tackle the problem of everyday connected objects, which are real entry points for hackers. It is therefore a question of obliging manufacturers to better secure their connected objects before they are marketed, by increasing their responsibility and by obliging them to report the vulnerabilities discovered to the European Union Agency for Cybersecurity (ENISA) in a twenty-four hour deadline, under penalty of heavy fines.