Russia’s invasion of Ukraine has shone a light on the need for the UK and the EU to co-operate on cyber security, the head of the European Parliament’s defence subcommittee has said.
Britain’s post-Brexit agreement with the 27-member body relates to matters of internal security but stops short of mentioning security and defence collaboration between both parties.
Moscow was responsible for a series of cyberattacks across the EU in February, according to authorities in London, Brussels and Washington. As the Kremlin launched its invasion of Ukraine it was also behind an attack on communications firm Viasat which disrupted wind farms and internet users in central Europe, the West claimed.
Nathalie Loiseau, a French MEP serving as chairwoman of the European Parliament’s subcommittee on security and defence, called for more collaboration between officials in Britain and on the continent to defend against cyber crime.
“The war in Ukraine shows us the importance of co-operation in this field,” she told reporters at a briefing in the UK Parliament on Monday.
“And there is co-operation going on but there probably could be more, focusing on cyber.”
She said the EU is in the process of reviewing its cyber policy and thus far is aligned with the UK on the area.
“It could be that we are not in the future and it could be detrimental to our common interests,” she said. “So I'm not saying that alignment is the answer, but strong co-operation is obviously needed in this field.”
Ms Loiseau said just because cyber security does not form part of the Trade and Co-operation Agreement (TCA) signed in December 2020 that does not mean a separate pact cannot be reached between the two sides.
She also said there is an obvious need for the EU and its former member state to co-operate on energy security, an issue which has been front and centre of discussion on the fallout from the war in Ukraine.
Ukrainian officials are seeking closer ties with the EU in a bid to strengthen the country’s walls against cyberattacks.
Representatives from the State Service of Special Communications and Information Protection (SSSCIP) held high-level talks in Athens in October with members of the EU Agency for Cyber Security (ENISA).
Delegates from other states which have experienced Russian aggression, including Armenia, Georgia and Moldova, were also present.
The attack on Viasat which began approximately an hour before the February 24 invasion of Ukraine was launched reached far and wide. While the primary target was believed to have been the Ukrainian military, internet users were also hit.
The company said “tens of thousands of terminals” were made inoperable and damaged beyond repair.
In recent months cyberattacks have hit various Ukrainian industries, and links have been drawn between some hacks and Russia’s military objectives.
A western official focused on cyber security said officials in Ukraine are probably holding back from revealing the full extent of the impacts of such attacks. The tactic could deprive Moscow of valuable insights into the efficacy of their cyber operations and thus affect war planning, the official told CNN.
In its annual report released last week, ENISA said geopolitics such as Russia's invasion of Ukraine had led to more damaging and widespread cyberattacks in the year to July.
The agency's study followed concerns about the role of state actors and the growing range of threats to governments, companies and essential sectors such as energy, transport, banking and digital infrastructure.
Zero-day exploits, in which hackers target software vulnerabilities before developers have a chance to fix the flaws, as well as artificial intelligence-enabled disinformation and deepfakes, resulted in more malicious and widespread attacks, the report said.
Almost a quarter — 24 per cent — of hacks were aimed at public administration and governments, while 13 per cent were aimed at digital services providers, ENISA said.