Tag: european union
Game over for European criminal botnet networks
An international operation coordinated by Europol has resulted in several arrests and the takedown of numerous cybercriminal networks. The operation focused on tackling the growing problem of the weaponization of botnets, which are strings of connected computers. Cybercriminal gangs use botnets to install droppers, a type of malicious software designed to install other malware, such as ransomware, onto a targeted system. Between 27 and 29 May of this year, Europol’s “Operation Endgame” targeted droppers, including IcedID, SystemBC, Pikabot, Smokeloader, Bumblebee, and Trickbot. The actions focused on disrupting criminal services, making arrests, taking down criminal infrastructures, and freezing illegal proceeds.
73% of SME Security Professionals Failed to Act on a High Priority Security Alert – April 17th
According to a survey from Coro, 73% of SME cybersecurity professionals admittedly say that they've missed, ignored, or failed to act accordingly on a high-priority security alert. The survey also found respondents to spend an average of 4 hours and 43 minutes managing their cyber security tools daily, with an average of 11.55 tools in their security stack.
Tough Times ahead for Apple
These are troubled times for Silicon Valley tech giant, Apple. Hard on the heels of the US Justice Department suing Apple for monopolizing the smartphone market comes news of a major security flaw in Apple M-series chips (M1, M2, and M3). The US Justice Department appears determined to call time on Apple’s long-standing domination of the smartphone market. It holds that “Apple’s broad-based, exclusionary conduct” makes it harder for Americans to switch smartphones. Apple also stands accused of undermining innovation for apps, products, and services, and imposing extraordinary costs on developers, businesses, as well as on consumers.
UN drafts US-led AI resolution
The United Nations has drafted a resolution aimed at bringing the rest of the world in line with existing US artificial intelligence (AI) security guidelines. These follow those already developed by the US Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC). Both emphasize the importance of “secure-by-design” and “secure-by-default” principles for AI systems. The UN Assembly called on all Member States and stakeholders “to refrain from or cease the use of artificial intelligence systems that are impossible to operate in compliance with international human rights law.” The Assembly added that the same rights that people have offline must also be protected online throughout the life cycle of artificial intelligence systems.
The EU’s AI Rules Get Final Approval – March 14th
Five years after its proposal, European Union lawmakers approved the artificial intelligence law, a world-first on AI rules. Centered around consumer safety, the EU's AI Act takes a "risk-based approach" to AI-powered products.
Corruption allegations overshadow EU cyber rulings
The European Union (EU) has adopted its first Cybersecurity Certificate scheme to boost cybersecurity in products and services sold within the EU states, amid ongoing investigations of alleged corruption in Brussels. The European Cybersecurity Scheme on Common Criteria (EUCC) drafted by the European Union Agency for Cybersecurity (ENISA) was adopted on Wednesday as the first scheme within the EU cybersecurity certification framework. ENISA is also already developing two additional cybersecurity certification schemes: EUCS on cloud services and EU5G on 5G security. But the announcement coincided with another press release published by the EU on the same day. On Wednesday, Jan 31st, 2024, the Committee on Civil Liberties also endorsed the draft negotiating mandate for stronger rules against corrupt decision-makers across all levels in the EU. Members of the European Parliament (MEPs) amended the draft anti-corruption provisions to cover “any person entrusted with tasks of public interest or in charge of a public service”, with top EU decision-makers, European Commissioners, the President of the European Council and MEPs to be added to the category of “high-level officials” who will now be subjected to more severe rules than in the past.
EU’s planned AI rulings meet opposition
Next Wednesday will see the last round in a “King Kong meets Godzilla"-style contest between the European Union and the global technology sector over proposed regulations from Brussels to control AI. The opening rounds have been fought by lawyers, lobbyists, and bureaucrats over the monitoring of foundation model AI services such as GPT-4, access to source codes, fines for disobeying the Brussels rulings, and other related topics. However, EU member states France, Germany, and Italy are known to be opposed to the EU’s proposed rulings and to favor self-legislation by the technology sector, as opposed to being constrained by hard rules dictated by Brussels. French AI company Mistral and Germany's Aleph Alpha have criticized the EU’s tiered approach to regulating foundation models, defined as those with more than 45 million users.
The EU’s Proposed Cybersecurity Certification Scheme – November 24th
The European Union's Cybersecurity Agency (ENISA) is studying the possibility of broadening the proposed cybersecurity labeling rules that may affect big tech operating in Europe. The proposed EU certification scheme (EUCS) vouches for further cybersecurity measures of cloud services, ensuring companies in the bloc select an EU-based certified cybersecurity vendor for their business.
EU Cybersecurity Drill Tests Readiness for 2024 Elections – November 22nd
In preparation for the 2024 elections, the European Parliament's services, the European Commission, and the EU Agency for Cybersecurity conducted a cybersecurity exercise. The drill, held in the European Parliament, involved national and EU partners testing crisis plans and responses to potential cybersecurity incidents. Representatives from electoral and cybersecurity authorities participated, aiming to enhance their capacity to address cybersecurity issues and update protocols for securing election technology. The exercise addressed risks such as information manipulation and cyber-attacks, crucial for safeguarding the integrity of the upcoming European Parliament election scheduled for June 6-9, 2024.
EU and Ukraine Partner to Boost Cybersecurity – November 14th
The European Union Agency for Cybersecurity (ENISA) signed a Working Agreement with Ukraine’s Administration of the State Service of Special Communications and Information Protection of Ukraine (SSSCIP) to boost cybersecurity efforts. The Working Agreement signed by ENISA and SSSCIP will focus on the EU supporting Ukraine in its efforts to protect itself from geopolitically-fueled cyber attacks from Russian threat actors through improving critical infrastructure, cybersecurity skills, and capacity building.
EU wakes up to the global supply chain threat
Systems powered by artificial intelligence, quantum computing, and cutting-edge microchips, together with genetic engineering, are being viewed with suspicion by the European Commission. As a result, the European Union (EU) is now in close and intense consultation with the EU’s 27 member states to establish an argument for potential trade bans and investment screenings.
Europol aims to dismantle the EU’s Euro188bn criminal economy
The European Police Office (Europol)’s first-ever threat assessment on the topic, ‘The other side of the coin: an analysis of financial and economic crime in the EU’, aims to shine a spotlight on a EUR 188 billion-plus international underground criminal economy.