Amidst the current COVID-19 crisis, Dr Christian Ehler, Member of the European Parliament and EPP Coordinator in Industry and Research Committee calls for upgrading research efforts in ICT security.
“Science is not only challenged in the fight against the SCV-2 pandemic, it must also continue to take care of our protection against digital viruses.”
‘’Millions of people current ly work from their home offices. In the present crisis, this should enable at least some basic functioning of state and society, economy and science. However, only a few companies, public authorities or universities are adequately prepared to operate, their traditionally centralised organisational and operational structures, on a large scale and decentralised manner for a long period of time. Instead of working together as usual in business and administrative offices, millions of Europeans, for example corporate headquarters, media houses, medical practices, financial institutions, etc, are trying to do their jobs as far as possible from home. In doing this, they use, to a large extent, less protected information and communication technology (ICT).’’
“Crises reveal strengths – human and technical – and their weaknesses. In the best case scenario, both strengths come together in the home office: technically competent people work with excellent equipment via stable connections with high-level of security for all end and intermediate points”.
“In the worst case, all weaknesses come together, and that is risky for a company. Professional ICT at the workplace is replaced in the home office by outdated devices and software, open WLAN connections in poorly protected networks,” Christian Ehler describes the problem. ‘’The more people work in this “bad case” scenario, the more opportunities are offered to all those who spy, manipulate and sabotage in cyberspace – from criminals to highly professional hackers, including those in the service of foreign countries.’’
In addition, there are risks posed by big foreign tech companies, whose communication, cloud and social media services are being used immensely. “They collect gigantic amounts of data at the moment. Criminal hackers who introduce malware and digital spies can gain insights into private data of important target persons just as easily as it is possible to analyse networks and Systems,” Ehler outlines the risks.
Security experts have noted a doubling of general cyber-attacks in the last three weeks, with targeted attacks increasing by up to 150% per month. As an example, Ehler points out that since the outbreak of the crisis, hospitals in various European countries have been targeted by cybercriminals. Via ICT loopholes, they smuggle ransom goods into the country in order to extort ransom money from the hospitals.
Ehler continues: “In times of crisis, the failure of supply systems (water, electricity, heat) can also play a decisive role in the mood of the population. Targeted manipulation of these could undermine citizens’ confidence in the coping capacity of their state, bring concerns and even unrest. With fake news campaigns and other measures from the repertoire of information warfare, the damaging effect can be significant.”
The crisis is not only an opportunity to identify ICT vulnerabilities. Rather, it requires a critical view of our own precautions and how to make them sustainable. “A crisis-stable position in the ICT sector is just as important for an individual as it is for society as a whole, for every European as well as for the European Union.”
“Whenever forward-looking knowledge and foresight are needed, research and innovation are needed. The EU already provided extensive support in this area. As early as 2015, it had already provided almost €1.3 million for the Pandemic Risk and Emergency Management (PANDEM) project through its Research Framework Programme. Up to last year, long-term cyber-security projects had received €1 million through Horizon 2020. The follow-up programme “Horizon Europe”, which is currently being negotiated, envisages an entire cluster “Civil Security for Society”. With its approximately €2.5 billion demanded by the European Parliament, it will also address multiple digital security issues. In addition, €2 billion out of the €9 billion new Digital Europe funding program will be used to improve cybersecurity. ”
“Our working conditions have changed. Especially now, I would like to call on scientists and developers to use the time to look into the various EU programmes, to acknowledge their opportunities and to use them for the benefit and safety of all of us,” Ehler appealed.