Given the increasing number and intensity of attacks in the cyber and information domain space (CIR), attribution is key. The EU’s role is only to coordinate, collect forensic evidence and share intelligence among the Member States and EU institutions. Attribution is a sovereign act of the Member States which have varying technical and intelligence capabilities. the technical, legal and political assignment of individual responsibility for cyberattacks, is incoherent and partly contradictory. However, at EU level, the process of attribution, i.e. If the EU wants to impose legitimate cyber sanctions, it first needs to determine the origin (attribution) of cyberattacks in a careful and reasonable manner.
Block strike hack 2018 full#
Under Article 263 IV of the Treaty on the Functioning of the European Union (TFEU), the targets of such punitive measures enjoy full legal protection from the European Court of Justice (ECJ). The diplomatic response must be consistent from a legal, technical and political perspective, in the event that listed individuals challenge the EU’s restrictive measures (financial sanctions or travel restrictions) in court. However, demonstrating and implementing a proportionate, coherent and, above all, legally justified EU response to cyberattacks is highly challenging. Since 2017, EU Member States have been using this toolbox to try to respond to serious cyber operations in a coordinated way under the Common Foreign and Security Policy (CFSP). Their intensity is adjusted to stay below the threshold for armed conflict. Cyber sanctions are only one of the common diplomatic instruments that are part of the EU’s cyber diplomacy toolbox. They apply across the EU 27 and have been adopted as a diplomatic or political response to malicious cyber operations against the EU. The measures include travel bans and asset freezes.
The European Union first imposed what were referred to as “cyber sanctions” against individuals associated with the Russian, North Korean and Chinese government in July 2020. To this end, it would make sense to allow qualified majority voting for the adoption of cyber sanctions. The EU Joint Cyber Unit and EU INTCEN, part of the European External Action Service, should be strengthened to improve the exchange of forensic information and to coordinate attribution policy more effectively.ĮU Member States and their allied partners should better coordinate political signalling to condemn cyberattacks. The EU should tighten the legal criteria and harmonise the standards of evidence for attribution. This leads to a lack of coherence in European cyber diplomacy, for example when imposing cyber sanctions.Īnalysis of policy responses to the WannaCry, NotPetya, Cloud Hopper, OPCW, and Bundestag hack cyber incidents reveals the following problems: Attribution takes a long time and relies on intelligence from NATO partners the technical realities and the legal facts for classifying and prosecuting cyberattacks do not always match the weighting of the criteria for establishing what constitutes a crime is unclear.Ĭyber sanctions should be proportionate, targeted measures and destructive attacks, such as WannaCry or NotPetya, should result in harsher punishment than everyday cases of cyber espionage, such as Cloud Hopper or the Bundestag hack. However, these all have different technical and intelligence capabilities. The attribution of cyberattacks is a sovereign act by the EU Member States.
0 kommentar(er)
