[ISN] EU Squabble May Sink Planned Cybercrime Agency

From: InfoSec News (isnat_private)
Date: Thu Jun 05 2003 - 01:42:50 PDT

  • Next message: InfoSec News: "RE: [ISN] This computer security column is banned in Canada"

    http://boston.com/dailynews/155/technology/EU_Squabble_May_Sink_Planned_C:.shtml
    
    By Lisa Jucca 
    Reuters
    6/4/2003 
    
    BRUSSELS (Reuters) - Plans for a European agency to tackle cybercrime 
    such as computer viruses and terror attacks may be scuppered by 
    bureaucracy because governments want to monitor it too tightly, EU 
    officials said on Wednesday. 
    
    The European Network and Information Security Agency, which would play 
    a key advisory role to the 15 EU governments on how to combat 
    Web-related threats, was expected to be up and running by the end of 
    this year. 
    
    However member states now say they want to directly appoint members of 
    the management board, which would oversee the work of the agency. They 
    are also seeking to axe a planned advisory panel meant to give voice 
    to the industry, EU officials said. 
    
    The Commission is fiercely opposing an overhaul of its planned 
    structure and is threatening to withdraw the proposal. 
    
    ''This debate is unnecessary. We are faced with cyber threats on a 
    daily basis and we have no means to respond to them,'' a Commission 
    spokesman said. 
    
    The European Commission, the EU's executive body which proposed the 
    agency, had wanted the new body to be a slim 30-man operation to 
    rapidly react to virus attacks and other threats. 
    
    Authorities worldwide have woken up to the dangers of serious network 
    failures, such as those caused by computer worm ''SQL Slammer'' 
    earlier this year. Potential terror strikes are also a source of 
    concern after the September 11 attacks. 
    
    Internet service providers say the agency would play a very necessary 
    role were it not to be hamstrung by governments' intervention. 
    
    ''A very significant role exists for the new network security 
    agency,'' said Louisa Gosling, president of Europe's Internet services 
    providers association EuroISPA. 
    
    ''However, we are worried that unnecessary bureaucracy in the 
    structure of the new agency could seriously impact on its 
    effectiveness.'' 
    
    The agency is expected to cost the EU around 24 million euros ($28.09 
    million) in five years. A further nine million euros will be added 
    once 10 new EU members join in May 2004. 
    
    Its other duties would include EU-wide collection of data on cyber 
    attacks, security risk assessments and pan-EU guidelines. 
    
    Individual member states already operate crisis units -- called 
    Computer Emergency Response Teams -- against threats posed by Internet 
    hackers and spreaders of computer viruses. But the system lacks 
    central coordination. 
    
    Member states want to continue to rely mainly on the CERTS and fear 
    the agency may interfere with their functioning. 
    
    The EU has harmonized legislation against cybercrime. Under the EU 
    rules, hackers seeking unauthorized access to a computer system can 
    face several years in jail. 
    
    ($1-.8542 Euro) 
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Thu Jun 05 2003 - 04:02:10 PDT