Elisavet Grigoriou explains how “Joint Cyber Unit” will protect European Union form cyberattacks

In this interview we have a topic that is related with cyber security in the European Union.

Ms.Elisavet has already mentioned that “The European Union has laid out a vision to build a new Joint Cyber Unit to tackle the rising number of serious cyber incidents impacting public services.”

As you know, many cyber-attacks are taking place in the European Union and at an increasing rate. That is why the European Union has decided to set up a joint systems security team to deal with these cyber-attacks. What is your opinion?

The necessity to be connected even during the Covid-19 epidemic highlighted the significance of resilient and secure information systems, particularly in critical infrastructures such as hospitals fighting the pandemic. To address these problems, a recommendation to establish a “Joint Cyber Unit” was made in June 2021, with the goal of assisting in the prevention, detection, and response to cyber-attacks. The cross-border dimension of cybersecurity threats, as well as the continuous rise of more complicated and widespread cyberattacks, might be successfully addressed by coordinated activities among EU cybersecurity institutions/organizations. Civilian, law enforcement, diplomatic, and cyber defense experts will contribute to the platform. The “Joint Cyber Unit” will identify organizational and technological capabilities, expertise, and equipment that are ready for deployment to EU Member States. It is intended to give European cybersecurity crisis management a fresh momentum by assuring an unified EU response. I think that all members in the “Joint Cyber Unit” could very well engage with a broader variety of stakeholders while benefiting from increased preparation and situational awareness, addressing all elements of cybersecurity threats. Participants will be able to interconnect private sector partners, including both providers and users of cybersecurity solutions and services, through this Unit.

What kind of cyber-attack is most common and dangerous in the European Union? Is it ransomware?

The European Union Agency for Cybersecurity (ENISA)1 has released the annual ENISA Threat Landscape (ETL) study, which identifies and evaluates the major cyber risks as the COVID-19-led digital transformation progresses. Throughout the epidemic, cyber criminals have been seen improving their capabilities, evolving rapidly, and more successfully targeting relevant victim groups. The ETL study emphasizes that the road to a safer digital environment is difficult. This is mostly due to the COVID-19 pandemic’s impact on existing cyber security measures via changes in working and infrastructure behaviours. This worldwide issue has resulted in an increase in personalised cyber – attacks by cyber criminals, who are employing increasingly complicated methods and strategies. The top 15 cyber threat reports reported in ETL are the following: (1) Malware, (2) Web-based Attacks, (3) Phishing, (4) Web Application Attacks, (5) SPAM, (6) Distributed Denial of Service (DDoS), (7) Identity Theft, (8) Data Breach, (9) Insider Threat, (10) Botnets, (11) Physical Manipulation, Damage, Theft and Loss, (12) Information Leakage, (13) Ransomware, (14) Cyber Espionage, and (15) Crypto jacking.

The coronavirus exposed flaws in the trust systems utilized in online commerce, ranging from copycat websites of big companies to fake businesses that never deliver the product. Also, the adoption of mobile technology and subscription to digital platforms makes younger generations more vulnerable to these types of threats while in the same time cyber criminals are using social media platforms to increase the efficiency of targeted attacks. The financial gain remains the primary motivation behind most cyber-attacks and massively distributed attacks with a short duration and wide impact are used with COVID-19-themed attacks include messages containing malicious file attachments and messages containing malicious links that redirect users to phishing sites or malware downloads. Moreover, ransomware remains prevalent, with costly consequences for many EU organizations and many cyber security incidents continue to go unnoticed or take a long time to detect.

How can the risk of these cyberattacks be reduced or even eliminated?

Cyber Threat Intelligence (CTI) should be recognized as the main instrument for enhancing cybersecurity preparation and facilitating risk-based approaches. Connecting CTI with security management procedures would aid in the expansion of CTI in relevant sectors while also increasing the agility of typically long processes like as certification and risk assessment. Furthermore, CTI will be viewed as a facilitator of emergency choices that are required in strategic planning. In recent years, a rising number of test laboratories and cyber-ranges have been available on-premises and through cloud services. These are critical resources for staff training, simulating attacks, and testing various defense methods. All of this takes place in a multifunctional virtual environment. The utilization of artificial intelligence (AI) and machine learning (ML) in CTI should be studied further. This reduces the amount of human processes in CTI analysis and increases the effectiveness of machine learning functions inside CTI operations.

What is the proposal proposed by SIDROCO HOLDINGS as the company’s office manager?

SIDROCO is involved in many Horizon2020 cybersecurity projects proposing the outcomes of them.

(1) SPEAR’s main goal is to secure smart grids against cyber-attacks, as it is critical for national security and public safety, because the failure of an energy production utility can result in human lives, millions of euros, the denial of a vital and common good like energy, and days or even months of recovery.

(2) SDN-microSENSE aims to deliver a collection of secure, privacy-enabled, and cyberattack-resilient technologies, assuring the regular functioning of decentralized Electrical Power and Energy Systems (EPES) as well as the integrity and confidentiality of communications.

(3) The mission of CARAMEL is to proactively solve current vehicle cybersecurity issues using sophisticated Artificial Intelligence (AI) and Machine Learning (ML) techniques, as well as to continually investigate strategies to reduce related security risks. CARAMEL aims to reach commercial anti-hacking IDS/IPS systems for European automotive cybersecurity and show their worth through comprehensive attack and penetration scenarios, taking into account the full supply chain of automotive operations.

(4) CyberSANE provides a cutting-edge solution for improving the detection and analysis of cyber-attacks and threats on Critical Infrastructures (CI), as well as increasing awareness of the current cyber threat landscape. Furthermore, CyberSANE assists human operators in constantly increasing preparation, improving CI operator collaboration, and taking necessary actions to control security risks, report, and address security events. Finally, CyberSANE is entirely compliant with all applicable legislation (GDPR and NIS directive).

(5) Adoption of IoT and AI-powered ICT systems in Europe is critical for our future, but it is dependent on our strategic capacity to secure these systems from cyber risks and privacy breaches. IRIS approaches this problem with a collaborative-first strategy based on CERTs/CSIRTs. It employs I autonomous detection of IoT and AI risks, (ii) privacy-aware intelligence sharing and cooperation, and (iii) enhanced data protection and accountability. Importantly, IRIS provides (iv) the first specialized online training and cyber exercises to prepare CERTs/CSIRTs to safeguard critical infrastructures and systems against cross-border AI and IoT threats.

(6) ELECTRON intends to deliver a next-generation EPES platform capable of enhancing the resilience of energy systems against cyber, privacy, and data attacks via four main pillars (risk assessment and certification, anomaly detection and prevention, failure mitigation and energy restoration, and addressing internal threats and gaps through AR-VR-based personnel training).

Moreover, in the context of cyber threat detection, SIDROCO HOLDINGS has developed SiVi tool, a human-interactive visual-based anomaly detection system that is capable of monitoring and promptly detecting several devastating forms of security attacks and “SiPentest” Tool, a penetration testing suite that is capable to assess the cybersecurity of critical infrastructures by performing a series of pen tests by exporting the identified threats.

Could working with the European Union team be more effective in tackling cyber-attacks?

As a result of the challenges brought about by digitalization, politicians, engineers and European Union should collaborate from the bottom – up approach to establish a shared strategy. Because the majority of today’s technology is linked to cyberspace, the participation of cybersecurity specialists in many of these interactions is critical.