EU outlines plans for Joint Cyber Unit

The European Commission recently unveiled plans to set up a Joint Cyber Unit for cybersecurity cooperation. The task force is a response to worsening worldwide cyber insecurity, with attacks continuing to escalate in scale, scope, and sophistication.

The Commission initiative will allow member states to request and receive help from the European Union (EU) or from one another’s national cybercrime units more easily, both during and in the aftermath of cyber incidents. This could even involve inter-state rapid response cyber teams stepping in during active threats.

“The Joint Cyber Unit is a building block to protect ourselves from growing and increasingly complex cyber threats,” EU commissioner for the internal market, Thierry Breton said.

The task force would prepare threat reports, prepare and test crisis response plans, and set up information-sharing agreements between authorities and private cybersecurity companies.

The Commission’s plan also involves setting up a platform for police, cyber agencies, military institutions, and cybersecurity companies to coordinate and share resources.

The need for a response

“As cyberattacks grow in number, scale, and impact, we need to be prepared to respond collectively. A new Joint Cyber Unit will bring together expertise from across the EU to prevent, deter, and respond to cyber incidents and crises,” the European Commission explained in a tweet.

Repeated high-profile cyberattacks hitting European agencies, hospitals, and universities have been underlining the need for a concerted and coordinated effort.

In recent years, cyber criminals have been digitally infiltrating security architectures — with relative ease — extracting sensitive data and then locking organisations out of their own systems. This type of attack is conducted using malicious software known as ransomware. A notable case in May this year saw the national health service of Ireland, HSE, crippled by hackers.

“The recent ransomware attacks should serve as a warning that we must protect ourselves against threats that could undermine our security,” said commission vice-president Margaritis Schinas.

“We need to pool all our resources to defeat cyber-risks and enhance our operational capacity,” he added.

The most common motivation for these attacks is profit. Criminals extort their victims with the promise to turn over stolen data after payment. But there are other less direct ways that cybercrime costs organisations money.

If estimates are to be trusted, by 2025 the worldwide cost of cybercrime could be more than $10 trillion — equivalent to the combined GDP in 2020 of Italy, France, the United Kingdom, and Germany.

Moving the plan forward

Currently, the EU and its member states have distinct cybersecurity resources spread out across different domains and industries. The aim of the Commission’s new plan is to combine state resources to better respond to incidents with the full force of the EU’s collective expertise.

Certain EU countries have previously created joint cyber response teams under an EU defence cooperation scheme. State cybersecurity agencies have worked together to protect elections and 5G infrastructure, and police throughout the EU cooperate on investigations at the European Cybercrime Centre.

Taking on many of these responsibilities, the Joint Cyber Unit will establish itself “through a gradual and transparent process in four steps,” the Commission explained in its proposal paper for the project. This will comprise virtual and physical infrastructure development funded through the Commission’s Digital Europe Programme, with the resulting capabilities co-owned by member states.

Additional contributions, especially to develop member states’ cyber-defence capabilities, may come from the European Defence Fund.

The Commission aims to have the Unit operational by the end of June 2022, and fully established a year later, by the end of June 2023. The European Union Agency for Cybersecurity, ENISA, will steer the preparatory phase and the Joint Cyber Unit will operate from Brussels close to the offices of ENISA and CERT-EU, the Computer Emergency Response Team for the EU.

Mark Swift is a Scottish freelance journalist and writer based in Paris. His work covers business, technology, European politics, and EU policy. Before writing for 4i-mag, he was a journalist for Young Company Finance Scotland, covering investment in Scottish technology start-ups. Mark's portfolio can be found here: