EU Hi-Tech Crime Agency Created

Gori writes "The European Union is setting up an agency to co-ordinate work to combat the rising tide of cybercrime. The European Network and Information Security Agency will help educate the public about viruses, hacker attacks and other security problems. It will also act as a co-ordinator for Europe-wide investigations into virus outbreaks or electronic attacks. ENISA has a budget of 24.3m euros (17m), will start work in 2004 and will initially be based in Brussels."

I hear

They've already exployed Inspector Gadget and his niece Penny. Go go Gadget-hacking!

No let-up for MS within the EU

[Space+cowboy]

Well, given that the EU are taking viruses seriously, perhaps MS will start to get some less-than-wonderful press over here.

Perhaps the EU can hold seminars, teaching MS employees what's good and bad about virus protection. Hint: the 'execute' bit has a fair old say in the matter :-)

Simon

Re:No let-up for MS within the EU

[Ianoo]

Also they produce lots of Mac OSX software. There's also Internet Explorer for UNIX, although I've never seen it in action, it's very very rare.

Education is key...

[shakamojo]

This is refreshing, instead of primarily focusing on making restrictive laws and "cracking down on hackers" they're doing what should have been done a long time ago, putting the priority on educating people about actual and potential security threats. I hope it works well, and I hope that the U.S. takes notice of this, since an educated public would be the best defense against viruses and cracking (and would hopefully shut down the media's "chicken little" syndrome when it comes to viruses)

Re:Education is key...

[Tsali]

We have a privately funded group called the RIAA to handle such matters.

Thank you for your consideration.

T.

for slow US readers like myself...

[wwest4]

17 m GBP, not dollars... for a minute there, i thought the euro got a lot weaker real fast. good thing i didn't order plane tickets before realizeing my mistake.

What kind of "hackers" will they catch?

[LeoDV]

Not to sound like ESR, but "hackers" is too widely used as a blanket statement for anyone who does things with computers that you don't understand. "Hackers" can be people who infiltrate networks, write/spread viruses, launch DDoS attacks, but also spammers, or even filesharers.

So I'm wondering what kind of "hackers" this agency is going to go after, the people behind virus attacks, DDoS attacks, spammers, etc., or are they just going to nab a few filesharing teenagers to make the headlines?

Re:What kind of "hackers" will they catch?

[potcrackpot]

Fool!

The article says:

"[ENISA] will help educate the public about viruses, hacker attacks and other security problems. It will also act as a co-ordinator for Europe-wide investigations into virus outbreaks or electronic attacks."

Seems clear enough to me: virus writers, denial of service attackers, but not spammers.

High tech Bobbies to nab cyber hooligans!

[Kenja]

They'll just send an email saying stop, or I'll say stop again.

Yeah, tell me about it...

[heironymouscoward]

My Brussels company is actually involved in a cybercrime case (one of our ex-employees woke up one day and decided he wanted to trash our CVS).

The EU has had a cybercrime convention that was passed into law in Belgium in 2000, three years ago. The very first case is currently appearing in court. Until today, cybercrimes have mostly been classified under random sections of the criminal act such as "theft of electricity", "abuse of confidential information", and so on.

Belgium actually has a specialized cybercrime cell in the prosecutor's office. But it's still a very new area and could do with some better coverage. Few people know, for instance, that hacking one's own company is actually considered much more serious than hacking from "the outside", in the case of our departed hacker, worth between 18 months and 3 years in prison.

No-one really knows what counts as "evidence" either, and since laws in most European countries are not based on court cases but on statutory definitions, we don't even know if emails and expert's reports count as evidence.

I think cybercrime will be very important in the years ahead, as more and more business-critical information is stored in databases that can be accessed from the other side of the world if one knows the correct passwords.

This smells fishy !

[Katchina'404]

This smells fishy already... Apparently the parliament rapporteur is none else than the infamous Arlene McArthy (of Europen Softwre Patents fame). And she's already making propositions to have the Agency support TCPA / "Secure Computing" stuff...

Check it here...

Re:This smells fishy !

[Elektroschock]

http://lists.ffii.org/mailman/listinfo/enisa/index .html - ENISA Mailing list

Re:exchange rate is wrong

[JeffSh]

*sigh*

read the article on BBC and noticed they quoted it as 17 million POUNDS.

why was the pound symbol left out of the slashdot posting? weird..

European Security Agency?

[mashx]

When I first read this, my first thought is that it seems to be a sneaky way to introduce a European equivalent of the NSA, without the security concerns that would involve on each member nation of the EU. It might only have a small budget now, but if the general idea is not to be too obvious that makes sense. The fact that its role will be up for reassessment in four years time could be used as an indicator for that.

I'll put my tinfoil hat back in the cupboard for another day.

P,ENISA

I sure hope the President of this organisation doesn't abbreviate his business card as above... ;)

Only partly

[phorm]

Education helps protect people against your average dummy-attack (email trojan, open share, etc). Doesn't do much against the latest RPC vulnerability etc, or perhaps a DDOS.

Law enforcement does need to deal with this situation. It also needs a body that understands it clearly and doesn't view anyone proficient with a computer as a "mysterious hacker/cracker capable of being a threat."
br Even with education, you'll only reduce dumb slip-ups, not totally remove them. For the rest, we need an easier way of dealing with crackers. When it gets to the point of threats such as "pay us $50000 or we'll see your servers DDOS'ed into hell," I'd say that technical crime is just as bad as physical, and it does need to be dealt with.

Re:exchange rate is wrong

[drinkypoo]

Want to ask a better question? Why was the word "anti" left out of the headline "EU Hi-Tech Crime Agency Created"? It makes it sound like a new criminal organization has been spun up by the government (well, that's the way it works here in the US, I can't imagine the UK who we learned all our behavior from is any different.)

Amusing tale about currency conversion

[NickFitz]

As most people are aware, newspapers have a house style which dictates such matters as how dates are shown, whether to have a full stop after "Mr", and such-like details.

The Daily Telegraph house style dictates that, when an amount is given in a foreign currency, it should be followed by the equivalent in GBP, in brackets.

Sometime in the '70s, this led to a front-page photograph appearing with the caption:

Mrs Elizabeth Taylor arriving at Heathrow Airport yesterday. She told waiting journalists, "I feel like a million dollars! (647,000 GBP)"

(Out of curiosity, does anyone know why /. doesn't allow the pound sterling symbol in posts?)

Brussels, Brussels

[claes]

Almost every EU agency seems to end up in one of a few places: Brussels, Strasbourg, Frankfurt. In Sweden, we have, as far as I know not a single EU agency. Not surprising that EU is so unpopular here when everything is centralised like this. I have been a supporter of EU , and still am, but if it continues like this, I wonder what is the point. Decentralise!!!

Enisa is a trap

[Elektroschock]

Initators of ENISA are software patent lover Arlene McCarthy (UK labour) and the doubtful European Internet Foundation (see disinfopedia).

Association Electronic Libre (Belgium) has monitored the ENISA situation .

It is probably initiated by Business Software Alliance. Many observers regard the EIF as a parliaments prostitution camp. This may be a strong comment. However, I guess ENISA will promote Digital Rights Magemenent, Palladium and so on. It will not compare to well respected security institutions like German BSI.

I know the key persons and we knwo the aganda.

This bears watching

[Mr.+Dop]

To see if two things happen;

Cooperation between the US and EU instead of what happened with Data Privacy and Safe Harbor.

See if they advocate education route with security or regulation route with licensing users for access to the public arena

EU Agenciencies are quite distributed...

[Kinniken]

According to the official list (http://europa.eu.int/agencies/index_en.htm), the 15 current agencies are located in:

THESSALONIKI, Greece
DUBLIN, Ireland
COPENHAGEN, Danemark
TORINO, Italy
LISBON, Portugal
LONDON, UK
ALICANTE, Spain
BILBAO, Spain
ANGERS, France
LUXEMBOURG, Luxembourg
VIENNA, Austria
THESSALONIKI, Greece (again!)

The last three are new and do not have fixed locations yet. So it looks like the EU agencies are in fact concentrated in... THESSALONIKI, Greece! At least one of the new agencies will probably end up in Finland - not quite Sweden but not too far out either ;-)
Note that those are EU agencies, working in a specific field, and not EU institutions, like the Commission, the Parliament, or the ECB. The first two belong in Brussel IMHO - placing one in Portugal and the other in Finland would be good "decentralisation", but it would simply multiply traveling expenses.

It's funny....

[micaiah]

How in all of these articles from the BBC concerning security they use a picture of someone's inbox at support@microsoft.com