Slashdot Mirror
EU Hi-Tech Crime Agency Created
Gori writes "The European Union is setting up an agency to co-ordinate work to combat the rising tide of cybercrime. The European Network and Information Security Agency will help educate the public about viruses, hacker attacks and other security problems. It will also act as a co-ordinator for Europe-wide investigations into virus outbreaks or electronic attacks. ENISA has a budget of 24.3m euros (17m), will start work in 2004 and will initially be based in Brussels."
Well, given that the EU are taking viruses seriously, perhaps MS will start to get some less-than-wonderful press over here.
:-)
Perhaps the EU can hold seminars, teaching MS employees what's good and bad about virus protection. Hint: the 'execute' bit has a fair old say in the matter
Simon
Physicists get Hadrons!
This is refreshing, instead of primarily focusing on making restrictive laws and "cracking down on hackers" they're doing what should have been done a long time ago, putting the priority on educating people about actual and potential security threats. I hope it works well, and I hope that the U.S. takes notice of this, since an educated public would be the best defense against viruses and cracking (and would hopefully shut down the media's "chicken little" syndrome when it comes to viruses)
Not to sound like ESR, but "hackers" is too widely used as a blanket statement for anyone who does things with computers that you don't understand. "Hackers" can be people who infiltrate networks, write/spread viruses, launch DDoS attacks, but also spammers, or even filesharers.
So I'm wondering what kind of "hackers" this agency is going to go after, the people behind virus attacks, DDoS attacks, spammers, etc., or are they just going to nab a few filesharing teenagers to make the headlines?
They'll just send an email saying stop, or I'll say stop again.
"Have you ever thought about just turning off the TV, sitting down with your kids, and hitting them?"
My Brussels company is actually involved in a cybercrime case (one of our ex-employees woke up one day and decided he wanted to trash our CVS).
The EU has had a cybercrime convention that was passed into law in Belgium in 2000, three years ago. The very first case is currently appearing in court. Until today, cybercrimes have mostly been classified under random sections of the criminal act such as "theft of electricity", "abuse of confidential information", and so on.
Belgium actually has a specialized cybercrime cell in the prosecutor's office. But it's still a very new area and could do with some better coverage. Few people know, for instance, that hacking one's own company is actually considered much more serious than hacking from "the outside", in the case of our departed hacker, worth between 18 months and 3 years in prison.
No-one really knows what counts as "evidence" either, and since laws in most European countries are not based on court cases but on statutory definitions, we don't even know if emails and expert's reports count as evidence.
I think cybercrime will be very important in the years ahead, as more and more business-critical information is stored in databases that can be accessed from the other side of the world if one knows the correct passwords.
Ceci n'est pas une signature
This smells fishy already... Apparently the parliament rapporteur is none else than the infamous Arlene McArthy (of Europen Softwre Patents fame). And she's already making propositions to have the Agency support TCPA / "Secure Computing" stuff...
Check it here...
Ceci n'est pas une signature
*sigh*
read the article on BBC and noticed they quoted it as 17 million POUNDS.
why was the pound symbol left out of the slashdot posting? weird..
I'll put my tinfoil hat back in the cupboard for another day.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Education helps protect people against your average dummy-attack (email trojan, open share, etc). Doesn't do much against the latest RPC vulnerability etc, or perhaps a DDOS.
Law enforcement does need to deal with this situation. It also needs a body that understands it clearly and doesn't view anyone proficient with a computer as a "mysterious hacker/cracker capable of being a threat."
br Even with education, you'll only reduce dumb slip-ups, not totally remove them. For the rest, we need an easier way of dealing with crackers. When it gets to the point of threats such as "pay us $50000 or we'll see your servers DDOS'ed into hell," I'd say that technical crime is just as bad as physical, and it does need to be dealt with.
Want to ask a better question? Why was the word "anti" left out of the headline "EU Hi-Tech Crime Agency Created"? It makes it sound like a new criminal organization has been spun up by the government (well, that's the way it works here in the US, I can't imagine the UK who we learned all our behavior from is any different.)
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
Almost every EU agency seems to end up in one of a few places: Brussels, Strasbourg, Frankfurt. In Sweden, we have, as far as I know not a single EU agency. Not surprising that EU is so unpopular here when everything is centralised like this. I have been a supporter of EU , and still am, but if it continues like this, I wonder what is the point. Decentralise!!!
Initators of ENISA are software patent lover Arlene McCarthy (UK labour) and the doubtful European Internet Foundation (see disinfopedia).
.
Association Electronic Libre (Belgium) has monitored the ENISA situation
It is probably initiated by Business Software Alliance. Many observers regard the EIF as a parliaments prostitution camp. This may be a strong comment. However, I guess ENISA will promote Digital Rights Magemenent, Palladium and so on. It will not compare to well respected security institutions like German BSI.
I know the key persons and we knwo the aganda.