Europe’s supranational institutions and many individual EU member-states have come to recognize Russia’s offensive cyber operations as one of the most imminent direct threats posed to European security.
On November 23, 2016, the European Parliament adopted a non-binding resolution aimed at consolidating the European countries in countering Russian propaganda and preventing cyber attacks. The resolution included strong language stressing that the European Parliament is “seriously concerned by the rapid expansion of Kremlin-inspired activities in Europe, including disinformation and propaganda seeking to maintain or increase Russia’s influence to weaken and split the EU.” The resolution stresses that Moscow has engaged and financed a number of subversive activities in Europe and warns that Russia’s aggressive activities in the cyber domain facilitate information warfare (European Parliament, November 23).
Moscow reacted furiously. The editor-in-chief of Russia Today, Margarita Simonian, condemned the declaration, accusing the European Union of “betraying its own democratic values and establishing obstacles to freedom of activities of key Russian international agencies.” The spokesperson for the Russian Ministry of Foreign Affairs, Maria Zakharova, stated: “We are sorry to admit it, but the EU has not ceased demonizing Russia.” She also warned that, should the European Parliament conduct any practical steps in this direction, the Russian Federation would provide an adequate and decisive response (1tv.ru, November 24).
Obviously, the Kremlin is feeling irritated by the fact that both Europe’s supranational institutions and many individual EU member-states have come to recognize Russia’s offensive cyber operations as one of the most imminent direct threats posed to European security.
On November 10, the Polish Ministry of Defense adopted its Plan on Technical Modernization of the Polish Army for 2017-2022. The document contains a separate part dedicated to cyber security, which envisages extensive reliance on U.S. experience. Its implementation will be based on five key pillars, of which the most impressive is the creation of a “Small Pentagon” – one of the most essential elements of cyber security, which provides real-time analysis of security alerts generated by network hardware and applications (Technowinki.onet.pl, November 10).
Moreover, Warsaw is ready to allocate approximately 230 million euros for cyber security, as Polish Defense Minister Antoni Macierewicz has reaffirmed. The minister also assured that practical implementation of this initiative would lead toward the creation of a consolidated unit of Polish “cyber troops” (Wschodnik.pl, November 10).
Furthermore, in November, Finland and 11 other countries (including the U.S., Germany, France, Sweden and the Baltic States) announced the creation of a joint center for fighting cyber threats (Yle.fi November 21). The headquarters of the center will be in Helsinki, which is widely known as the European “IT Mecca.” This initiative is particularly timely, given the growing number of offensive cyber attacks against both individual EU members and key European organizations and institutions. For instance, on November 25, a hacker attack on the EU Commission network, although not causing irreparable damage, once again brought to light the general weakness of the EU in the area of cyber security, its susceptibility to external threats and the absence of a palpable common strategy. This attack may have been related to the EU-Ukraine summit in Brussels where discussions took place on a visa-free regime for Kyiv (Cyberdefence24.pl, November 25).
A few days later, Germany was subjected to a major cyber attack that denied access to the Internet to 900,000 clients of Deutsche Telekom (112.ua, November 30). This caused a wave of anger among top-ranking German officials. Bruno Kahl, president of the German federal intelligence agency, stated that the Russian hackers’ attention is focused on Europe, especially on Germany and “the cyber-attacks endorsed by Moscow aim to create political instability” (Spiegel.de, November 29).
German Chancellor Angela Merkel had already warned of potential Russian interference in next year’s German elections, pointing out that the country already faced “a daily task” of responding to Russian cyber attacks and disinformation campaigns (Dw.com, November 8).
On November 9, the German Cabinet adopted a new cyber security strategy influenced by “a growing number of cyber attacks against institutions, critical infrastructure, private companies and ordinary citizens, which is primarily related to the activities of China and Russia” (Dw.com, November 9).
The initiative has outlined 30 strategic goals. From an institutional standpoint the creation of a Rapid Reaction Force under the umbrella of the Federal Bureau of Information (BSI), the Federal Police and intelligence services has become one of the main priorities for Germany. Furthermore, Berlin (along with Warsaw) has also identified its interest in borrowing U.S. experience in the area of cyber security and warding off cyber threats. Particular attention should be paid to the fact that the strategy pays serious attention to such instrumental dimensions as raising awareness and research and development in the domain of cyber security that is going to be extended down to primary school level (Cyberdefence24.pl, November 29).
The German initiative fully complies with the growing dialogue between the EU and NATO on fostering ties, increasing cooperation and exchange of information in the realm of cyber security. On the other hand, this provides a beam of hope that the European Parliament’s Directive on security of network and information systems (the NIS Directive) and the NATO Cyber Defense Pledge will ensure practical implementation of both previously identified and newly elaborated strategies.
The article above is reprinted from Eurasia Daily Monitor with permission from its publisher, the Jamestown Foundation, www.jamestown.org.