The problem, says the House of Lords report, is that services such as information, communication and commerce in European countries are highly dependent on the internet. And, because the internet is globally interlinked, the study suggests that the radical variation of safety procedures across Europe leaves the whole system weak.
Lord Jopling, Chairman of the Lords European Union committee, said: "The collapse of cyber systems in one country can overlap into others."
He added that the threat can come anywhere including: "individual businesses, financial services such as the City, critical infrastructure or the mechanics of government – and you never know quite who is responsible, which is part of the problem."
Lord Jopling's report notes that the EU and NATO have similar interests in defence against cyber attacks and work in similar ways, yet there is virtually no communication between them.
There must, the report says, be co-operation rather than duplication.
The House of Lords study has emphasised the need for a substantial cybersecurity infrastructure and indicated that in order to defend against the increasing number of cyber attacks, strong alliances with big players like the US, Russia and China will be required in the future.
It's not all doom and gloom in the report, however, as the report highlighted the fact that the UK's internet infrastructure is significantly more resilient than most countries in Europe.
Reaction to the report has been mixed, but Ilias Chantzos, director of government relations for Symantec's EMEA/Asia-Pacific-Japan region, said that the definition of a cyber war would be "an act by a state/government that has a political motivation to destabilise, interfere with, or disable online national security assets or entities of another state/government for the purpose of gaining the upper hand in pursuit of a militaristic objective."
"Those assets could come in the form of technological, economic or military value," he said.
"While there is no such thing as a defence and cybersecurity posture that is 100% effective against all attacks, the proper combination of people, processes and technology can at least ensure that a critical infrastructure provider can withstand an attack, recover, and continue to operate", he added.
So what is the difference between cyber warfare and everyday cybercrime?
Chantzos, who gave evidence to the House of Lords committee that produced the report, says that one of the biggest problems with supposed acts of cyber warfare is where and when to use the term.
"It's very difficult to determine the origin of an internet-based attack, and almost impossible to pin-point either the identity or motivation of its perpetrators: whether they're a criminal, an activist or a government agent", he said.
"For security agencies, following the trail of evidence left by alleged cyber warfare operations is made doubly complex by the fact that this evidence typically crosses international jurisdictions. Tackling this requires international co-operation, but the current levels of co-operation between nation states are often not able to police cybercrime, much less track covert activities", he added.
Chantzos notes that another problem is that government no longer controls most of the critical infrastructure, as much of it is under the control of the private sector.
"It is in the interest of industry and government to better co-operate to tackle these issues", he said.
Because of these issues, and the conclusions of the report, Symantec's director of government relations says that the UK government, the EU and NATO must recognise that cyber warfare is here to stay
The same tactics used to steal credit card details can now, he says, be used to copy defence plans. Cyber warfare, he argues, must be taken seriously.
Against this backdrop, Chantzos says that governments are a target, with all types of government infrastructure likely to be targeted sooner or later, meaning that security needs to built into new initiatives at concept stage, not bolted on later.
"You can't have security without intelligence. Governments need better cyber intelligence in the form of national Computer Emergency Response Teams (CERTs) that can help gather and interpret intelligence and respond to incidents", he said.
"It's all about people and processes, not technology – technology is no substitute for trustworthy people and robust processes", he added.
"The buck for security policy must stop somewhere. Instead of security being everyone and no one's responsibilities, governments should appoint an organisation with the power to set security policy."