The European Commission suffered a 20% rise in attacks on its infrastructure in 2016, it has been revealed, as fears grow over Russian attempts to influence the outcome of major elections in France and Germany.
People “close to the situation” told the FT of the growing threat from cyberspace, with hackers keen to get their hands on a treasure trove of information on the EU’s 28 member states held on Commission servers.
Senior civil servants have apparently been instructed to follow security best practices such as using encrypted email.
The Commission is said to be stepping up cybersecurity co-operation with Nato, which has also experienced a rise in attacks.
EU security commissioner Sir Julian King told the paper that at the most extreme end, cyberattacks can undermine the democratic process.
“It’s clear that many institutions across Europe and more widely, and that includes the European Commission, are subject to a continuously increasing number of cyberattacks from different sources,” he added.
“These threats are persistent, they are aggressive, and more and more dangerous and potentially destructive.”
Politicians have already voiced concerns in France and Germany that the Kremlin could be preparing another campaign to destabilise the region by hacking and releasing sensitive political information, using propaganda tools like Russia Today, and spreading false news on social media sites.
Such tactics seem to have served it well in the United States, with intelligence agencies claiming in a report on Friday that Russian state-sponsored actors were definitely behind hacks of the Democratic National Committee and other attempts to influence the outcome of the presidential election.
French defence minister Jean-Yves Le Drian told Le Journal Du Dimanche over the weekend that the attacks against the country were doubling each year.
He claimed defence targets were hit by 24,000 cyber attacks last year, including attempts at disrupting the country’s drone systems.
The European Commission last suffered a major successful attack when DDoS-ers took services offline in November, although no data was compromised on that occasion.