The German Armed Forces are leading an EU project to coordinate “hackbacks”. Information gathering will be taken over by “cyber intelligence services”.
The European Union is to strengthen its cyber defence capabilities, including the development of “active defence capabilities”. These are then to be deployed jointly in the event of a digital attack on a member state. This is according to a communication on the “EU Policy on Cyber Defence” issued by EU Foreign Affairs and Security Commissioner Josep Borrell and the Commission on Wednesday. The justification given is the “deteriorating security environment” following the Russian attack on Ukraine. The EU, its citizens and infrastructures need to be strengthened against a growing number of cyber attacks, the document says. Examples are attacks on energy networks, transport infrastructures and space assets.
The communication builds on previous initiatives. These include the EU’s Strategic Compass for Security and Defence from this year and the 2020 civil-military Cybersecurity Strategy, which calls on the EU and its member states to invest in resilience, technological independence and “leadership” in cyberspace. Artificial intelligence is to be used to provide the EU with a “cyber security shield”. This is the aim of the new initiative from Brussels, which proposes primarily military initiatives. Funding could come from the European Defence Fund or the Permanent Structured Cooperation (PESCO), with which the EU rewards the military build-up in the member states. Further money could be allocated from the “Horizon Europe” research fund.
In the civilian sector, the EU has already built up a network of IT emergency teams, and now the military is to be equipped accordingly. In addition, the Commission proposes a so-called “cyber reserve”, which would consist of “private trusted providers”. Within the framework of a project called “Cydef-X”, the member states are then to train the new capabilities in “cyber defence exercises”. The focus is on mutual assistance in accordance with Article 42(7) of the EU Treaty, which stipulates military assistance in the event of a threat to an EU member. This is also to apply to cyber attacks; the EU held its first such exercise earlier this year.
EU Internal Market Commissioner Thierry Breton described the measures on Wednesday as “to protect, detect, defend, and deter”. But behind that are cyberattacks, which critics call “hackbacks”. According to the German coalition agreement, the government rejects such measures. It is therefore unclear how the German government will react to the initiative from Brussels.
In any case, the Bundeswehr is preparing for the new capabilities. Germany is chairing the establishment of a European Cyber and Information Domain Coordination Center (CIDCC), which is to be gradually operational from next year and is being funded within the framework of PESCO. It will support EU-led military missions by, among other things, analysing intelligence information. At a later stage, the centre will also plan and conduct “operations” in cyberspace.
In doing so, the military can also rely on information from secret services. The EU Cybersecurity Strategy includes the establishment of a working group for “Cyber Intelligence” in the Intelligence Situation Centre in Brussels. In recent years, this INTCEN has been given more competences for the detection and assessment of cyber disruptions. The institution, in which the Federal Intelligence Service and the Federal Office for the Protection of the Constitution cooperate from Germany, is supposed to determine the originators of a cyber attack, for example. These can then be countered with the new “active defence capabilities”.
Image: Bundeswehr/ Jonas Weber.