Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
The Courts Government Technology News

EU Hi-Tech Crime Agency Created 88

Gori writes "The European Union is setting up an agency to co-ordinate work to combat the rising tide of cybercrime. The European Network and Information Security Agency will help educate the public about viruses, hacker attacks and other security problems. It will also act as a co-ordinator for Europe-wide investigations into virus outbreaks or electronic attacks. ENISA has a budget of 24.3m euros (17m), will start work in 2004 and will initially be based in Brussels."
This discussion has been archived. No new comments can be posted.

EU Hi-Tech Crime Agency Created

Comments Filter:
  • I hear (Score:2, Funny)

    by Anonymous Coward
    They've already exployed Inspector Gadget and his niece Penny. Go go Gadget-hacking!
  • by Space cowboy ( 13680 ) on Friday November 21, 2003 @11:46AM (#7529167) Journal
    Well, given that the EU are taking viruses seriously, perhaps MS will start to get some less-than-wonderful press over here.

    Perhaps the EU can hold seminars, teaching MS employees what's good and bad about virus protection. Hint: the 'execute' bit has a fair old say in the matter :-)

    Simon
    • Perhaps the EU can hold seminars, teaching MS employees what's good and bad about virus protection. Hint: the 'execute' bit has a fair old say in the matter :-)

      What execute bit? There's no such thing on windows.
      And MS haven't made any l?[iu]n[ui]x software that I can recall.
      I think suggesting that the EU execute MS employees is a bit extreme - I'm as anti-MS as most reasonable people but that's a bit extreme. If you'd said stocks, pillories, that sort of thing then well, that's a different matter. :-)

      • You know, that puts a whole new spin on things. We haven't had a bloody uprising in Europe in ages. Madame la guillotine stands gaunt from lack of sustenance.

        Oh all right, but I think viruses would be somewhat more prevalent if something got chopped off for every 1 million infections :-))) Choice of "bit" to chop done to be decided by (non-electronic) vote of thos infected :-))

        Simon
      • And MS haven't made any l?[iu]n[ui]x software that I can recall

        Well, I guess you haven't been around long enough... remember Microsoft Xenix [sourcemagazine.com]? Microsoft was actually one of the largest UNIX vendors in the early eighties.
      • No, but in 2k/XP/2k3 there are ACL's instead, and included there is the permission to execute.
        Quite functional, and do everything permissions do, plus some more.

        If you bother to learn it. Which most normal users and all too many Unix and Linux users don't(And then whine about how Windows doesn't have permissions)

        • Yep, you can even script it if you dig a bit.
          ACLs are a finer-grained solution than the unix permissions, but ideally I'd have a combination the two.
  • by shakamojo ( 518620 ) on Friday November 21, 2003 @11:47AM (#7529188)
    This is refreshing, instead of primarily focusing on making restrictive laws and "cracking down on hackers" they're doing what should have been done a long time ago, putting the priority on educating people about actual and potential security threats. I hope it works well, and I hope that the U.S. takes notice of this, since an educated public would be the best defense against viruses and cracking (and would hopefully shut down the media's "chicken little" syndrome when it comes to viruses)
    • We have a privately funded group called the RIAA to handle such matters.

      Thank you for your consideration.

      T.
    • Only partly (Score:5, Insightful)

      by phorm ( 591458 ) on Friday November 21, 2003 @12:16PM (#7529469) Journal
      Education helps protect people against your average dummy-attack (email trojan, open share, etc). Doesn't do much against the latest RPC vulnerability etc, or perhaps a DDOS.

      Law enforcement does need to deal with this situation. It also needs a body that understands it clearly and doesn't view anyone proficient with a computer as a "mysterious hacker/cracker capable of being a threat."
      br Even with education, you'll only reduce dumb slip-ups, not totally remove them. For the rest, we need an easier way of dealing with crackers. When it gets to the point of threats such as "pay us $50000 or we'll see your servers DDOS'ed into hell," I'd say that technical crime is just as bad as physical, and it does need to be dealt with.
      • Education helps protect people against your average dummy-attack (email trojan, open share, etc). Doesn't do much against the latest RPC vulnerability etc, or perhaps a DDOS.

        Well, the latest RPC outbreak could be prevent if Windows users was aware of the risks of not keeping their operating systems up to date by applying critical updates from Windows Update, preferrably through the service you can activate that auto-downloads critical fixes and alerts you when some patch should be applied.

        I agree about D
    • Smells like the BSA. They have no legal or judicial authority, yet they sound important and brandish a Big Stick to make people believe that they have some power. While I think that this agency can do some good, they are little more than an educational institution.

      Because they are multinational, they will have no power whatsoever within any single country.
  • by wwest4 ( 183559 ) on Friday November 21, 2003 @11:49AM (#7529196)
    17 m GBP, not dollars... for a minute there, i thought the euro got a lot weaker real fast. good thing i didn't order plane tickets before realizeing my mistake.
  • by LeoDV ( 653216 ) on Friday November 21, 2003 @11:49AM (#7529203) Journal
    Not to sound like ESR, but "hackers" is too widely used as a blanket statement for anyone who does things with computers that you don't understand. "Hackers" can be people who infiltrate networks, write/spread viruses, launch DDoS attacks, but also spammers, or even filesharers.

    So I'm wondering what kind of "hackers" this agency is going to go after, the people behind virus attacks, DDoS attacks, spammers, etc., or are they just going to nab a few filesharing teenagers to make the headlines?
    • Fool!

      The article says:

      "[ENISA] will help educate the public about viruses, hacker attacks and other security problems. It will also act as a co-ordinator for Europe-wide investigations into virus outbreaks or electronic attacks."
      Seems clear enough to me: virus writers, denial of service attackers, but not spammers.
  • by Kenja ( 541830 ) on Friday November 21, 2003 @11:52AM (#7529222)
    They'll just send an email saying stop, or I'll say stop again.

    • "John Plod's Boffins Nab Daft Hackers' Kit - Wary Punters Shed Crap OS, Naff Situ Goes All Pear-Shaped"

      This has been an excerpt from the new book "All I Needed to Know about English I learned from The Register [theregister.co.uk]".

      PS Not Brit-bashing at all. I find the UK historically and linguistically fascinating.
  • by heironymouscoward ( 683461 ) <heironymouscowar ... m ['oo.' in gap]> on Friday November 21, 2003 @11:53AM (#7529233) Journal
    My Brussels company is actually involved in a cybercrime case (one of our ex-employees woke up one day and decided he wanted to trash our CVS).

    The EU has had a cybercrime convention that was passed into law in Belgium in 2000, three years ago. The very first case is currently appearing in court. Until today, cybercrimes have mostly been classified under random sections of the criminal act such as "theft of electricity", "abuse of confidential information", and so on.

    Belgium actually has a specialized cybercrime cell in the prosecutor's office. But it's still a very new area and could do with some better coverage. Few people know, for instance, that hacking one's own company is actually considered much more serious than hacking from "the outside", in the case of our departed hacker, worth between 18 months and 3 years in prison.

    No-one really knows what counts as "evidence" either, and since laws in most European countries are not based on court cases but on statutory definitions, we don't even know if emails and expert's reports count as evidence.

    I think cybercrime will be very important in the years ahead, as more and more business-critical information is stored in databases that can be accessed from the other side of the world if one knows the correct passwords.
    • Dear CEO.

      My reserch has proved you to be a persons of trust on whome we can trust.

      I represent the offices of Jhon Ashcroft. A recent internet sting operation was over funded by $37,600,000 (Thirty seven point 6 missions USD). You may have read about this. This was deliberate. We now seek a persons of trust for whome we can reliy. We need a persons to set up a zero balance offshor account whos name we can put the money in. And for this service we are willing to pay 20% of the $37,6000,000.

      Please God willi
    • Can we talk about this (in private)? exchange mails? meet or telephone? I am located in Brussels. I am new to this site and not sure how this postings work.
  • This smells fishy ! (Score:5, Interesting)

    by Katchina'404 ( 85738 ) on Friday November 21, 2003 @11:55AM (#7529256) Homepage
    This smells fishy already... Apparently the parliament rapporteur is none else than the infamous Arlene McArthy (of Europen Softwre Patents fame). And she's already making propositions to have the Agency support TCPA / "Secure Computing" stuff...

    Check it here [ffii.org]...
  • whoever wrote up this article must be using really old exchange rate tables. 24.3 million euros is worth closer to 29 million US Dollars, not 17 million
  • by mashx ( 106208 ) on Friday November 21, 2003 @12:07PM (#7529381)
    When I first read this, my first thought is that it seems to be a sneaky way to introduce a European equivalent of the NSA, without the security concerns that would involve on each member nation of the EU. It might only have a small budget now, but if the general idea is not to be too obvious that makes sense. The fact that its role will be up for reassessment in four years time could be used as an indicator for that.

    I'll put my tinfoil hat back in the cupboard for another day.

    • Good point. I actually wondered why they haven't simply called it EuNetPol, but I guess that would've been too simple and obvious. Or, maybe simplicity in an public organization's name it's a sign of accountability which is why it needs 2 b obfuscated :)
  • Well, not really, but that's the first thing that popped into my head when I read "Hi-Tech Crime Agency."

    Stefan
  • Or is this going to be the EU version of the Software Business Alliance, whose idea of crime is copying software?
  • P,ENISA (Score:2, Funny)

    by Anonymous Coward
    I sure hope the President of this organisation doesn't abbreviate his business card as above... ;)
  • Lovely, 17m to help educate the people of europe about computer security problems, except that most of that will be swallowed up in translation costs for all the different european languages...
  • Brussels, Brussels (Score:5, Interesting)

    by claes ( 25551 ) on Friday November 21, 2003 @01:11PM (#7530008)
    Almost every EU agency seems to end up in one of a few places: Brussels, Strasbourg, Frankfurt. In Sweden, we have, as far as I know not a single EU agency. Not surprising that EU is so unpopular here when everything is centralised like this. I have been a supporter of EU , and still am, but if it continues like this, I wonder what is the point. Decentralise!!!

    • According to the official list (http://europa.eu.int/agencies/index_en.htm), the 15 current agencies are located in:

      THESSALONIKI, Greece
      DUBLIN, Ireland
      COPENHAGEN, Danemark
      TORINO, Italy
      LISBON, Portugal
      LONDON, UK
      ALICANTE, Spain
      BILBAO, Spain
      ANGERS, France
      LUXEMBOURG, Luxembourg
      VIENNA, Austria
      THESSALONIKI, Greece (again!)

      The last three are new and do not have fixed locations yet. So it looks like the EU agencies are in fact concentrated in... THESSALONIKI, Greece! At least one of the new agencies
  • Enisa is a trap (Score:4, Interesting)

    by Elektroschock ( 659467 ) on Friday November 21, 2003 @01:12PM (#7530019)
    Initators of ENISA are software patent lover Arlene McCarthy (UK labour) and the doubtful European Internet Foundation (see disinfopedia [disinfopedia.org]).

    Association Electronic Libre (Belgium) has monitored the ENISA situation [wiki.ael.be].

    It is probably initiated by Business Software Alliance. Many observers regard the EIF as a parliaments prostitution camp. This may be a strong comment. However, I guess ENISA will promote Digital Rights Magemenent, Palladium and so on. It will not compare to well respected security institutions like German BSI.

    I know the key persons and we knwo the aganda.
  • by Mr. Dop ( 708162 )
    To see if two things happen;

    Cooperation between the US and EU instead of what happened with Data Privacy and Safe Harbor [ftc.gov].

    See if they advocate education route with security or regulation route with licensing users for access to the public arena

  • Soon as Enterprise folds up.

    A veteran American police detective, forced out of his New York job by a scandal he didn't cause, moves to Brussels to head up a special, babe-filled division of ENISA that tackles the cases the rest of the agency can't crack.
  • How in all of these articles from the BBC concerning security they use a picture of someone's inbox at support@microsoft.com

You are always doing something marginal when the boss drops by your desk.

Working...