Europe needs to be the driving force in securing infrastructure of core services against hybrid attacks, including ransomware, and work with NATO to build a resilient cyber defense, European Parliament Vice President Marcel Kolaja, a Czech software engineer, told New Europe in an exclusive interview.

“The cyber strategy of the European Commission also underlines the importance of international cooperation and the Commission plans to work with partners around the world. But, of course, we need to focus on those who share our values of democracy and rule of law and human rights because even though this is a global issue, of course, cooperation with corrupt regimes does not really bring you much,” Kolaja said in an interview, following the Prague European Summit. “So, I think in that sense our natural partner of the European Union is basically NATO where there is already a cooperation ongoing through a technical arrangement on cyber defense,” the Czech MEP added.

Kolaja, who engages in the Committee on the Internal Market and Consumer Protection (IMCO) of the European Parliament, reminded that currently the Network Information Security Directive is being updated. “I’m a shadow rapporteur of an opinion in the IMCO committee for that and this Directive basically lays down rules for member states to adopt national cybersecurity strategies, to designate competent national authorities so that the critical infrastructure can be resilient against all sorts of attacks. Of course, ransomware is one of them. It foresees cybersecurity risk management and reporting obligations for critical infrastructure and for critical entities,” Kolaja told New Europe, adding that the legislative proposal strengthens security requirements for the companies by imposing a risk management approach and providing a minimum list of basic security elements that have to be applied.

“Being Vice President for ICT is also important for me to see what we can do against cyberthreats and I would like to highlight the role of something that is called CERTEU, which is an abbreviation for Computer Emergency Response Team, which shares information and coordinates responses to cyberthreats, including ransomware, among EU institutions, among agencies and other bodies when they are under attack,” Kolaja said, noting this is part of a good strategy for being resilient against cyberattacks because all these institutions have a lot in common. “If they face some kind of a particular attack, it is expectable that it would not just be one institution that is under attack but it would be more of them that may face the same so it’s really good to coordinate both in response to attack but also how to get ready before that happens,” he said.

The Czech MEP explained that ransomware is heavily profit oriented, where cyber criminals target entities – governments, businesses and individuals. “Ransomware is a type of attack that basically ends with removing access to your data by, for instance, encrypting them or which other technique and requesting ransom so that you can regain your access back,” Kolaja said, adding that these types of attacks can also be automated. “It’s not necessarily that someone really like figures out, ‘okay, I want to attack this particular institution or company,’ but there can be automatic worms that spread across the Internet. So, this is a really concerning type of attack and we must do our best to address the vulnerabilities so that we are in a position that is safe against this type of cyberthreat,” he said. “We have also seen that many of these targets were, for instance, hospitals and their health records that happened in Romania in 2020, also in Germany and in my home country, the Czech Republic, the same story basically. Even in the city that I live in Brno, the hospital in Brno, which is really, really concerning,” he said, adding that the EU’s approach has been so far to increase cyber resilience on all relevant sectors, public and private.

“If you say ransomware, which means locking access to data and asking a ransom, that can be to a huge extent mitigated by a having proper backup strategy,” he said. “But, of course, it does not resolve the issue if it’s some sensitive data, then you can be blackmailed that these data would leak,” he added, citing data showing that more than 66 percent of healthcare organizations experienced a ransomware attack in 2019. “So, it is extremely concerning,” he told New Europe, adding that there is a need to access the threat coming from a potential breach.

Asked if private companies are more vulnerable than state entities, Kolaja said that for the attacker it’s not much of a difference if they attack public sector or private sector, they are profit oriented. “So, the point here is that basically we have a strategy that focuses more on what a critical infrastructure is regardless of whether it is public or private and have a good cybersecurity strategy for these, having obligations that make sense,” he said.

Asked if there is a race to develop software to counter hybrid attacks and software developed by the criminals for ransomware, Kolaja laughed and said, “It may sound funny the word ‘race’ but that’s what it is. People most probably know it from a more popular environment for them which is antivirus which always has been a race between those who develop viruses and those who try to protect people by developing anti-viruses so this is in that sense very similar”.

Kolaja said in order to counter hybrid threats, the EU needs a good strategy and react to what is the trend in cyberattacks, including ransomware. “So, to a certain extent, it’s kind of race. Cybersecurity is not anything that ends at some point. It’s not, “lock your door and that’s it! You don’t have to care’. You always have to be vigilant and you always have to watch what the trends in cyberthreats and cybersecurity are and adapt to it. It’s an ever-evolving area,” Kolaja said. “I would say that the European Union is definitely one of the world leaders in this which is also the argument that supports this is that we are having the revision of the Network Information Security Directive. That’s not just because we can, it’s because we have to adapt,” he added.

Hybrid threats are here to stay. Asked, what’s the biggest danger of hybrid threat in the future, Kolaja said undermining democracy. “The most dangerous aspect of the hybrid attacks is that they are hybrid. So, it’s a mix of different things that when you look at too closely, you may think it’s an isolated thing, but they’re a part of a larger strategy, that’s the dangerous thing,” he said. “Some of them are being state financed and some of them are aiming to undermine our democracy and that’s where I see the biggest threat and we won’t probably see a decrease in such rogue efforts. So, that’s is something we definitely have to pay attention to,” Kolaja told New Europe.

But the European Parliament Vice President sees no ground for pessimism. “There is no reason to be depressed from it or anything like this because that’s about how the world is and every age had their particular threats which evolved over time. I mean in the Middle Ages they had no issues with cyberthreats but they had other problems,” Kolaja said, adding, “So, humankind is always going to be facing threats and we always have to pay attention and build resilience against that. Let’s not be skeptical about that just because it’s here, because it has been here in different forms”.