News and Music Discovery
Play Live Radio
Next Up:
0:00
0:00
0:00 0:00
Available On Air Stations

How Europe Is Grappling With Increased Cybersecurity Threats

RACHEL MARTIN, HOST:

Governments and corporations around the world are still dealing with the aftermath of Tuesday's cyberattack. It's the second in as many months to leave thousands of computers and systems crippled around the world. Yesterday, cyber experts and officials from the EU, NATO and private industry all met in Brussels to talk about the growing cyberthreat. NPR's Soraya Sarhaddi Nelson was there for that meeting. Hi, Soraya.

SORAYA SARHADDI NELSON, BYLINE: Good morning, Rachel.

MARTIN: Before we get to the substance of that conference, can you get us up to speed on the consequences of this latest cyberattack?

NELSON: Well, even now, there are still some ports, shipping companies and banks that are affected. Among the hardest hit by this malware was Ukraine, which is where authorities are saying the attack started. The goal of the attack is still unclear. Some cyber experts are now saying that it looks like the hackers weren't looking for ransom, as they have in some past attacks, but instead wiped out the victims' data.

MARTIN: So obviously this meeting had to have been scheduled before to get all these people assembled. This latest cyberattack, though, I imagine created a larger sense of urgency about how to grapple with all this?

NELSON: Certainly that's what everybody was talking about. They painted a pretty bleak picture at this meeting. And it was at the European Parliament, set up by some of the members, as well as the Atlantic Treaty Association, which is an umbrella group for policy makers and trade experts. And they said that these attacks in the past two months have affected 150 countries and more than a quarter-million computers. This is how Sir Julian King, who is the anti-terror czar of the European Commission, characterized it.

(SOUNDBITE OF ARCHIVED RECORDING)

JULIAN KING: By some estimates, the rate of growth of this threat outstrips the rate of growth of the use of the Internet itself. So the question is no longer whether you or your business or your organization might experience a cyber incident but rather when?

MARTIN: That's alarming.

NELSON: He says it's a consequence of living in a world that is digitally connected.

MARTIN: Yeah. So that's pretty alarming, though. So what did they do about it? I mean, what are officials saying that can be the preventive measures if they're saying it's inevitable it's going to happen?

NELSON: Well, they say there isn't really anything they can do to stop it, at least altogether. Jamie Shea is a top NATO official dealing with emergent - emerging, sorry - security challenges. And he says a lot of it has to do with countries being out of date in terms of their computer technology.

JAMIE SHEA: You know, there are some attacks that really you can't do much to prevent because they're so sophisticated, but there are very, very large number which are preventable, particularly when you're running on old software. And therefore, everybody needs to pull their socks up and come up to a minimal security status.

NELSON: He says NATO is trying to do its part to rectify that.

MARTIN: By pulling your socks up, apparently, which is a metaphor for something I imagine. So what is - what's Europe doing? What are they doing to try to rectify this?

NELSON: Well, in terms of NATO, let's start with them. They have a platform to share malware information with the EU. And they have teams that are involved in protecting government and military networks. And then the EU also has emergency teams, and they work with the civilian industry side as well.

There are also these joint cyberattack exercises which everyone who was at this conference says is vital. The NATO, EU and private industry take part in those. But there are limits as to what can be done because we've seen here in Europe before when there are major issues like terror attacks or refugee crisis, there's just rarely any agreement or unison in way - in the way things work.

MARTIN: Does the U.S. take part in these things? I mean, how prepared is America for a cyberattack of this scale?

NELSON: Well, certainly at this conference, they were talking - I should say King was talking about how the U.S. devotes a lot more resources to fighting cybercrime - research and the like - $19 billion this year compared to roughly $2 billion that the EU has devoted over the next three years.

MARTIN: NPR's Soraya Sarhaddi Nelson. Thanks so much, Soraya.

NELSON: You're welcome, Rachel. Transcript provided by NPR, Copyright NPR.

Special correspondent Soraya Sarhaddi Nelson is based in Berlin. Her reports can be heard on NPR's award-winning programs, including Morning Edition and All Things Considered, and read at NPR.org. From 2012 until 2018 Nelson was NPR's bureau chief in Berlin. She won the ICFJ 2017 Excellence in International Reporting Award for her work in Central and Eastern Europe, North Africa, the Middle East and Afghanistan.