European Commission systems have come under attack from hackers searching for data belonging to Commission and diplomatic officials.
European Commission systems have come under attack from hackers searching for data belonging to officials.
The cyberattack was discovered on Tuesday, according to Antony Gravili, inter-institutional relations spokesman for the Commission. He said that the Commission frequently suffers attacks that try to eavesdrop on sensitive political information, and noted that this incursion was aimed at staff in the Commission and the External Action Service, the EU's foreign ministry.
"We are treating this as a serious attack because it is targeted," Gravili told ZDNet UK on Thursday. "What's new is that we have never taken precautionary measures on such a scale."
In response, the Commission has stopped web access to employee emails from home. Since Tuesday night it has also blocked access to its internal intranet — My IntraComm — from outside the Commission, and all users have been told to change their passwords.
Gravili declined to reveal whether hackers had targeted Commission systems via email, or whether any data had been compromised, saying the matter was still under investigation. The length of the attack and the type of infection or malware used is also not known.
We are treating this as a serious attack because it is targeted. What's new is that we have never taken precautionary measures on such a scale.
– Antony Gravili, spokesman
"It's a security issue," said Gravili. "The enquiry is ongoing, and we are finding new information all the time."
The investigation, which is being run by the Commission's Security Directorate — an in-house security team — will focus on how to "avoid similar infections in the future", he added.
The Commission is working with the European External Action Service, which has intelligence capabilities, to mitigate the effects of the intrusion. The EU's foreign service has been active lately, and on Monday it extended a freeze on Libyan assets to more individuals following the upheaval in that country.
At the beginning of March, the French finance ministry at Bercy said that it had been infiltrated by hackers searching for documents relating to the G20 summit. Gravili said that there was no evidence at this time that there was a link between the two attacks.
Get the latest technology news and analysis, blogs and reviews
delivered directly to your inbox with ZDNet UK's
newsletters.
Analysis
of
attacks
over
the
last
few
years
shows
that
the
enterprise
is
increasingly
becoming
a
target
for
significant
hacking
campaigns
by
government-backed
operations.
But
...
National
Cyber
Security
Centre
issues
advice
on
best
practice
for
passwords
-
and
that
includes
not
using
the
name
of
a
pet
or
family
member
to
secure
your
accounts.
...
Seven
Chinese
supercomputing
organisations
have
been
added
to
the
US
Entity
List
for
allegedly
helping
China
build
weapons
of
mass
destruction
programs.
...
Join Discussion