European Commission suffers 'serious' cyberattack

Hackers have targeted systems at the European Commission in a search for diplomatic data, leading the body to introduce a security lockdown

By Tom Espiner | March 24, 2011 -- 15:31 GMT (08:31 PDT) | Topic: Security

European Commission systems have come under attack from hackers searching for data belonging to Commission and diplomatic officials.

European Commission systems have come under attack from hackers searching for data belonging to officials.

The cyberattack was discovered on Tuesday, according to Antony Gravili, inter-institutional relations spokesman for the Commission. He said that the Commission frequently suffers attacks that try to eavesdrop on sensitive political information, and noted that this incursion was aimed at staff in the Commission and the External Action Service, the EU's foreign ministry.

"We are treating this as a serious attack because it is targeted," Gravili told ZDNet UK on Thursday. "What's new is that we have never taken precautionary measures on such a scale."

In response, the Commission has stopped web access to employee emails from home. Since Tuesday night it has also blocked access to its internal intranet — My IntraComm — from outside the Commission, and all users have been told to change their passwords.

Gravili declined to reveal whether hackers had targeted Commission systems via email, or whether any data had been compromised, saying the matter was still under investigation. The length of the attack and the type of infection or malware used is also not known.

We are treating this as a serious attack because it is targeted. What's new is that we have never taken precautionary measures on such a scale.
– Antony Gravili, spokesman

"It's a security issue," said Gravili. "The enquiry is ongoing, and we are finding new information all the time."

The investigation, which is being run by the Commission's Security Directorate — an in-house security team — will focus on how to "avoid similar infections in the future", he added.

The Commission is working with the European External Action Service, which has intelligence capabilities, to mitigate the effects of the intrusion. The EU's foreign service has been active lately, and on Monday it extended a freeze on Libyan assets to more individuals following the upheaval in that country.

At the beginning of March, the French finance ministry at Bercy said that it had been infiltrated by hackers searching for documents relating to the G20 summit. Gravili said that there was no evidence at this time that there was a link between the two attacks.

Get the latest technology news and analysis, blogs and reviews delivered directly to your inbox with ZDNet UK's newsletters.