ENISA, Europol, strike info-sharing deal
Watch out, cyber-crooks, TWO European agencies are chasing you now
Europe's peak information security body will join forces with the continent's criminal intelligence sharing outift in order to beat down on carders and crackers plaguing Europe.
Heads of the European Union Agency for Network and Information Security (ENISA) signed a deal with Europol at the Hague last Thursday to give a capability kick to Europol and its cyber crime centre (EC3).
The two agencies will share insights that can help shed light on cyber crime cases, strategic analyses and best practice, and training.
The new alliance is part of broader work by ENISA to ensure computer emergency response teams (CERTs) scattered across Europe were regularly talking and sharing info.
In a joint statement ENISA executive director Professor Udo Helmbrecht and Europol boss Rob Wainwright said information sharing between the agencies was important to help fight online crime.
"This agreement is an important step in the fight against ever more skilled cyber criminals who are investing more time, money and people on targeted attacks," the chiefs wrote in a canned statement.
"Cyber crime is estimated to cost the global economy more than $400 billion annually [and] by cooperating more closely together and sharing expertise, we strengthen Europe’s capacity to combat cyber criminals.”
The deal did not include the exchange of personal data.
Information-sharing is a perennial problem for crime-fighting agencies. Countless statements have been released on the back of deals and memoranda promising to formalise what often amounted to an exchange of tip offs through causal phone calls between industry friends.
The road blocks for information sharing were diverse. It included departmental territory guarding, a lack of personal ties between agency staff that often led to tip offs, and an absence of trust by the private sector in exposing sensitive but valuable data to governments.
There were also technical and legal constraints, according to an October 2013 ENISA report dubbed Detect, SHARE, Protect [PDF].
"Despite fruitful cooperation between many CERTs bringing visible results in improving cyber security in EU member states, the teams still face obstacles that work against seamless security information exchange and sharing [including] legal and technical barriers, as well as lack of interest from cyber security stake holders in sharing information," it said in the report.
"The 'perfect' scenario for enhancing sharing practices in the CERT community would include building a bridging platform that would extend existing communities and broker information across these communities."
Communication tools should be interoperable and open source, backed by solid threat intelligence and correlation engines, advanced incident analytics and visualisation, and automatic prioritisation.
Such an effort would be run by the European CERTs and supported by ENISA, it said. ®