|
The European Commission intends to prepare revised internet
security guidelines following cyber attacks on EU Emissions
Trading System (EU ETS) registries.
Fake emails asked users of the registries to log on to a
malicious website and disclose their user
identification code and password. Some fraudulent transactions
were carried out, but the security of the Community Registry
and the Community Independent Transaction Log was not compromised.
The widespread 'phishing'
attack on users of EU ETS registries took place on 28 January.
Alerted by The Netherlands and Norway, the Commission informed
all Member States and asked them to take appropriate security
measures immediately.
Although Member States reacted
promptly, a limited number of fraudulent transactions were
performed as the fake website appeared genuine by using the
Commission's visual identity. The Commission is actively supporting
Member States in their investigations of these transactions.
The Commission also started immediate investigations of the
fake website and is working on closing it.
In the light of the attack, the
Commission intends to review the security measures applicable
to ETS registries and will prepare revised security guidelines
for registries and an action plan aiming at harmonising their
approach in case of future such incidents.
The Commission has already proposed
a number of elements aimed at achieving high security standards
in its legislation to prepare for the inclusion of the aviation
sector in the Community Registry in 2012.
|
