Present measures, including legislative initiatives, to combat cyber attacks against information systems by 2010, and related rules on jurisdiction in cyberspace at European and international levels by 2013.
What is the problem? Growing number of cyber attacks on information systems
Attacks against information systems are a growing threat, and there is an increasing concern about the potential for terrorist or politically motivated attacks against information systems which form part of the critical infrastructures of Member States and the Union.
Why is EU action required? Strengthen security of citizens and businesses
This action requires Member States to amend their criminal laws regarding attacks against information systems. The main aim is to provide EU law enforcement authorities with enhanced tools to fight cybercrime. The initiative will strengthen security of citizens and businesses and is expected to have a positive economic impact, as the current costs to business of countering cyber attacks and repairing post-attack damage are very considerable and rising continually.
What will the Commission do?
The European Commission will:
In 2011 :
- Proceed with the legislative process towards adopting the Directive on Attacks against Information Systems which will update the current level of protection and take account of new developments.
In 2012 :
- Finalise the negotiations on the Directive and ensure that it will be adopted at the EU level. Member States are required to take the necessary measures within two years from adoption of the Directive.