European nations are on the lookout for possible Russian cyberattacks on energy installations, after the United States last week warned that Russia has hacked into a number of public and private companies in the energy sector, including power plants.
A spokesperson for the European Commission told Forbes that while they cannot reveal the details of what information has been passed on from the American authorities, they are “cooperating very closely with the U.S. counterparts” on the threat.
Current EU cyber incident regulations say that preparedness for and responses to an attack against critical energy infrastructure is the responsibility of national European governments rather than the European Union. But the EU has set up a voluntary information sharing mechanism called the Computer Incident Response Teams.
Under EU law, energy providers must adopt specific security measures to prevent network and information security incidents and they must report any incidents that could impact energy supply. National governments are currently putting together detailed risk preparedness plans.
“We’ve put in place a cyber diplomacy toolbox for malicious cyber activities by state and non-state actors,” Nathalie Vandystadt, a spokesperson for the European Commission, told Forbes. “The framework is expected to encourage cooperation, facilitate mitigation of threats, and influence the behavior of potential aggressors in the long term.” But these frameworks are still in development, having only recently become EU law.
The details of the potential risk to European plants detected by the U.S. government are still unclear. But the subject may come up Thursday at a summit of European national leaders in Brussels, where Russia, relations with the United States and the EU’s energy union are all on the agenda.
