The European Commission has said today that it is “fully aware” of recent cyber-attacks in Portugal – particularly those against TAP and the General Staff of the Armed Forces.
These incidents will be covered by new European requirements, reports Lusa.
“We are fully aware of these cyber-attacks. We can also refer to another recent one in Portugal against a major telecoms operator, so we are fully aware of what is happening” in the country, the EU Internal Market Commissioner Thierry Breton said in Brussels.
Answering questions from journalists, Mr Breton said that “this type of attack will be covered by the new legislation”, as they are carried out using “specific software”.
But the bottom line is that Europe is increasingly coming under attack from cyber-criminals.
Margaritis Schinas, vice president of the European Commission to promote the European way of life, said: “Europe is being targeted, namely our member states, our industry, citizens and of course the pandemic has acted as a massive accelerator (…) We have also seen many cases that targeted financial services and more importantly health systems because in both areas there is a huge amount of data available and so yes, we are aware of this wave of attacks, that is precisely why we are building this cyber resilience law”.
The Commission hopes the new law imposes mandatory cybersecurity requirements for digital products in the European Union (EU), proposing fines of up to 2.5% of turnover or up to €15 million.
The proposed regulation will apply to all products that are connected directly or indirectly to another device or network, although some exceptions are foreseen for products for which cybersecurity requirements are already set out in existing EU rules, for example for medical devices, aviation and cars.
It will now be up to the European Parliament and the Council to deliberate on the proposed law, with Brussels highlighting “the goodwill” of co-legislators and hoping that this initiative will move forward quickly.