An Interdependent Web Calls for More Collaboration on Cybersecurity

The CyberSec4Europe cybersecurity competence centre
On February 1st, 2020, the cybersecurity competence centre pilot project CyberSec4Europe of the European Commission’s Horizon 2020 programme will have been in progress for a year. The CyberSec4Europe consortium has been very active in gathering details about partner competences, mapping the existing assets and planning future research. The first demonstrators for the seven verticals (e-commerce, supply chain security assurance, privacy-preserving identity management, incident reporting, maritime transport, medical data exchange, smart cities) will be set up by the end of April 2020.

In November 2019, the first Cybersecurity for Europe conference took place in Toulouse. This event featured several panel discussions on the topics that we deal with in the CyberSec4Europe project. One of the panels was about good practices in data sharing for incident handling where Cybernetica was part of the discussion. We reiterate some of the points from that panel.

There is no local in the web
Cybersecurity and privacy attacks and accidents have more immediate and more global consequences than physical attacks and accidents do. If a train or truck spills oil in the countryside, the immediate damage is local even if it becomes global in the long run. On the other hand, if there is a privacy attack, the whole world will be able to download the leaked data in seconds.

Similarly, our web services are so intertwined that many given services use tens of external backends at all times. For instance, if you go visit delfi.ee (an Estonian media site) then your web browser talks to multiple backend services in Europe and North America (see figure). These connections are made to services like Gemius, Clickonometrics (ads, measurements), multiple ad networks, Google and Facebook, certificate validation checks against certification authorities. If any of these are affected, they in turn have an effect on the site that depends on them.

Screenshot from the Little Snitch software while visiting delfi.ee. Little Snitch made by Objective Development Software (https://obdev.at)

We need collaboration reaching across and beyond Europe
In recent years, Estonia has seen cyberattacks against European infrastructure affect its services. If something happens in Poland, our services are affected. This could be alleviated by collaboration between the CERTs of our countries and also the law enforcement agencies. However, sharing information about attacks and defences shows one’s vulnerabilities, which one might be reluctant to reveal even with allies.

While on the governmental level, international collaboration treaties can be made, it is more difficult to achieve collaboration on the corporate level, not to mention in the defence setting, where the attacks can be very specific and sharing can reveal extremely sensitive information.

We are working towards solving this problem. Cybernetica is building networks for interorganisational and cross-border sharing of cybersecurity threat information, based on our work in privacy technologies. We hope that if we can provide a privacy-preserving environment for incident handling data sharing, organisations and governments will be less reluctant to share information on new threats emerging in our shared online space.

This work has been supported by the EU H2020-SU-ICT-03-2018 Project No. 830929 CyberSec4Europe (cybersec4europe.eu).

Written by Liina Kamm