EU Member States test their cybersecurity preparedness for fair and free 2019 EU elections
The EP, the EU Member States, the EC and the EU Agency for cybersecurity (ENISA) organised an exercise to test the EU's response to and crisis plans for potential cybersecurity incidents affecting the EU elections.
The objective of the exercise, which took place in the European Parliament, was to test how effective EU Member States and the EU's response practices and crisis plans are and to identify ways to prevent, detect and mitigate cybersecurity incidents that may affect the upcoming EU elections. This exercise is part of the measures being implemented by the European Union to ensure free and fair elections in May 2019.
Vice-President of the European Commission, for the Digital Single Market, Andrus Ansip, said:”We must protect our free and fair elections. This is the cornerstone of our democracy. To secure our democratic processes from manipulation or malicious cyber activities by private interests or third countries, the European Commission proposed in September 2018 a set of actions. Together with the EU Member States, and other EU Institutions we are implementing these actions. We also decided to test our cybersecurity vigilance and readiness towards secure, fair and free EU elections 2019 by organising the first in its kind EU exercise on elections. I believe that this is an important step forward for more resilient EU elections in a connected society.”
Vice-President of the European Parliament, Rainer Wieland, said: ”Cyber-attacks are a recent but very real threat to the stability of the European Union and its Member States. A cyber-attack on elections could dramatically undermine the legitimacy of our institutions. The legitimacy of elections is based on the understanding that we can trust in their results. This very trust has come under pressure from cyber-attacks and other new types of election fraud in the Digital Age, and we must respond! With the upcoming European elections in 2019, we have to take responsibility and build up the necessary means to strengthen our electoral cyber security. This responsibility is a common one, shared by European and Member State institutions. Together we need to safeguard the integrity of the elections.”
More than 80 representatives from EU Member States, together with observers from the European Parliament, the European Commission and the EU Agency for cybersecurity, participated in this first EU table-top exercise (with the code name EU ELEx19) on the resilience of the upcoming European Parliament elections. The main responsibility for protecting the integrity of the elections lies with the Member States, and the overall objective of the exercise was to test and further strengthen their preparedness - especially their election and cybersecurity authorities – in the face of hybrid cyber-enabled threats, and to assess their ability to swiftly develop and maintain situational awareness at national and EU level if a serious cybersecurity incident which could impact on the integrity of the 2019 EU elections were to occur.
Based on various scenarios featuring cyber-enabled threats and incidents, the exercise allowed participants to:
- Acquire an overview of the level of resilience (in terms of policies adopted, available capabilities and skills) of election systems across the EU, including an assessment of the level of awareness among other stakeholders (e.g. political parties, electoral campaign organisations and suppliers of relevant IT equipment);
- Enhance cooperation between relevant authorities at national level (including elections authorities and other relevant bodies and agencies, such as cybersecurity authorities, Computer Security Incident Response Teams (CSIRTs), the Data protections Authority (DPA), authorities dealing with disinformation issues, cybercrime units, etc.);
- Verify EU Member States' capacity to adequately assess the risks related to the cybersecurity of European elections, promptly develop situational awareness and co-ordinate communication to the public;
- Test existing crisis management plans as well as relevant procedures to prevent, detect, manage and respond to cybersecurity attacks and hybrid threats, including disinformation campaigns;
- Improve cross-border cooperation and strengthen the link with relevant cooperation groups at EU level (e.g. Election Cooperation Network, NIS Cooperation Group, CSIRTs Network) in order to improve the capacity to respond in a coordinated manner in the event of cross-border cybersecurity incidents;
- Identify all other potential gaps as well as adequate risk mitigation measures which should be implemented ahead of the European Parliament elections.
On 12 September 2018 the European Commission announced a set of concrete measures to address potential threats to elections, including a recommendation of the European Commission on election cooperation networks, online transparency, fighting disinformation campaigns and protection against cybersecurity incidents.
In line with this European Commission recommendation, a European Cooperation Network on elections has been established. This network has already met three times in Brussels to discuss necessary actions to address potential threats to the elections and thereby strengthen the resilience of the European Union's democratic systems. One of the actions that this network decided to pursue was the organisation of a table-top exercise to test EU's cybersecurity preparedness to ensure secure, free and fair EU elections 2019.
The cybersecurity test also goes hand-in-hand with the Action Plan against disinformation that the European Union adopted last December to build up capabilities and strengthen cooperation between Member States and EU institutions to proactively address the threats posed by disinformation.
Factsheet: Securing free and fair European elections
Commission Communication on securing free and fair European elections
Commission Recommendation on election cooperation networks, online transparency, protection against cybersecurity incidents and fighting disinformation campaigns in the context of elections to the European Parliament
Factsheet: Protecting Europeans' personal data in elections
Proposal for amending the Regulation on funding of European political parties
Latest News from
Public consultation: appropriate age for introduction of complementary feeding of infants19/04/2019 09:25:00
EFSA is seeking feedback from stakeholders and other interested parties on its scientific opinion on the appropriate age for introduction of complementary feeding of infants.
Stronger EU borders with a new standing corps of 10,000 border guards18/04/2019 15:25:00
TheEuropean Parliament hasadopted the ECs proposal to reinforce the European Border and Coast Guard Agency with a standing corps of 10,000 border guards by 2027.
European Parliament's vote on new rules to improve fairness & transparency of online platforms18/04/2019 13:37:00
The European Parliament has approved the new Regulation on platform-to-business trading practices that is aimed at establishing a fair, trusted and innovation-driven environment for businesses and traders when using online platforms.
WTO Boeing dispute: EU issues preliminary list of U.S. products considered for countermeasures18/04/2019 12:25:00
The EC has launched a public consultation on a preliminary list of products from the USA on which the EU may take countermeasures in the context of the ongoing Boeing dispute at the World Trade Organisation (WTO).
Registered substances mapped for regulatory action18/04/2019 09:25:00
The first report of the Integrated Regulatory Strategy presents a mapping of the universe of registered substances that are on the EU market. This information helps authorities to identify, plan and monitor the progress on identifying and regulating substances of concern.
The United States is Europe's main soya beans supplier with imports up by 121%17/04/2019 16:25:00
New figures released by the EC, show that imports of U.S. soya beans by the EU increased by 121% over the current market year (July 2018 to mid-April 2019), compared to the same period in the previous year.
EC updates the EU Air Safety List to maintain highest level of protection for passengers17/04/2019 15:37:00
The EC has updated the EU Air Safety List, the list of airlines that do not meet international safety standards, and are therefore subject to an operating ban or operational restrictions within the EU.
EC launches debate on more efficient decision-making in EU social policy17/04/2019 13:25:00
In his 2018 State of the Union speech, President Juncker announced a comprehensive review of all passerelle clauses provided for by the EU Treaties. As a result, three Communications have already been adopted: on common foreign and security policy (September 2018), on taxation (January 2019) and on energy and climate (April 2019). The Communication on the passerelle clauses in social policy is the fourth one.
EC welcomes adoption of new measures denying terrorists & criminals the means and space to act17/04/2019 12:37:00
The European Parliament has adopted 2 important Security Union legislative initiatives proposed by the EC on interoperability and explosive precursors.