Security News
Europe and the United States will use a thaw in ties to strike a pact that would allow for the exchange of private data across the Atlantic, replacing previous agreements struck down by an EU court. Facebook, Google, Microsoft and thousands of other companies want such a deal to keep the internet traffic flowing without facing significant legal jeopardy over European privacy laws.
The European Banking Authority, a key EU financial regulator, says it has fallen victim to a hack of its Microsoft email system which the US company blames on a Chinese group. Microsoft said last week that a state-sponsored group operating out of China was exploiting previously unknown security flaws in its Exchange email services to steal data from business and government users, believed to number in the tens of thousands so far.
"EU Agency for Cybersecurity Executive Director, Juhan Lepassaar, said:"The agreement ENISA signed with CERT-EU is a stepping-stone in utilising our synergies to the benefit of EU Member States and the EU Institutions, Agencies and Bodies. "Our structured cooperation comes at a time where the EU and its Member States need to strengthen their cybersecurity capabilities more than ever."
The European Commission lifted the threat of crucial data flows between Europe and Britain being blocked in a move that would have crippled business activity as it said Friday that privacy safeguards in the UK met European standards. In a key post-Brexit decision, the EU executive said that British authorities had sufficient measures in place to protect European users' personal data, freeing up data transfers for businesses as well as for police.
Messaging apps such as Messenger or WhatsApp and video calls on Zoom face stricter privacy rules in Europe, after a draft law passed a key EU hurdle on Wednesday. The EU's 27 member states approved a proposal that was stuck since 2017, with countries split between those wanting strict privacy online and others wanting to give leeway to law enforcement and advertisers.
European encrypted services providers ProtonMail, Threema, Tresorit and Tutanota on Thursday urged European Union policy makers to rethink plans that would require the implementation of encryption backdoors. The Council of the European Union in December adopted a resolution on "Security through encryption and security despite encryption." The council said it supports the development and use of strong encryption to protect citizens and organizations, but at the same time it believes law enforcement and judicial authorities need to be able to exercise their legal powers.
The European Union's drug regulator said Friday that COVID-19 vaccine documents stolen from its servers by hackers have been not only leaked to the web, but "Manipulated." The European Medicines Agency said that an ongoing investigation showed that hackers obtained emails and documents from November related to the evaluation of experimental coronavirus vaccines.
Any EU country can take legal action against companies like Facebook over cross-border violations of data privacy rules, not just the main regulator in charge of the company, a top court adviser said Wednesday. The preliminary opinion is part of a long-running legal battle between Facebook and Belgium's data protection authority over the company's use of cookies to track the behavior of internet users, even those who weren't members of the social network.
Hackers have started leaking documents related to COVID-19 medicine and vaccines that were stolen from the European Medicines Agency in early December 2020. While EMA did not provide information on the affected third-parties, Pfizer and BioNTech at the time published a joint statement to reveal that the incident resulted in hackers accessing "Some documents relating to the regulatory submission for Pfizer and BioNTech's COVID-19 vaccine candidate, BNT162b2."
The European Union unveiled Wednesday plans to revamp the 27-nation bloc's dated cybersecurity rules, just days after data on a new coronavirus vaccine was unlawfully accessed in a hack attack on the European Medicines Agency. The EU last year recorded around 450 cyber incidents involving European infrastructure, notably in the financial and energy sectors, and the pandemic has highlighted Europe's deep dependence on the internet and exposed security weaknesses.