Education as a tool against cybercrime

By Miriam DALLI, MEP (S&D Group), Coordinator in the ENVI Committee

The Internet: a powerful tool that we use for different purposes including communication, work, education and entertainment amongst others.

It is the place where access to online information is so fast that it makes it unprecedented. Information, news whether true or false can spread so quickly and easily that it makes it the perfect target for manipulation.

The internet is a world of opportunities as much as it can be harmful, not in of itself but in how it is utilised.

Cyber bullying, cyber-attacks, cyber-crime, and cyber threats: these are all the downfall of a digital world that we believe should be used to improve citizens’ lives and help businesses expand their reach.

In 2016, over 4,000 ransomware attacks were registered daily. Last year, 80% of European companies experienced at least one cybersecurity incident.

More statistics show that security incidents across all industries rose by 38%, marking the biggest percentage increase in the past 12 years.

Even though we should not undermine the positive elements that the Internet brings with it, we must not ignore those ‘dark forces’ that are ready to use this tool as a weapon.

Suffice to say that in some Member States, 50% of all crimes committed are cybercrimes.

In 2017, over 150 countries and more than 230,000 systems across sectors and countries were affected by the WannaCry attack with a substantial impact on essential services connected to the internet, including hospitals and ambulance services.

A point of criticism against the European Union is that it didn’t act quickly enough against the threat of cybercrime.

Whilst it has dealt with cybercrime by passing laws against those who commit cybercrime, not enough was done to pre-empt such attacks.

Therefore, it is most welcoming that the European institutions have agreed on supporting an effective implementation of the EU cybersecurity law.

It adopts a six-way approach through Member States improving their cybersecurity capabilities, increasing EU-level cooperation, risk prevention, strengthening the European Union Agency for cybersecurity to better assist Member States, developing an EU-wide certification framework to ensure that products and services are cyber-secure and, finally, ensuring fast and coordinated responses to large scale cyber-attacks.

The European Commission has also proposed to create a Network of Competence Centres and a European Cybersecurity Industrial, Technology and Research Competence Centre to develop and roll out the tools and technology needed to keep up with an ever-changing threat.

With over 660 cyber- security competence centres across the EU, a wealth of expertise already exists in Europe. It is imperative that this expertise is used effectively.

Whilst this legislative model is being adopted, it is imperative that education takes centre stage.

This should not be only done in the context of developing digital literacy and training youths on how to use internet wisely and safely.

It is of course important that young people are able to manage their own security as well as being able to evaluate the sources as well as to know when it isn’t safe to share information and how to manage data in a secure way.

Youths themselves can be role models to others in discouraging negative behaviour as cyberbullying.

But young people should also be empowered with knowledge on how to respond effectivelyto cyber attacks.

Generally speaking, internet users should know that common passwords for multiple accounts should be avoided. It is important that devices are updated with the latest cybersecurity measures.

Education is also important when it comes to informing users how to avoid being tricked into divulging personal financial information.

For example, phishing remains an extremely popular method of identity theft. Divulging such information to cybercriminals may result in money theft or fraud.

The fact that cyber-attacks are becoming increasingly sophisticated and more difficult to spot is another challenge.

Indeed, cybercriminals can be very creative in what information they can attain in order to access an individual’s or an organisation’s data.

Sometimes, all that is required is a convincing phone call. Once inside the system, hackers will waste no time in finding and stealing confidential information.

This means that, even businesses, should not limit themselves to just implementing new software or other IT solutions to strengthen their system.

They should train their employees on the different types of attacks that exist and how to spot them.

To enhance Europe’s cybersecurity also means increasing the trust of citizens and businesses given the level of concern that exists among both.

We should also not forget that Eurobarometer figures show that 61% of Europeans worry that elections can be manipulated through cyberattacks.

With the recently approved Cybersecurity Act, the EU is sending the message that it is stepping up the fight to strengthen the bloc’s cybersecurity efforts.

Now it is imperative that this fight yields results and that our citizens and businesses across the EU are truly protected.