The European Union against cyber attacks

In 2019 the European Union has equipped itself with a tool capable of creating retaliation against cyber attacks. Although this tool is far from agile, due to the rule that sanctions must be imposed with the unanimous vote of the 27 members, the desire to protect themselves against cybercrime and cyber attacks turns out to be a relevant political fact. With the displacement of conflicts from conventional to asymmetric and the growth of the potential of espionage, practiced from afar, precisely through the use of IT systems, the single action of individual states is no longer sufficient, especially from the political point of view to counteract sanctions, which, if taken at Community level, have a greater relevance, not only in a punitive sense, but also preventively. The acknowledgment of the growth of cybernetic threats at a supranational level constitutes an important variation on the behavior of European states, accustomed to individually fighting this type of attack. The fact that unanimity has now been reached and therefore a collective diplomatic response has been decided, represents a result that wants to indicate an attitude and a warning to the states that use these practices; even the recipients of the sanctions, which are not secondary countries, since they respond to the name of China, Russia and North Korea. The actions of the hackers that provoked the sanctioning measures were directed against companies belonging to countries of the Union, which suffered huge financial losses, theft of sensitive data of many users and companies, with the consequent request for redemption in cash for the return information, industrial espionage and blocking of electricity supply. The greatest impulse to travel the path of sanctions, however, came from Germany and its Chancellor, spied on by Russia just as she collaborated on a rapprochement between Brussels and Moscow. Recently, a probable Chinese intrusion into the Vatican servers was learned to know in advance the intentions of the Pope’s diplomacy towards Beijing. Obviously, these are only a few cases that flank the various attempts to alter the electoral campaigns in different states, perpetrated with IT means and repeatedly encountered. The need, therefore, for adequate responses to threats has resulted in the unanimity of the countries of the Union: a very rare event with enormous political relevance. The penalties imposed include a series of measures that prevent the travel and residence ban on the territory of the Union, the freezing of assets and the ban on accessing European funds. If in the Chinese and North Korean cases the perpetrators of the attacks were companies, not formally connected with the regimes of origin, the sanctions against Russia related, among others, to the special technologies department of the Russian military intelligence services, known as General Directory of the Armed Forces of the Armed Forces of the Russian Federation. Probably the fact that Moscow’s direct involvement was discovered caused the strongest reaction from the sanctioned states. The Kremlin, after specifying that the sanctions were not justified, threatened symmetrical responses to the sanctions suffered, according to the rule of Russian diplomacy. In any case, these events point out that it is necessary that the adopted instrument becomes more flexible and ready to elaborate not only diplomatic responses, which are the last phase of the process, but also from the point of view of both defensive and offensive action, intended above all in a preventive sense. The numerous potentialities offered by the cyber war involve a multiplicity of topics, which go beyond the military aspects, but which concern industrial secrets, technological and medical research, the control of aqueducts, power plants and the bureaucracy of each individual country. Every aspect of our life can fall under the cyber threat and in a supranational perspective, the damage suffered by a single country cannot fail to have effects and repercussions on others. So the need for greater agility passes from the reduction of unanimity and greater autonomy of the tool against cyber attacks, but achieving these objectives will not be easy, even if the push dictated by emergencies may favor this direction.