Exchange of views on Pegasus spyware in the European Parliament
The Committee on Civil Liberties, Justice and Home Affairs will continue its scrutiny and follow-up on the revelations of the existence and use of the spyware ‘Pegasus’ created by the cyber-surveillance company NSO Group, on 1 February. The Members will hear from victims of the spyware, including a journalist and a prosecutor from two EU Member States. An organisation representing journalists will speak on the impact that practices linked to the spyware have on journalists around the world.
Source: European Parliament
Europol and data protection
The European Data Protection Supervisor recently ordered Europol to erase a large quantity of personal data that the EU law enforcement agency was storing even if there was no link to any criminal activity. On Tuesday, members of the civil liberties committee will discuss the matter with the two organisations.
Source: European Parliament
IACHR and UN express their concern over the use of Pegasus spyware in El Salvador
The Inter-American Commission on Human Rights (IACHR) and the UN office for human rights express concern over the use of Pegasus software to spy on journalists and civil society organizations in El Salvador.
At least 35 people were spied on by installing the software on their phones. Of these, at least 22 were journalists from the investigative portal El Faro.
The UN and the Inter-American Commission on Human Rights “take note” of the Public Prosecutor’s public statements on the investigation and urge the State of El Salvador to clarify the facts, punish those responsible and ensure that there is no repetition, adapting the rules on electronic surveillance.
Source: Unided Nations
The progress of digital transformation has inevitably led to new cybersecurity threats. Cybercriminals take advantage of the Covid-19 pandemic, in particular by targeting organisations and companies working remotely.
Cybersecurity threats in the European Union are affecting sectors vital for society. The top five sectors affected, as observed by the European Union Agency for Cybersecurity (Enisa) between April 2020 and July 2021, are public administration/government (198 incidents reported), digital service providers (152), general public (151), healthcare/medical (143) and finance/banking (97).
Main cybersecurity threats
During the pandemic, companies had to quickly adapt to new working conditions – and thus opened new doors and more possibilities for cybercriminals. According to the European Union Agency for Cybersecurity, there are nine prime threat groups:
- Ransomware – attackers encrypt an organisation’s data and require payment to restore access
- Cryptojacking – when cybercriminals secretly use a victim’s computing power to generate cryptocurrency
- Threats against data – data breaches/leaks
- Malware – a software, which triggers a process that affects a system
- Disinformation/misinformation – the spread of misleading information
- Non-malicious threats – human errors and misconfigurations of a system
- Threats against availability and integrity – attacks that prevent the users of a system from accessing their information
- Email-related threats – aims at manipulating people to fall victims to an email attack
- Supply chain threats – attacking, for example a service provider, in order to gain access to a customer’s data
Soruce: European Parliament