Europe has to coordinate its fight against the threat of cyber attacks on key installations such as electricity and water supply, the European Commission (news - web sites) said on Monday as it unveiled a plan for a new expert taskforce.
The planned European Network and Information Security Agency will employ 30 experts charged with rapidly exchanging information across the 15-nation EU once a risk is detected.
"The agency will build on national efforts to enhance network and information security and to increase the ability of member states and EU Institutions to prevent and respond to network and information security problems," said European Commissioner Erkki Liikanen.
Authorities worldwide have woken up to the dangers of serious network failures, such as those caused by computer worm "SQL Slammer" earlier this year. Potential terror strikes are also a source of concern after the September 11 attacks.
"There is no efficient response mechanism (in the EU)," Liikanen, in charge of information policy, told reporters.
The proposal, which relies heavily on voluntary disclosure from private and public operators, falls short of calling for a fully fledged "cyberpolice" charged with forcing companies to reveal they have been hacked.
"This does not give us any power to impose cooperation," Liikanen said. He expected private companies to come forward with information as it was in their interest to quickly devise a an effective response to a cyberattacks.
But industry sources said firms have shied away from letting the public know their systems have been invaded by hackers.
The agency, due to start operations in January 2004, is expected to cost the EU 24 million euros in the first five years. A further nine million euros will be added once 10 prospective EU candidates join up.
The proposal will need the support of the majority of member states and the European Parliament.
Individual member states already operate crisis units -- called Computer Emergency Response Teams -- against threats posed by Internet hackers and spreaders of computer viruses. But the system lacks central coordination. The EU has harmonized legislation against cybercrime in the 15 nation states. Under the EU rules, hackers seeking unauthorized access to a computer system can face several years in jail.