European Commission hit by "significant" cyber attack

The European Commission (EC) and other EU institutions have been hit by a cyber attack.

An EC spokesperson told IT Pro that an “IT security incident” had affected a number of EU institutions, bodies, and agencies’ IT infrastructure.

Forensic analysis is still in its “initial phase” and at this stage, it is too early to provide any “conclusive information”.

“We are working closely with CERT-EU, the Computer Emergency Response Team for all EU institutions, bodies and agencies and the vendor of the affected IT solution,” said the spokesperson.

The Commission has also set up a 24/7 monitoring service and is “actively taking mitigating measures”.

“Thus far, no major information breach was detected,” the spokesperson added. “Let me use this occasion to recall that we take cyber security very seriously and apply strict policies to protect our infrastructures and devices. We investigate every incident.”

Although not confirmed by the EC spokesperson, Bloomberg reports that the "significant" cyber attack hit the EU organisations last week.

The EC did not provide any information on the nature of the incident or the identity of the attackers who carried out the attack.

Last December, hackers accessed documents related to COVID-19 vaccines after a cyber attack hit the European Medicines Agency (EMA). The EMA reported it has suffered an attack and was working with law enforcement to investigate the incident. The UK’s National Cyber Security Centre (NCSC) was working to understand how the incident impacted the UK.

Furthermore, the University of Northampton declared last month that it had been hit by a cyber attack that disrupted its IT and telephone systems and servers. It had notified the ICO and was liaising with the police to investigate the attack further. The NCSC has said there has been an increased number of ransomware attacks on the UK education sector.