With the scale and complexity of cybercrime constantly on the rise, are we destined to always be playing catch-up?

According to the European Commission, cybercrime cost the world a whopping 5.5 trillion euros in 2020 alone, and the figures are exploding year on year.

Espionage, sabotage and disinformation

Within the EU, attacks impacting on the availability of a system or service – often one related to the public administration, transport or finance – make up almost half of cybercrime. Ransomware and data breaches follow close behind. And nearly half of European companies suffered at least one successful cyberattack in 2024, according to the latest data to be released by CESIN, a French body made up of cybersecurity professionals from across the sectors.

In the case of a ransomware attack, the ransom demand is very low compared to the total damage suffered, with the company in question often forced to completely or partially rebuild its information system. Indeed, Commission data suggests that the median cost of a major security incident in the EU health sector is estimated at 300,000 euros.

In an interview with RTBF, Laurent Mathy, an engineer and IT professor at the University of Liège, illustrates how wide-ranging such attacks can be.

Laurent Mathy, Engineer and IT Professor at the University of Liège (in French):

“I would say that the difference between these different actors is the purpose of the attacks. There's obviously everything that's a bit cyber-terrorist: we're going to disrupt, we're just going to create problems. It's a bit opportunistic. And then, at the other end of the scale, there are targeted attacks against energy infrastructure, for example, or logistics infrastructure, where you really create major societal problems that can have extremely long-lasting consequences.”

https://auvio.rtbf.be/media/le-monde-en-direct-decrypte-votre-actualite-allo-le-monde-3339788

 

Then, of course, there are ‘deepfakes’: photo, video or voice recordings generated or manipulated with the help of artificial intelligence. These may be created from authentic video or audio material, but the end result is a completely altered product that is often misused.

Speaking at a conference covered by Rádio Renascença, Sofia Casimiro, a University of Lisbon law professor, cannot understate the potential implications of data manipulation of this kind.

Sofia Casimiro, Law Professor at the University of Lisbon (in Portuguese):

“We are all victims of this manipulation, which is becoming increasingly serious and dangerous the more technology refines itself. It is getting difficult for us to distinguish between what is true and what is false. In particular, through deepfakes, which can even erase the collective memory. If we think about it, as soon as it's possible to create videos and photographs that don't allow us to distinguish whether they're true or false, we can change an entire existing collective memory and replace it with a false one. In my opinion, this is the biggest threat that we currently face, in relation to our European values.”

 

Julia Krickl is a cybersecurity expert at the Austrian Institute for Applied Telecommunications (ÖIAT). In an illuminating conversation with Agora, she confirms that cybercrime is becoming increasingly sophisticated, and prolific, thanks to the possibilities AI offers.

She paints a picture of surprisingly convincing phishing scams and fraudulent advertising, pointing out that with video manipulation and voice imitation now commonplace, someone can pretend to be your boss and order you to make a bank transfer – or even pretend to be your own child, claiming to be lost or kidnapped.

Fear, she says, is a powerful commodity. And when it is wielded by influential individuals or groups, it can be even more effective.

Julia Krickl, Cybersecurity Expert at the Austrian Institute for Applied Telecommunications (in German):

“The extreme right in France in particular has generated images of masses of boats arriving and masses of migrants somehow reaching the French coast. Salvini has generated images of insect sandwiches being eaten instead of the good old prosciutto panini. So AI is used here to simply scare people or to convey a certain message in a very symbolic way.”

https://www.agora.at/news/detail/vive-leurope-15-deepfakes-als-neue-bedrohung

 

Journalist Codruța Simina runs misreport.ro, Romania's first newsletter dedicated to combatting disinformation. She highlights, in an interview with The Europeans, the alarming scale of AI-led manipulation on social media by citing the example of Romania’s presidential election.

Although the final round of voting took place without major incident on Sunday, the first round was annulled owing to evidence of a TikTok-focused Russian information campaign to encourage the election of far-right candidate Călin Georgescu.

Codruța Simina, Journalist and Anti-Disinformation Campaigner (in English):

"Even though we've noticed inauthentic behaviour on the official accounts of some of the main candidates, none of them was able to gain such wide audiences as Călin Georgescu. And TikTok said in a report that they erased some 27,000 accounts that were working directly to amplify Călin Georgescu. We haven't seen that magnitude this time. This time, I think we've identified networks with maximum 100 bots."

Simina believes that all European citizens need to be equipped with a better understanding of how easy it is to be politically manipulated via social media.

 

Sleepwalking into a disaster?

Hybrid attacks, which combine cyber operations with physical sabotage, have also inflicted significant costs across Europe of late.

On Tuesday, Germany’s Federal Criminal Police Office (BKA) presented its 2024 statistics on politically motivated crimes. Shockingly, says AMS, these shot up by 40 per cent in 2024.

The head of the BKA, Holger Münch, confirms that destabilisation attempts are increasingly taking place through hybrid attacks.

Holger Münch, Head of Germany’s Federal Criminal Police Office (in German):

“We have recorded an increased incidence of espionage and sabotage activities by foreign intelligence services. […] And we are also seeing an increase in investigations due to agent activity for the purposes of sabotage. The focus here is on critical infrastructure, military facilities, and also industrial sites in Germany. Here, we are increasingly identifying drones as a problem.”

And these activities go far beyond targeted espionage and sabotage, he goes on.

Holger Münch, Head of Germany’s Federal Criminal Police Office (in German):

“The aim of these activities is, on the one hand, to obtain information, but also to destabilise society and the economy.”

BNR speaks to French MEP Nathalie Loiseau, chair of the European Parliament’s special committee on foreign interference, about a recent report by ANSSI, the French cybersecurity agency. The report links a string of information attacks against various entities in Ukraine, North America and Europe (particularly France) to the Russian Federation.

Based on the fact that Russian activity in Ukraine began with cyberattacks and sabotage, then moved on to a fully-fledged invasion, the Renew Europe member fears that we may be sleepwalking towards war ourselves. She insists we all need our eyes wide open going forward.

 

Nathalie Loiseau, Member of the European Parliament (in English):

“I would not say that the European institutions are doing enough to warn our fellow citizens about the reality of the threat. I think that we have to learn about manipulations, about massive interventions in our democracies. Wherever it comes from, whatever the content is.”

It is in this context that, following a series of fires in Lithuanian factories, an investigation into potential hostile activity – specifically by Russia – has just been launched. Poland has also recently completed its own investigation into a fire that broke out in a Polish shopping centre, concluding it was an act of sabotage by Moscow. Meanwhile, underwater cables are being damaged in the Baltic Sea…

To date, responses to such incidents have been fragmented, and Žinių Radijas asks if we should not be seeking to draw up a defined response framework.

Lithuania’s ambassador to NATO, Darius Jauniškis, takes a relatively radical stance, suggesting that Russia can only be stopped by turning its own methods against it.

 

Darius Jauniškis, Lithuania’s Ambassador to NATO (in Lithuanian):

“This is terrorism. It is simply terror that they are trying to instil in our society, and in Western communities, simply to distract us and frighten us, to make us afraid, to make us talk about it and to seek all means necessary. […] To force our hand and, of course, to make our politicians look incapable. The Russian methods are very clear. The only question is, to what extent are we prepared to act, to respond to these actions? Because I believe that this must not go unanswered. Sooner or later, action will be taken, of course. Russia must feel that if they continue to behave in this way, the response will be really strong and painful for them. That is the only thing that will stop them, in my opinion. Because it seems that a terrorist state must be dealt with using its own methods.”

https://www.ziniuradijas.lt/laidos/euranet-plius/gyvenu-europoje-ar-kada-turesime-atsakyma-i-rusijos-hibridine-agresija?video=1

As we mentioned last week, Luxembourg is to considerably up its military spending over the next few years. And the country’s government has indicated that cybersecurity will be a major recipient of this extra money, since no national defence plan is complete without it anymore.

 

Philippe Glaesener, head of the working group on defence in the Luxembourg Chamber of Commerce, is talking to 100,7.

Philippe Glaesener, Luxembourg Chamber of Commerce (in Luxembourgish):

“Defence starts with preparedness. It is not only about war, we clearly have to differentiate. There are a lot of companies here in Luxembourg that are acting within the core competences Luxembourg has developed over recent years: cybersecurity, space, AI and advanced materials, as well as logistics, which is to be expected. These are things that are needed for defence. And these are the companies we managed to attract for those assignments. Companies that form part of a growing sector – so we hope to see even more of them in the weeks and months to come.”

https://100komma7.lu/news/Invite-vum-Dag-Philippe-Glaesener?pd=search

A collective effort

But Europe’s member states are not having to face the challenges alone, says Dimitris Georgiou, an industry expert in cybersecurity. He tells our Greek colleagues at Skai that the EU has not been sitting on its laurels here.

Dimitris Georgiou, Cybersecurity Expert (in Greek):

“The European Union has been responding to security threats in a coordinated manner for many years. EU legislative output in this area is ongoing and has yielded significant results. It began with the General Data Protection Regulation (GDPR), which came into force in 2018 and concerns the security of personal data. Then came the NIS Directive for the protection of critical infrastructure – and the updated version, NIS2, which took effect a few months ago, in November 2024.”

And the list goes on…

Dimitris Georgiou, Cybersecurity Expert (in Greek):

“There is also the DORA regulation, concerning the cyber-resilience of the financial sector, as well as a series of other legislative frameworks. These include the Cyber Resilience Act, which addresses the protection and security of all digital services and products offered to EU citizens throughout their lifecycle, and the Digital Services Act, another piece of legislation regulating online platforms such as social media and marketplaces. And finally, we have the AI Act, which is particularly interesting as it focuses on the safety of artificial intelligence products – a very new development. Taken together, we can see an intense and coordinated push in the fields of cybersecurity, digital resilience, and artificial intelligence.”

So yes, Brussels has been busy. But does legislating solve all the problems?

Portuguese professor of law Sofia Casimiro, who we heard from earlier, has her doubts.

Sofia Casimiro, Law Professor at the University of Lisbon (in Portuguese):

“I have many doubts about the possibility of effectively monitoring and enforcing these restrictions, especially when the threats are from outside the European Union, from entities outside the European Union, like applications that we download into our equipment.”

In addition, the proliferation of regulatory requirements around the world is adding a significant compliance burden for organisations. And, of course, our overall cyber resilience is threatened when smaller, less-resourced organisations cannot keep up and are left vulnerable.

But even larger organisations are struggling to keep pace with the changes we are experiencing, as the University of Liège’s Laurent Mathy highlights.

Laurent Mathy, Engineer and IT Professor at the University of Liège (in French):

“We are moving towards increasingly complex systems that are built by assembling components that may have been developed elsewhere. So, in fact, there is no longer anyone who has an in-depth understanding of how the system works. Understanding the flaws is becoming increasingly difficult.”

If we are to address this, Mathy adds, there is an urgent need for highly qualified professionals as we enter this new and uncharted world.

 

And is there anything else the EU could be doing?

MEP Nathalie Loiseau thinks so. While she does not wish to see the EU morphing into a “ministry of truth”, she is in favour of better supporting providers of quality information, to the detriment of those spreading untruths.

Nathalie Loiseau, Member of the European Parliament (in English):

“So I think that the EU should step in, and probably my personal position would be that we should create an EU information integrity fund to support professional journalism, fact-checking and everything that allows people to form their own opinions.”

https://bnr.bg/en/post/102154877/french-mep-nathalie-loiseau-in-this-pandemic-when-it-comes-to-the-truth-we-need-a-vaccine

 

To sum up, let’s return to Austrian cybersecurity expert Julia Krickl.

Julia Krickl, Cybersecurity Expert at the Austrian Institute for Applied Telecommunications (in German):

“We need to understand as a society that this issue affects us ALL. So, from the individual to the kindergarten to the SME to the state authorities, we are all affected, and we all need to be prepared.”

That said, it is difficult to prepare for something that never ceases to evolve.