According to several media reports, a “serious cyber attack”, similar to those we saw against France’s finance ministry, has hit the EU Commission and European External Action Service (EEAS).
The Commission is the executive body of the EU, while the EEAS manages the EU’s response to crises.
The attacks took place just before the two-day EU meeting in Brussels, where the region’s economic and nuclear strategies as well as the Libyan war are scheduled to be discussed. It is unclear whether the EU bodies were specifically targeted.
According to the BBC “the European Commission has been assessing the scale of the current threat and, in order to prevent the “disclosure of unauthorised information”, has shut down external access to e-mail and the institutions’ intranet. Staff have been asked to change their passwords.”
John Leyden at The Register reported that “El Reg has come into possession of internal emails suggesting that although the attack was detected last week, systems might have been compromised much longer than this, perhaps for months. An apparently extensive investigative and damage assessment effort is looking at the possibility that infected images had been installed.”