Belgium is “lagging very, very far behind”

  • The national internet security plan announced in December is still in the pipeline and the retaliation strategy remains vague.
  • Georges Dallemagne (CDH) has proposed setting up a well-resourced national center.

In September 2012 the hacking group known as Rex Mundi got their hands on half a million pieces of data relating to Belgian citizens. In February, the Belgian Federal Cyber Emergency Team (CERT.be) revealed than six out of ten Belgians had been victims of acts of Internet crime in the past year. In May, Prime Minister Elio Di Rupo discovered that his private e-mail had been hacked into, between 2004 and 2008, while his predecessor, Yves Leterme, admitted that one of his passwords had been stolen.

In a nutshell, according to a Belgian military internet security expert, cyber-attacks now occur on a daily basis in the kingdom, and private individuals are unfortunately rather unaware of the level of on-line assaults facing Belgian companies. Even at governmental level, elected representatives need to be reminded that smartphones must be left outside before entering into negotiations, as espionage via spyware is now completely feasible.

Over a year after the head of the Belgian State Security Service, Alain Winants, called for a national internet security plan and the appointment of a nationwide coordinator (See Le Soir of 20 June 2012), it appears that the relevant organizations have “put their heads together about possible collaborations”, but that the actual plan has no real substance yet. In practice, due to the lack of a more advanced set-up, internet security is dealt with by a Federal Computer Crime Unit (FCCU) that is terribly short of resources, and by a military intelligence service (SGRS) that is legally (law of 4 February 2010) only authorized to retaliate within the context of a conflict.

What then has happened to the Belgian internet security plan, a rough outline of which was presented by the prime minister at the Council of Ministers on 21 December 2012? While half of the countries in the EU have gone down that road, a search for a Belgian text on the ENISA website, a European agency responsible for improving network and information security, would be in vain. The government claims that “the prime minister’s security adviser is working on the plan,” and that the work involved is not straightforward.

But countries like Germany have made significant progress. Berlin now houses a national cyber-response center, supported by the German Federal Army, Federal Criminal Police Office (BKA), Federal Police, Federal Intelligence Agency (BND), Customs Investigations Bureau (ZKA), etc. At the government level, a national cyber-security council has been established to develop preventative measures.

Germany is only getting a head start on a European draft directive. It is backed by the Commission and in European diplomatic circles which would require that all Member States implement the bare minimum in terms of national cyber-security methods – emergency teams (such as CERT.be), a retaliation network, etc.

The question that arises is even if it is still putting the finishing touches to its strategy, should Belgium not also, like German and soon every other country in Europe, materialize its response in the form of a national cyber-security center?

That is the essence of a resolution proposed to the Chamber at the end of June by Georges Dallemagne, member of parliament for the CDH party. Truth be told, Belgium would not be starting from scratch. There already exists an informal consultation platform, the Belgian Network Information Security. It brings together this issue’s various stakeholders: FCCU, SGRS, State Security Service, FPS Economy, FPS Justice, Belgian National Security Authority, Crisis Center, Coordinating Body for Threat Analysis (OCAM), Federal Prosecutor’s Office and the Belgian College of Public Prosecutors and others.

Dallemagne points out however, this platform has no legal standing, let alone any of its own resources or individuals in charge. It needs to be institutionalized which would enable it “to have a clearer direction and to better track Internet security in Belgium.”

We’re lagging very, very far behind,” says the member of parliament. “Behind in terms of resources, legislation and the general level of alert (of companies in Belgium),” he concludes.

 ALAIN LALLEMAND

This entry was posted in Non classé. Bookmark the permalink.

One Response to Belgium is “lagging very, very far behind”

  1. Labrador says:

    Belgian citizens are not even informed of the above in their own languages. Why don’t you forward that sensitive information to the NSA directly instead of using leading articles?

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>