PACE has called on states to do more to deter large-scale cyber attacks which threaten national security, public safety or economic well-being, urging tighter security for critical services and stronger penalties for those who try to disrupt them.
Approving a resolution on the last day of its summer session, based on a report by Hans Franken (Netherlands, EPP/CD), the Assembly said critical infrastructure – such as power plants, travel hubs, emergency services and hospitals – should have “internet-independent” emergency systems. It urged states to prepare “closed back-up computer systems” – that are not connected to the internet – for use when open systems are attacked or disabled.
The Assembly said that cross-border requests for help with cybercrime should be dealt with more quickly, while digital evidence of cybercrime – including attacks on “cloud servers” – should be secured.
Large-scale cyberattacks on critical infrastructure should be punished more severely than less damaging forms of cybercrime, the parliamentarians said.
Finally the Council of Europe’s Cybercrime Convention, which has inspired legislation around the world, should be adapted and updated to meet the threat of cyber-terrorism and other large-scale cyber attacks, the Assembly concluded.