english french german greek italian lithuanian russian serbian spanish
Home arrow newsitems arrow French Info Systems'National Security Agency (ANSSI) Expert Wolf to EuroFora: EU Rules for Clouds

French Info Systems'National Security Agency (ANSSI) Expert Wolf to EuroFora: EU Rules for Clouds

Written by ACM
Tuesday, 05 November 2013


*Strasbourg/Region Alsace/Angelo Marcopolo/-
One among the much needed EU Advances in the Digital World could start f.ex. with a Franco-German initiative to establish some Rules on Strategic Internet "Cloud"-Computing, suggested to "EuroFora" the experienced and hyperactive Senior Official of the French National Security Agency for Information Systems (ANSSI), Philippe Wolf, (See Details Infra), speaking shortly after the latest EU Heads of State/Government Summit in Brussels brought to the Agenda both the Development of Digital Economy, and the necessary building of Trust among Web Users, particularly by guaranteing at least an elementary Personal Data Protection on line, badly lacking Today, as the scandalous example of USA spying over German Chancelor Angie Merkel's phones revealed, (See "EuroFora"s NewsReports from that EU Summit in Brussels: f.ex. ...).

Wolf, personal Counselor of ANSSI's Director General, Patrick Palloux, who responds directly to the Prime Minister, was the Keynote Speaker at the Conclusion of a subsequent "Cyber-Threats" Annual Forum 2013, organized for the Superior Rhine Euro-Region (including France, Germany and Switzerland),  in the prestigious Hemicycle of Strasbourg's Region Alsace's Modern Building, facing EU Parliament's Tower, earlier Today, whose 3rd and last part was dedicated to a Round Table  Discussion on the most Crucial point : How to "React" for the "Protection and Resilience" of information Systems, destinated mainly to Public Administration Officials and Businesses active on Internet, where "EuroFora" had been invited by the Commander of the Gendarmerie for Alsace Region, Colonel Thierry Thomas :
Another French Government's hyperactive Senior Official, who practically organized most of the event, together with the Chamber of Commerce and Industry, as well as the Prefecture, whose Personal role unexpectedly extends from Strasbourg University's EU Programs (comp. f. ex. on the occasion of EU Commission's vice-President, Viviane Reding's recent statements to "EuroFora" at EU Parliament on EU's Public Prosecutor and National Agents "Training" in European Mechanisms for Financial Investigations against Crime : ...), up to the Fight against Cyber-Attacks, where, as he told us, Strasbourg's Gendarmerie Headquarters, strategically located at a beautiful area facing the City's ... "Modern Art" Museum, would play an unexpectedly important role, including into Helping also SMEs to defend themselves while developing projects on line.

Introducing to the entire Annual 2013 Event, the experienced Prefect of Alsace Region, Stephane Bouillon, (who has worked in the recent Past as Director of Office for the Minister of Interior in Paris, and former Secretary General of the Presidential Palace Elysée, Claude Gueant : Comp. various earlier Gueant Statements to "EuroFora"), stressed from the outset, that referring also to the Topical example of USA's NSA spying scandal, launched a call to "Protect Internet Users", and particularly Businesses, by "Unmasking" those who might attempt to "Undermine" their activities, and by helping them to Safely use and share the Potential of Digital technologies : A Task where e-Media have to play an important role, he obseved, ensuring that the State is present in order to work together with Businesses and other Social Actors.

In fact, "International Cyber-Crime" presents a New Big "Challenge also to Sovereignity", with more than 2 Billions of Connexions, to which are added, each Year, about 50 Million New Chinese players, etc., transforming the Internet into an Over-Populated area, but often abandoning alone in their Desert those Businesses which fall Victims to Predators"; whose "Aggressions" are progressively moving from Material (f.ex. Computers, etc) towards Immaterial (f.ex. Data, Software, etc) Targets, due to become the main issue in the Future, warned at the Beginning the General  Marc Watin-Augouard, former Army Inspector General, and currently Director of the School for Officers of the National Gendarmerie. Seeking either to seize Richess or to Dominate an area, such Predators have already become worse than the Pirates who attacked  Commercial or Government Ships in the Past, and, since things move much Faster Today, we canNot wait for 4 Centuries, as we did when the International Law of the Sea was build, but, now, we have to Act Fast in order to Build some Rules able to create a New "Public Order" with a "Balanced relation between Freedoms and Security", as he added.

This can only be done at an International Level, but, Today, the Global Community is Divided", and "doesn't have same views", except from Machines and/or Cables, but not on Data Policies, so that all Attempts made until now inside the UNO and/or the International Union of Telecommunications, at nearby Geneva, Failed, as last December 2012 at Dubai. Mainly because the West doesn't want to Monitor Data a priori, in the name of Liberties, while other Countries, as Russia or China, want to be able to Monitor a priori the flux of Data, in the name of National Sovereignity and Security as he said.

=> Therefore, Today it's "at a European Level" that we have to the Need and the Historic "Chance" to be able to Start building such a New Public Order for the Internet, with European Public Order Standards, which will not abandon Children, Aged People, or SM.Businesses alone to some Predators, but agree Together on the Rules to establish, which should be Valid also for the Rest of the World, he advised. And we could then say throughout the World : Either you, agree, togeher with the EU, on some common Principles, or you are dominated by the USA or China alone, since, as the NSA spying Scandal has shown recently, "we can be Allies on Tanks, Ships, Airplanes, Cables etc., but Not on Internet Data !", as he warned.

    In this regard, CoE's "Budapest Convention" of 2001 on CyberCrime, has been ratified by "only 40 States", among which 4 or 5 don't even belong to the CoE, because the Others hesitate, in the name of National Sovereignity, he reminded, evoking a well known issue in Strasbourg's PanEuropean Organisation, with Russia and other Countries'reluctance to admit TransBorder Data Collection by Foreign Countries via the Internet, (Comp. relevant previous "EuroFora"s NewsReport .. ).

    >>> EU is currently at an "Advanced position", particularly since the beginning of this year,, f.ex. with the creation of the European Centre against Cyber-Crime on January 2013, EU's Strategy on CyberSecurity adopted on February, the Strengthening of the European Agency for Security and Information on April, the EU Directive of August 12 , (etc), and this Movement must Continue, he stressed, 2 Years after the Deauville "G-8" Summit, then chaired by France, had started to officially speak about Internet's Freedom and Security Rules, at the initiative of a European Country, (Comp. "EuroFora"relevant NewsReports from Paris and particularlt Deauville's G8 Summit of May 211). Naturally, this European Integration on Web's Rules, could and should extend also on some Industrial Cooperation to fabricate some Material Objects related to the Internet, he added, taking "Rendez-vous in 4 or 5 Years'" Time for some Concluding Results of EU's progress on Digital society...

    + But this needs to be completed also by Parallel moves from Universities, Businesses, Police and Justice, General Watin added, pointing to he rest of the Debates, Structured in 3 Main "Round-Tables" : (1) on "Anticipating" the Cyber-Attacks and their "Intentions", (2) on Facing the "Damages" thus provoked and "Responding" to them, and (3) on "Reacting" by ensuring the "Protection" and the "Resilience" of Administrations, Businesses and Households, according to their Headings, artfuly guided by the experienced and omnipresent in many European events here, René Eckhardt, President of DirCom and a long-time member of Strasbourg's Press Club, who has worked for OberRhein's Cyber-Security Forums for years :

    Among the various Useful Interventions which followed, by various Experts, on several Specific aspects of these issues, certain particularly Interesting points were raised already from the 1st Round Table on "Anticipating" Cyber-Attacks :

    - Indeed, the Time at the Internet runs too Fast for the Victims to react on the spot, only when they see a Cyber-Attack, because, in fact, it might have already started a more or less long time Before it's discovered and becomes obvious at the surface, and, in addition, its consequences at the Web can be so Massive and/or quasi-Instantneous, their Consequences so Irreversible, that the only Efficient way to have a real Chance to Defend itself is to "Anticipate" it, by detecting possible weaknesses, taking Preventive Measures to strengthen their Protection, and Organizing from beforehand the actions which might be needed in order to face any such Attack whenever it occurs, (f.ex. by gathering and making easily Accessible all relevant Information on the various kinds of Urgent Help to the Victims, what they can do after a possible Cyber-Attack, to whom they should address themselves, who will do what inside a collectivity, which "Plan B" might be set up in case of Destruction of all or part of a Busineses' main Information/Communication Tools, etc., advised in substance the very Practical Colonel Joel Ferry, Deveryware's Counselor on Major Threats against SMEs.

    - This was followed by some very impressive and concrete Examples of particular Cyber-Attacks which can be committed f.ex. through "USB Keys" inserting certain "Spying"Virus inside a Victim's Computer, and/or by usurpating and Divulgating the Ideas, Inventions, and other Intellectual Property of a Business, followed by the corresponding Advice on how to Prevent such sly Traps, by being more Vigilent and Careful, as well as as by Taking certain adequate Measures of Physical and/or Legal Protection, according to useful demonstrations made successively by Ludovic Haye, Expert Responsible for Production at Peugeot-Citroen, and Lawyer Cecile Boutriaux, of Strasbourg's Bar.

    + University Professor, and GRASCO Research Group Director, Chantal Cutajar, anounced that she hopes to have "in 1 Year"'s time the Results of a currently on-going Research that would present a 1st comprehensive Suvey of CybeCrime Victims, which Lacks until now, while a recent Estimation points at almost 65% of Internet Users throughout the World as Victims of one or anoher form of Cyber-Attacks, such as "Identity Theft, Credit Card Fraud, or Virus' transmission", etc, i.e. some 1,5 Millions of Victims each Day, or about "8 Victims per second" !...

    But most Victims don't even reveal, nor register the Damages that they face because of several, more or less important Cyber-Attacks, eiher because they don't hope to find soon and simply enough an efficient Reply, or because they believe that this doesn't worth the Expenses in which they might be obliged by a Judicial Investigation, unless they don't even know what exactly they could do, Cutajar warned, denouncing the fact that, in consequence, we don't yet have a precise overall picture of the real situation facing CyberCrime, (which could be much Bigger  than expected). This current lack of reliable Data, hinders in practice the Development of Anti-CyberCrime Law, Cutajar denounced.

    - She was harmoniously accompagnied by her collaborator, Judge Muriam Quemener, Deputy Attorney at the Court of Creteil, who  High-Lighted a still on-going "Typology of Cyber-Victims", and observed, inter alia, that, often, a percieved "Complexity" of Legal procedures, practically Dissuades several Victims from lodging a formal Complaint, (while, certain Cyber-Attacks, such as, f.ex. "Web-Harassment or Web-Bullying" on line, are not always percieved as a specific  Internet Crime by some Victims, who might even Not be Aware that they had been Attacked, f.ex. in case of a "dormant" or "silent" Virus, etc).

    => All this obviously boiled down into practically revealing a Need to Clarify and Simpify Rules and Procedures for the Protection of Victims of Cyber-Attacks, particularly concerning active and/or innovative SMEs, fragile Particular Persons, etc, for whom productive Time is soon much more Important, even Crucial, than Wasting Hours or even Days in some uncertain and/or too Bureaucratic Procedures.... Only more Simplified and Efficient Legal Protection Tools, well and clearly Publicized, could succeed to incite most Victims to openly Denounce to the competent Authorities at least the most important Cyber-Crimes that they are facing, so that the relevant Law can be progressively Developed, (comp. Supra)...

    Because, meanwhile, i.e. without having yet a Clear and comprehensive  Picture of what is really happening about CyberCrime, even Insurers, (an obviously useful complement in practice), currently Hesitate, don't know how ti Quantify the inflicted Damages and Insurance payments, and, therefore, either expect to "Mutualize" the Cost by spreading an eventually "Obligatory" Insurance for all or most Internet Users, (something which could Negatively affect European Digital Economy by adding elsewhere non-existent Costs !), or are simply .. "Waiting" for the situation to be Clarified and better Known, after which, .. they might even Refuse to cover Cyber-Risks, half-joked the President of "Clever Courtage", Dr. Jean-Laurent Santoni...

    - For the vice-President of SOGETI, Engineer in Armaments, Stephane Janichewski, there is a Contradiction between the growing Importance of CyberCrimes' "Dangers", as long as "Inter-Connexions multiply", (from Spying, up to Theft, Fraud, Destruction of Data, Escros, etc), which provoke Damages whose Global Costs are estimated up to 500 Billions, and the current "Complexity" due not only to the adopted "Techniques", but also to "Judges", to the "Organisations", and/or to "Economico-Social" factors.

    - However, given the importance of what is really at stake, all this "must Not be Left to Experts !", he advised, pointing at crucial socio-Political "Choices", that have to be made.  But, even from a purely Economic point or view, there is always an "Economic Advantage" to those Businesses which are "Better Managed", because they have taken all due Precautions to protect themselves from Cyber-Attacks, Janichewski concluded.

    - In fact,"Technologically, Europe does Not Exist Today, no more, (except from the Cards' Chip, which is due to be replaced sooner or later), and I really hope that this will  soon Change, and that EU will, at last, decide to take Action on Digital Economy", provocativelly pointed out in conclusion, Senior Expert Philippe Wolf, personal Counselor to ANSSI's Director General,

    => In the USA, 'the Forms may have Changed Rapidly, (particularly with a Privatisation which has Diversified structures), but the main Aim remains always the same : World Dominace", he warned, while China (who usually delays Changes) has started, already since 1999, to focus mainly on Technology, he added.

    + Replying to an "EuroFora"'s Question on whether EU's "motor", France and Germany, together with other willing EU Countries, would, at last, find a way to join forces at least now in the Digital Economy, in order to create together something New and Strong for Europe's role in the Digital World, Wolf was initially Careful, simply saying that "Today, nobody could do similar Industrial Voluntaristic Policies, as we did in the Past, given EU's and WTO's evolutions, etc.

    >>> But ANSSI's Top Expert soon changed attitude and started to energetically point at concrete Ideas :

    - What could be really Interesting for the EU to do in Today's Digital World, is if France and Germany took an Initiative to propose forging joint European Standards for Cloud-Computing", he suggested.

    - In fact, there are 2 Differend types of Cloud-Computing : One contains only Data, while another adds Powerful Calculation Capacities for Data-Processing", Wolf distinguissed.

    => - It's mainly on thses second type of "Clouds", that of Powerful Processing calculations, that France and Germany could usefully start to do something really interesting, f.ex. by proposing certain EU Standard Rules, ANSSI's Top Expert suggested in reply to "EuroFora"s question.


        (NDLR : Fast Translation from the Original in French).


("DraftNews", as already sent, earlier, to "EuroFora"s Subscribers/Donors. A more accurate, full Final Version, might be published asap).




Visitors: 30628343


Login Form

Remember me

Lost your Password?
No account yet? Create account


RSS 0.91
RSS 1.0
RSS 2.0
ATOM 0.3

Other Menu

Sarkozy and Merkel want deals with Obama on European Security at Strasbourg's NATO 2009 Summit

In parallel but concording moves, EU Chair, French President Nicolas Sarkozy and German Chancellor Angie Merkel both invited this week US-President elect, Barack Obama, to discuss important deals breaking new ground on European Security during the NATO's 60 Years Anniversary Summit of Heads of State in Strasbourg, where Obama is expected to make his 1st visit to Europe as a President on April 2009.

Merkel focused mainly on smoother NATO - EU Defence and Security policy cooperation, while Sarkozy spoke about PanEuropean Security, associating both Russia and the USA, proposing to freeze missile and shields' deployement until an agreement is reached.

But both tackled some hard nuts to crack : Turkey's VETO against the participation of EU Member Cyprus to EU-NATO cooperation, and Russia's anouncement on deployment of missiles up to Kaliningrad, at EU's belly, in reply to USA's wish to set up missile shields in EU States such as Poland or Czech Republic, etc.

- "Certainly...one of the points that we'll dicuss with the New US President", Barak OBAMA, "who will come f'or the 1st time in Europe as president, at the NATO Summit", co-hosted by France and Germany in Strasbourg, ""concerns, above all, the European Security and Defence Policy" (ESDP), and "the relations between NATO and its partners", with whom it should "work together", anounced earlier this week Merkel.

We must find "a reasonable and adequate concept to articulate NATO and European Security and Defense policy", because of a "series of practical issues, sometimes difficult to understand", but that "we must discuss".


- "An example" of that is "the issue of Cyprus and Turkey", said Merkel, where Ankara raises problems "from Kosovo up to Afghanistan", as also CoE's chair, Swedish Foreign Minister Carl Bildt recently observed in Strasbourg replying to EuroFora's questions.

- "We must do something to smoothen this problem for good, and not only on a case-by-case basis, laboriously negotiated each time". Here, we must find "a reasonable and adequate concept to articulate NATO and European Security and Defense policy", Merkel stressed.

- "With good will from all sides, it could and should be posible. Germany wants also to help on that". Otherwise, "the coming generations will not understand why it took Decades to do so". But, if we "don't even achieve that for Decades, this would be an Historic Failure !", the German Chancellor warned

- "I think that our American partners are increasingly realizing that", Merkel said, pleading for "a stronger European Security and Defence policy, with which, I believe, the Atlantic Security Partnership can also strengthen and solidify".

Meanwhile, USA is also due to take in 2009 a special status inside EU-led EUROCORPS, the European Army HeadQuarters, based in Strasbourg.

Merkel said that after meeting in Berlin with NATO's Secretary General, Jaap de Hoop Scheffer, earlier this week, precisely in order to "prepare NATO's Summit", scheduled for the beginning of April 2009 in Strasbourg.

Scheffe, knows well Strasbourg, since he chaired the CoE, as Holland's Foreign Minister, when he brokered a controversial deal precisely on Turkey and Cyprus about the implementation of ECHR judgements on Greek Cypriot displaced persons' houses and properties in 2003. He returned later at least once, for a WEO meeting at the CoE, where he precisely had highlighted such EU - NATO issues.

EU Commission's 2008 Report on Turkey has just observed that, on European Defense - Security policy, "Turkey continues to object to EU-NATO Cooperation which would involve all EU Member States". "This created Problems for EU-NATO co-operation in the context of Civilian ESDP missions, in particular in Kosovo and Afghanistan".


 French EU Chair, President Sarkozy and Merkel are visiting Washington on Friday and Saturday for a Global G-20 Summit with current US President George Bush, on the sidelines of which are expected preparatory contacts with US President-elect Obama's entourage, even if himself might stay in Chicago until he takes over on January 21.

Before going to Washington, Sarkozy concluded today an UE - Russia Summit with Dmitry Medvedev, where they "spoke in length on PanEuropean Security" :

- As EU President, I proposed that we meet on mid-2009 in a framework such as OSCE's in order to set the foundations of a Future Pan-European Security, which would associate Russia and USA, and that, meanwhile, nobody speaks about deploying missiles or shields, which complicate the situation".

- NATO's Summit in Strasbourg-Kehl, on April 2009 is a perfect occasion to discuss with our American friends and to prepare a possible OSCE Summit for these issues f.ex. for June or July", Sarkozy concluded.

- We must all abstain from Unilateral measures" dangerous for Europe's security. "Russia only reacted to decisions taken by some other countries. But if they are ready to cooperate, we are ready to discuss. EU could be an intermediary", added Russian President Dmitry Medvedev, before going himself too at the Washington G-20 Economic Summit.


2009 EU Elections were won by Parties against Technocracy and Turkey's controversial EU bid, while the 1999-2004 Majority Abstention trend decelerated. What should be done in 2009-2014 ?


SMF Recent Topics SA

Copyright (c) 2007-2009 EIW/SENAS - EuroFora.net. All rights reserved. ISSN 1969-6361.
Powered by Elxis - Open Source CMS.