Navigation path

Left navigation

Additional tools

Other available languages: none

European Commission


Brussels, 23 July 2013

Cecilia Malmström welcomes new rules boosting Europe's defences against cyberattacks

Yesterday the Council adopted EU rules to support the fight against cybercrime, in particular large-scale attacks on information systems. Member States will have an obligation to comply with the new Directive and implement its provisions into national legislation within a maximum of two years.

Cecilia Malmström, EU Commissioner for Home Affairs, said: "I very much welcome the final adoption of this Directive, which will significantly boost Europe's defences against cyberattacks and contribute to strengthening the EU citizen's confidence online.

I trust that Member states will act swiftly and promptly to implement the new rules that define criminal offences and sanctions in the area of cybercrime, improve the reporting of relevant cyberincidents to law enforcement authorities and provide for the sharing of Member States’ crime statistics with the EU.

I cannot stress enough the need for better information on cybercrime: it allows for a more complete picture of the extent of cybercrimes and enables a targeted and appropriate policy response. I am confident that the new Directive will contribute to improve cross-border police cooperation and will establish more effective monitoring systems and data collection.

We all need to work together to achieve the objectives that we have set ourselves. It is therefore essential that all Member States get up to speed and make cybersecurity a top priority."


Together with the launch of the European Cybercrime Centre and the adoption of the EU Cyber-security Strategy, the Directive on attacks against information systems will strengthen our overall response to cyber-crime and contribute to improve cyber-security for all our citizens.

The new Directive builds on rules that have been in force since 2005 (Council Framework Decision 2005/222/JHA). While retaining a number of current provisions, it introduces new offences, such as the use of tools to commit large-scale attacks, new aggravating circumstances and higher criminal sanctions, in order to effectively prevent attacks against information systems.

Moreover, the Directive improves cross-border cooperation between the judiciary and the police of EU Member States and obliges for Member States to make better use of the existing 24/7 network of contact points by treating urgent requests within 8 hours.

Finally, the Directive requires Member States to collect statistical data on cyber-attacks and to have reporting channels in place, in order to alert the competent authority of offenses.

Useful links


Statement by Commissioner Malmström

Cecilia Malmström's website

Follow Commissioner Malmström on Twitter

DG Home Affairs website

Follow DG Home Affairs on Twitter

Side Bar