Electronic communication services and networks provide the backbone of European economy. 93% of EU companies and 51% of Europeans actively used the internet in 2007. However natural disasters, terrorist attacks, malicious human action and hardware failure can pose serious risks to Europe's critical information infrastructures. Recent large scale attacks on Estonia, Lithuania and Georgia proved that essential electronic communication services and networks are under constant threat. Preparing Europe to act in case of major disruptions or attacks is the goal of a new strategy proposed today by the European Commission.

In 2007, after large-scale cyber attacks, the Estonian Parliament had to shut down its email system for 12 hours and two major Estonian banks had to stop their online services. There is a 10% to 20% probability that telecom networks will be hit by a major breakdown in the next 10 years, with a potential global economic cost of around €193 billion ($250 billion). This could be caused by natural disasters, hardware failures, rupture of submarine cables (there were 50 incidents recorded in the Atlantic Ocean in 2007 alone), as well as from human actions such as terrorism or cyber attacks, which are becoming more and more sophisticated.

Smooth functioning of communications infrastructures is vital for European economy and society. Communications networks also underpin most of our activities in daily life. Purchases and sales over electronic networks amounted to 11% of total turnover of EU companies in 2007. 77% of businesses accessed banking services via internet and 65% of companies used online public services. In 2008, the number of mobile phone lines was equivalent to 119% of the EU population. Communications infrastructure also underpins the functioning of key areas from energy distribution and water supply to transport, finance and other critical services.

The Commission called on the 30 march for action to protect these critical information infrastructures by making the EU more prepared for and resistant to cyber attacks and disruptions. At the moment Member States' approaches and capacities differ widely. A low level of preparedness in one country can make others more vulnerable, while a lack of coordination reduces the effectiveness of countermeasures.

The European Commission wants all stakeholders, in particular businesses, public administrations and citizens to focus on the following issues:

• Preparedness and prevention: fostering cooperation, exchange of information and transfer of good policy practices between Member States via a European Forum. Establishing a European Public-Private Partnership for Resilience, which will help businesses to share experience and information with public authorities. Both public and private actors should work together to ensure that adequate and consistent levels of preventive, detection, emergency and recovery measures are in place in all Member states.
• Detection and response: supporting the development of a European information sharing and alert system.
• Mitigation and recovery: stimulating stronger cooperation between Member States via national and multinational contingency plans and regular exercises for large-scale network security incident response and disaster recovery.
• International cooperation: driving a Europe-wide debate to set EU priorities for the long term resilience and stability of the Internet, with a view to proposing principles and guidelines to be promoted internationally.
• Establish criteria for European critical infrastructure in the ICT sector: the criteria and approaches currently vary across Member States.