- Danes split over Dec. 3 referendum on EU justice opt-out
- Yes win would boost cooperation with EU law enforcement agency
Denmark risks exposing itself to more hacker attacks that would put its financial system at risk if the country opts to stay outside Europe’s justice and home rule cooperation, Barclays security chief warned.
"What’s at stake is more than clients getting tricked out of credit card pin-codes or a single account getting hacked," Troels Oerting, Barclays chief information security officer, said in a telephone interview. "There’s a real balance sheet risk to it as well.”
Danes are due to vote in a Dec. 3 referendum on whether to do away with their opt-out on parts of the European Union’s justice and home affairs policies. The government wants to opt in so that Denmark can remain a member of Europol and its recently established Cybercrime Centre (EC3).
The latest polls suggest an open race, with roughly a third of those surveyed planning to vote yes, another third inclined to vote no, and one third still undecided.
According to Oerting, Denmark’s failure to join Europol would place it at a significant disadvantage against hackers, who are oblivious to national borders. The country is also relying on European police cooperation to try to track down about 9.1 billion kroner ($1.3 billion) in stolen tax revenue.
“There’s a risk criminals will increasingly seek out Denmark and Danish banks," said Oerting, a law-enforcement veteran who used to head the EC3.
Joining Europol would offer two key advantages: the country’s banks would be able to mitigate some of the risks by accessing the organization’s cybercrime know-how, and its law enforcers would have a greater say in which cases should be pursued by their European colleagues.
Cybercrime poses a major threat in an open and highly digitalized society like Denmark. The country’s Military Intelligence this month listed cyber espionage alongside terrorism and Russia’s increased military presence on NATO’s eastern border as the biggest security threats.
In 2012, it took several months for the Danish police to discover that hackers had breached its files, as well as the country’s social security database. Gottfried Svartholm Warg, a co-founder of file-sharing site Pirate Bay, was eventually sentenced to 3 1/2 years in jail by a Copenhagen court.
The fact that Danish banks have so far been spared a major attack is no excuse for complacency, according to Louise Mogensen, deputy head of the Danish Bankers Association.
"The entire infrastructure of Danish banks is becoming digital, and this is magnifying our exposure to this type of risk," Mogensen said in a telephone interview. "The fear is that someone could disrupt bank operations and disable the means of payment."
That’s a very significant threat in a country in which economists say credit card transaction data make a better economic bellwether than retail sales, and where about half the population uses mobile phone apps to pay for shop purchases and transfer funds.
"We have surveys showing that most clients would move to a different lender if their bank were to be subject to data theft or large scale hack attacks," Oerting said.