EIB thinking

“Someone has to pay
for this and someone
has to fight it”

Who pays for the fight against cybercrime?

The EU bank is investing in new cybersecurity companies that know
how to stop cybercrime

Anders Bohlin likes to compare the dangers of cybercrime to a city that builds a lot of roads — but forgets to add traffic lights.

“This is what has happened in cybersecurity. We forgot to build the traffic lights, and now we have all these malicious attacks going on,” says Bohlin, a digital specialist at the European Investment Bank who works with information and communications technology companies.

Over the past few years, cyberattacks have threatened thousands of companies and billions of people’s private data around the globe. The WannaCry attack shut down computers in hospitals and businesses worldwide. Hackers stole data from billions of users at Uber and Yahoo. Russia was accused of using cybercrime to disrupt elections in the US and Europe.

So why worry so much about how to stop cybercrime? Well, besides the threats to our personal data, cyberattacks cause billions of dollars in losses to the global economy. The European Commission says there were more than 4,000 cybercrime attacks a day in Europe in 2017 and that 80% of European companies experienced a cybersecurity incident.

Cybersecurity becomes a priority

In response to the rising risks, the EIB made cybercrime investments a priority.

“We have been actively looking to help the cybersecurity sector,” says Jussi Hätönen, head of the Bank unit that invests in young, innovative companies. “If you look at any industry, everything is moving to digital. This explodes the amount of data, and that data has to be kept secure.”

The Bank completed several recent cybercrime deals. It signed two loans in December 2017 with the Swedish companies Nexus Group and Clavister to develop more advanced cybersecurity software and create better identification systems. Both deals are part of the European Fund for Strategic Investments, an initiative to increase growth in the EU by working with younger and more innovative companies.

The Bank loaned Nexus EUR 29 million to help accelerate its identity and access management products. Nexus’s “Smart ID” technology lets people identify themselves visually, log in, open doors, sign transactions electronically and make payments with a card or other mobile instrument.

Lars Pettersson, the chief executive of Nexus, says its Smart ID technology is the “holy grail” against cyberthreats, because it bridges the physical and digital worlds with one device that gives users access to their home, office, computer, email accounts, cloud services, car garage, and more.

The EIB offered a EUR 20 million loan to help Clavister, whose firewall products protect the entry points of computer networks and block hackers before they strike. The company is one of the top cybersecurity firms in the world.

The Bank also signed a EUR 20 million deal in October 2017 with CS Communication & Systèmes, a French firm that helps industries detect and prevent cyberattacks. The EIB made a EUR 25 million loan to the Franco-German company Qwant, which has developed a search engine that protects users’ private data.

“Everyone needs to be careful”

Bohlin doesn’t enjoy talking about it, but he has also been a victim of cybercrime. When he worked at a Swedish technology company 14 years ago, he discovered one day that hackers had infiltrated his private computer in a so-called Zombie attack and were remotely sending spam emails. “It was very uncomfortable and a lesson for me that everyone needs to be careful, not only companies,” says Bohlin.

Cybercrime is going to get harder to fight over the next decade as technology advances and gets more complicated, EIB officials say. The battle will not be won easily.

“At the end of the day, cybercrime creates massive losses not only for companies but also for individuals,’’ Hätönen says. “Someone has to pay for this and someone has to fight it.”

The EIB will be with them on the front line.