The EU and Cybercrime

Find out more about the Network and Information Security directive (NIS)

Written by Evelyn Coffin


Cybercrime isn’t quite like it was shown in those 90s sci-fi movies, where men in dark glasses sit behind desks with thousands of buttons, hacking people’s personal computers. Nowadays, cybercrime is a broad category, and includes everything from those pesky spam emails to more nasty things like malware or phishing schemes. This stuff isn’t just from visiting questionable websites, either: more than a million people a day are affected by cybercrime. Here are just a few types:


Malware is software designed to get into or damage your computer without you knowing. 50% of Malware is undetectable, and it can affect anything from personal computers to huge systems.

Web-based attacks

This is the one where you click on a link and it redirects you to some weird website and infects your computer.

Web injection attacks

Malicious data can be injected into a server or even a mobile app, which then wreaks havoc.


Infected machines can form networks and work to infect other machines.


We all know this one: spam is unwanted electronic messages, usually with some kind of bait, like an attached picture or a bank deposit.

Phishing schemes

These schemes often come in the form of fake emails or websites and usually try to go for your banking info.

However, there is some good news: Parliament and the Council of the European Union are about to mobilise. They’re launching something called the Network and Information Security directive (NIS), and it’s the first-ever cybersecurity directive, which aims to make being online safer. Here are a few goals of the European Union-wide directive:


EU member states will work together to draw up guidelines and keep each other informed about cyberattacks, to prevent others from taking place.

Protecting against cyberattacks

Companies will now have to meet certain cybersecurity standards to ensure that the government as well as the citizens have access to safer internet.

Risk management

Plans will be put in place so that should a cyberattack occur, they’ll know how to handle it. This also means raising awareness of cybercrime and what it is, and how to stay safer from it. 

Our work is supported by