The European Union’s carbon trading system has been taken offline following a serious security breach.
The system will be offline for “at least” another week, an EU spokesperson said. It is the world’s largest emissions trading system by volume transacted.
The EU took action after it discovered that emissions allowances worth €7 million (£5.9 million) had been stolen from an account based in the Czech Republic. It is understood that the cybercriminals have also hacked into accounts in Austria, Greece, Poland and Estonia.
The EU branded the move to take the system offline as a “transitional measure”. It was a response to “recurring security breaches”, it said.
Part of the security problem could be that some EU member states have declined to pay for what they call expensive changes mandated by the commission. Nevertheless, those changes were ordered after the EU discovered last year that hackers were accessing carbon allowance lists.
“The incidents over the last weeks have underlined the urgent need for all registries to ensure that these [security] measures are speedily implemented,” the EU said.
The system would not be brought back online until member states agree that a “minimum” level of security has been agreed, the EU said.
Mark Darvill, a director at security firm AEP Networks, agreed that it was right for the EU to ensure member states protect their registries with the right security. HE added: “It’s simply not enough for the European Commission to ensure that its own trading platform is protected with the highest levels of security."