Hackers halt EU Emissions Trading System ... again
3 Feb 2011
London – A series of cyber attacks has forced the European Commission to halt all internal and international transactions within all the EU emissions trading system (EU ETS) registries.
A suspension, which has been in place since 19 Jan, followed a number of attacks on EU member states’ registries of emission allowances for carbon market trading.
EU member states should not be able to reopen registries until they had provided sufficient evidence to the Commission that their registries meet a number of minimum security requirements.
According to a UK ministerial statement by Gregory Barker, the UK has one of the most secure registries in Europe with at least one market participant recommending this week its clients should use the UK registry.
The UK’s registry administrator, the Environment Agency, earlier this week submitted the required evidence to the Commission.
“We have received confirmation this morning that the UK registry will reopen on Friday 4 February at 7am,” said Barker.
“While it is important to ensure a minimum level of security now to ensure the reopening of the registries, the UK will continue to press the European Commission to ensure that registry security across Europe is raised above this level. This is vital to ensure continued confidence in this growing market,” he added.
The suspension has mainly impacted spot trading – which allows for instant delivery of allowances bought on the secondary market. This activity represents 10% of trading on the carbon market.
The futures market, which is predominately based in the UK, and accounts for the remaining 90% of the carbon market, has apparently shown only a limited level of disruption.
“Trading here has continued at broadly the same volumes as before the registries were closed and the impact on the EU emission allowance price has been limited.”
EU ETS registries were also disrupted early last year by widespread cyber attacks. Fake emails were asking users to log on to a malicious website and disclose their user ID code and password. The site appeared to be genuine, using the EC’s own visual identity.
