BRUSSELS — The European Parliament is considering whether to ban access to Russian websites such as Sputnik and RT from its IT infrastructure. Scores of websites hosting the broadcasters’ content remain accessible despite the EU sanctioning Russian media across the bloc in 2022 after Moscow launched its full-scale invasion of Ukraine. The right-wing European Conservatives and Reformists, whose Polish and Italian leaders publicly oppose Russia’s war, asked during a political group leaders’ meeting on Oct. 15 for “Russian propaganda websites under EU sanctions” to be made inaccessible on Parliament’s IT infrastructure. The request comes from Latvian MEP Rihards Kols, who said he wants the Parliament to block access to RT, Sputnik, VGTRK, ANO TV Novosti and others across all Parliament devices and networks. “This is a matter of information security, institutional coherence, and the credibility of the Parliament’s position against Russian disinformation,” he told POLITICO, adding that “the Latvian national media regulator has raised the issue directly with [Parliament] President [Roberta] Metsola.” If approved, the measure would mirror restrictions already imposed on the social media giant TikTok, whose parent company ByteDance is headquartered in Beijing, over network security concerns. The TikTok app was blocked on the Parliament’s Wi-Fi and devices in March 2023. Several political group leaders expressed concerns that the ban could set a precedent for websites being banned “for reasons other than security,” and cited the technical and legal challenges of enforcing such restrictions, according to the meeting notes. Metsola is “investigating” the possibility and studying which other measures are applied in other EU institutions, according to the notes. Kols said “a solution is expected to be proposed in the near future.” The Parliament’s press service said in a statement the matter will be discussed again in a future leaders’ meeting. “The European Parliament takes the protection of its users and their data seriously and implement measures to protect these and its infrastructures.”

BRUSSELS — First it was telecom snooping. Now Europe is growing worried that Huawei could turn the lights off. The Chinese tech giant is at the heart of a brewing storm over the security of Europe’s energy grids. Lawmakers are writing to the European Commission to urge it to “restrict high-risk vendors” from solar energy systems, in a letter seen by POLITICO. Such restrictions would target Huawei first and foremost, as the dominant Chinese supplier of critical parts of these systems. The fears center around solar panel inverters, a piece of technology that turns solar panels’ electricity into current that flows into the grid. China is a dominant supplier of these inverters, and Huawei is its biggest player. Because the inverters are hooked up to the internet, security experts warn the inverters could be tampered with or shut down through remote access, potentially causing dangerous surges or drops in electricity in Europe’s networks. The warnings come as European governments have woken up to the risks of being reliant on other regions for critical services — from Russian gas to Chinese critical raw materials and American digital services. The bloc is in a stand-off with Beijing over trade in raw materials, and has faced months of pressure from Washington on how Brussels regulates U.S. tech giants. Cybersecurity authorities are close to finalizing work on a new “toolbox” to de-risk tech supply chains, with solar panels among its key target sectors, alongside connected cars and smart cameras. Two members of the European Parliament, Dutch liberal Bart Groothuis and Slovak center-right lawmaker Miriam Lexmann, drafted a letter warning the European Commission of the risks. “We urge you to propose immediate and binding measures to restrict high-risk vendors from our critical infrastructure,” the two wrote. The members had gathered the support of a dozen colleagues by Wednesday and are canvassing for more to join the initiative before sending the letter mid next week.   According to research by trade body SolarPower Europe, Chinese firms control approximately 65 percent of the total installed power in the solar sector. The largest company in the European market is Huawei, a tech giant that is considered a high-risk vendor of telecom equipment. The second-largest firm is Sungrow, which is also Chinese, and controls about half the amount of solar power as Huawei. Huawei’s market power recently allowed it to make its way back into SolarPower Europe, the solar sector’s most prominent lobby association in Brussels, despite an ongoing Belgian bribery investigation focused on the firm’s lobbying activities in Brussels that saw it banned from meeting with European Commission and Parliament officials. Security hawks are now upping the ante. Cybersecurity experts and European manufacturers say the Chinese conglomerate and its peers could hack into Europe’s power grid.  “They can disable safety parameters. They can set it on fire,” Erika Langerová, a cybersecurity researcher at the Czech Technical University in Prague, said in a media briefing hosted by the U.S. Mission to the EU in September.  Even switching solar installation off and on again could disrupt energy supply, Langerová said. “When you do it on one installation, it’s not a problem, but then you do it on thousands of installations it becomes a problem because the … compound effect of these sudden changes in the operation of the device can destabilize the power grid.”  Surges in electricity supply can trigger wider blackouts, as seen in Spain and Portugal in April. | Matias Chiofalo/Europa Press via Getty Images Surges in electricity supply can trigger wider blackouts, as seen in Spain and Portugal in April. Some governments have already taken further measures. Last November, Lithuania imposed a ban on remote access by Chinese firms to renewable energy installations above 100 kilowatts, effectively stopping the use of Chinese inverters. In September, the Czech Republic issued a warning on the threat posed by Chinese remote access via components including solar inverters. And in Germany, security officials already in 2023 told lawmakers that an “energy management component” from Huawei had them on alert, leading to a government probe of the firm’s equipment. CHINESE CONTROL, EU RESPONSE  The arguments leveled against Chinese manufacturers of solar inverters echo those heard from security experts in previous years, in debates on whether or not to block companies like video-sharing app TikTok, airport scanner maker Nuctech and — yes — Huawei’s 5G network equipment. Distrust of Chinese technology has skyrocketed. Under President Xi Jinping, the Beijing government has rolled out regulations forcing Chinese companies to cooperate with security services’ requests to share data and flag vulnerabilities in their software. It has led to Western concerns that it opens the door to surveillance and snooping. One of the most direct threats involves remote management from China of products embedded in European critical infrastructure. Manufacturers have remote access to install updates and maintenance. Europe has also grown heavily reliant on Chinese tech suppliers, particularly when it comes to renewable energy, which is powering an increasing proportion of European energy. Domestic manufacturers of solar panels have enough supply to fill the gap that any EU action to restrict Chinese inverters would create, Langerová said. But Europe does not yet have enough battery or wind manufacturers — two clean energy sector China also dominates. China’s dominance also undercuts Europe’s own tech sector and comes with risks of economic coercion. Until only a few years ago, European firms were competitive, before being undercut by heavily subsidized Chinese products, said Tobias Gehrke, a senior policy fellow at the European Council on Foreign Relations. China on the other hand does not allow foreign firms in its market because of cybersecurity concerns, he said. The European Union previously developed a 5G security toolbox to reduce its dependence on Huawei over these fears. It is also working on a similar initiative, known as the ICT supply chain toolbox, to help national governments scan their wider digital infrastructure for weak points, with a view to blocking or reduce the use of “high-risk suppliers.” According to Groothuis and Lexmann, “binding legislation to restrict risky vendors in our critical infrastructure is urgently required” across the European Union. Until legislation is passed, the EU should put temporary measures in place, they said in their letter.  Huawei did not respond to requests for comment before publication. This article has been updated.

A major outage of Amazon Web Services servers affecting multiple websites Monday morning prompted immediate calls for Europe to boost its tech sovereignty. Slack, Snapchat, Signal and Perplexity were among the affected sites. Amazon Web Services (AWS) offers cloud servers that allow these services and millions of other websites and platforms to run. Brussels is in the midst of a debate on how to achieve digital sovereignty, and what that means exactly, with cloud services at the center of the conversation. EU leaders are expected to take a position during a high-level summit meeting later this week. “Today’s outage shows how concentrated power makes the internet fragile and this lack of resilience hits our economies as a result,” technologist Robin Berjon said in an email. Berjon co-founded the Eurostack project — an initiative campaigning to make Europe self-reliant in digital services. “Europe’s dependency on monopoly cloud companies like Amazon is a security vulnerability and an economic threat we can’t ignore,” Cori Crider, executive director of the Future of Technology Institute, said in an email. According to AWS’s health dashboard, which shows a “running log of AWS service interruptions for the past 12 months,” the outage originated with servers in North America and specifically Virginia. That prompted reaction including from Ulrike Franke, senior fellow at the European Council on Foreign Relations: “My robot vacuum cleaner no longer works and can someone explain why a robot in Paris is linked to U.S. East? Talk about European digital sovereignty…” she posted on Bluesky. “These disruptions are not just technical issues, they’re democratic failures,” said Corinne Cath-Speth, head of digital at civil society group Article 19. “When a single provider goes dark, critical services go offline with it — media outlets become inaccessible, secure communication apps like Signal stop functioning, and the infrastructure that serves our digital society crumbles.” “We urgently need diversification in cloud computing,” she added. Transcription service Trint said in an email that it had experienced disruption but “customers on our EU servers should be largely unaffected.” In a statement shared with media outlets, Amazon Web Services said: “We continue to observe recovery across most of the affected AWS Services. We can confirm global services and features that rely on US-EAST-1 have also recovered. We continue to work towards full resolution and will provide updates as we have more information to share.” Asked at a briefing of reporters in Brussels on Monday, European Commission spokesperson Markus Lammert said the outage “would be a question for the companies, this is not for us to comment on.” With regard to how it had affected the Commission’s own operations, Paula Pinho, chief spokesperson for the European Commission, said: “We were more using for instance e-mails. We go back to our traditional methods.” Pieter Haeck contributed reporting.

BRUSSELS — Crafty hacking groups backed by hostile states have increasingly targeted European public institutions with cyber espionage campaigns in the past year, the European Union’s cybersecurity agency said Wednesday. Public institutions were the most targeted type of organization, accounting for 38 percent of the nearly 5,000 incidents analyzed, the ENISA agency said in its yearly threat landscape report on European cyber threats. The EU itself is a regular target, it added. State-aligned hacking groups “steadily intensified their operations toward EU organizations,” ENISA said, adding that those groups carried out cyber espionage campaigns on public bodies while also attempting to sway the public through disinformation and interference.  The report looked at incidents from July 1, 2024 to June 30, 2025. Multiple European countries said in August that they had been affected by “Salt Typhoon,” a sprawling hacking and espionage campaign believed to be run by China’s Ministry of State Security. In May, the Netherlands also attributed a cyber espionage campaign to Russia, and the Czech government condemned China for carrying out a cyberattack against its foreign ministry exposing thousands of unclassified emails. These incidents underlined how European governments and organizations are increasingly plagued by cyber intrusions and disruption. Though state-backed cyber espionage is on the rise, ENISA said the most “impactful” threat in the EU is ransomware, a type of hack where criminals infiltrate a system, shut it down and demand payment to allow victims to regain control over their IT. Another type of attack, known as distributed denial-of-service (DDoS), was the most common type of incident, ENISA said. DDoS attacks are most commonly deployed by cyber activists. ENISA said different types of hacking groups are increasingly using each others’ tactics, most notably when state-aligned groups use cyber-activist techniques to hide their provenance. The agency also highlighted the threat to supply chains posed by cyberattacks, saying the interconnected nature of modern services can amplify the effect of a cyberattack.   Passengers at Brussels, Berlin and London Heathrow airports recently experienced severe delays due to a cyberattack on supplier Collins Aerospace, which provides check-in and boarding systems. “Everyone needs to take his or her responsibilities seriously,” Hans de Vries, the agency’s chief operations officer, told POLITICO. “Any company could have a ripple effect … We are so dependent on IT. That’s not a nice story but it’s the truth.”

BRUSSELS — The president of the European Commission auto-deletes messages from her phone in part to save storage space, the EU executive said this week. Tech experts have but one question: Really? Deleting messages to save space “sounds cute but also hard to believe. Let’s not be silly here, it’s not the 1990s,” said Lukasz Olejnik, senior research fellow at King’s College London and a cybersecurity expert. “A text message barely takes any room on a modern phone. Like, you would need to get hundreds of thousands of text messages for it to actually make a difference,” Belgian ethical hacker Inti De Ceukelaire said, calling the Commission’s explanation “a non-argument.” “Why doesn’t she change to a phone with more storage?” asked Francisco Jeronimo, vice president for data and analytics at technology market research firm IDC in Europe. Ursula von der Leyen is in the hot seat over a text message she received from French President Emmanuel Macron last year urging her to block the EU-Mercosur trade deal, as first reported by POLITICO. The message was subsequently deleted from von der Leyen’s phone, the Commission said in response to an access to documents request filed by Follow the Money reporter Alexander Fanta. The Commission told its staff in 2020 to start using Signal, an end-to-end-encrypted messaging app, in a push to increase the security of its communications. | Thomas Fuller/SOPA Images/LightRocket via Getty Images On Wednesday Commission spokesperson Olof Gill told reporters: “The messages are auto-deleted after a while, just for space reasons.” He jokingly added: “Otherwise, the phone would go on fire.” Another spokesperson, Balazs Ujvari, added it also helped prevent security breaches, but doubled down on the idea that it was a means of saving space: “On the one hand, it reduces the risk of leaks and security breaches, which is of course an important factor … And also, it’s a question of space on the phone, so, effective use of a mobile device.” To be sure, many Europeans have struggled with overloaded phone storage. But for most it’s a matter of home videos and reams of family pictures that are clogging devices. “Messages take up a lot of space if we are talking about videos, voice recordings,” IDC’s Jeronimo said, whereas text-based messages “take nearly nothing from the storage.” The Commission told its staff in 2020 to start using Signal, an end-to-end-encrypted messaging app, in a push to increase the security of its communications. The institution recommended using the app’s disappearing messages functionality in a 2022 guidance called “Checklist to Make Your Signal Safer.” For security purposes it makes sense, Jeronimo said. “If someone like [von der Leyen] loses her phone, or if the phone is hacked … there’s a very high risk” that her communications will be compromised. But the Macron text again trains the spotlight on the EU executive’s policies regarding keeping a public record of its leader’s communications, following a scandal dubbed “Pfizergate” in which von der Leyen’s text exchanges with Pfizer CEO Albert Bourla over Covid vaccine contracts were never archived. The European Ombudsman continues to investigate Pfizergate, and this week announced it had opened an investigation into last year’s text from Macron. According to Olejnik, “the truth is that [auto-deleting messages] is great for security, not so [much] for public transparency or accountability.” Gerardo Fortuna contributed reporting.