European enterprises are teaming with information security agencies and governments to run a pan-European cyberwar readiness exercise today.
Cyber Europe 2016 - which involves thousands of experts from all 28 EU Member States, Switzerland and Norway - is being co-ordinated by European Union security agency ENISA. It's the fourth exercise of its type, and the most complex and wide-ranging to date. Such exercises typically focus on responding to DDoS attacks and malware but Cyber Europe 2016 will encompass a far wider range of threats and ancillary crisis management problems, as a statement by ENISA explains.
Cyber Europe 2016 paints a very dark scenario, inspired by events such as the blackout in a European Country over Christmas period1 and the dependence on technologies manufactured outside the jurisdiction of the European Union. It also features the Internet of Things, drones, cloud computing, innovative exfiltration vectors, mobile malware, ransomware, etc.
The exercise will focus on political and economic policies closely related to cybersecurity. This also takes into account new processes and cooperation mechanisms contained in the Network and Information Security (NIS) Directive. For the first time, a full scenario was developed with actors, media coverage, simulated companies and social media, bringing in the public affairs dimension associated with cyber crises, so as to increase realism to a level never seen before in cybersecurity exercises.
Infosec experts from more than 300 organisations, including national and governmental cybersecurity agencies, ministries, EU institutions as well as internet and cloud service providers and cybersecurity software and service providers are taking part in the pan-European incident response exercise. Preparation work has been doing on for six months in the run-up to main event this week, which started on Thursday and culminates today.
The whole exercise is designed to forge links that can come in handy during a real crisis as well as developing best practice for ensuring business continuity and, ultimately, safeguarding e-commerce in Europe. This effort is more than justified, according to securocrats.
“Computer security attacks are increasingly used to perform industrial reconnaissance, lead disinformation campaigns, manipulate stock markets, leak sensitive information, tamper with customer data, sabotage critical infrastructures,” ENISA argues.
Cyber Europe is organised every two years by ENISA, the EU Agency for Network and Information Security, which describes its latest edition as the largest cybersecurity exercise in the world (see high budget promo trailer below). Results from the latest edition are due to be publicly released next year, following analysis by ENISA and the Member States. “Detailed lessons learned will be shared with the participants to the exercise in order to establish a list of actions to improve cybersecurity in Europe,” ENISA explains.
“It is expected that many of the findings of the exercise are useful for the implementation of the NIS Directive and the work of the CSIRT Network, and the European cyber cooperation platform.”
The Cyber Europe motto is “stronger together”. Despite Brexit, the UK is participating in the exercise (and likely will in future, given the strategic importance of cybersecurity, though this is uncertain). “All 28 European Union Member States participate in the exercise, as well as two European Free Trade Association member states: Norway and Switzerland,” as ENISA explains in an FAQ.
1 A reference to the BlackEnergy attacks against three Ukrainian electricity utilities last December.