Today, more than 200 organisations and 400 cyber security professionals from 29 European countries are testing their readiness to counter cyber attacks in a day-long simulation exercise organised by the European Union Agency for Network and Information Security (ENISA).
During the course of Cyber Europe 2014, experts from the public and private sectors including cyber security agencies, national Computer Emergency Response Teams, ministries, telecoms companies, energy firms, financial institutions and Internet Service Providers will be testing their procedures and capabilities against a life-like, large-scale cyber security scenario.
#CyberEurope2014 is the largest and most complex exercise of this nature organised in Europe. More than 2,000 separate cyber incidents will be dealt with, including Denial of Service attacks to online services, intelligence and media reports on cyber attack operations, website defacements (attacks that change a website’s appearance), ex-filtration of sensitive information, attacks on critical infrastructure (such as energy or telecoms networks) and the testing of EU co-operation and escalation procedures.
This is a distributed exercise involving several exercise centres across Europe and co-ordinated by a central exercise Control Centre.
Speaking about today’s event, European Commission vice-president Neelie Kroes commented: “The sophistication and volume of cyber attacks are increasing every day. These attacks cannot be countered if individual states work alone or just a handful of them act together. I’m pleased that EU and EFTA Member States are working alongside the EU institutions with ENISA bringing them all together. It’s only this kind of common effort that will help keep today’s economies and societies fully protected.”
Professor Udo Helmbrecht (ENISA’s executive director) added: “Five years ago there were no procedures in place to drive co-operation between EU Member States during a cyber crisis. Today, we have the procedures in place on a collective basis to mitigate a cyber crisis on a European level. The outcome of today’s exercise will tell us where we stand and identify the next steps to take in order that we make continual improvements.”
Sharing of operational information
Among other things, the Cyber Europe 2014 exercise will test procedures for the sharing of operational information on cyber crises in Europe, enhance national capabilities for tackling cyber crises and explore the effects of multiple and parallel information exchanges between private-public and private-private at both the national and international levels.
The exercise is also designed to test the EU Standard Operational Procedures (EU SOPs), a set of guidelines specifically designed for the sharing of operational information on cyber crises.
Increased sophistication of cyber attacks
According to ENISA’s Threat Landscape Report, which was published last year, threat agents have increased the sophistication of their attacks. It has become clear that maturity in cyber activities is not a matter for just a handful of countries. Rather, criminals in multiple countries have developed capabilities that can be used to infiltrate all kinds of targets – Governmental and private – in order to achieve their objectives.
In 2013, global web-based attacks increased by almost 25% while the total number of reported data breaches was 61% higher than in 2012. Each of the eight most prevalent forms of data breach resulted in the loss of tens of millions of data records, in turn exposing no less than 552 million identities.
According to industry estimates, cyber crime and espionage accounted for between $300 billion and $1 trillion in annual global losses during 2013.
This latest exercise simulates large-scale crises related to critical information infrastructures. Experts from ENISA will issue a report with key findings after the exercise ends.
#CyberEurope2014 is a bi-annual, large-scale cyber security exercise. It’s organised every two years by ENISA, and this year counts 29 European countries (26 from the EU and three from the EFTA) plus EU Institutions among its cohort. The exercise takes place in three phases throughout the year, as follows:
*Technical: Involves incident detection, investigation, mitigation and information exchanges (completed in April)
*Operational/tactical: Dealing with alerts, crisis assessment, co-operation, co-ordination, tactical analysis, advice and information exchanges at the operational level (taking place today and during early 2015)
*Strategic: Examines decision-making, political impacts and public affairs
In the cyber security strategy for the EU and the proposed Directive for a high common level of network and information security, the European Commission calls for the development of national contingency plans and regular exercises, testing large-scale networks’ security incident response and disaster recovery capabilities.
ENISA’s new mandate also highlights the importance of cyber security preparedness exercises in enhancing trust and confidence when it comes to online services across Europe. The draft EU SOPs have been tested over the last three years, including during the course of Cyber Europe 2012.