Cyber Europe, one of the largest international stress-test exercises
Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!
July 4, 2017
Various organisers have drawn up their own conclusions following a pan-European cyberwar exercise performed last year.
Cyber Europe 2016, the fourth largest cyber crisis exercise in the region is organized by the European Union Agency for Network and Information Security (ENISA), and is one of the biggest international stress-test exercises to date, and has a lot of industry observers paying attention.
Over one-thousand participants from all twenty-eight EU member states, along with Switzerland and Norway, joined a simulated crisis lasting more than 6 months, culminating in a 48-hour event on October 13 and 14 of last year.
The scenario featured a ransomware attack that in some ways foreshadowed the WannaCrypt and NotPetya attacks that have shaken the internet security industry over recent weeks.
Cyber Europe 2016 offered some opportunities for various participants to increase their technical and operational expertise as well as veryfying their ability to handle crisis communications.
National and governmental Computer Security Incident Response Teams, cybersecurity agencies, EU institutions and their agencies, internet and cloud service providers, cybersecurity software and service providers, banks, energy companies and other critical infrastructure operators were all involved.
The exercise even featured a dark scenario of sorts, inspired by events such as the blackout in the Ukraine in Christmas 2015 or the dependence on technologies manufactured outside the jurisdiction of the European Union.
Naturally, it also featured the Internet of Things, drones, cloud computing, innovative exfiltration vectors, mobile malware and ransomware.
Previous exercises have been criticized for a direct focus on DDoS attacks, something the organisers appear to have addressed for the event. The exercise environment featured dozens of simulated news outlets, TV channels, search engines and social media platforms.
"The true value of ENISA's Cyber Europe 2016 is that it simulates cyber incidents that test and develop the member states' capability to work together and address cyber incidents that have a cross-border perspective," said Udo Helmbrecht, executive director of ENISA, in a statement.
"The simulations are particularly useful in that they are designed to test technical, operational, public relations and political responses to cross-border cyber incidents," asserted the statement.
Various organisers said the exercise fostered cooperation between security providers and national authorities. "Participants had to follow existing business processes, agreements, communication protocols and regulations to mitigate effectively the situations presented to them," ENISA reports.
"Such mechanisms were not always in place for all participants, which hindered the overall ability to reach full EU-level situational awareness," it added.
But more than anything, Cyber Europe 2016 highlighted the very absence of a cooperation framework at the EU level for similar crises stemming from cybersecurity incidents, officially endorsed cooperation procedures or a centralised hub.
"The creation of the EU CSIRTs Network and the European Commission initiative to publish a crisis cooperation blueprint this year are excellent developments in that regard," ENISA added.
The EU security agency also concluded that technical capabilities and crisis communications were of a high standard although the development of an overall strategy demonstrated some scope for further improvement.
Organisational and individual cybersecurity preparedness and capabilities in the EU were excellent overall. Technical expertise, business continuity and crisis communications procedures were of a high standard.
Nevertheless, the vision required to link technical and operational-level response activities to strategic crisis management mechanisms was sometimes lacking, which proved detrimental to fostering crisis exit strategies supporting decision-making.
Various findings from the exercise, including an after-action report and closure video were published on the ENISA website Friday. The organization hopes to use the exercise to work with internet security partners across Europe in developing a cyber crisis cooperation plan as well as a prototype cyber crisis management platform.
Meanwhile, preparations for Cyber Europe 2018 have already started, and we'll provide more information as it becomes available.
Source: The Cyber Europe Initiative.
Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!Tweet Share on Twitter.