Critical.
Authoritative.
Strategic.
Subscribe to CIO Magazine »

Simulated cyberattack unites EU and US security experts

The first joint EU-US cyber security simulation tackles real-life threats

Almost 100 computer experts from 16 European countries jointly battled to hold off serious cyberattacks on the European Union's security agencies and power plants as part of a simulated exercise on Thursday.

The event, Cyber Atlantic 2011, was the first joint cybersecurity exercise between the EU and the U.S. Two scenarios were acted out. The first was a targeted, stealth APT (advanced persistent threat) attack aimed at extracting and publishing online secret information from EU member states' cybersecurity agencies.

Security experts at Europe's network and information security agency, ENISA, said that this type of attack was possible in a real-world situation. "It is typical of the type of threat that is out there, although it is not based on any one specific situation. We've chosen threats that we think are real, and we haven't made life easy for ourselves by choosing attacks that are easy to repel," explained ENISA spokesman Graeme Cooper.

The second simulation focused on the disruption of supervisory control and data acquisition (SCADA) systems in power generation infrastructures. This threat is being taken very seriously by EU authorities, particularly in light of allegations that the Anonymous hacker group has attempted to infiltrate French power plants and the widespread Stuxnet attack on Iran's nuclear facilities.

More than 20 EU countries were involved in the exercise, 16 of them actively, with the European Commission providing high-level direction and the U.S. Department of Homeland Security also lending support to the national emergency teams taking part. The aim of the event is to explore how the EU and U.S. would engage each other and cooperate in the event of cyberattacks on their critical information infrastructures, and follows the first pan-European cybersecurity stress test, Cyber Europe 2010, last year.

Lessons learned from Cyber Atlantic 2011 will be used to plan potential future joint EU-U.S. cyberexercises.

"We need to do more to understand the way things operate. We have focused on the IT side obviously, but there would also be wider questions about what would happen if sensitive security data was stolen. That goes alongside securing the IT systems and fighting off attackers and malware," said Cooper.

Follow Jennifer on Twitter at @BrusselsGeek or email tips and comments to jennifer_baker@idg.com.

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

More about: APT, etwork, EU, European Commission
References show all

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the CIO comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: european union, government, internet
Latest Blog Posts
Whitepapers
  • Unified Monitoring™ A Business Perspective
    The enterprise computing landscape has changed dramatically. Virtualisation, outsourcing, SaaS, and cloud computing are creating fundamental changes, and ushering in an era in which enterprises distribute increasingly critical IT assets and applications across multiple service providers.This paper explores today’s computing trends and their monitoring implications in detail. In addition, it reveals how a new monitoring paradigm architecture, that uniquely addresses the monitoring realities of today’s and tomorrow’s enterprises—whether they rely on internal platforms, external service providers, or a combination of both.
    Learn more »
  • Process-Driven Master Data Management for Dummies
    We wrote this book to introduce you to the subject of processdriven MDM. It’s a big topic, one that far outstrips the ability of a brief book to cover. However, our hope is that by reading this book you will gain a fundamental understanding of processdriven MDM, how it works, and what it takes to make it a success in your organisation.
    Learn more »
  • Avaya Deploys the Avaya Desktop Video Device with the Avaya Flare® Experience
    A revolutionary new video collaboration device, the Avaya Desktop Video Device has been making waves in the communications industry ever since Avaya introduced the product in the fall of 2010. Avaya’s own employees have been among the earliest users and have seen first-hand how the product can improve collaboration and make people more efficient and effective. Read more.
    Learn more »
All whitepapers
rhs_login_lockGet exclusive access to Invitation only events CIO, reports & analysis.
Recent comments