Cyber Europe 2016: Analyzing realistic cybersecurity incidents

The European ICT Industry is one of the most advanced in the world. Making the EU’s single market fit for the digital age could contribute €415 billion per year to the economy and create hundreds of thousands of new jobs. The pervasiveness of high-speed connectivity and the richness and quality of online services in the European Union are among the best globally.

Such advantages have considerably increased the dependability of European citizens on ICT services. These two elements, quality of services and customer base, make this industry particularly appealing to global business. What if this important piece of the global economy becomes a target?

Computer security attacks are increasingly used to perform industrial reconnaissance, lead disinformation campaigns, manipulate stock markets, leak sensitive information, tamper with customer data, sabotage critical infrastructures.

Cyber Europe 2016

Cyber Europe 2016 (CE2016) was the largest and most comprehensive EU cyber-security exercise to date. This large-scale distributed technical and operational exercise started in April 2016, offering the opportunity for cybersecurity professionals across Europe to analyze complex, innovative and realistic cybersecurity incidents.

On 13th and 14th of October ICT and IT security industry experts from more than 300 organisations were called upon to mitigate the apex of this six-month long cyber crisis, to ensure business continuity and, ultimately, to safeguard the European Digital Single Market.

Cyber Europe 2016 paints a very dark scenario, inspired by events such as the blackout in an European Country over Christmas period and the dependence on technologies manufactured outside the jurisdiction of the European Union. It also featured the Internet of Things, drones, cloud computing, innovative exfiltration vectors, mobile malware, ransomware, etc.

The exercise focused on political and economic policies closely related to cybersecurity. This also takes into account new processes and cooperation mechanisms contained in the Network and Information Security (NIS) Directive. For the first time, a full scenario was developed with actors, media coverage, simulated companies and social media, bringing in the public affairs dimension associated with cyber crises, so as to increase realism to a level never seen before in cybersecurity exercises.

“In our connected societies, cyber-security concerns us all: we are only as strong as our weakest link. This is why our Directive on Network and Information Security promotes cooperation between EU Member States. With the help of our security agency ENISA, we are running Cyber Europe exercises. CE2016 provides a unique opportunity for Member States, public and private partners to enhance cyber contingency plans and pan-European cooperation,” said Günther H. Oettinger, European Commissioner for the Digital Economy and Society.

Udo Helmbrecht, Executive Director of ENISA, said: “The role of ENISA in assisting the EU Member States for cyber crises is essential, both by organising exercises and by bringing together key stakeholders. Six years have passed since our first cyber crisis simulation and in that time the maturity level and response capability on complex cyber issues has increased. We are better prepared than we were, but that does not mean we have done enough and the work must continue. Cyber-attacks are more sophisticated than before. Cybersecurity is not a state, it is a process.”