The first test of trans-Atlantic responses to cyber incidents, including cyber-attacks, took place in Brussels today. Experts from the US Government joined counterparts from EU Member States to simulate how cyber security authorities on both sides of the Atlantic would cooperate in response to attacks.
Two hypothetical scenarios were tested: a cyber-attack which attempts to extract and publish online sensitive information from the EU’s national cyber security agencies, and an attack on supervisory control and data acquisition (SCADA) systems in EU power generation equipment.
Neelie Kroes, European Commission Vice-President for the Digital Agenda said: “Recent high profile cyber-attacks show that global threats need global action. Today’s exercise provides valuable lessons for specialists on both sides of the Atlantic.”
Sony Playstation, the EU Emissions Trading Scheme, European Commission and European External Action Service have all been subject to cyber-attacks in recent months.
In practical terms, the EU contribution to Cyber Atlantic 2011 has been enabled by the European Commission, with key support from ENISA, the European Network and Information Security Agency, which has facilitated the exercise with the vital technical contributions provided by EU member states. The Department of Homeland Security has been in the lead for the US. The EU CERT (IP/11/694) also participated as an observer.
Cyber Atlantic 2011 grew out of the EU-US Working Group on Cyber-security and Cyber-crime, which was established in November 2010 to tackle new threats to the global networks upon which the security and prosperity of our free societies depend (see MEMO/10/597) Initial findings of the exercise will be taken into account in the Working Group’s report which will be presented to the EU-US Summit later this year.
The Cyber Atlantic 2011 exercise was based on two hypothetical scenarios.
In the first scenario, various EU National Cyber Security Agencies (NCSAs) were confronted with what is known as an Advanced Persistence Threat (APT). Under this scenario, a hacker group, active for several years, launched a sophisticated and targeted cyber-attack to extract sensitive information from the victims, and publish this data online. Several cyber security agencies had been monitoring the group closely for more than a year. This surveillance led to cooperation between some European countries which succeeded in fighting off the attack. The US followed this incident and cooperated with the affected countries fearing that it may also be targeted.
The second scenario was based on (SCADA) system failure in an EU wind turbine. SCADA systems monitor and control processes in essential systems like water treatment and distribution, oil and gas pipelines, electrical power transmission and distribution, wind farms, civil defence siren systems, and large communications systems. This infrastructure failure, and the fact that US companies provide a significant percentage of SCADA equipment and software to Europe, led the EU to request coordination with American partners.
At the November 2010 EU-US summit in Lisbon EU and US leaders agreed to establish an EU-US Working Group on Cyber-security and Cyber-crime (see MEMO/10/597). Four areas for cooperation were identified and are dealt with by dedicated Expert Sub-Groups:
- Cyber Incident Management
- Public-Private Partnerships
Within the European Commission, European Commission, Neelie Kroes Vice President for the Digital Agenda is responsible for cyber-security and, EU Home Affairs Commissioner Cecilia Malmström for tackling cyber-crime.
Cyber Atlantic 2011 itself results from a commitment in April 2011 from Vice-President Kroes, Commissioner Malmström and the Secretary of the US Department of Homeland Security Janet Napolitano to deepen trans-Atlantic cooperation in the face of increasing threats to global internet and digital networks via the EU-US Working Group on Cyber-Security and Cyber-Crime.
Lessons learned from last year’s first pan-European exercise, “Cyber Europe 2010” where experts across Europe tested their responses to a simulated attack from hackers on a critical online service have fed into Cyber Atlantic 2011.