ARN

Simulated cyberattack unites EU and US security experts

The first joint EU-US cyber security simulation tackles real-life threats

Almost 100 computer experts from 16 European countries jointly battled to hold off serious cyberattacks on the European Union's security agencies and power plants as part of a simulated exercise on Thursday.

The event, Cyber Atlantic 2011, was the first joint cybersecurity exercise between the EU and the U.S. Two scenarios were acted out. The first was a targeted, stealth APT (advanced persistent threat) attack aimed at extracting and publishing online secret information from EU member states' cybersecurity agencies.

Security experts at Europe's network and information security agency, ENISA, said that this type of attack was possible in a real-world situation. "It is typical of the type of threat that is out there, although it is not based on any one specific situation. We've chosen threats that we think are real, and we haven't made life easy for ourselves by choosing attacks that are easy to repel," explained ENISA spokesman Graeme Cooper.

The second simulation focused on the disruption of supervisory control and data acquisition (SCADA) systems in power generation infrastructures. This threat is being taken very seriously by EU authorities, particularly in light of allegations that the Anonymous hacker group has attempted to infiltrate French power plants and the widespread Stuxnet attack on Iran's nuclear facilities.

More than 20 EU countries were involved in the exercise, 16 of them actively, with the European Commission providing high-level direction and the U.S. Department of Homeland Security also lending support to the national emergency teams taking part. The aim of the event is to explore how the EU and U.S. would engage each other and cooperate in the event of cyberattacks on their critical information infrastructures, and follows the first pan-European cybersecurity stress test, Cyber Europe 2010, last year.

Lessons learned from Cyber Atlantic 2011 will be used to plan potential future joint EU-U.S. cyberexercises.

"We need to do more to understand the way things operate. We have focused on the IT side obviously, but there would also be wider questions about what would happen if sensitive security data was stolen. That goes alongside securing the IT systems and fighting off attackers and malware," said Cooper.

Follow Jennifer on Twitter at @BrusselsGeek or email tips and comments to jennifer_baker@idg.com.

Nominations for the 2012 ARN IT Industry Awards open on Tuesday, June 12.

More about: APT, etwork, EU, European Commission
References show all

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the ARN comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: european union, government, internet
rhs_login_lockGet exclusive access to ARN's news, research and invitation only events.
ARN Distributor Directory
Find distributors by name | vendor | location
Channel Deals
/deals/aca-pacific/435_fujifilm-lto-10-for-10-promotion-ends-june-30t
ACA Pacific

Fujifilm LTO 10 For 10 Promotion. Ends June 30th, 2012.

More details »
ARN Vendor Directory
Find vendors by name | category

iAsset is a channel management ecosystem that automates all major aspects of the entire sales,marketing and service process, including data tracking, integrated learning, knowledge management and product lifecycle management.