Europe hobbled by lack of cyber-contact knowledge
European member states did not perform well at providing key communications information in a recent simulated cyberattack, according to interim findings.
The results of the pan-European training exercise — which ran on the 4 November — found that while it fully met its objectives of testing Europe's readiness to face online threats to critical infrastructure, better communication information was required to allow for co-ordination of defence measures. The test was co-ordinated by the European Network and Information Security Agency (Enisa) and the European Joint Research Centre.
The 30 participating European countries, eight of which were in an observation capacity, were told that the test — dubbed Cyber Europe 2010 — would simulate gradual loss of interconnectivity between countries. In total more than 320 security incidents were simulated.
"They [the member states] were notified about a hack attack that made networks unavailable. They couldn't use the regular internet highway, and had to reroute traffic. It was about how to find solutions and communicate with each other," Ulf Bergstrom, spokesman for Enisa, told ZDNet UK on Wednesday.
Enisa found that incident handling varied widely within member states and that each had trouble understanding how the others dealt with the incidents. Additionally, it found that there was no need for a new pan-European directory of contacts, but that existing ones needed more regular maintenance.
"Because there were so many structures and hierarchies, they didn't understand what was happening in other member states. They didn't know who to contact, and where to contact them," said Bergstrom. "The multiplication of misunderstandings was immense. Even minor mistakes accumulate — big accidents may be caused by minor faults," he added.
Although findings from the test are still in a preliminary form, Enisa says that the private sector should be involved in future pan-European studies. Member states that participated in the study say they are in favour of future exercises but think that more time should be given to planning and executing the tests in future.
"We will work closely with member states to identify and implement the lessons learnt from this exercise. We also encourage member states to continue their efforts in the area of exercises, both at national and pan-European levels. Enisa will strongly support their efforts," said Udo Helmbrecht, executive director of Enisa, in a statement.
An in-depth review of the exercise is expected to be published at the beginning of 2011, following analysis at a national level.
In the US an exercise called Cyber Storm, now on its third iteration, has been running since 2006. Cyber Storm III took place in September in the US and involved industry and critical sector infrastructure; unlike Cyber Europe 2010 — which had just €100,000 (£85,400) of funding — Cyber Storm III garnered millions of dollars.