Europe Holds Cyber-Warfare Test

Europe’s cyber security experts are staging a simulated cyber-attack on critical services today, across several EU member states.

The “Cyber Europe 2010” test will test Europe’s readiness for an attack which attempts to paralyse online services so internet connectivity is gradually lost between European countries. It follows the announcement of measures to strengthen and modernise the European Network and Information Security Agency (ENISA) to combat cyber warfare.

Testing links between states

Details of the exercise are being kept under wraps, but ENISA has been at pains to emphasise that this is not an operational test like the US Department of Homeland Security’s Cyber Storm, a series of week-long multi-million dollar tests of America’s attack-readiness.

“Our budget is in the order of hundred of thousands of Euros,” said an ENISA spokesman, adding that the test will not involve critical sectors, or industry and will not test response capabilities. Above all it will not carry the risk of a real network crash – it just tests how well agencies can share information.

By contrast, the US Cyber Storm III exercise, one month ago, was an operational exercise, which included industry and cost millions of dollars, the spokesman said.

During the exercise, through the day, one country after another will face fictitious access problems, and will co-operate on a response, testing their communications in the process. The exercise has been developed since November 2009, and will be followed by more complex scenarios, eventually going all the way to global tests.

“This exercise to test Europe’s preparedness against cyber threats is an important first step towards working together to combat potential online threats to essential infrastructure and ensuring citizens and businesses feel safe and secure online,” said Neelie Kroes, vice president of the European Commission for the Digital Agenda,
who is visiting the UK’s cyber-attack centre during the simulation exercise,

The exercise is based on fears that a denial of service attack by hackers could effectively put all major cross-country connections in Europeout of action, and make it difficult for businesses and citizens to access services such as eGovernment. In such an attack, the plan is to re-route communications.

Yesterday saw evidence that the fears are based on reality. The state of Myanmar (formerly Burma) was virtually cut off with a distributed denial of service (DDoS) attack. In the UK, Home Secretary Theresa May has promised increased support for cyber-warfare measures following warnings from the head of GCHQ that Britain faces “credible” cyber-attack threats.