Defense ministers from EU member-states recently participated in the “EU Cybrid 2017” exercise that was held in Tallinn, Estonia last September 7, 2017.
This event marks the Union’s first attempt at hosting its own unified cyber war games to tackle a range of digital security issues that could arise during potential cyber attacks.
Some of the topics that were tackled in the event included crisis response mechanisms, situational awareness, and strategic communication.
This event was organized by the EDA (European Defense Agency), the Estonian Ministry of Defense, and the Estonian Presidency of the Council of the EU.
During the exercise, participants were placed in a 90-minute, closed-door simulation that assessed the quality of their crisis-management and decision-making responses during a mock cyber-campaign that’s aimed against their military assets.
EU Cybrid 2017
The EU Cybrid 2017 event involved a tabletop cybersecurity exercise that is intended to raise awareness on cyber-attack event coordination and strategic decision considerations that need to be made at the political level.
The goal of the simulation is to identify key strategic concerns and issues that could arise from potential offensive cyber-campaigns and to come up with possible strategies to address any future attacks targeted against the EU.
Some of the objectives of the exercise include the following:
Identify the instruments that are available to the EU in addressing potential cyber-offensives against the Union’s CSDP (Common Security Defense Policy) structures in this hybrid warfare context.
Utilize the EU INTCEN (Intelligence and Situation Center) to ensure that member states have a common understanding of the current cyber-campaign crisis and its impact on the EU’s military structures.
Coordinate the initial messages that are sent to the member-states’ governing authorities during occurrences of these cyber-offensives.
In the exercise, defense ministers were tasked with the responsibility of containing a simulated cyber campaign that was made realistic with the use of mock news videos and escalating situation updates.
The exercise’s scenario involved hackers launching several strategic cyber-attacks against the EU, such as:
- The cyber-sabotage of one of the naval operations of the EU in the Mediterranean sea;
- A social media campaign that discredited the operations of the EU and sparked mass protests within member states; and,
- Multiple other cyber attacks that covered a range of possible threats in the cyber realm.
These events led to several adverse impacts that affected the European Union’s Operational Headquarters in Rome and the maritime assets that are under its authority, among other things.
The hackers that were mentioned in the exercise mostly comprised of fictitious organizations coming from fictional countries as well.
Ursula von der Leyen, Germany’s defense minister, felt that her experience at the war games was “extremely exciting.”
She noted that EU members should be made more aware of the possible impact that cyber attacks can have on government infrastructures.
According to Von der Leyen:
“The adversary is very, very difficult to identify. The attack is silent, invisible. The adversary does not need an army, but only a computer with internet connection.”
Juri Luik, Estonia’s defense minister, also gave his two-piece on the matter:
“Do you announce to the whole country that you are under a cyber attack. Is it an incident, a threat or an attack? These are the questions that ministers were forced to consider, probably for the first time.”
Also, Jorge Domecq, the EDA’s chief executive, believes that the EU should pay more attention in securing its current cyber-infrastructure.
He believes this to be necessary because of it being widely recognized as a vulnerable area in the Union’s CSDP.
In his own words, Domecq said:
“Cyber, the fifth domain of warfare, must be given as much attention as land, air, sea and space. There is no 100% protection in cyber. It is imperative that EU Defence Ministers test their cyber defence mechanisms. The buy-in of Member States is key for the EU to have the necessary skills, technology and capabilities.”
What about you?
Do you believe that the EU is headed in the right direction with these initiatives?
What other actions do you think the EU’s EDA should take to better fortify themselves from future cyber attacks?
Do tell us in the comment section below, as we would love to hear from you.
And, as always, stay tuned for more of the latest trends and happenings.