First EU Cyber Defence Exercise

 

 

Each of the defense ministers tried to contain the crisis over the course of the 90-minute, closed-door exercise in Tallinn that officials sought to make real by creating mock news videos giving updates on an escalating situation. German Defence Minister Ursula von der Leyen said the “extremely exciting” war game showed the need for EU governments to be more aware of the impact of cyber-attacks on critical infrastructure in the EU.

 

The objective of EU CYBRID 2017 is to raise awareness of cybersecurity incident coordination at political level and of the potential effects of offensive cyber-campaigns. It focuses on situational awareness, crisis response mechanisms and strategic communication. 

 

 

To address cyber threats in CSDP, Estonia organised in cooperation with the European Defence Agency a strategic table-top cyber-exercise “EU CYBRID 2017” for EU Ministers of Defence during their informal meeting in Tallinn on 7 September 2017. 

“Cyber, the fifth domain of warfare, must be given as much attention as land, air, sea and space. There is no 100% protection in cyber. It is imperative that EU Defence Ministers test their cyber defence mechanisms. The buy-in of Member States is key for the EU to have the necessary skills, technology and capabilities”, Jorge Domecq, Chief Executive of the European Defence Agency, said.

 

 

• Situational awareness. Use the EU Intelligence and Situation Centre (INTCEN) to ensure a common understanding of the crisis and the impact of hybrid attacks on EU military structures and to give initial assessment/context for the cyber-campaign. 

• Crisis Response. Raise awareness of the instruments available to the EU in to give strategic guidance on the response to a major offensive cyber-campaign against CSDP structures in a hybrid warfare context. 

• STRATCOM. To coordinate initial messages among EU Member States at political level. 

• Cyber defence. Raise awareness on cybersecurity incident coordination at political level and demonstrate potential effects of offensive cyber-campaigns. 

• Trigger discussions at Council level with a view to examine possible measures in response to specific events, drawn from the crisis scenario. 

 

EU CYBRID 2017 is a table-top cyber exercise focused on strategic choices and considerations at the EU ministerial level. The goal of the exercise is to highlight a number of strategic concerns and topics that arise in connection with any hypothetical cyber crisis. This exercise should serve as a forum for discussion at ministerial level and provide strategic guidance to address future crises. The exercise scenario included an orchestrated cyber-attack campaign against an EU-led military operation affecting both an EU Headquarter in Rome (OHQ Rome) and its subordinated maritime assets. 

Multiple cyber-attacks covering a range of cyber threats combined with other incidents took place over the course of the exercise. The exercise scenario refers to fictitious countries, organisations and operations. 

 

Cyber defence is one of the priorities of the EDA’s capability development plan and of the NATO-EU Joint Declaration. A project team consisting of EDA and its participating Member States' representatives is responsible for jointly developing cyber defence capabilities within the EU CSDP, supported by R&T experts. 

 

 

European Defence Agency:           Reuters: 

 

 

 

Cybercrime In The EU -  Where Are You Safe?: