First EU Cyber Defence Exercise

EU Defence Ministers participate in “EU CYBRID 2017”, a strategic table-top cyber defence exercise. The exercise, the first of its kind, is organised by the Estonian Presidency of the Council of the European Union, the Estonian Ministry of Defence and the European Defence Agency (EDA). 
 
In the simulation, hackers sabotaged the EU’s naval mission in the Mediterranean and launched a campaign on social media to discredit the EU operations and provoke protests. 
 
Each of the defense ministers tried to contain the crisis over the course of the 90-minute, closed-door exercise in Tallinn that officials sought to make real by creating mock news videos giving updates on an escalating situation. German Defence Minister Ursula von der Leyen said the “extremely exciting” war game showed the need for EU governments to be more aware of the impact of cyber-attacks on critical infrastructure in the EU.
 
EU CYBRID 2017
The objective of EU CYBRID 2017 is to raise awareness of cybersecurity incident coordination at political level and of the potential effects of offensive cyber-campaigns. It focuses on situational awareness, crisis response mechanisms and strategic communication. 
 
Cyber is widely recognised as a major threat in the EU’s Common Security and Defence Policy (CSDP), yet there has been limited attention to EU missions and operations’ resilience. 
 
To address cyber threats in CSDP, Estonia organised in cooperation with the European Defence Agency a strategic table-top cyber-exercise “EU CYBRID 2017” for EU Ministers of Defence during their informal meeting in Tallinn on 7 September 2017. 
“Cyber, the fifth domain of warfare, must be given as much attention as land, air, sea and space. There is no 100% protection in cyber. It is imperative that EU Defence Ministers test their cyber defence mechanisms. The buy-in of Member States is key for the EU to have the necessary skills, technology and capabilities”, Jorge Domecq, Chief Executive of the European Defence Agency, said.
 
The scope of the exercise is crisis response to a major offensive cyber campaign against EU military structures in a hybrid warfare context. The objectives of the exercise are: 
 
• Situational awareness. Use the EU Intelligence and Situation Centre (INTCEN) to ensure a common understanding of the crisis and the impact of hybrid attacks on EU military structures and to give initial assessment/context for the cyber-campaign. 
• Crisis Response. Raise awareness of the instruments available to the EU in to give strategic guidance on the response to a major offensive cyber-campaign against CSDP structures in a hybrid warfare context. 
• STRATCOM. To coordinate initial messages among EU Member States at political level. 
• Cyber defence. Raise awareness on cybersecurity incident coordination at political level and demonstrate potential effects of offensive cyber-campaigns. 
• Trigger discussions at Council level with a view to examine possible measures in response to specific events, drawn from the crisis scenario. 
 
About the Exercise
EU CYBRID 2017 is a table-top cyber exercise focused on strategic choices and considerations at the EU ministerial level. The goal of the exercise is to highlight a number of strategic concerns and topics that arise in connection with any hypothetical cyber crisis. This exercise should serve as a forum for discussion at ministerial level and provide strategic guidance to address future crises. The exercise scenario included an orchestrated cyber-attack campaign against an EU-led military operation affecting both an EU Headquarter in Rome (OHQ Rome) and its subordinated maritime assets. 
Multiple cyber-attacks covering a range of cyber threats combined with other incidents took place over the course of the exercise. The exercise scenario refers to fictitious countries, organisations and operations. 
 
Cyber Defence and the European Defence Agency
Cyber defence is one of the priorities of the EDA’s capability development plan and of the NATO-EU Joint Declaration. A project team consisting of EDA and its participating Member States' representatives is responsible for jointly developing cyber defence capabilities within the EU CSDP, supported by R&T experts. 
 
The Agency’s main focus is on supporting member states in building a skilled military cyber defence workforce and in ensuring the availability of proactive and reactive cyber defence technology. The EDA for example develops, pilots and delivers a variety of cyber security & defence courses and exercises from basic awareness over expert level to decision maker training.
 
European Defence Agency:           Reuters
 
You Might Also Read: 
 
NATO Cyber War Games 2017: Czechs Win:
 
Cybercrime In The EU -  Where Are You Safe?:
 

 

 

 

 
 
 
« The New GDPR Rules Focus On Consumer Protection
In Demand: Cybersecurity Specialists »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Cofense

Cofense

Cofense (formerly PhishMe) is a leading provider of human-driven phishing defense solutions.

SentinelOne

SentinelOne

SentinelOne is a pioneer in delivering autonomous security for the endpoint, datacenter and cloud environments to help organizations secure their assets with speed and simplicity.

Cyber Future Foundation (CFF)

Cyber Future Foundation (CFF)

CFF was established to create a cyberspace where digital commerce and innovation can thrive based on trust and respect to individual privacy.

BTWorks

BTWorks

BTWorks provides identity management and anti-phishing / smishing solutions for web and mobile apps.

Fornetix

Fornetix

Fornetix is a cybersecurity platform enabling Zero Trust while delivering critical encryption automation, access controls, authorization services, machine identity, and ICAM solutions,

IGX Global

IGX Global

IGX Global is a provider of information network and security integration services and products.

Network Box

Network Box

Network Box is one of the world's leading Managed Security Service Providers.

Italtel

Italtel

Italtel is a multinational ICT company that combines networks and communications services with the ability to innovate and develop solutions for digital transformation.

BotGuard

BotGuard

BotGuard provides a service to protect your website from malicious bots, crawlers, scrapers, and hacker attacks.

UK Cyber Security Council (UKCSC)

UK Cyber Security Council (UKCSC)

The role of The UK Cyber Security Council is to champion the cybersecurity profession across the UK, provide representation for the industry, accelerate awareness and promote excellence.

StrikeReady

StrikeReady

StrikeReady have developed CARA, an advanced technology solution that offers personalized and proactive assessment and remediation of future and current risk in real-time.

Outseer

Outseer

Outseer is a leading technology company in the fight against payments fraud. Outseer reliably determines authentic customers from fraudulent behavior.

Identity Management Institute (IMI)

Identity Management Institute (IMI)

Identity Management Institute (IMI) provides professional training and certification in cyber security with a focus on identity and access management, identity theft, and data protection.

NANDoff Data Recovery

NANDoff Data Recovery

NANDoff is a flat rate data recovery service. We serve the electronics industry around the globe 24/7.

Altospam

Altospam

Altospam is a full service corporate email protection, integrating multiple security levels for your emails.

Cythera

Cythera

Cythera is an Australian cyber security company with in-house cyber security professionals providing world-class cyber protection to medium to large companies all over Australia.