Brussels, 4 October 2012
Digital Agenda: Major banks, telecoms companies and governments join forces in EU-wide cyberattack exercise
Hundreds of cyber security experts from across the EU are testing their readiness to combat cyber-attacks in a day-long simulation across Europe today. In Cyber Europe 2012, 400 experts from major financial institutions, telecoms companies, internet service providers and local and national governments across Europe are facing more than 1200 separate cyber incidents (including more than 30 000 emails) during a simulated distributed denial of service (DDoS) campaign. The exercise is testing how they would respond and co-operate in the event of sustained attacks against the public websites and computer systems of major European banks. If real, such an attack would cause massive disruption for millions of citizens and businesses across Europe, and millions of euros of damage to the EU economy.
European Commission Vice-President Neelie Kroes said: "This is the first time banks and internet companies have been part of an EU-wide cyber-attack exercise. This cooperation is essential given the growing scale and sophistication of cyber-attacks. Working together at European level to keep the internet and other essential infrastructures running is what today's exercise is all about."
Cyber incidents are becoming more frequent. In 2011, web-based attacks increased by 36%. A four-fold increase in companies reporting security incidents with a financial impact was reported between 2007 and 2010 (rising from 5% in 2007 to 20% in 2010).
In the next decade World Economic Forum experts estimate a 10% risk of a major Critical Information Infrastructure incident causing €200 billion in economic damage.
This table-top exercise uses a self-contained system to simulate the characteristics and performance of actual critical information infrastructures. No real infrastructures are involved. Experts from ENISA (the EU's European Network and Information Security Agency) will present a "hot wash" of initial results in the days immediately following the exercise and a report with key findings will be issued before the end of the year.
Cyber Europe 2012 runs alongside European Cyber Security Month and is the second EU-wide cyber-attack simulation exercise organised by Member States, the Commission and ENISA. The 2012 exercise is much bigger in scope and scale than the inaugural 2010 exercise (IP/10/1459).
The European Institutions have also just established their own Computer Emergency Response Team (CERT-EU) to protect the institutions against cyber threats and incidents (see IP/12/949). Before the end of 2012, the European Commission and the European External Action Service aim to present a comprehensive Strategy on cyber security. A key element of the strategy will be a legislative proposal to improve network and information security across the EU. The proposal will provide for a cooperation mechanism amongst the Member States and introduce security requirements for the private sector. To prepare this, the Commission is currently seeking views of governments, businesses, and consumers about the security of Network and Information Systems (NIS), including the internet (see IP/12/818). The consultation runs until 15 October.
Digital Agenda website:
Hash Tag: CyberEurope12
Neelie Kroes website
Follow Neelie on Twitter
Linda Cain (+32 2 299 90 19)