ENISA teams up with US to test EU cyber security

By Stuart Sumner
04 Nov 2011 View Comments
Enisa headquarters on Crete

The European Network and Information Security Agency (ENISA) yesterday joined forces with the US Department of Homeland Security to test EU and US responses to sophisticated cyber attacks.

In an operation dubbed Cyber Atlantic 2011, simulated cyber crisis scenarios are played out with the participation of 20 EU member states' own cyber security agencies.

Further reading

ENISA's executive director, professor Udo Helmbrecht, said that cyber security is high on both the EU and US agendas.

"European vice president Neelie Kroes has spoken of the importance of information communications technology for today's citizens and for the economy.

"The involvement of the commission, EU member states and, of course, the US in today's exercise shows the high level of commitment we have to ensuring we protect our digital infrastructures for the benefit of all citizens."

One of today's scenarios involves the use of an Advanced Persistent Threat (APT), a targeted and stealthy cyber attack, to attempt to steal and publish sensitive information from EU member states.

This is a sophisticated but increasingly common form of attack, referred to recently by Jonathan Shaw, the head of the British military's cyber security programme.

As has been widely reported, Shaw gave the example of a UK firm based in Cheshire, which had its intellectual property stolen from its servers following an APT attack, which ultimately led to the company going out of business.

The second simulates an attack on a country's critical national infrastructure. Specifically, the attack attempts to disrupt supervisory control and data acquisition (SCADA) systems in power generation infrastructures.

This is similar to last year's Stuxnet attack, which Kaspersky Lab founder and CEO Eugene Kaspersky recently stated he expected to see more of.

"I'm sure Stuxnet will happen again and again," he said.

He recommended industrial systems be redesigned to be more secure.

"It's extremely complicated and expensive to redesign industrial systems, but there's no other way. We depend on electricity, transport, information – everything depends on industrial systems."

ENISA says that lessons learned from Cyber Atlantic 2011 will be used to plan further potential joint EU-US cyber exercises in the future.

Reader comments
blog comments powered by Disqus
Newsletters
Windows 10 - will you upgrade?

Microsoft has made an early version of Windows 10 - its next operating system - available for download. The OS promises better integration and harmonisation across platforms, including mobile and desktop. Will your business be upgrading?

25 %
44 %
10 %
21 %