Despite extreme upheaval and rampant infighting caused by the European debt crisis, the EU and U.S. are banding together today in Brussels and shifting its focus toward cyber security.
The European Network and Information Security Agency (ENISA) and the U.S. Department of Homeland Security will be conducting their first ever joint EU-US cyber security exercise. “Cyber Atlantic 2011,” as the event is titled, will be a day-long table-top exercise in which EU and US officials will simulate a cyber-attack on critical infrastructure and explore how the two bodies would react and work together in response to such a crisis.
The exercise is similar to the biennial Cyber Storm exercises conducted by the Department of Homeland Security in the U.S. and will test two scenarios. The first scenario imagines a targeted attack that attempts to infiltrate the network of an EU Member State and publish sensitive information found within. In the second scenario, the attack will target SCADA systems in an attempt to disrupt power generation infrastructures.
The simulation, part of an EU-US commitment to cyber security agreed upon at a summit in Lisbon in November 2010, will be attended by more than 20 EU Member States, of which 16 will play an active role. The European Commission will direct the event.
“It is an honour for ENISA to be facilitating this extremely important milestone in international cyber security cooperation,” said ENISA’s Executive Director, Professor Udo Helmbrecht, in a statement.
These threat-simulations seem to repeat two of the most visible motifs in the security industry over the past couple of years: the APT (or “advanced persistent threat” as in the case of the Aurora and RSA attacks) and concerns about the vulnerability of industrial control systems (as in the case of Stuxnet, or anything having to do with critical infrastructure).