Incident response and inter-agency capabilities road-tested


Cybersecurity experts from across Europe have just completed one of the largest international cyber crisis simulations to date.

Cyber Europe 2022 involved more than 800 cybersecurity specialists from 29 countries in the EU and the European Free Trade Area (EFTA), as well as EU institutions and agencies.

This year’s exercise scenario involved a simulated attack on European healthcare infrastructure.

Escalating scenario

Day one included a disinformation campaign based around manipulated lab results, and cyber-attacks on European hospital networks.

On day two, the scenario escalated to an EU-wide security incident. Attackers threatened to release personal medical data, while another group attempted to discredit an implanted medical device by claiming it had a vulnerability.

The exercise tested participants’ incident response capabilities and the ability of EU institutions to work with CERT-EU and ENISA, the EU’s cybersecurity agency, on improving situational awareness. The lessons learned from the exercise will be published in an ‘after-action report’ by ENISA.

Catch up with the latest cyber-attack news

“Strengthening our cybersecurity resilience is the only way forward if we want to protect our health services and infrastructures and ultimately the health of all EU citizens,” said Juhan Lepassaar, ENISA’s executive director, in a press release.

The Cyber Europe exercises normally take place every two years, although there was no 2020 exercise due to the Covid-19 pandemic.

“These exercises play a vitally important role for assessing and developing resilience,” Lisa Forte, partner at Red Goat Cyber Security and a specialist in cyber crisis exercising told The Daily Swig.

“The Cyber Europe exercises are done particularly well and look at how the EU as a whole would cope with a large scale cyber-attack.

“In my experience in running exercises there are always improvements that can be made when it comes to communication between strategic and tactical teams. Usually exercises reveal flaws in the plans that you have that may look good on paper but aren’t useable in high pressure situations.”

YOU MIGHT ALSO LIKE Ransomware market evolution results in fewer variants, but rise in off-the-shelf cybercrime kits continues