26th Sep 2021

EU and US officials simulate cyber attack response

EU and US cyber experts on Thursday (3 November) sat together and brainstormed on how they would deal with attacks aimed at extracting government secrets or taking control of nuclear plants.

The exercise - a first - was organised by the EU's cyber security agency (Enisa) and the US department of homeland security and brought together government experts from Washington, 16 EU capitals and the European Commission.

Read and decide

Join EUobserver today

Become an expert on Europe

Get instant access to all articles — and 20 years of archives. 14-day free trial.

... or subscribe as a group

  • Kilometres of code. Viruses often exploit one badly written line in a programme like Microsoft Word. (Photo: *n3wjack's world in pixels)

"The involvement of the Commission, EU member states and, of course, the US, in today’s exercise shows the high level of commitment we have to ensuring that we protect our digital infrastructures for the benefit of all citizens," Enisa chief Udo Helmbrecht said in a statement.

The simulation comes after the bloc's diplomatic service lost sensitive documents in a large-scale attack in spring this year. The EU then set up computer emergency teams (Certs) for its own institutions - cyber security experts tasked with detecting, managing the damage and preventing attacks on the networks. Certs exist in most member states and in the US, where there is also a dedicated team for attacks on critical infrastructure, such as nuclear plants.

"It's funny it took the EU almost ten years to come up with something it had been pressing member states all the time," one Cert official from a member state told this website on condition of anonymity.

The exercise, while not naming which country would try to extract confidential data via cyber attacks, was carried out on the day a US intelligence report singled out China and Russia as being most active in cyber espionage against US companies.

China and Russia

The report says both private firms and cyber security experts have reported an "onslaught" of computer attacks targeting trade secrets, intellectual property and technology. Attacks from Russia are a "distant second" to those from China, but were "extensive" and "sophisticated".

This other type of attack simulated Thursday reflects a growing concern in the cyber security community that computer programmes (Scada) managing, for instance, water cleaning facilities, are not designed to fend off worms which could hijack the chemical composition and poison an entire city.

Stuxnet, the worm that damaged Iranian nuclear centrifuges and believed to be the work of the US government, has already some offsprings.

Just as the Enisa exercise was developing, a Stuxnet-inspired worm called Duqu was detected in Belgium's largest web-hosting company after having been shut down of an Indian network. Spread through a vulnerability in Microsoft's Word text editing programme, the virus contains code similar to Stuxnet, but its ultimate target is not yet known.

'There's a computer worm in your nuclear centrifuge'

With the discovery of Stuxnet, a computer worm believed to have been developed by the US government to shut down a nuclear plant in Iran, European companies like Siemens are coming under increased pressure to secure software operating 'critical infrastructure' such as power plants or water treatment facilities.

EU struggling to fight cyber crime

Faced with increasing cyber attacks, the EU is looking at a new law criminalising the use of 'zombie' computers and is setting up a 'cyber crime' agency and special teams of IT firefighters. But specialists and data privacy defenders remain unconvinced.

Europol wants to host EU cyber crime centre

The EU's joint policy body, Europol, is angling to host a new European cyber crime centre, with the European Commission due next year to decide where to put its new defence against online threats.

The EU and cyber security

Cloud computing, smartphones, viruses attacking nuclear plants. In the October Focus, the EUobserver turns its attention to cyber security and EU's attempts to set up rules for safer navigation on the internet.

EU companies banned from selling spyware to repressive regimes

European companies selling online surveillance technology have come under increasing criticism from NGOs and the European Parliament after it emerged their products had helped regimes in Iran, Egypt and Libya to clamp down on protesters.

Smartphones are 'data goldmines' for hackers

Smartphones allows us watch videos, listen to music, check emails, find the nearest restaurant, and update our 'status' on Twitter and Facebook, but with the increased technology comes new and largely under-appreciated security threats.

News in Brief

  1. Italy arrests Puigdemont on Spanish warrant
  2. EU and US hold trade talks despite French wrath
  3. EMA to decide on Pfizer vaccine booster in October
  4. EU welcomes Polish TV-station move
  5. Ukrainian parliament passes law to curb power of oligarchs
  6. EU could force Poland to pay lignite-coal fine
  7. Report: EU and US concerned by tech-giants' power
  8. EU states sign 'transparency pledge'

VW emissions software was illegal, top EU lawyer says

Volkswagen used software to alter emissions illegally, according to the European advocate-general on Thursday. The German carmaker installed devices that could detect when the car would be subjected to testing - which would then distort parameters to show lower emissions.

Stakeholders' Highlights

  1. Nordic Council of MinistersNATO Secretary General guest at the Session of the Nordic Council
  2. Nordic Council of MinistersCan you love whoever you want in care homes?
  3. Nordic Council of MinistersNineteen demands by Nordic young people to save biodiversity
  4. Nordic Council of MinistersSustainable public procurement is an effective way to achieve global goals
  5. Nordic Council of MinistersNordic Council enters into formal relations with European Parliament
  6. Nordic Council of MinistersWomen more active in violent extremist circles than first assumed

Latest News

  1. Activists: 'More deaths' expected on Polish-Belarus border
  2. EU unveils common charger plan - forcing Apple redesign
  3. Central Europe leaders rail against 'new liberal woke virus'
  4. Yemen's refugees in 'appalling conditions', says UN agency
  5. VW emissions software was illegal, top EU lawyer says
  6. Sexism and the selection of the European Parliament president
  7. More French names linked to Russia election-monitoring
  8. Negotiations set for new, tougher, EU ethics body

Join EUobserver

Support quality EU news

Join us