Thursday

13th May 2021

EU and US officials simulate cyber attack response

EU and US cyber experts on Thursday (3 November) sat together and brainstormed on how they would deal with attacks aimed at extracting government secrets or taking control of nuclear plants.

The exercise - a first - was organised by the EU's cyber security agency (Enisa) and the US department of homeland security and brought together government experts from Washington, 16 EU capitals and the European Commission.

Read and decide

Join EUobserver today

Become an expert on Europe

Get instant access to all articles — and 20 years of archives. 14-day free trial.

... or subscribe as a group

  • Kilometres of code. Viruses often exploit one badly written line in a programme like Microsoft Word. (Photo: *n3wjack's world in pixels)

"The involvement of the Commission, EU member states and, of course, the US, in today’s exercise shows the high level of commitment we have to ensuring that we protect our digital infrastructures for the benefit of all citizens," Enisa chief Udo Helmbrecht said in a statement.

The simulation comes after the bloc's diplomatic service lost sensitive documents in a large-scale attack in spring this year. The EU then set up computer emergency teams (Certs) for its own institutions - cyber security experts tasked with detecting, managing the damage and preventing attacks on the networks. Certs exist in most member states and in the US, where there is also a dedicated team for attacks on critical infrastructure, such as nuclear plants.

"It's funny it took the EU almost ten years to come up with something it had been pressing member states all the time," one Cert official from a member state told this website on condition of anonymity.

The exercise, while not naming which country would try to extract confidential data via cyber attacks, was carried out on the day a US intelligence report singled out China and Russia as being most active in cyber espionage against US companies.

China and Russia

The report says both private firms and cyber security experts have reported an "onslaught" of computer attacks targeting trade secrets, intellectual property and technology. Attacks from Russia are a "distant second" to those from China, but were "extensive" and "sophisticated".

This other type of attack simulated Thursday reflects a growing concern in the cyber security community that computer programmes (Scada) managing, for instance, water cleaning facilities, are not designed to fend off worms which could hijack the chemical composition and poison an entire city.

Stuxnet, the worm that damaged Iranian nuclear centrifuges and believed to be the work of the US government, has already some offsprings.

Just as the Enisa exercise was developing, a Stuxnet-inspired worm called Duqu was detected in Belgium's largest web-hosting company after having been shut down of an Indian network. Spread through a vulnerability in Microsoft's Word text editing programme, the virus contains code similar to Stuxnet, but its ultimate target is not yet known.

'There's a computer worm in your nuclear centrifuge'

With the discovery of Stuxnet, a computer worm believed to have been developed by the US government to shut down a nuclear plant in Iran, European companies like Siemens are coming under increased pressure to secure software operating 'critical infrastructure' such as power plants or water treatment facilities.

EU struggling to fight cyber crime

Faced with increasing cyber attacks, the EU is looking at a new law criminalising the use of 'zombie' computers and is setting up a 'cyber crime' agency and special teams of IT firefighters. But specialists and data privacy defenders remain unconvinced.

Europol wants to host EU cyber crime centre

The EU's joint policy body, Europol, is angling to host a new European cyber crime centre, with the European Commission due next year to decide where to put its new defence against online threats.

The EU and cyber security

Cloud computing, smartphones, viruses attacking nuclear plants. In the October Focus, the EUobserver turns its attention to cyber security and EU's attempts to set up rules for safer navigation on the internet.

EU companies banned from selling spyware to repressive regimes

European companies selling online surveillance technology have come under increasing criticism from NGOs and the European Parliament after it emerged their products had helped regimes in Iran, Egypt and Libya to clamp down on protesters.

Smartphones are 'data goldmines' for hackers

Smartphones allows us watch videos, listen to music, check emails, find the nearest restaurant, and update our 'status' on Twitter and Facebook, but with the increased technology comes new and largely under-appreciated security threats.

News in Brief

  1. No EUobserver newsletter on Friday 14 May
  2. Germany stops Facebook gathering WhatsApp data
  3. Italy rebuts reports of EU deal with Libya
  4. MEPs demand EU states protect women's reproductive rights
  5. At least nine dead in Russia school shooting
  6. Bulgaria interim government appointed until July election
  7. German priests defy pope to bless same-sex couples
  8. New EU public prosecutor faults Slovenia

Stakeholders' Highlights

  1. Nordic Council of MinistersNordic Council enters into formal relations with European Parliament
  2. Nordic Council of MinistersWomen more active in violent extremist circles than first assumed
  3. Nordic Council of MinistersDigitalisation can help us pick up the green pace
  4. Nordic Council of MinistersCOVID19 is a wake-up call in the fight against antibiotic resistance
  5. Nordic Council of MinistersThe Nordic Region can and should play a leading role in Europe’s digital development
  6. Nordic Council of MinistersNordic Council to host EU webinars on energy, digitalisation and antibiotic resistance

Latest News

  1. EU aims at 'zero pollution' in air, water and soil by 2050
  2. French police arrest Luxembourg former top spy
  3. Vaccine drives spur better-than-expected EU economic recovery
  4. Slovenia causing headaches for new EU anti-graft office
  5. 'No place to hide' in Gaza, as fighting escalates
  6. EU chases 90m AstraZeneca vaccines in fresh legal battle
  7. Fidesz MEP oversees FOI appeals on disgraced Fidesz MEP
  8. Belgium outlines summer Covid relaxation plans

Join EUobserver

Support quality EU news

Join us