Results From EU Cybersecurity Drill Not So Great
You’ve likely heard news stories about mock emergency trainings like the five-day ordeal this week in the New York harbor, where officials successfully rooted out faux dirty bombs en route to some of New York’s vulnerable landmarks.
Officials at the European Union have taken that preparedness tactic digital, with a cyber attack drill. The European Network and Information Security Agency (ENISA) released a report this week detailing the results of the exercise, which took place in November. In the drill, 70 experts from across Europe had to work together to counter 300 “attacks” aimed at paralyzing Internet traffic on the continent.
(Unnecessary but interesting detail: The hypothetical hacker group went by the name “Funk Mercenaries.” I’ll let you draw your own conclusions, but I find it to be one more sign of the growing divide between U.S. and European senses of humor.)
The results were not as favorable as they were in New York. After the drill, officials in 55 percent of national technology offices said they were not confident that they would know whom to contact in the event of such a cyber attack.
That’s kind of a big deal. It highlights the EU’s need to improve its cybersecurity infrastructure. The Web is by nature decentralized, and so is the EU – its 27 member states are sovereign nations with national government, though they share economic, immigration and other policies – so the task appears doubly difficult. But in order to thwart these attacks, governments of these interdependent states will have to take decisive, coordinated action, and that starts with knowing whom to call when the Internet goes down.
I suspect the ENISA officials who designed the scenario knew something like this would happen. Multiple times they state that their purpose in running the mock attack was to “trigger communication and collaboration” (emphasis mine). A wake-up call, perhaps? Good thing they knew whom to contact.
Posted by Laura Williams on Apr 19, 2011