COLOGNE, Germany — Military cyber response teams from 18 European nations went through a live-fire exercise this week designed to test the bloc’s ability to bundle its forces in the event of a cyberattack.
The event, organized by the European Defence Agency, is the opening salvo in a campaign that will stretch through the summer and include training sessions and conferences. The idea is to enhance cooperation in a field that, compared with the civilian world, is still loath to share sensitive threat data and tactics across borders.
It is the first time that officials are considering cyberthreats from a purely military perspective on a European Union scale. Defensive capabilities are seen as increasingly important because new weapon systems heavily rely on data and communications, which could make them easy targets for hackers.
Officials dubbed the drill a “live-fire” event because it played out on a cloud-based cyber range with real targets. Three teams of opposing forces, including one composed of experts from five member states, required defending teams to react to unforeseen attacks. The scenario included figuring out where attacks originated and determining who was behind them.
Mario Beccia, EDA project officer for cyber defense, said the drill’s focus was to help teams work together across nations rather than employing the latest technology. “It is our attempt to create a structure where military personnel can focus on cooperation,” he said in a Feb. 17 virtual news conference.
Typical challenges that computer emergency response teams, or CERT, in armed services face include protecting the control infrastructure of drones and spacecraft, Beccia said.
EDA officials hired Estonian company CybExer Technologies to provide the cyber range for the exercise, enabling participants to log on remotely. The company also contributed two of the red teams.
Finding a cloud-based vendor was necessary because existing exercise infrastructure in the member states requires physical access to servers and computers, said Beccia. Such an insular mindset is emblematic for the secretive world of military cyber response.
“Military units are used to working in silos,” Aare Reintam, CybExer’s chief operating officer, told reporters.
Added Beccia: “Cooperation between military CERTs at the moment is low.”
Next up on the exercise schedule is a June conference for digesting lessons learned and formulating strategic-level steps toward improved cooperation, according to an EDA statement.