On 30 October, more than 200 organisations and 400 cyber security professionals from 29 European countries tested their readiness to counter cyber attacks in a day-long simulation exercise organised by the European Union Agency for Network and Information Security (ENISA). During the course of Cyber Europe 2014, experts from the public and private sectors including cyber security agencies, national Computer Emergency Response Teams, ministries, telecoms companies, energy firms, financial institutions and Internet Service Providers tested their procedures and capabilities against a life-like, large-scale cyber security scenario. #CyberEurope2014 is the largest and most complex exercise of this nature organised in Europe. More than 2,000 separate cyber incidents were dealt with, including Denial of Service attacks to online services, intelligence and media reports on cyber attack operations, website defacements (attacks that change a website’s appearance), ex-filtration of sensitive information, attacks on critical infrastructure (such as energy or telecoms networks) and the testing of EU co-operation and escalation procedures. This was a distributed exercise involving several exercise centres across Europe and co-ordinated by a central exercise Control Centre. Speaking about the event, European Commission vice-president Neelie Kroes commented:” The sophistication and volume of cyber attacks are increasing every day. These attacks cannot be countered if individual states work alone or just a handful of them act together. I’m pleased that EU and EFTA Member States are working alongside the EU institutions with ENISA bringing them all together. It’s only this kind of common effort that will help keep today’s economies and societies fully protected.” Professor Udo Helmbrecht (ENISA’s executive director) added:” Five years ago there were no procedures in place to drive co-operation between EU Member States during a cyber crisis. Today, we have the procedures in place on a collective basis to mitigate a cyber crisis on a European level. The outcome of this latest exercise will tell us where we stand and identify the next steps to take in order that we make continual improvements.” Sharing of operational information Among other things, the Cyber Europe 2014 exercise tested procedures for the sharing of operational information on cyber crises in Europe and enhanced national capabilities for tackling cyber crises and explored the effects of multiple and parallel information exchanges between private-public and private-private at both the national and international levels. The exercise was also designed to test the EU Standard Operational Procedures (EU SOPs), a set of guidelines specifically designed for the sharing of operational information on cyber crises. Increased sophistication of cyber attacks According to ENISA’s Threat Landscape Report, published last year, threat agents have increased the sophistication of their attacks. It has become clear that maturity in cyber activities is not a matter for just a handful of countries. Rather, criminals in multiple countries have developed capabilities that can be used to infiltrate all kinds of targets” Governmental and private” in order to achieve their objectives. In 2013, global web-based attacks increased by almost 25% while the total number of reported data breaches was 61% higher than in 2012. Each of the eight most prevalent forms of data breach resulted in the loss of tens of millions of data records, in turn exposing no less than 552 million identities. Total cost of cyber crime in 2013 According to industry estimates, cyber crime and espionage accounted for between $300 billion and $1 trillion in annual global losses during 2013. This latest exercise simulated large-scale crises related to critical information infrastructures. Experts from ENISA are due to issue a report with key findings. #CyberEurope2014 is a bi-annual, large-scale cyber security exercise. It’s organised every two years by ENISA, and this year counted 29 European countries (26 from the EU and three from the EFTA) plus EU Institutions among its cohort. The exercise takes place in three phases throughout the year, as follows: *Technical: Involves incident detection, investigation, mitigation and information exchanges (completed in April) *Operational/tactical: Dealing with alerts, crisis assessment, co-operation, co-ordination, tactical analysis, advice and information exchanges at the operational level (which took place on 30 October with further tests set for early 2015) *Strategic: Examines decision-making, political impacts and public affairs In the cyber security strategy for the EU and the proposed Directive for a high common level of network and information security, the European Commission calls for the development of national contingency plans and regular exercises, testing large-scale networks’ security incident response and disaster recovery capabilities. ENISA’s new mandate also highlights the importance of cyber security preparedness exercises in enhancing trust and confidence when it comes to online services across Europe. The draft EU SOPs have been tested over the last three years, including during the course of Cyber Europe 2012.