A team made up of the Netherlands’ National Cyber Security Centre and Heineken have won the Cyber Core 2019 exercise that simulated a wave of cyber-attacks on the leading energy provider of an EU state, threatening a shutdown of vital services in the whole country.
The exercise, which took place at the laboratories of CybExer Technologies in Tallinn, was opened by IT Minister Rene Tammist (SDE) on Wednesday. The exercise marked the first time in Europe that international critical information infrastructure companies compete against each other countering simulated cyber-attacks.
Several large internationals participated, winner Heineken as well as Ernst & Young among them. Estonian stakeholders involved included network operator Elering, energy group Eesti Energia and SK ID Solutions AS as well as several Estonian banks.
Beyond the private sector, representatives of the Netherlands’ National Cyber Security Centre, the IT centre of the Estonian Ministry of Finance and the Tartu city council were involved as well. Experts of United States defence contractor, Raytheon International, participated as observers.
Mr Tammist called the exercise a “crucially important private initiative.”
In its organisation, the exercise followed a similar logic to that of previously conducted state-level and military exercises. “The scenario consolidates a number of real-life situations and follows recent threat trends that show that cyber criminals are targeting vital service providers more and more often,” CybExer’s Merle Maigre explained.
“We take the teams out of their everyday comfort zone and place them under pressure comparable to a real-life crisis,” she added. “News of the last few weeks alone show how the delicate data of dozens of millions of people, including health-related information and even surveillance data, were stolen from strategic companies in Asia because of their weak IT systems. This is why such exercises are essential for the private sector.”
Critical information infrastructure companies can become vulnerable where long supply chains, unclear procurement mechanisms and misguided attempts to cut costs result in the use of security solutions from barely known or monitored sources, Ms Maigre added.
The Cyber Core 2019 exercise is based on such a scenario. Four rapid reaction teams are assembled for the exercise, made up of the participating groups and companies. They then have two days to come up with ways to fend off the attacks and find a solution. The challenge is formidable, as the teams have to handle a constantly changing situation, identify and solve newly occurring problems and countering threats of a constantly changing pattern.