The European Defence Agency (EDA) held last week a two-day cyber exercise in real time, the first of its kind, dedicated to improving cooperation between military Computer Emergency Response Teams (CERTs) from 18 European countries. The exercise took place remotely, with about 200 people participating.
The objective of the exercise was to bring together military CERTs and observe incident management dynamics, with a focus on information-sharing as a key factor in cyber defence, according to the official report of the EDA. The event constituted the first practical part of the EU MilCERT Interoperability Conference. The second part is expected to take place in June in France, where the lessons learned from the exercise and additional strategic topics will be discussed.
The exercise simulated a situation in which professional attackers, based in several EDA member states, take action against infrastructure defended by other member states. As part of the simulation, the exercise also included some military-specific platforms, such as a drone control system and a space ground control station, requiring the use of military strategies. The agency said the intent was to push participants out of their comfort zone, asking them to use all tools and processes possible to deal with the situation, in order to create an unusually realistic exercise environment.
"Today we can see that at the EU level civilian CERTs have established good community and their cooperation is improved continuously," said Estonian Minister of Defence Kalle Laanet, who opened the exercise. "However, military CERTs, which play vital role in cyber defence, are not communicating with the same methods. This is understandable considering the more sensitive information they are dealing with. Yet, despite these limitations, it is still important to offer opportunities for extending information-sharing practices. And this live-fire exercise does exactly that."