This post is also available in: heעברית (Hebrew)

European nations are increasing their efforts to prepare for the future of warfare, in which cyberwarfare plays a major role. Europe’s first live-fire cyber exercise held in February was dedicated to improving European cooperation between Member States’ national Computer Emergency Response Teams (CERTs). 

During the event held by the European Defense Agency (EDA), over 200 cyber experts from 17 nations practiced defending European military assets from cyberattacks, all of them connecting remotely from their working locations. A major part of the event is being funded by Europe’s coronavirus relief package.

The objective of the exercise was to bring together military CERTs and observe incident management dynamics with a particular focus on information-sharing, a key factor in modern cyber defence. 

While European countries have come a long way in establishing mechanisms and processes to exchange information between civilian CERTs, such cooperation and communication channels are much less developed in the military domain, also due to the high sensitivity of the information. Many stakeholders have expressed the need to extend the information sharing practices used in civilian circles also to military CERTs and their operations. 

The exercise goal was to experience and observe the dynamics of incident response during realistic live-fire cyber attacks and to identify gaps and opportunities for improvement. 

To make the exercise as real as possible, cyberattacks happened in real time, professional attackers from several countries launched their attacks together, and the nations tasked with defending against them were not warned when the attacks would come or what type they would be.

The outcome and lessons learned from the exercise – as well as the potential follow-on actions required – will be discussed during the second part of the MilCERT Interoperability Conference (MIC) in June in Lille, according to the EDA website.