European banks, telcos and governments embark on cyber-attack simulation exercise

European banks, telcos and governments embark on cyber-attack simulation exercise

Banks, telcos and governments across Europe are undergoing a massive cyber-attack exercise today to test their readiness for a real-world assault on the financial services industry.

Around 400 experts from major financial institutions, telcos, Internet service providers and local and national governments across Europe are facing more than 1200 separate cyber incidents - including more than 30,000 e-mails - during a simulated distributed denial of service (DDoS) campaign.

The exercise is designed to test how they would respond and co-operate if there was a sustained attack against the public Web sites and computer systems of major European banks.

If real, such an attack would cause massive disruption for millions of citizens and businesses across Europe, and millions of euros of damage to the continent's economy, says the EC.

In 2011, Web-based attacks increased by 36%, while there was a four-fold increase in companies reporting security incidents with a financial impact between 2007 and 2010.

In recent weeks a host of major US banks, including Bank of America and Wells Fargo, have seen their Web sites disrupted by concerted cyber-attacks. The government has suggested these could be the work of Iran in retaliation for economic sanctions although a group claiming responsibly has cited a film mocking the prophet Mohammed as its cause.

Over the last two years, many financial institutions have also been targeted with DDoS attacks by groups such as Anonymous in support of the Occupy Wall Street movement and whistleblowing site WikiLeaks.

Today's table-top exercise uses a self-contained system to simulate the characteristics and performance of actual critical information infrastructures. Experts from Enisa (the EU's European Network and Information Security Agency) will present a "hot wash" of initial results in the next few days and a report with key findings will be issued before the end of the year.

European Commission VP Neelie Kroes says: "This is the first time banks and Internet companies have been part of an EU-wide cyber-attack exercise. This cooperation is essential given the growing scale and sophistication of cyber-attacks. Working together at European level to keep the Internet and other essential infrastructures running is what today's exercise is all about."

European Institutions have also just established their own Computer Emergency Response Team to protect the institutions against cyber threats and incidents. Before the end of 2012, a comprehensive strategy on cyber security will be offered up, including a legislative proposal to improve network and information security across the EU.

Comments: (0)