EDA’s second-ever live-fire cyber exercise specifically dedicated to improving European cooperation between Member States’ national, military Computer Emergency Response Teams (CERTs) has wrapped after a two-day exercise. The exercise gathered more than 200 experts from 19 EDA Member States and Switzerland, all of them connecting remotely from their working locations. The exercise kicks-off the technical track of the 2022 edition of the EU MilCERT Interoperability Conference (MIC). The second phase is scheduled to take place in June in Lille (France) where the lessons learnt from the exercise and more strategic topics will be discussed with senior military leaders and decision makers.
The objective of this week’s exercise was to bring together military CERTs and observe incident management dynamics with a particular focus on information-sharing, a key factor in modern cyber defence. The exercise also builds upon the lessons learned from the first MIC cyber exercise held in February 2021.
Opening the exercise, EDA Chief Executive, Jiří Šedivý, said; “The EU Cyber Defence Policy Framework identified already in 2014 the absence of a milCERT network, and the EU Cybersecurity Strategy called for developing such a dedicated network, welcoming EDA’s efforts in this regard. Last year’s MIC was the first step to start closing this gap. This year’s MIC edition can be seen as the second step in what for sure will be a long journey.”
MIC 2022 was first planned under the Slovenian Council Presidency last year. Luxembourg is contributing with their National Cyber Range to make the MIC2022 technical track a success. The exercise preparation, execution and evaluation are furthermore supported by the Estonian company Cybexer Technologies who also provide their cyber range for the exercise.
Red versus Blue
The operational environment created for the exercise is based on advanced Cyber Range technology, with professional attackers from the military and industry, launching live cyberattacks against infrastructure defended by teams from other Member States. The exercise that ran this week tested fictional cyber-attacks, pitting an attacking (red) team against defending (blue) ones.
The MIC exercise was specifically designed for military CERTs and included platforms, tools and technology specific to the military domain; the entire exercise scenario was conceived to use military planning and strategy similar to what is used in real cyber military operations. The intent was not only to provide a realistic scenario, but also to push participants out of their comfort zone, asking them to use all tools, processes and procedures possible, even those not directly at hand in the exercise platform. Thus, creating an exceptionally realistic exercise environment.
At the end of the exercise, Finland was awarded overall winner of this MIC22 technical track while Hungary (task solving), Austria (situational report) and Italy (information sharing) won awards for specific categories.
Towards a new EDA Collaborative project
Today, EDA cyber activities range from defining key priorities at EU level looking at the capability development, R&T and industrial dimensions, including initiatives in support of cyber defence training, education and exercises. To build on the benefits and lessons of the MIC, EDA envisages the possibility to establish an EU milCERT Operational Network as a new ad hoc project within the Agency, with Member States currently invited to signal their interest in participation. In order to close the gap as identified in the EU Cyber Defence Policy Framework and the EU Cybersecurity Strategy the project will provide a solution to identify, develop and sustain the establishment of a network of MilCERT, which will ultimately facilitate the exchange of information and foster a stronger response to cyber incidents.