EU Science Hub

JRC toolkit supports EU-wide cyber-attack exercise

Oct 08 2012

On 4 October 2012 IT security experts across Europe tested their readiness to combat cyber-attacks in the 2nd pan-European Cyber Exercise, CyberEurope2012. The exercise was organised by EU Member States, facilitated by the European Network and Information Security Agency (ENISA) and technically supported by the JRC.

During the simulation, 400 experts from governments and from the private sector sustained a massive Distributed Denial of Service (DDoS) attack against vital online services around Europe. DDoS commonly consists of targeting a machine or network with external communication requests in order to overload the server and make the system unavailable to users.

To monitor the progress of the exercise, its moderators used the "EXercise event Injection Toolkit" (EXITO), an innovative web-based platform developed by scientists of the JRC's Institute for the Protection and Security of the Citizen (IPSC). The toolkit can execute and keep on track complex exercises with large number of events and actors. JRC experts provided technical assistance to the organisers during the preparation and execution phases of CyberEurope2012. The assistance included the development of a tailor-made version of EXITO to fulfil exercise requirements, such as integration with media and social network websites.

Cyber incidents have become more and more frequent. Between 2007 and 2010 companies reported a four-fold increase in security incidents with a financial impact. World Economic Forum experts estimate a 10% risk of a major incident to critical information infrastructures over the next decade, which could cause €200 billion in economic damage.

EU-wide exercises like Cyber Europe 2012 are therefore crucial to improve the resilience of critical information infrastructures and to strengthen cyber crisis cooperation, preparedness and response across Europe. The JRC is part of the European programme for Critical Infrastructure Protection (EPCIP) designed to improve the protection of critical infrastructures in the EU.