DIPARTIMENT TAL-INFORMAZZJONI
DEPARTMENT
OF INFORMATION MALTA
Press Release
PR 181295
07.06.2018
PRESS RELEASE BY
THE MINISTRY FOR
HOME AFFAIRS AND
NATIONAL SECURITY
Cyber Europe 2018 - get prepared for the
next cyber cisis
Malta
participated in CE2018, an
international cybersecurity simulation
exercise organised by the EU
Cybersecurity Agency ENISA
on 6 and 7 June
2018. The simulation
exercise was locally
coordinated by the
Critical Infrastructure Protection Directorate (CIPD) within
the Ministry for Home Affairs and
National Security (MHAS) and its cyber monitoring arm CSIRTMalta, Malta’s
National Computer Security Incident Response Team.
50 local cyber security and media
professionals from 11 local organisations participated in the most mature EU
Cyber Security Simulation Exercise known as ‘Cyber Europe 2018’ (CE2018) to
date. The simulation exercise was locally coordinated by the CIPD within MHAS
in collaboration with EU ENISA, the EU Cyber Security Agency, and the
participation of other EU member states’ agencies responsible for the monitoring
of the cyber space in their respective regions.
Minister for
Home Affairs and
National Security Michael Farrugia
visited the coordinating team during the exercise and
said such exercises are of utmost importance to test our capabilities in dealing
with cyber and hybrid attacks on critical and
other relevant infrastructure.
Malta is giving
great importance to critical infrastructure and on how to deal with
cyber and hybrid attacks. The Critical Infrastructure Protection Directorate
will be strengthened by other professional personnel.
Malta’s
participation was organised
in multiple crisis
cells. A national
coordinating crisis cell
incorporating a media crisis
cell assembled at the
MHAS Coordinating Centre
in Valletta. A group operational
crisis cell gathered at
the MITA Data
Centre in St Venera and other organisational
crisis cells operated from
their normal place
of work at
various locations in Malta. Malta’s principal moderator and
planner from CSIRTMalta within the CIPD, MHAS travelled to ENISA headquarters
in Athens - Greece, to form part of the EU wide coordination and exercise
planning team.
The
desktop exercise focused on cyber and
hybrid attacks on the aviation
sector disrupting their systems’
and flights’ operations.
Exercise
scenario: It is
a normal day at the airport. Suddenly,
the automated check-in machines display a system failure. Travel
apps on smartphones stop functioning. The agents at the check-in counters
encountered problems operating their
computers. Travellers can
neither check in
their luggage nor pass through security checks. There are huge lines
everywhere. All flights are shown as cancelled on the airport monitors. For
unknown reasons, baggage claim has stopped working and more than half of the
flights must remain on the ground.
A radical group have reportedly taken control of the
airport’s critical systems by means of digital and hybrid attacks.
They have already
claimed responsibility for
the incident and
are using their propaganda channels to spread a call to
action and attract more people to adopt their radical ideology.
This was the
intense scenario which
over 900 European cybersecurity
specialists incorporating communications, local
planners, moderators, monitors, observers, and
players from 30 countries coming
from some 300
organisations had to face
during the ‘Cyber Europe
2018’ (CE2018) – the most mature EU cybersecurity exercise to date. At
the local level, the exercise was customised to the Malta context.
The
two-day exercise was orchestrated by ENISA
at its headquarters
in Athens, Greece,
while participants either stayed at their usual workplace or gathered in
crisis cells. ENISA controlled the exercise
via its Cyber
Exercise Platform (CEP)
which provided a
‘virtual universe’ (integrated environment) for the simulated
world, including incident material, virtual news websites, social media
channels, company websites, and security blogs.
Organised
by the EU
cybersecurity agency ENISA
in collaboration with national and other cybersecurity authorities and
agencies from all over Europe, the CE2018 was intended to enable the European
cybersecurity community to
further strengthen their
capabilities in identifying
and tackling large-scale threats
as well as
to provide a
better understanding of
cross-border incident contagion.
CE2018
focused on helping
organisations to exercise and test
their internal operational
continuity and crisis management
plans including media
crisis communication while
also reinforcing cooperation
between public and private entities.
PR 181295
DIPARTIMENT TAL-INFORMAZZJONI – DEPARTMENT
OF INFORMATION MALTA