The EU is to conduct war games to help countries prepare for cyber-attacks from nation-states, which is in response to a series of incidents that panicked European governments.
According to reports from the Guardian, Finland's foreign minister Pekka Haavisto said that interior and finance ministers from member states would have to respond to fictional scenarios during meetings in Helsinki in July and September. Finland assumes the EU’s rotating presidency on 1 July.
The exercises will help member states better prepare for a range of attacks, including cyber-attacks and disinformation campaigns. The "scenario based policy discussion" will be held for justice and home affairs ministers in Helsinki on 18 July. Finance ministers will meet on 13-14 September to look at tackling hybrid threats in the financial markets.
"We want the union and member states to strengthen their capacities to prevent and respond. Military and civilian authorities can only do in times of crisis what they have been trained for," he said.
Haavisto said that nation state hackers looking for vulnerabilities had become more prevalent, hence the need to war gaming exercises. He said that Russia's alleged jamming of GPS signals during military exercises in Scandinavia was one such example.
Finland hosts the Nato-backed European Centre of Excellence for Countering Hybrid Threats. Founded two years ago, it now has 22 EU and NATO members.
Laurie Mercer, security engineer at HackerOne, told SC Media UK that this move shows that the EU is serious about cyber-security and building a safer digital Europe.
"For many organisations today, the first time they experience a security incident is an actual attack. Methods such as cyber-war games, Red Team Engagements and Bug Bounty programs can be used to simulate security incidents in a controlled way, allowing organisations to practise responding to security incidents and develop muscle memory for when a real attack occurs. To build a safer digital Europe, vulnerabilities in online systems need to be found and fixed," he said.
In related news, research by Sectigo found that customers of banks in Europe are at risk of becoming fraud victims due to lax online security measures.
The research shows that a quarter of European banks are not taking the necessary steps to prevent their online customers from falling prey to scams. Sectigo said that the study found that a notable percentage of banks left customers vulnerable to phishing scams, but that all banks do use some form of SSL certificates.
Full marks were awarded for the presence of Extended Validation (EV) SSL certificates and the maximum available level of identity verification on the home and login pages. Websites without EV certificates on the home and/or login pages received a lesser rating.
Tim Callan, senior fellow at Sectigo said that the findings of the their online presence, not only to protect customers from phishing, but also to convey that necessary protections are in place.
"The good news is that all banks studied had some form of SSL certificate on the home and login pages," he said.
Is Zero Trust really achievable given the complexity in finance service organisations?
Brought to you in partnership with Forescout