B2 The Daily of Geopolitical Europe. News. Files. Reflections. Reports

News BlogMissions Operations

In Tallinn, ministers play hybrid cyber warfare (V2)

(B2) It was a small first of which the Estonians are very proud. In Tallinn, during the informal defence, the 28 EU ministers have been invited to play their own role in what is the first cyber exercise, conducted at strategic level.

The scenario: an EU military operation under attack

From the "EU CYBRID 2017" scenario, B2 had some elements (even if the Europeans do not want to expand, just to preserve the sensitivities of the big Russian neighbor). A scenario built on cascading events affecting an EU military operation deployed at sea. This attack continues for some time. First, we learn of the crash of an observation drone. Then it is a cyber attack on a computer server of the military staff which degrades not only the local reaction capacities but its command and the Brussels-field links. A second drone crashes... then events accelerate.

Malware and false information

We discover amalware', a piece of malware, which was introduced into European systems. And finally it is the communication with the deployed ships that is lost. At the same time, the Union must face an offensive, via social media, of disinformation, even destabilization, with the dissemination of false news. It is therefore important to react quickly to inform the population.

The 28 must react, tablet in support

A ministerial meeting is convened to decide on the measures to be taken. The question facing Europeans is: what to do? how to communicate? As in reality, information comes from the field, given in part by the media, and the ministers are invited to give their position. For this, each delegation is provided with a tablet. And, faced with a multiple-choice questionnaire, which scrolls on a touch screen, each minister must indicate his position. All in a limited time. Because, as in reality, the important thing in the event of a cyber and hybrid attack is to react quickly... and to keep a cool head. At each step, the result of the decision is displayed in near real time, under the direction of Jonathan Vseviov, the permanent secretary of the Estonian Ministry of Defence, who plays the role of the conductor.

Involve as many actors as possible

Apart from ministers, other EU structures are involved: the European Diplomatic Service (EEAS), the European Network and Information Security Agency (ENISA, based in Heraklion in Greece) and the European Defense Organization (based in Brussels), as does NATO. This is both an asset – benefiting from the advice of experts – but also complicates the decision-making process (as in reality).

Oil procedures

The objective of the exercise is first of all to become aware of the situation "as an expert on the file explains, then to" provide crisis management ” like the public position (NB: strategic communication) between all the Member States, in short “ oil procedures to arrive at a common political guideline in the face of a case of cyberattack that threatens the military structures of the European Union.

The ministers got caught up in the game

A bit skeptical at first, the ministers got caught up in the game " In fact. And, during the good hour that the exercise lasted (explanation time included), each of the participants was led to reflect on the need to take quick, strategic decisions, by consulting both their capital and arriving above all at a common position, to avoid giving the "attacker" victory or the feeling of victory.

A difference in appreciation over the year

At the beginning of the exercise, when the first news arrived, " everyone was almost in agreement to have as wide a communication as possible, factual on the events ” tells B2, the Belgian Minister of Defense, Steven Vandeput. " But as the news came it got harder, most [states] were shutting down ". This shows the difficulty of this type of attack. "The defense likes to affix a 'classified defense' on all these documents to prevent any information, "says an expert on the file.

Questions that arise

The exercise also led to a few questions: when can we speak of an attack, of a conflict, in the international sense of the term? This would lead to the establishment of solidarity procedures (mutual assistance clause type article 42.7 at EU level or collective defense article 5 for NATO). The 28 are not automatically on the same wavelength, told us one of the participants.

Other questions: What tools does the European Union have (or should it equip itself with) to deal with such attacks? How to cooperate, in a practical and political way with NATO, which seems more "armed" to deal with cyberattacks on its defense structures? " At NATO level, there are procedures. At EU level, it is less developed, there is still room for improvement says Steven Vandeput.

Cyber ​​knows no borders

The exercise shows that different 'technical' issues can quickly turn into issues requiring political guidance”, then summed up Estonian Defense Minister Jüri Luik. " The cyber world and cyber threats know no national boundaries or barriers between organizations ».

A NATO-EU reaction community

It is therefore " important to carry out this type of joint exercise, between the Member States of the European Union as well as the EU and NATO. We need to share information and have a common understanding, to ensure better preparedness to deal with cyber threats ". NB: A replica of this exercise should be held at NATO level in October, where the European Union will be invited.

(Nicolas Gros-Verheyde, in Tallinn)


The memory of ten years ago

Estonians are particularly aware of cyber attacks with hybrid overtones. Some ten years ago, on April 27, 2007 to be exact, the small Baltic republic suffered a major computer attack (organized from Russia) which seriously destabilized its banking system. The attack was accompanied by more or less significant aftershocks in the following months, accompanied by the dissemination of false information about a possible devaluation of the Estonian currency which put Estonia in a more than uncomfortable situation.


updated at 16:45 p.m. with more detailed material on the scenario, the game between the ministers and the questions asked

Nicolas Gros Verheyde

Chief editor of the B2 site. Graduated in European law from the University of Paris I Pantheon Sorbonne and listener to the 65th session of the IHEDN (Institut des Hautes Etudes de la Défense Nationale. Journalist since 1989, founded B2 - Bruxelles2 in 2008. EU/NATO correspondent in Brussels for Sud-Ouest (previously West-France and France-Soir).

s2Member®