EUs cyberangrep-øvelse 30. oktober avløses av Telenor-kollaps

I går holdt EU sin aller største øvelse, og det handlet om hvor sårbart samfunnet har blitt når det gjelder cyber-angrep, og hvor farlig det er at cyberterrorister kan slå ut viktige deler av vår infrastruktur, så som telefonnettet. Fra Mail Online:

EU holds largest-ever cyber-security exercise

By ASSOCIATED PRESS

PUBLISHED: 17:07 GMT, 30 October 2014 | UPDATED: 17:07 GMT, 30 October 2014

ATHENS, Greece (AP) — The European Union on Thursday carried out its biggest exercise to prevent cyber-attacks on Europe’s public utilities and communications networks.

The director of the European Network and Information Security Agency, Udo Helmbrecht, told The Associated Press that Thursday’s one-day exercise involving 29 countries and 200 agencies dealt with attack scenarios against «critical infrastructure.»

Helmbrecht said European countries were working to improve their coordination between national security agencies and to further standardize protective software and methods.

Greece EU Cyber Security
Udo Helmbrecht, the director of the European Network and Information Security Agency, speaks to the Associated Press in an interview in Athens on Thursday, Oct. 30, 2014. The agency coordinated Europe’s largest ever cyber-security exercise, based in Athens, on Thursday. (AP Photo/Derek Gatopoulos)
Read more: http://www.dailymail.co.uk/wires/ap/article-2814407/EU-holds-largest-cyber-security-exercise.html#ixzz3HiNZstce
Follow us: @MailOnline on Twitter | DailyMail on Facebook

Telenor: Vet ikke hvorfor nettet krasjet

Fra dagens VG om Telenors sammenbrudd i går:

Per Meling Telenor
TRENGER TID: Informasjonsjef i Telenor, Per Aril Meling, forteller
fredag at de vet hva feilen skyldtes, men ikke hvorfor den oppstod.

Over tre millioner nordmenn hadde problemer med mobiltelefonen sin i går. Og fortsatt prøver Telenor å finne ut hvorfor.

– Vi vil nå analysere hendelsen og iverksette nødvendige tiltak for å unngå at lignende feilsituasjoner rammer våre kunder, sier Berit Svendsen, administrerende direktør i Telenor Norge.

Problemet rammet over tre millioner kunder og deres tale- og SMS-trafikk over hele landet mellom klokken 19.20 og 21.35 torsdag.

Trenger tid

Da VG snakket med Telenor fredag morgen, hadde de fortsatt ikke funnet årsaken til feilen.

– Vi har egentlig ikke funnet noen svar, utover det som kom ut i går, på hva som gikk galt, sier Per Aril Meling, informasjonssjef i Telenor fredag morgen.

Nok et eksempel på at organiserte øvelser mot “terror” ender opp med nettopp det. Denne gang som cyberterror.

5 thoughts on “EUs cyberangrep-øvelse 30. oktober avløses av Telenor-kollaps

  • 31. oktober 2014 at 13:31
    Permalink

    🙂 Til tross for den vekker ei slik meldig bringer, så må jeg medgi at Per Aril Melings, «Vi har egentlig ikke funnet noen svar på hva som gikk galt,» får meg til å le så jeg griner.

  • 31. oktober 2014 at 14:21
    Permalink

    Jeg deler din latter, Brandulph 🙂

  • 3. november 2014 at 14:03
    Permalink

    Brandulph skrev:

    «Vi har egentlig ikke funnet noen svar på hva som gikk galt,» får meg til å le så jeg griner.

    De har nok svar på nøyaktig hva som skjedde. Jeg har i dag sendt følgende e-post til Telenor, så får vi se om det kommer svar.

    Hei!

    Jeg ønsker svar på om Telenor deltok i EUs store øvelse i forbindelse med Cyber Europe den 30. oktober 2014. Her er lenker til den offisielle hjemmesiden i den forbindelse:

    http://www.enisa.europa.eu/media/press-releases/biggest-ever-cyber-security-exercise-in-europe-today

    http://www.enisa.europa.eu/activities/Resilience-and-CIIP/cyber-crisis-cooperation/cce/cyber-europe/ce2014/cyber-europe-2014-information/briefing-pack/cyber-europe-2014-2013-questions-and-answers

    Vennlig hilsen Jostemikk

    EUs øvelse Cyber Europe 2014 er en svært omfattende cyber attack-øvelse, der ENISA (European Union Agency for Network and Information Security) ikke vil gå ut med hvilke private bedrifter eller hvilke nasjoner som deltok. De skriver at dette får være opp til de enkelte deltakerne å offentliggjøre. Her om hva øvelsen dreier seg om:

    http://www.enisa.europa.eu/activities/Resilience-and-CIIP/cyber-crisis-cooperation/cce/cyber-europe/ce2014/cyber-europe-2014-information/briefing-pack/cyber-europe-2014-2013-questions-and-answers

    Cyber Europe 2014 – Questions and Answers

    1 What is Cyber Europe 2014?

    Cyber Europe 2014 (CE 2014) is the largest and most comprehensive EU cyber-security exercise to date. It is a multi-event cyber exercise that involves more than 400 cyber-security professionals from 29 EU and EFTA countries and 200 organisations, including: Computer Security Incident Response Teams, Cyber Security Agencies, EU bodies, public entities, Telecoms operators, ICT vendors and energy service companies.
    Participants of this three phase exercise have to address several technical challenges such as incident detection, investigation, mitigation and information exchanges at technical level. During the first phase of the exercise, conducted in April, participants across Europe dealt with 16 cyber-security incidents. On 30 October, 29 EU and EFTA countries launched the second phase of CE 2014. This operational part of the exercise aims to evaluate updated EU-Standard Operational Procedures (EU-SOPs), the set of contact points, guidelines, workflows, templates, tools, and best practices for managing multinational cyber-crises. The EU-SOPs will be tested extensively and procedures refined according to results. The third and final phase of CE 2014 will take place in early 2015, focusing on strategic objectives.

    2 What are the objectives of Cyber Europe 2014?

    As a part of Cyber Europe 2014, ENISA, EU Member States and industry will work together to test the
    resilience of IT systems and response capacity – at a technical, operational and political level – in case
    of a serious cross-border cyber-security threat.
    The scenarios that will be used are based on realistic potential incidents, that aim to test the standard cooperation procedures in the European Union, train and test national-level capabilities, explore the effectiveness of collaboration between private and public players, analyse the escalation and de-escalation processes at all technical, operational, and strategic levels and understand the public affairs issues linked to cyber threats.
    More broadly, exercises such as CE 2014 enable the cyber-security community to further build its
    capacity in identifying and tackling large scale threats, to better understand “cross-border” incident
    contagion and to reinforce technical cooperation amongst public and private entities.

    3 Who is participating in this exercise?

    Cyber Europe 2014 involves more than 400 cyber-security professionals from 29 EU and EFTA countries and 200 organisations including: Computer Security Incident Response Teams, Cyber
    Security Agencies, EU bodies, public entities, Telecoms operators, ICT vendors and energy service companies. These cyber-security professionals were selected by the member states based on the specific nature of the exercise. A strong emphasis was placed on involving the public as well as different parts of the private sector.

    4 Which member states/organisation/companies are participating?

    ENISA cannot divulge the names of individual bodies or companies, it is up to them to decide.

    5 Are all Member States participating?

    29 EU and EFTA MS are participating.
    6 On what kind of incidents are the CE 2014 scenarios based? What are the main goals of these scenarios ?
    The CE 2014 scenarios are based on realistic potential incidents, and were designed to meet the objectives of the exercise, namely:
    – To test the Member States and industry working together for resilience of IT systems and response capacity in case of a serious cross-border cyber-security threat.
    – To test standard cooperation procedures in the European Union,
    – To train and test national-level capabilities, explore the effectiveness of collaboration between private-public and private-private players,
    – Finally, its objective is to analyse how the events escalate and de-escalate; to understand these processes at all technical, operational, and strategic levels as well as to understand the related public affairs issues linked to cyber threats.

    7 What do you expect this exercise to show in terms of general readiness to deal with cyber-attacks?

    It is expected that this exercise will demonstrate that strong cross border cooperation is necessary for the Member States, and the public and private sector. We are therefore pleased to have 29 EU and EFTA member states participating, and over 600 actors involved. This kind of cooperation between EU and EFTA countries is essential for the strengthening of transnational cyber-incident management. The importance of this exercise is to build trust between actors in Europe, to exchange best practice in procedures, cyber exercises, lessons learned, expertise which are all crucial to ensuring a stronger community that is able to tackle transnational cyber-crises. Moreover, the European cyber-incident management community has been further strengthened with input from other critical sectors that are relevant for the management of large-scale crises. So, in short, we will come out of this exercise significantly strengthened.

    Klikk linken over for å lese hele originalteksten.

    Så gjenstår å se om Telenor svarer på min henvendelse.

  • 6. november 2014 at 20:26
    Permalink

    Av en eller annen forunderlig årsak har ikke Telenor svart på min henvendelse. Jeg kommer til å purre, og har nå fått tak i den direkte e-postadressen til den ansatte i Telenor som sitter i styret til ENISA. Så ja, de er helt sikkert med på moroa.

Legg igjen en kommentar

Din e-postadresse vil ikke bli publisert. Obligatoriske felt er merket med *

Optionally add an image (JPEG only)

%d bloggere liker dette: