On 25 April 2019, the NATO Communications and Information (NCI) Agency and the Computer Emergency Response Team for the European Union's institutions, bodies and agencies (CERT-EU) held a cyber workshop ahead of the European Parliament elections in May.
The NCI Agency, CERT-EU and industry experts discussed measures to counteract potential threats to devices and systems related to the 2019 European elections.
Attendees identified techniques such as spear phishing and Distributed Denial-of-Service (DDoS) attacks as potential threats to watch. (A typical DDoS attack disrupts a server's normal traffic by overloading it with internet traffic from compromised systems, like computers or devices.) Attendees also discussed the issue of disinformation.
The workshop highlighted the need to continue to focus on training and educating users, in areas such as guarding against social engineering attacks, like phishing. Governments and their industry partners must also continue to collaborate and share threat information.
NCI Agency Cyber Security Chief Ian West said: "As Secretary General Jens Stoltenberg has said, NATO must act as a hub for cyber information sharing, training and expertise. Through our agreement with CERT-EU, the NCI Agency's NATO Computer Incident Response Capability can further this aim by convening its industry partners to discuss potential threats, suggest measures to counteract them and explore ways to disseminate such information. Though nations are primarily responsible for securing election systems, NATO stands ready to support with information about the threat landscape, as well as processes and techniques we use to secure high-profile events."
CERT-EU Head Saâd Kadhi said: "The European Union and NATO both face an ever-shifting, complex cyber threat landscape. Leveraging their 2016 Technical Agreement, CERT-EU and NCIRC have worked increasingly closely to tackle the challenges they mutually face in cyberspace. The exchange of best practices, sharing of information and frequent bilateral meetings are key to strengthening our strategic partnership. This joint workshop comes at an important time, a month ahead of the European elections, and is an excellent example of the growing engagement and concrete cooperation between our cyber defence teams."
About the NCI Agency and CERT-EU partnership
The NATO Computer Incident Response Capability (NCIRC) and the Computer Emergency Response Team of the European Union (CERT-EU) signed a technical arrangement on 10 February 2016, establishing a robust partnership based on thorough cyber defence information sharing to improve incident prevention, prediction, detection and response. The NCI Agency is responsible for defending NATO networks 24/7. The NATO Computer Incident Response Capability (NCIRC) Technical Centre, part of the Agency, provides specialist services to prevent, detect, respond to and recover from cyber security incidents. CERT-EU supports the various IT security teams in EU institutions, bodies and agencies in defending against cyber threats. It also acts as the incident response a coordination and information exchange hub for its constituency.
For more information see: