European Union governments will launch later this week a large-scale simulation of cyberattacks against multiple member states.
Participants will be confronted with attacks on their supply chains and some spillover socio-economic effects in other member states, before having to coordinate public communications and a diplomatic response, according to people familiar with the matter and documents seen by Bloomberg.
The aim of the six-week exercise is to stress-test Europe’s resilience, strengthen preparedness and cooperation among member states, and improve the effectiveness of a joint response.
The EU simulation comes amid concerns that Russia could couple any aggressive act toward Ukraine with cyberattacks directed at the West.
One of the EU documents cites the recent hack against the software company SolarWinds Corp., which according to U.S. and U.K. intelligence assessments was carried out by Russian intelligence and affected companies on both sides of the Atlantic.
Though the EU has various tools at its disposal to counter and sanction acts of cyber aggression, it doesn’t currently have a framework for effectively coordinating a joint response to a major crisis, the document says.
The exercise will be structured around a gradual escalation toward a major crisis that culminates in an attack that could qualify as an armed aggression under the United Nations Charter, according to one of the documents. In order to be as realistic as possible and better prepare the bloc for a real-world attack, it will be modeled on incidents that have taken place or could occur in the near future.
The simulation, which is being proposed by the French presidency of the EU, is expected to begin this month and conclude during a meeting of the bloc’s foreign ministers at the end of next month.
A French spokesperson didn’t immediately respond to a request for comment.