On February 22nd , large cyber warfare exercise took place in Tallinn, Estonia. The exercise was European led but numerous non-European countries participated including India, Ghana, Japan, the US, Kenya and Oman. The exercise simulated tactics that Russia has used during the invasion of Ukraine, clearly demarcating Russia as the threat that the exercise seeks to prepare for, while training participants to respond to potential cyberthreats. The exercise contained 900 UK personnel in collaboration with members of the above-mentioned countries and was designed to provide participants with the skills necessary to counter new threats.
In May 2022 following the invasion of Ukraine, EU member states agreed on a common level of cybersecurity needed to develop the EUs goal of becoming a leader in the field of cybersecurity. This goal was enshrined as part of the EU Agency for Cybersecurity’s (ENSIA) 2023-25 plan which aims to strengthen political and operational cooperation on cybersecurity. This exercise showcases that not only is the EU increasing internal cooperation, but it is bringing in external allies to increase collective cybersecurity beyond the EU and NATO.
Countries are increasingly aware that threats lie across the internet of things and seek to recognize and defend against a variety of threats through a common approach. This exercise in particular addressed a wide scope of vulnerabilities including networks, industry control systems and unmanned systems. The effort to address industry control systems addresses the fact that cyber threats can fall outside of defense bodies and broader society needs to be equipped with cyber defense capabilities. Increasing use of unmanned vehicles, like Unmanned Aerial Vehicles (UAVs) which have seen extensive action in Ukraine, create greater cyber vulnerabilities and requiring more cyber defense efforts by operating countries.
Countries globally are looking to increase their cyber defense capabilities given the increased threat level being presented by Russia. This follows the state allegedly launching a cyber-attack on EU countries communication networks before the invasion of Ukraine and being accused of launching numerous other attacks in the years leading up to the invasion. Even countries with developed cyber security systems, like the UK and US, are still under threat, with a report published in early February by the Public Accounts Committee calling the UK Digital Strategy ‘inadequate’. Participation with EU and Non-EU countries will bolster domestic capabilities, and this exercise is part of that effort.