First pan-European cyber analysis centre becomes operational
Image copyright Shutterstock
The centre has been developed by Leonardo for DG Connect, the European Commission's directorate for digital policies.
The centre processes and analyses terabytes of data from sources including websites, social media, media, databases, and the deep/dark web. This is underpinned by a knowledge base consisting of more than five million ‘Indicators of Compromise’, digital traces of computer incidents that are managed each year by Leonardo via the company's supercomputing infrastructure - capable of up to five million billion operations per second.
Using this information, the centre produces sectoral threat scenarios (e.g. related to finance, energy, health or transport), for DG Connect. This allows the European Commission to continuously monitor the level of cyber attack risk against European digital infrastructure, highlighting possible threat actors, likely modes of attack, potential targets and their vulnerabilities. This makes it possible to dynamically calculate the impact of potential attacks on critical infrastructure and services of strategic interest, supporting greater European cyber resilience.
Research by Leonardo analysts has found that the most widespread offensive cyber techniques (Ransomware, DDoS, Wipers, Phishing and disinformation campaigns) increased by an average of 180% in 2022 compared to 2021, making cyber resilience an ever-pressing requirement. At the same time, a side effect of the invasion of Ukraine by Russia has seen Europe become more of a target of hybrid threats, which combine multiple techniques and different actors. These can cause serious repercussions, sometimes to national security.
The virtual centre is part of the EUR 18 million project entrusted to the industrial consortium of Leonardo and Indra by DG Connect (Directorate General for Communication Networks, Content and Technologies). The road map for the project includes the establishment of a physical centre in Brussels, that will enable the Commission to work directly on the cyber threat. The physical infrastructure will also be supported by Leonardo's Regional Centre in Brussels, part of the company's Global Security Operation Centre.
With a distributed architecture based at a head office in Chieti, Italy and incorporating other operational centres in Italy, the UK, Europe and the Middle East, Leonardo’s Global Security Operations Centre manages over 137,000 cybersecurity events per second.
To ensure full risk awareness and improve Europe's response to cyber crises, the centre will be interoperable with all entities at a European level that are responsible for cyber threat analysis.