The first pan-European virtual center for dynamic management has reached full operation real time of cyber risk, created by Leonardo per DG Connectthe European Commission’s Directorate-General for Digital Policies.
The center processes and analyzes terabytes of data from sources such as the web, social media, news media, databases, deep and dark webs. It also leverages a knowledge base made up of over 5 million Indicators of Compromise, digital traces of IT incidents, managed every year by Leonardo also thanks to the company’s supercomputing infrastructures – capable of carrying out up to 5 million billion operations per second.
Sectoral threat scenarios
Sectoral threat scenarios are thus made available to DG Connect (referring for example to finance, energy, health or transport), which allow the European Commission to know at any time the level of risk of cyber attack on European digital infrastructures, possible malicious actors, probable attack methods, potential targets and related vulnerabilities. This allows the impacts of any attacks on the operation of critical infrastructures and services of strategic interest to be dynamically calculated, in support of greater European cyber resilience.
+180% offensive techniques found
A fundamental objective, if we consider that Leonardo’s analysts found an average increase of 180% in 2022, compared to 2021, in most widespread offensive techniques (Ransomware, DDoS, Wipers, Phishing and disinformation campaigns). Furthermore, the conflict between Russia and Ukraine has made Europe more subject to hybrid threats, which combine multiple different techniques and actors, with critical repercussions, sometimes even at a national security level.
An 18 million euro project
The virtual center is part of the project, worth 18 million euros, entrusted by DG Connect (General Directorate for communication networks, contents and technologies) to the RTI (Temporary Grouping of Companies) formed by Leonardo and Indra. Its evolution will lead to the creation of a physical center in Brussels that will allow the Commission to operate directly on the cyber threat.
Improving Europe’s response
The physical infrastructure will also be able to count on the support of Leonardo’s Regional Center in Brussels, part of the company’s Global Security Operation Center, which, with a distributed architecture based on a main office in Italy, in Chieti, and other operational centers in Italy, UK, Europe and the Middle East, manages over 137,000 cybersecurity events per second. To ensure full risk awareness and improve Europe’s response to cyber crises, the center will be interoperable with all entities responsible, at European level, for cyber threat analysis.