NCA ran Silver Shadow to test international cyber-security response
NCA ran Silver Shadow to test international cyber-security response

Law enforcement agencies from the US and European countries recently took part in an international exercise to test how they would work together in the event of a large-scale cyber-attack.

Dubbed Silver Shadow, the exercise was run by the UK's National Crime Agency (NCA) and involved law enforcement officials from eight different countries including the US, Georgia, Lithuania, Bulgaria and Ukraine. Also taking part were representatives from Europol's Joint Cyber Action Taskforce (J-CAT).

The aim of the exercise was to see how investigators and prosecutors would work together in the event of a massive cyber-attack spanning many legal jurisdictions, with the goal of building an effective response to such incidents.

The exercise began on 30 November and has just recently finished. It took place at the Cabinet Office's Emergency Planning College in North Yorkshire, run by management firm Serco. The exercise took place on Serco's cyber-security training and exercise platform (cybX).

Silver Shadow followed a test event, dubbed Silver Pilot, held in October to assess and develop working relationships between UK's cyber-crime units such as the NCCU and cyber-crime units within the Regional Organised Crime Units (ROCUs), Police Scotland and the Police Service of Northern Ireland (PSNI).

Director of the NCA's National Cyber Crime Unit, Jamie Saunders, said: “Together, Silver Pilot and Silver Shadow form an important part of the NCCU's efforts to prepare the UK response – at regional, national and international levels – to the ever-changing cyber-crime threat.

“Cyber-crime is by its very nature international, with many of the criminals and the technical infrastructure they rely upon based overseas, and yet its impact is felt by real people and real businesses in communities across the UK,” added Saunders.

“This means that our response has to be capable of linking police colleagues dealing with victims at a local level with law enforcement colleagues in other countries investigating and prosecuting those who may be responsible.”

Saunders said the NCCU has put strong international partnerships at the heart of its efforts to combat the most serious cyber-crime threats to the UK.

“We have lots of learning to take away, but through this exercise we have demonstrated that, just as the criminals can work across national borders, so can law enforcement.”

Richard Preece, Serco's director of cybX, said: "It's one thing to invest in the best technology, but organisations must also invest in developing their people and test their capabilities."

Ian Glover, president of Crest, told that these exercises are important as companies need to gain a greater understanding of the processes for detection, containment and eradication.  

“When the attack is against a sector or even a country the difficulties of coordination increase dramatically.  Without this form of exercise there is little chance for organisations to liaise with each other and law enforcement agencies to understand potential problems in their approach and more importantly to know the other individuals involved and their responsibilities,” said Glover.

Glover added that raising the profile of this type of attack and openly debating what can be done better will help government, businesses and law enforcement to understand the nature of such attacks and provide a structure and purpose for improvement plans.