Published

Statnett: Cyber exercise in the Nordic electricity sector

As framework provider of exercises to Norway's transmission system operator Statnett, 4C Strategies delivered the multi-agency Black Screen cyber exercise.

Background: An attack on, or major disruption to critical infrastructure can be devastating for a nation and its people. In the case of the Nordic region, the impact can be felt in several countries. Pan-Nordic collaboration is essential to safeguard critical infrastructure. Statnett wanted to improve the situational and relationship awareness among the many stakeholders that would be involved in such a crisis.

Challenge: Test, evaluate and improve the capability of Norwegian Statnett and regulating authorities, Computer Emergency Response Teams (CERTs) and transmission system operators in all five Nordic countries to respond to a cross-border cyber-attack, at both operational and political levels.

Solution: 4C Cyber Training and Exercises combine education with escalating real-life scenarios to challenge organisations’ incident/crisis management capabilities in a collaborative, fun and demanding environment for attendees.

Benefits: Governmental officials gain a better understanding of how to respond and cooperate in a crisis and the potential consequences of their actions. Additionally, they build cross-border relationships with the people they must interact with in a major incident. Ultimately, building Nordic crisis management capability.

Customer: Statnett is the Norwegian, state-owned enterprise responsible for managing, operating and maintaining the national grid to ensure a continuous power supply throughout Norway.

Nordic collaboration for stronger non-military defence

Protecting critical infrastructure is an essential part of every nation’s non-military defence programme. In the Nordics, this is partly done collaboratively to pool resources, know-how and expertise. Although this brings benefits, it also puts tough demands on personnel and organisations as they must work together as one unit in order to manage large-scale incidents. Within the electricity sector – and more specifically national grid owners – a rotating Chairmanship is shared among the different nations. As a framework partner of Statnett, the Norwegian state-run national grid company, 4C Strategies were invited to bring together the 16 different actors involved in a crisis, and test and develop their joint capabilities. We spoke with Mikael Grape, Managing Director of 4C Strategies, who led the cyber exercise project team.

“An attack on the national grids will have wide-reaching repercussions for nations and societies alike. Everything from large enterprises to homeowners to healthcare facilities and beyond can be affected, depending on the severity of the incident. Statnett, with our support, chose to scenario-test the collective Nordic crisis management abilities to handle a cyber security attack, as this is a serious potential threat being faced on a consistent basis within critical infrastructure.”

“We want to prepare attendees as best we can while ensuring they are challenged and have a bit of fun. People may have never met before, but they have to work closely and trust one another. By bringing them together and conducting cyber training and exercises, they build relationships, something that’s not always possible mid-crisis.”

Incident escalation in a crisis

Over two days, a sinister cyber-attack against SCADA systems in all five Nordic countries was played out in a tabletop setting, mixed with live elements such as press conferences and films. New incidents were introduced throughout the exercise to replicate a real-life event. This provided an excellent opportunity for representatives from regulating authorities, Computer Emergency Response Teams (CERTs) and transmission system operators in all five Nordic countries to come together and develop their readiness.

“A crisis isn’t one single event, but rather a series of events that occur and often escalate over time as actions and reactions are taken during a response. By recreating this in a scenario exercise you take people from theoretically knowing what should be done in a crisis to actually finding out what happens and the domino effect of their actions. It’s an important lesson to learn and experience.”

To make the cyber exercises as realistic as possible, 4C produced YouTube clips and social media posts from the attackers, and 4C consultants acted as journalists questioning the nominated spokesperson during mock press conferences. To support the teams in the exercise, the two-day event began with cyber security training session and ended with a group-wide review. 4C consultants were also on hand during the exercises to advise teams if they needed it.

Cyber training for diverse organisations

4C Cyber Training and Exercises have been run at a wide range of organisations in the public and private sectors, including international banks, manufacturers and ENISA (the European Cyber Security Agency). This ranges from relatively simple workshops, through to table-top and simulation or command-post exercises – where multiple elements of an organisation’s resilience capability can be subject to analysis and review. With the wealth of features and tools available within our Exonaut software, exercises can be brought to life with simulated social media feeds, news clips and other injects, to make them realistic, challenging, engaging and fun for participants.Discover how you can build your risk, business continuity and crisis management capability with our expert services. Book a free consultation with one of our consultants to discuss your requirements.

Related articles

Get in touch

Book a demo or receive information regarding our solutions

Contact us