EU-wide cyber exercise tests response to attacks on rail and maritime networks

Some 5,000 experts took part in an EU-wide cyber exercise on 10 and 11 June to test how Europe would respond to attacks on critical transport infrastructure.

Cyber Europe 2026 was also the first EU-wide test of the 2025 EU Cyber Blueprint, which clarifies roles and responsibilities in a crisis.

Organised by the EU Agency for Cybersecurity (ENISA), the exercise simulated a cyber attack on Europe's rail and maritime networks. The scenario caused severe operational disruptions and escalated into a full-blown cybersecurity crisis. Participants included cybersecurity specialists from the public and private sectors, policymakers, EU institutions, industry and partner countries (the United Kingdom, Norway, Switzerland and Ukraine).

Henna Virkkunen, Executive Vice-President for Tech Sovereignty, Security, and Democracy, said:

"Transport is essential to our economy and daily lives, but it is also a target for cyber threats. When ports or railways are hit, effects can reach far beyond transport, disrupting trade, military mobility and crisis response. As hybrid threats blur the line between civilian and military infrastructure, preparedness is not optional. Cyber threats cross borders in seconds. Europe must be able to act just as fast, together with its closest partners."

The exercise also tested the Cybersecurity Reserve, created under the Cyber Solidarity Act to support responses to cybersecurity incidents. The lessons from Cyber Europe 2026 will help consolidate the EU Cyber Blueprint and embed cyber crisis management into the Union's broader emergency preparedness and response frameworks.

Related topics