Grand Duchy of Luxembourg
National Cybersecurity Competence Center Luxembourg - nc3.lu
Back to the news

National exercise simulating a cybersecurity crisis targeting the Luxembourg health sector

Tue, Dec 17, 2024
National exercise simulating a cybersecurity crisis targeting the Luxembourg health sector

The ILR together with the LHC/NC3 conducted another national exercise simulating a cybersecurity crisis targeting the Luxembourg health sector.In November 2024, during an entire day, actors from the health sector got to experience a national cyber crisis. In a scenario involving a national pandemic, the preparedness and reactivity of each participating health actor were put to the test.

Objective of the exercise:

The exercise was designed to test the response and resilience of critical stakeholders in the country to unknown crisis scenarios, and to provide feedback to all participants in order to improve their procedures.

Context/Scenario:

This year’s context was heavily inspired by the current geopolitical situation, featuring a large-scale national cyberattack, targeting the health sector in Luxembourg.

Preparation and execution of the exercise:

The national cyber crisis exercise required meticulous preparation to identify the key and relevant points for analysis. Designing the scenario involved crafting a coherent storyline tailored to the type of organisations involved.

As the exercise director, this also meant extensive research to develop a storyline that was both realistic and convincing”, says Benjamin Joly, Cybersecurity Expert at the National Cybersecurity Competence Center (NC3), who directed this exercise on behalf of the ILR.

This year’s exercise included 5 distinct phases (representing 32 key points of analysis) involving 11 organisations. 
“The participants showed great rigour and produced excellent work. Many displayed a high level of professionalism. Frankly, it is very reassuring to know that the people I have interacted with during the exercise would be in charge in a real crisis”, Benjamin Joly comments.

This crisis management exercise format enabled us to test our responsiveness, our coordination and our systems in a national context, which is different from the last crisis exercises we have been able to take part in”, emphasises a representative of one of the participating entities.

The ILR, who was responsible for organising this national exercise, is satisfied with the level of participation from health sector bodies. As a reminder, participation in such an exercise is voluntary on the part of participants. “The number of participants is in line with our capacities. Some organisations were already in contact with ILR because they were within the scope of NIS1, other entities that will be in scope of NIS2 already took part in order to prepare for the new security obligations”, explains Edouard Sauret, representative of ILR's NISS Department. “The participants showed real commitment, with some organisations setting up a complete crisis unit with around 10 members representing the key functions (IT, cybersecurity, management, HR, finance, communication, etc.). The procedures in place were used and put to the test. Even before the debriefing reports are submitted, some organisations identified areas for improvement or development in their procedures”, he reports.