A team from NATO has won the annual Locked Shields cyber-defense exercise, the largest of its kind in the world comprising experts from 30 nations.
The international “live fire” exercise invited over 1000 technical experts and decision makers from NATO and EU countries to practice the defense of complex IT networks in the face of simulated cyber-attacks.
“The exercise serves as a valuable platform for senior decision-makers to practice the co-ordination required to address complex cyber-incidents, both internally and internationally. In the strategic game of Locked Shields, Blue Teams had to determine at what level the information should be shared, who has the authority to make a decision and give guidelines, what are the potential legal implications,” explained Michael Widmann, chief of NATO’s Cooperative Cyber Defence Centre of Excellence (CCDCOE) Strategy Branch.
“Overall the exercise was a success. Teams coordinated in a complex and dynamic environment and addressed key issues necessary to endure intense cyber-attack.”
This is the first time NATO entered a team comprising members of different agencies, so if nothing else the exercise illustrated the strength of the military alliance.
This year dealt with attacks on critical infrastructure protection, with a focus on the need to improve collaboration between the technical experts, civil and military participants and decision-makers, according to NATO.
“The exercise involved around 4000 virtualized systems and more than 2500 attacks altogether. In addition to keeping up more than 150 complex IT systems per team, the Blue Teams had to be efficient in reporting incidents, executing strategic decisions and solving forensic, legal and media challenges,” explained Aare Reintam, project manager of technical exercises at CCDCOE.
“Protection of critical infrastructure is essential for ensuring the efficient operation of both military and civilian organizations, it is the foundation of our modern digital lifestyle.”
The focus on CNI is particularly timely given increased activity from Russian state hackers, which both the National Cyber Security Centre (NCSC) and US authorities have issued alerts on.