A team of nearly 40 cyber security experts led by the NATO Communications and Information Agency will compete this week in Locked Shields 2019, a live-fire cyber exercise conducted from Tallinn, Estonia.
More than 1,000 international cyber security experts and decision-makers will gather from 9 to 12 April 2019 to participate in the exercise. Organized by the NATO Cooperative Cyber Defence Centre of Excellence, the event uses a game-based approach to allow participants to take on roles in fictional response teams.
Their goal is to assess the situation, maintain availability of services and defend networks that have fallen victim to cyber-attacks.
After winning last year's competition, the NCI Agency decided it would contribute its expertise this year by forming a team of not only Agency experts, but with representatives from several NATO Nations.
The NCI Agency has welcomed 10 members from six Nations to be part of a united NATO team. Six Nations –Turkey, Norway, Croatia, Romania, Bulgaria and Slovenia – volunteered cyber experts to participate.
During the several-day exercise, the NATO team will act as a Blue Team protecting networks.
In this elaborate fictional scenario, the island country Berylia is experiencing a deteriorating security situation. This falls at a critical time for Berylia as the country is conducting national elections. Several hostile events coincide with coordinated cyberattacks against major civilian information and communications technology (ICT) systems. The attacks cause severe disruptions in the operation of water purification systems, the electric power grid, 4G public safety networks and other critical infrastructure components. The cyber-attacks also effect national perception of election results, leading to public unrest.
Blue Teams such as NATO's can expect to notice quite a few vulnerabilities in the systems they must protect. They will have limited access to the environment before the exercise, so they will have to quickly assess the situation once Locked Shields begins.
The exercise takes place in a lab environment, so no production networks are used.
Preparing for this exercise was a two-way mentoring effort, where the experts learned from the Agency, and the Agency learned from them. Forming this team was another way for Agency to strengthen the community of cyber security experts it is building under its Cyber Security Collaboration Hub initiative.
The Agency took the first step to launch the Hub on 12 February 2019. Allied Computer Emergency Response Teams from five Nations – Belgium, France, Netherlands, United Kingdom, and United States -- were connected then to NATO's protected business network.
This pilot programme will allow Nations to quickly and securely share information with each other, and with the Agency.
Access to the network, which provides an encrypted workspace with secure video, voice, chat and information gathering, will roll out to all 29 Nations later this year.